In Latest Black Eye For NSO Group, Dubai's King Found To Have Used NSO Spyware To Hack His Ex-Wife's Phone

from the slumming-it-as-a-service dept

NSO Group has endured some particularly bad press lately, what with leaked data pointing to its customers’ targeting of journalists, political figures, religious leaders, and dissidents. That its powerful spyware would be abused by its customers was not surprising. Neither were the findings from the leaked data, which only confirmed what was already known.

Despite this, NSO continues to make contradictory claims. First, it says it has no control (or visibility) as to how its customers use its products — customers that include some notorious abusers of human rights. Second, it says that it cuts off customers who abuse its products to target people who only annoy their governments, rather than directly threaten it with criminal or terrorist acts.

Well, it’s either one or the other. And if NSO is waiting for secondhand reports about abusive deployments to act, it really shouldn’t be in the intel business. If NSO wants to stay above the fray, it could start by being a lot more selective about who it sells to.

If you’re not selective, your customers will not only pettily target people (critics, activists, journalists, dissidents) the government doesn’t like but will move on to the extreme pettiness of targeting people certain government officials don’t like.

This latest nadir for NSO Group comes courtesy of court proceedings, which illustrates the danger of putting powerful cellphone exploits in the hands of the wrong people.

Dubai’s ruler Sheikh Mohammed bin Rashid al-Maktoum ordered the phones of his ex-wife and her lawyers to be hacked as part of a “sustained campaign of intimidation and threat” during the custody battle over their children, England’s High Court has ruled.

Mohammed used the sophisticated “Pegasus” software, developed by Israeli firm NSO for states to counter national security risks, to hack the phones of Princess Haya bint al-Hussein, half-sister of Jordan’s King Abdullah, and some of those closely connected to her, according to the rulings.

That’s the sort of thing you can expect to happen when powerful hacking tools are given to people who have never proven they’re capable of handling power responsibly. Adding to the irony is the fact that the King’s ex was tipped off by the wife of Tony Blair, who used to work as an outside legal adviser for NSO Group.

Now that this has been exposed, NSO is finally ready to take action.

Once the hacking was uncovered, NSO cancelled its contract with the UAE, Haya’s lawyers said. The Israeli firm said it could not immediately comment on the case, but said it took action if it received evidence of misuse of Pegasus.

Well, duh (to use a technical term). But if NSO is so supposedly “proactive” why even sell to the UAE at all? It’s not as though it has a long, storied history of respecting rights, much less those possessed by women who also happen to have angered the king? While I understand it might be difficult to promise investors steadily-increasing returns if you choose not to sell to questionable entities, it seems like a long run of bad press and government investigations might have the same effect on the bottom line. Or maybe NSO’s investors are just as unconcerned about its partnerships with abusive governments as it is. Whatever the case is, it’s led NSO to where it is now: a company best known for giving oppressive governments even more oppression options.

Filed Under: , , , , , ,
Companies: nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “In Latest Black Eye For NSO Group, Dubai's King Found To Have Used NSO Spyware To Hack His Ex-Wife's Phone”

Subscribe: RSS Leave a comment
Coyne Tibbets (profile) says:

Free markets unconcerned

…why even sell to the [hero/heel] at all?

Hey, Free Market here. Free Markets never concernt themselves with what the [hero/heel] is going to do with the [product] they’re selling.

Depending on [product], how much that matters is variable. For example, [water] or [foodstuff] is probably okay, but not [WMD].

For NSO…I wouldn’t trust their product in the hands of Jack Ryan.

This comment has been deemed insightful by the community.
Upstream (profile) says:

Different standards?

If NSO weren’t an identifiable company located in a friendly nation, but rather "shadowy hackers" in China or Russia, wouldn’t they be considered international criminals, or maybe even "terrorists?" I don’t see them as any different from the people selling dangerous ransomware and other malware on the dark web.

I know that these kind of double standards are SOP for unprincipled, corrupt governments, but it is still hard to get used to.

Anonymous Coward says:

Re: Different standards?

While it’s certainly possible to claim that the government purchasing and using weapons is a double standard, this is generally restricted to anarchists. A "monopoly on force" is otherwise pretty ubiquitous in every political system.

The difference between NSO and their equivalents in most other countries is that Israel allows NSO to pretty much freely export to other governments. Most nations either prohibit weapon developers from exporting at all, or strictly control the details of such exports.

The "shadowy hackers" in China or Russia are "international criminals" only in the sense that China and Russia wish to maintain plausible deniability over external use of weapons developed by their "NSO" equivalents. Internal use of said weapons is ubiquitous in both, without being attributed to "shadowy hackers." It’s just called law enforcement, because they have no need for such deniability internally.

ECA (profile) says:

So a company

Creates a Program/game.
Distributes it to those that would like it.
then finds the owners of the program are abusing it?

Did anyone learn things from the Old days about programs and games?
We will crack and hack anything we can, one of the longest cracks took about 5 years, Bruce Lee.
Program was written to the center tracks and All of the rest of the disk was Track and sector errors. The protection looked at random track and sectors and if it didnt get the right error, would fail loading the game. You had to Write direct to the center track to create the game, then fill the rest of the disk with TONS of errors.

So they Think Anyone using the program will do AS’ the company wishes?
Thats BS.

This comment has been deemed insightful by the community.
Anonymous Coward says:

Six months later...

Yes, Sheikh…
Yes, Sheikh. We’ve managed to settle most of those lawsuits.

Yes, Sheikh. YES, Sheikh. I know it was embarrassing. It was embarrassing for us too, you know.

Yes, Sheikh. We purged the leakers from our staff. No, sheikh. We’re pretty sure that if there had been another leak, we would have heard about it in the press. Or the courts.

… The press in the West, yes. We understand, and are grateful for your control of the press there. Makes things so much simpler.

Now, you did want to renew your subscription to our services, yes? No, we were telling the truth, Sheikh, when we said we cancelled your subscription. We just didn’t say it would STAY cancelled…

Ehud Gavron (profile) says:

With absolute power comes... no responsibility.

The UAE rulers (emirs) are no different than the brilliant people we have here in the white world.

The Big Lie?
Stolen Election?

Do you think Team Trump isn’t spying on people’s cellphones?

Everybody in power is corrupt. The tools to help them are beside
the point. It is less important that "They used software from the NSO group" and much more important that "They used every available means to spy on, steal information from, deny access to, and harass" otherwise nonguilty parties.

THAT is what they do. THAT is unlawful in most western jurisdictions. THAT is still what they do.

How about that election being stolen from Captain Cheeto?


Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...