Anonymous ID: 72f94b Feb. 3, 2022, 5:38 p.m. No.3194   🗄️.is 🔗kun

Biden’s Newest Reparations Plan: Pay Off Trump-Era Border Crossers with Amnesty

 

The newest reparations-style plan from President Joe Biden ditches cash payouts to border crossers subjected to former President Trump’s “Zero Tolerance Policy” and, instead, provides them with amnesty to permanently resettle in the United States.

 

Last year, Biden’s Departments of Justice (DOJ), Homeland Security (DHS), and Health and Human Services (HHS) were in settlement talks with border crossers represented by the American Civil Liberties Union (ACLU), who claim they have suffered trauma as a result of the Trump-era policy.

 

For months, reports circulated that Biden was considering giving payouts of $450,000 to every border crosser involved in the case — costing about $1 billion in American taxpayer money and more than was given to the American victims of the September 11, 2001 terrorist attacks.

 

As Breitbart News reported in December 2021, Biden dropped the payout plan following intense backlash from the American public. Some polls showed that 63 percent of Americans, including 64 percent of swing voters, were opposed to the plan.

 

Now, Biden and Department of Homeland Security (DHS) Secretary Alejandro Mayorkas are urging Congress to authorize a new payoff plan: Amnesty for every border crosser subjected to Trump’s Zero Tolerance Policy. Mayorkas told NBC News:

 

We are advocating to Congress that they provide these individuals with legal status — that requires a statutory change. The White House is 100 percent supportive of it, as am I, and we continue to advocate vigorously for it.

 

Amnesty for the border crossers would be far more lucrative than the previously-circulated $450,000 payouts as it would allow them to secure green cards, and eventually, naturalized American citizenship that they could then use to bring an unlimited number of foreign relatives to the U.S. through the process known as “chain migration.”

 

Last April, House and Senate Democrats introduced legislation that would provide a reparations-style amnesty to border crossers subjected to the Trump-era policy. The plan, though, has gone nowhere in either chamber.

 

Angel Families, who have lost loved ones to illegal immigration, have previously told Breitbart News that “none of these illegal aliens deserve anything more than a removal back to their country of origin.”

 

“… what does the government owe the families who have been victimized by illegal aliens, often forever?” they asked in a statement last year.

 

https://www.breitbart.com/politics/2022/02/03/bidens-newest-reparations-plan-pay-off-trump-era-border-crossers-with-amnesty/

Anonymous ID: 72f94b Feb. 3, 2022, 5:40 p.m. No.3198   🗄️.is 🔗kun   >>3204 >>3257 >>3272

https://menafn.com/1103636130/Spyware-used-on-key-figure-in-Netanyahu-trial-reports

 

Spyware used on key figure in Netanyahu trial: reports

MENAFN

5-6 minutes

 

(MENAFN- AFP)

 

Reports that police may have used spyware on a key witness in the trial of former premier Benjamin Netanyahu dominated Israeli headlines Thursday amid global scrutiny of Israeli-made surveillance technology.

 

Netanyahu described the allegations as an "earthquake", although an analyst expressed doubt they would affect the outcome of his high-profile trial.

 

In a recording aired by Channel 12 news, police are heard allegedly discussing tapping a phone belonging to Shlomo Filber, a former Netanyahu ally turned state witness.

 

"It's as if it's illegal" a police officer says, continuing "to install the application".

 

Police declined to comment on the recordings that emerged late Wednesday.

 

But a spokesperson told AFP "the Israeli police will cooperate fully and transparently" with an investigation team appointed by the attorney general, which is probing potential police misuse of spyware.

 

Netanyahu, who served as premier from 2009 until last year, is being tried on charges of bribery, fraud and breach of trust, allegations he has denied.

 

His trial is expected to last for several more months and appeals could take years.

 

Israeli media reported last month that he was negotiating a plea deal with the attorney general that would include admission of "moral turpitude", an offence which carries a seven-year ban from politics.

 

Netanyahu has denied the deal.

 

The allegation that police spied on Filber surfaced amid a broader probe into unauthorised police surveillance of Israeli phones.

