NSO Spyware Used To Snoop On US State Department Employees Stationed In Uganda
from the just-another-day-at-work-for-NSO-Group dept
Israeli exploit seller NSO Group has long past reached the limits of its non-denials and deflection attempts. There’s only bad news on the horizon for the tech company, which would be a lot less disheartening for the company if it hadn’t been preceded by months of bad news.
Already considered morally suspect due to its decision to sell powerful phone hacking tools to human rights violators, NSO has since proven to be pretty much amoral. Investigations uncovering abuse of its spyware to hack phones of journalists and activists began to surface three years ago before a leaked database of alleged spyware targets was given to investigators and journalists. Since then, NSO has waged a losing battle with a seemingly endless onslaught of revelations that put its hacking tools in the hands of bad actors and its powerful spyware (Pegasus) in the phones of journalists, activists, lawyers, diplomats, politicians, and religious leaders.
NSO was sued by WhatsApp and Facebook in 2019 for using the messaging app to send malware to targets. It was sued by Apple just a couple of weeks ago for targeting iPhone users. It is facing investigations in a handful of countries, including its home base. It has been blacklisted by the US Commerce Department and its list of governments it can sell to has been drastically trimmed by the Israeli government, from 102 to 37.
The question now is: does NSO Group even feel it when news breaks about additional misuse of its spyware? Or does it just prompt an exasperated “what now?!” from its execs as it tries to figure out how to remain viable in the future? Whatever the case is, this latest revelation isn’t going to get its Commerce Department blacklisting lifted any time soon.
iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter.
The hacks, which took place in the last several months, hit U.S. officials either based in Uganda or focused on matters concerning the East African country, two of the sources said.
The intrusions, first reported here, represent the widest known hacks of U.S. officials through NSO technology.
The Reuters report says the source of the hacking hasn’t been identified. But one can assume it was entities opposed to whatever aims the US State Department hopes to achieve in Uganda, which apparently includes simply trying to meet with opposition leaders. People don’t spy on people whose aims are allied with theirs. And attribution has limited worth. Entities willing to abuse spyware to hack the phones of political opponents — especially those operating under diplomatic immunity — aren’t really going to care if their wrongdoing is exposed.
And NSO only has to care now because it has spent years claiming it does everything it can to prevent misuse of its powerful malware — only to have that assertion exposed as a lie with six months of uninterrupted news releases showing its hacking tools have been misused multiple times by multiple entities. Accompanying this steady drip of news reports has been zero evidence of NSO’s asserted oversight or willingness to terminate contracts with entities who’ve abused its malware.
NSO’s response to this report is no different than its response to several others: it will do something about this now that it has made international headlines.
“If our investigation shall show these actions indeed happened with NSO’s tools, such customer will be terminated permanently and legal actions will take place…”
That’s meaningless. NSO claims it has no visibility into its customers’ actions and, if this is true, it has no way of investigating these claims. It’s all just noise, something almost less substantial than a “no comment.” The State Department’s response means more: it simply pointed to NSO’s blacklisting by the federal government. And that’s pretty much all that needs to be said by witnesses and victims of these hacking attempts. NSO is running out of bridges to burn. There will always be a market for easily abused malware. But it’s becoming much more difficult to keep these abuses secret and that’s what has harmed NSO the most.
Filed Under: malware, pegasus, spyware, state department, surveillance
Companies: nso group
Comments on “NSO Spyware Used To Snoop On US State Department Employees Stationed In Uganda”
If it was the US hacking phones of Ugandan diplomats using NSO technology, would it even make the news? The US spies on everyone, so why are they complaining when they are spied upon?
well maybe not so much
Sorry Tim, this is just untrue…..
"People don’t spy on people whose aims are allied with theirs."
But thanks for all your hard work in keeping us up to speed on the bad-doers and shenanigans being pulled across the globe! Love TD!
Re: well maybe not so much
Agreed. I read that statement and did a double take.
The NSA has been spying on European leaders for years according to this and more recently this.
Re: Re: well maybe not so much
A good part of the Five Eyes agreement is explicitly spying on your allies and then sharing that information with said allies … again, specifically to get around laws and regulations against spying on your own citizens.
"People don’t spy on people whose aims are allied with theirs."
Ms. Merkel would disagree.
Re: Re:
Yeap, count me in with everyone else who took issue with that sentence.
They are just lucky they didn’t send in the Uganda Air Force instead.
Well, he isn’t really wrong but the reality is that even though allies publicly seem to have the same aims what the reality is may differ substantially.