from the bad-times-for-bad-actors dept
NSO Group isn’t the only phone malware firm to draw international attention. Sure, NSO’s decision to sell to human rights abusers and aid/abet surveillance of journalists, lawyers, government critics, and political leaders drew the most attention, but there were others. And all of these malware purveyors seem to have sprung from the same source: spies whose last employer was the Israeli government.
NSO Group and its lesser known competitor, Candiru, managed to secure themselves sanctions from the US Commerce Department. In addition, NSO found itself targeted by the very government that allowed it to flourish before the bad press started rolling in.
Meanwhile, another exploit developer flew under the radar, only surfacing occasionally until it finally found itself at the center of a surveillance scandal. Cytrox, owned by Intellexa, sells its Predator malware to government agencies around the world. One of those customers was the Greek government, which apparently used it to target leaders of opposition parties — the sort of thing people generally don’t want allegedly democratic governments to be doing.
Following the resignation of the head of the Greek government’s intelligence service, the government finally decided to start policing itself. But, instead of erecting rules preventing this sort of abuse, it amended its surveillance laws to make it easier for the government to plausibly deny engaging in abuse of its surveillance powers. The stated goal was more transparency. The end result was something else entirely, even if it did finally provide potentially surveilled Greek citizens with an avenue to obtain information about domestic surveillance efforts.
Perhaps this is just a minimal effort meant to make the Greek government look a little less authoritarian, but it’s still surprising. According to this report from Haaretz, Cytrox is now facing the sort of scrutiny that involves armed officers breaking down doors and seizing anything they can find.
Greek police raided the Athens offices of the Israeli company behind the Predator spyware on Tuesday, local media reported, the latest turn of events in a months-long wiretapping affair that has rocked Greece over the past several months.
The offices of Intellexa, the Israeli-owned spyware company, and five other firms were raided by police in the Greek capital, Kathimerini reported on Tuesday. The raids also targeted the company executives’ homes.
The raid of the offices is unexpected. That this was extended to the homes of executives shows the Greek government is possibly aware the offices may have been cleansed of anything incriminating shortly after news broke of the illegal domestic surveillance.
It may also be an indication the government realized the surveillance scandal wasn’t simply going to evaporate into the news cycle ether. More bad news arrived shortly before this raid.
On Sunday, Greek newspaper Documento released a dossier revealing that dozens of acting ministers, military leaders, businessmen and media figures were also under surveillance.
Pretty much NSO Group, in other words. Give governments powerful surveillance tools capable of compromising phones and you should expect, at minimum, periodic abuse. The tools are too powerful and too tempting to be used only for the objectives stated when acquiring the malware. You know, things like criminal investigations of violent crimes or protecting the nation against terrorist attacks. Once acquired, governments — even those not considered to be habitual rights abusers — tend to target anyone deemed a threat to leaders’ job security, which is not nearly the same thing as national security.
Haaretz also reports Cytrox/Intellexa is being sued by Thanasis Koukakis, an investigative journalist apparently targeted by the malware. It’s not a civil suit. It’s a set of criminal accusations, filed with prosecutors in Athens.
That being said, there will be no day of reckoning for these governments or the tech companies who sell them the exploits they abuse. There will be case-by-case wins, but rest assured, the nasty business of malware development will continue. There are far too many well-paying customers out there, many of which appear to desire better ways to keep an eye on people governments don’t like, all while trying to maintain the pretense these acquisitions are necessary to securing nations and ensuring public safety.