 

Israel's justice minister pledged to investigate after a report in the business daily Calcalist found police had used NSO Group's Pegasus spyware on protesters against Netanyahu.

 

Police had initially denied the allegations, but on Tuesday appeared to backpedal, saying "new elements changed certain aspects of the matter".

 

Pegasus is a surveillance program that can switch on a phone's camera or microphone and harvest its data. It sparked controversy worldwide following revelations last year it was used to spy on journalists and dissidents.

 

NSO last month would neither confirm nor deny it sold technologies to the Israeli police, stressing it does "not operate the system once sold to its governmental customers and it is not involved in any way in the system's operation".

 

The reports do not specify whether Pegasus or a different spy program was used against Filber.

 

  • 'Earthquake' -

 

A former communications ministry director general, Filber is accused of mediating between Netanyahu and the controlling shareholder of the Bezeq telecom giant as the sides plotted to exchange regulatory favours for positive coverage on a news site owned by the firm.

 

Tehilla Shwartz Altshuler, an expert on technology and law at the Israel Democracy Institute, said the revelations could shed light on why one of Netanyahu's closest advisers turned against him.

 

"Maybe one of the investigators found something on Filber's phone that helped the police influence or convince Filber to become a witness against Netanyahu," she said.

 

Shwartz Altshuler said she doubted the allegations of unauthorised police snooping on Filber would jeopardise the case against Netanyahu, even if they prove to be true.

 

Last month, the Supreme Court rejected an appeal of another former Netanyahu adviser who said police based a case against him on evidence gathered in an unauthorised search of his phone.

 

On Wednesday, Netanyahu called the revelations of spying on Filber an "earthquake".

 

"It was revealed that police investigators hacked into phones illegally to overthrow a powerful right-wing prime minister," he said in a Twitter post.

 

Shwartz Altshuler said his complaints rang hollow as Israel licensed Pegasus spyware to governments around the world, with some deals reportedly personally approved by Netanyahu.

 

"You can't really use a technology or a product like Pegasus as Israel's gift of friendship to all the dictatorships in Africa, and to Hungary and India and Mexico on the one hand, and then on the other hand complain when it is used in Israel," she said.

 

The reported spying on Filber included photographs, phone numbers, messages and apps that were extracted without a court-issued warrant, according to a report on Channel 13 News.

 

Filber declined an interview request from AFP but tweeted in jest Wednesday: "My wife responds: 'Finally someone is listening to your prattling.'"

Anonymous ID: 72f94b Feb. 3, 2022, 5:44 p.m. No.3199   🗄️.is 🔗kun   >>3204 >>3257 >>3272

https://www.nytimes.com/2022/01/28/magazine/nso-group-israel-spyware.html

 

The Battle for the World’s Most Powerful Cyberweapon

 

Ronen Bergman, Mark Mazzetti

 

A Times investigation reveals how Israel reaped diplomatic gains around the world from NSO’s Pegasus spyware — a tool America itself purchased but is now trying to ban.

 

Credit…Photo illustration by Cristiana Couceiro

 

Published Jan. 28, 2022Updated Jan. 31, 2022

 

Listen to This Article

 

Audio Recording by Audm

 

To hear more audio stories from publications like The New York Times, download Audm for iPhone or Android.

 

In June 2019, three Israeli computer engineers arrived at a New Jersey building used by the F.B.I. They unpacked dozens of computer servers, arranging them on tall racks in an isolated room. As they set up the equipment, the engineers made a series of calls to their bosses in Herzliya, a Tel Aviv suburb, at the headquarters for NSO Group, the world’s most notorious maker of spyware. Then, with their equipment in place, they began testing.

 

The F.B.I. had bought a version of Pegasus, NSO’s premier spying tool. For nearly a decade, the Israeli firm had been selling its surveillance software on a subscription basis to law-enforcement and intelligence agencies around the world, promising that it could do what no one else — not a private company, not even a state intelligence service — could do: consistently and reliably crack the encrypted communications of any iPhone or Android smartphone.

