The Israeli Defense Ministry reports that officials from several government agencies have investigated the activities and came with checks to the offices of the NSO Group, which develops legal spyware and recently found itself at the center of another scandal. The authorities write that they want to investigate the charges against the company themselves.The fact is that earlier this month, the human rights organization Amnesty International, the non-profit project Forbidden Stories, as well as more than 80 journalists from a consortium of 17 media organizations in 10 countries around the world published the results of a joint investigation, which was named Project Pegasus. Reporters wrote that they discovered widespread abuse of spyware created by NSO Group, Pegasus.
According to the report, the company’s spyware is actively used to violate human rights and monitor politicians, activists, journalists and human rights defenders around the world.
It is interesting that there was nothing fundamentally new in this report, and hardly anyone in the information security community was surprised by the existence of Pegasus and what the journalists wrote about. As Markus Hutchins (MalwareTech) notes on Twitter:
These are usually sold to governments, who then use [these tools] to attack “terrorists” (which in many cases simply means anyone the authorities consider a threat). The vague definition of the term “terrorist” varies from state to state, and many (especially authoritarian states) view activists and journalists as threats. The reality is that “stopping the terrorists” easily turns into “spying on everyone we don’t like,” and that’s what this leak is about.
While many media outlets call what is happening now “raids”, the representatives of the NSO Group themselves describe it as “visits.” The company has already issued an official press release, which states:
Israeli news agency Calcalist cites an anonymous source as saying the “raids” were more of a formal meeting rather than an in-depth verification of NSO Group’s documents and computer systems.
It is worth noting that companies that develop and sell spyware and other offensive software must register with government agencies and obtain a special export license to sell their software. NSO Group is currently licensed by the Government of Israel. In 2019, human rights defenders already filed a lawsuit trying to force the Israeli government to revoke the NSO Group’s license (claiming that the company’s software was used to violate human rights), but in July 2020, an Israeli court dismissed the lawsuit.
Let me remind you that we talked about the fact that Facebook sues NSO Group spyware maker due to exploitation of WhatsApp vulnerability and then Facebook has blocked the accounts of NSO Group employees.
User Review( votes)