 

Since NSO had introduced Pegasus to the global market in 2011, it had helped Mexican authorities capture Joaquín Guzmán Loera, the drug lord known as El Chapo. European investigators have quietly used Pegasus to thwart terrorist plots, fight organized crime and, in one case, take down a global child-abuse ring, identifying dozens of suspects in more than 40 countries. In a broader sense, NSO’s products seemed to solve one of the biggest problems facing law-enforcement and intelligence agencies in the 21st century: that criminals and terrorists had better technology for encrypting their communications than investigators had to decrypt them. The criminal world had gone dark even as it was increasingly going global.

 

But by the time the company’s engineers walked through the door of the New Jersey facility in 2019, the many abuses of Pegasus had also been well documented. Mexico deployed the software not just against gangsters but also against journalists and political dissidents. The United Arab Emirates used the software to hack the phone of a civil rights activist whom the government threw in jail. Saudi Arabia used it against women’s rights activists and, according to a lawsuit filed by a Saudi dissident, to spy on communications with Jamal Khashoggi, a columnist for The Washington Post, whom Saudi operatives killed and dismembered in Istanbul in 2018.

 

None of this prevented new customers from approaching NSO, including the United States. The details of the F.B.I.’s purchase and testing of Pegasus have never before been made public. Additionally, the same year that Khashoggi was killed, the Central Intelligence Agency arranged and paid for the government of Djibouti to acquire Pegasus to assist the American ally in combating terrorism, despite longstanding concerns about human rights abuses there, including the persecution of journalists and the torture of government opponents. The D.E.A., the Secret Service and the U.S. military’s Africa Command had all held discussions with NSO. The F.B.I. was now taking the next step.

 

As part of their training, F.B.I. employees bought new smartphones at local stores and set them up with dummy accounts, using SIM cards from other countries — Pegasus was designed to be unable to hack into American numbers. Then the Pegasus engineers, as they had in previous demonstrations around the world, opened their interface, entered the number of the phone and began an attack.

 

This version of Pegasus was “zero click” — unlike more common hacking software, it did not require users to click on a malicious attachment or link — so the Americans monitoring the phones could see no evidence of an ongoing breach. They couldn’t see the Pegasus computers connecting to a network of servers around the world, hacking the phone, then connecting back to the equipment at the New Jersey facility. What they could see, minutes later, was every piece of data stored on the phone as it unspooled onto the large monitors of the Pegasus computers: every email, every photo, every text thread, every personal contact. They could also see the phone’s location and even take control of its camera and microphone. F.B.I. agents using Pegasus could, in theory, almost instantly transform phones around the world into powerful surveillance tools — everywhere except in the United States.

 

Ever since the 2013 revelations by Edward Snowden, a former National Security Agency contractor, about U.S. government surveillance of American citizens, few debates in this country have been more fraught than those over the proper scope of domestic spying. Questions about the balance between privacy and security took on new urgency with the parallel development of smartphones and spyware that could be used to scoop up the terabytes of information those phones generate every day. Israel, wary of angering Americans by abetting the efforts of other countries to spy on the United States, had required NSO to program Pegasus so it was incapable of targeting U.S. numbers. This prevented its foreign clients from spying on Americans. But it also prevented Americans from spying on Americans.

 

NSO had recently offered the F.B.I. a workaround. During a presentation to officials in Washington, the company demonstrated a new system, called Phantom, that could hack any number in the United States that the F.B.I. decided to target. Israel had granted a special license to NSO, one that permitted its Phantom system to attack U.S. numbers. The license allowed for only one type of client: U.S. government agencies. A slick brochure put together for potential customers by NSO’s U.S. subsidiary, first published by Vice, says that Phantom allows American law enforcement and spy agencies to get intelligence “by extracting and monitoring crucial data from mobile devices.” It is an “independent solution” that requires no cooperation from AT&T, Verizon, Apple or Google. The system, it says, will “turn your target’s smartphone into an intelligence gold mine.”

 

The Phantom presentation triggered a discussion among government lawyers at the Justice Department and the F.B.I. that lasted two years, across two presidential administrations, centering on a basic question: Could deploying Phantom inside the United States run afoul of long-established wiretapping laws? As the lawyers debated, the F.B.I. renewed the contract for the Pegasus system and ran up fees to NSO of approximately $5 million. During this time, NSO engineers were in frequent contact with F.B.I. employees, asking about the various technological details that could change the legal implications of an attack.

 

The discussions at the Justice Department and the F.B.I. continued until last summer, when the F.B.I. finally decided not to deploy the NSO weapons. It was around this time that a consortium of news organizations called Forbidden Stories brought forward new revelations about NSO cyberweapons and their use against journalists and political dissidents. The Pegasus system currently lies dormant at the facility in New Jersey.

 

An F.B.I. spokeswoman said that the bureau examines new technologies “not just to explore a potential legal use but also to combat crime and to protect both the American people and our civil liberties. That means we routinely identify, evaluate and test technical solutions and services for a variety of reasons, including possible operational and security concerns they might pose in the wrong hands.” The C.I.A., the D.E.A., the Secret Service and Africa Command declined to comment. A spokesman for the government of Djibouti said the country had never acquired or used Pegasus.

 

In November, the United States announced what appeared — at least to those who knew about its previous dealings — to be a complete about-face on NSO. The Commerce Department was adding the Israeli firm to its “entity list” for activities “contrary to the national security or foreign policy interests of the United States.” The list, originally designed to prevent U.S. companies from selling to nations or other entities that might be in the business of manufacturing weapons of mass destruction, had in recent years come to include several cyberweapons companies. NSO could no longer buy critical supplies from American firms.

 

It was a very public rebuke of a company that had in many ways become the crown jewel of the Israeli defense industry. Now, without access to the American technology it needed to run its operations — including Dell computers and Amazon cloud servers — it risked being unable to function. The United States delivered the news to Israel’s Ministry of Defense less than an hour before it was made public. Israeli officials were furious. Many of the headlines focused on the specter of an out-of-control private company, one based in Israel but largely funded offshore. But authorities in Israel reacted as if the ban were an attack on the state itself. “The people aiming their arrows against NSO,” said Yigal Unna, director general of the Israel National Cyber Directorate until Jan. 5, “are actually aiming at the blue and white flag hanging behind it.”

 

The Israelis’ anger was, in part, about U.S. hypocrisy: The American ban came after years of secretly testing NSO’s products at home and putting them in the hands of at least one country, Djibouti, with a record of human rights abuses. But Israel also had its own interests to protect. To an extent not previously understood, Israel, through its internal export-licensing process, has ultimate say over who NSO can sell its spyware to. This has allowed Israel to make NSO a central component of its national-security strategy for years, using it and similar firms to advance the country’s interests around the world.

 

A yearlong Times investigation, including dozens of interviews with government officials, leaders of intelligence and law-enforcement agencies, cyberweapons experts, business executives and privacy activists in a dozen countries, shows how Israel’s ability to approve or deny access to NSO’s cyberweapons has become entangled with its diplomacy. Countries like Mexico and Panama have shifted their positions toward Israel in key votes at the United Nations after winning access to Pegasus. Times reporting also reveals how sales of Pegasus played an unseen but critical role in securing the support of Arab nations in Israel’s campaign against Iran and even in negotiating the Abraham Accords, the 2020 diplomatic agreements that normalized relations between Israel and some of its longtime Arab adversaries.

 

The combination of Israel’s search for influence and NSO’s drive for profits has also led to the powerful spying tool’s ending up in the hands of a new generation of nationalist leaders worldwide. Though the Israeli government’s oversight was meant to prevent the powerful spyware from being used in repressive ways, Pegasus has been sold to Poland, Hungary and India, despite those countries’ questionable records on human rights.

 

The United States has made a series of calculations in response to these developments — secretly acquiring, testing and deploying the company’s technology, even as it has denounced the company in public and sought to limit its access to vital American suppliers. The current showdown between the United States and Israel over NSO demonstrates how governments increasingly view powerful cyberweapons the same way they have long viewed military hardware like fighter jets and centrifuges: not only as pivotal to national defense but also as a currency with which to buy influence around the world.

 

Image

Credit…Photo illustration by Cristiana Couceiro

 

Selling weapons for diplomatic ends has long been a tool of statecraft. Foreign-service officers posted in American Embassies abroad have served for years as pitchmen for defense firms hoping to sell arms to their client states, as the thousands of diplomatic cables released by WikiLeaks in 2010 showed; when American defense secretaries meet with their counterparts in allied capitals, the end result is often the announcement of an arms deal that pads the profits of Lockheed Martin or Raytheon.

 

Cyberweapons have changed international relations more profoundly than any advance since the advent of the atomic bomb. In some ways, they are even more profoundly destabilizing — they are comparatively cheap, easily distributed and can be deployed without consequences to the attacker. Dealing with their proliferation is radically changing the nature of state relations, as Israel long ago discovered and the rest of the world is now also beginning to understand.

 

For Israel, the weapons trade has always been central to the country’s sense of national survival. It was a major driver of economic growth, which in turn funded further military research and development. But it also played an important role in forging new alliances in a dangerous world. In the 1950s, when the nation was still young and essentially powerless, its first prime minister, David Ben-Gurion, established covert links with countries and organizations that lay just outside the ring of hostile Arab states that surround Israel. He called this approach “the periphery doctrine,” and his foreign intelligence agency, the MOS, began weaving a network of secret contacts inside countries throughout the Middle East, Asia and Africa, including many that publicly sided with Arabs. Offering advanced weapons was a key to making those connections.

 

By the mid-1980s, Israel had firmly established itself as one of the world’s top arms exporters, with an estimated one in 10 of the nation’s workers employed by the industry in some way. All of this bought good will for Israel from select foreign leaders, who saw the military aid as essential to preserving their own power. In turn, those countries often voted in Israel’s favor at the United Nations General Assembly, the Security Council and other international forums. They also allowed the MOS and the Israel Defense Forces to use their countries as bases to launch operations against Arab nations.

 

As cyberweapons began to eclipse fighter jets in the schemes of military planners, a different kind of weapons industry emerged in Israel. Veterans of Unit 8200 — Israel’s equivalent of the National Security Agency — poured into secretive start-ups in the private sector, giving rise to a multibillion-dollar cybersecurity industry. As with purveyors of conventional weapons, cyberweapons makers are required to obtain export licenses from Israel’s Ministry of Defense to sell their tools abroad, providing a crucial lever for the government to influence the firms and, in some cases, the countries that buy from them.

 

‘This issue is not about Israel’s security. It’s about something that got out of control.’

 

None of these firms have been as wildly successful, or as strategically useful to the Israeli government, as NSO. The firm has its roots in a former chicken coop in Bnai Zion, an agricultural cooperative just outside Tel Aviv. In the mid 2000s, the building’s owner, realizing that coders might deliver a better profit than chickens, gave the space a light makeover and began renting it to technology start-ups looking for cheap office space. Among the start-up founders there, Shalev Hulio stood out from the veteran programmers around him: He was charismatic and easy to spend time with, but he also gave the impression — at least initially — of being somewhat naïve. He and his partner, Omri Lavie, an old friend from school, had each done their mandatory military service in combat units, rather than intelligence or technology, and for years they struggled to find a product that would connect. They developed a video marketing product, which briefly took off but then crashed with the 2008 global recession. They then started another company, called CommuniTake, that offered cellphone tech-support workers the ability to take control of their customers’ devices — with permission.

 

That idea met with little enthusiasm, so the two friends pivoted to a very different kind of customer. “A European intelligence agency found out about our innovation and contacted me,” Hulio recalled in an interview. What quickly emerged was that their product could solve a much bigger problem than customer service.

 

For years, law-enforcement and intelligence agencies had been able to intercept and understand communications in transit, but as powerful encryption became widely available, that was no longer the case. They could intercept a communication, but they could no longer understand what it said. If they could control the device itself, though, they could collect the data before it was encrypted. CommuniTake had already figured out how to control the devices. All the partners needed was a way to do so without permission.

 

And so NSO was born. Hulio and Lavie, lacking the contacts they would need to scale their product, brought in a third partner, Niv Karmi, who had served both in military intelligence and in the MOS. They took the company name from their first initials (Niv, Shalev and Omri) — that it sounded a little like “N.S.A.” was a happy coincidence — and began hiring. Recruitment was the essential ingredient of their business plan. The company would eventually employ more than 700 people in offices around the world and a sprawling headquarters in Herzliya, where individual labs for Apple and Android operating systems are filled with racks of smartphones undergoing constant testing by the firm’s hackers as they seek and exploit new vulnerabilities.

 

Nearly every member of NSO’s research team is a veteran of the intelligence services; most of them served with AMAN, the Israeli Military Intelligence Directorate, the largest agency in the Israeli espionage community — and many of them in AMAN’s Unit 8200. The company’s most valuable employees are all graduates of elite training courses, including a secretive and prestigious Unit 8200 program called ARAM that accepts only a handful of the most brilliant recruits and trains them in the most advanced methods of cyberweapons programming. There are very few people with this kind of training anywhere in the world, and soon enough, few places would have a higher concentration of them than NSO’s headquarters in Herzliya — where there were not just a few top specialists but hundreds. This would provide NSO with an incredible competitive advantage: All of those engineers would work daily to find “zero days,” i.e., new vulnerabilities in phone software that could be exploited to install Pegasus. Unlike rival firms, which generally struggled to find even a single zero day and therefore could be shut down if it were made public, NSO would be able to discover and bank multitudes of them. If someone locked one back door, the company could quickly open another.

 

In 2011, NSO engineers finished coding the first iteration of Pegasus. With its powerful new tool, NSO hoped to quickly build a stable of clients in the West. But many countries, especially those in Europe, were initially wary of buying foreign intelligence products. There was a particular concern about Israeli companies that were staffed by former top intelligence officials; potential customers feared that their spyware might be contaminated with even deeper spyware, allowing the MOS access to their internal systems.

 

Reputation mattered, both for sales and for holding onto the well-trained coders who had made Pegasus a reality. Hulio appointed Maj. Gen. Avigdor Ben-Gal, a Holocaust survivor and a highly respected combat officer, as NSO’s chairman, and established what he said would be the company’s four main pillars: NSO would not operate the system itself. It would sell only to governments, not to individuals or companies. It would be selective about which governments it allowed to use the software. And it would cooperate with Israel’s Defense Export Controls Agency, or DECA, to license every sale.

 

The decisions NSO made early on about its relationship with regulators ensured that it would function as a close ally, if not an arm, of Israeli foreign policy. Ben-Gal saw that this oversight was crucial to NSO’s growth — it might restrict which countries the company could sell to, but it would also protect the company from public blowback about what its clients did. When he informed the Defense Ministry that NSO would voluntarily be subject to oversight, the authorities also seemed happy with this plan. One former military aide to Benjamin Netanyahu, at the time Israel’s prime minister, explained the advantages quite clearly. “With our Defense Ministry sitting at the controls of how these systems move around,” he said, “we will be able to exploit them and reap diplomatic profits.”

 

The company quickly got its first major break. Mexico, in its ongoing battle against drug cartels, was looking for ways to hack the encrypted BlackBerry messaging service favored by cartel operatives. The N.S.A. had found a way in, but the American agency offered Mexico only sporadic access. Hulio and Ben-Gal arranged a meeting with Mexico’s president, Felipe Calderón, and arrived with an aggressive sales pitch. Pegasus could do what the N.S.A. could do, and it could do so entirely at the command of Mexican authorities. Calderón was interested.

 

Israel’s Ministry of Defense informed NSO that there was no issue with selling Pegasus to Mexico, and a deal was finalized. Soon after, investigators at an office of the Center for Investigation and National Security, or CISEN — now called the Center for National Investigation — went to work with one of the Pegasus machines. They fed the mobile phone number of a person connected to Joaquín Guzmán’s Sinaloa cartel into the system, and the BlackBerry was successfully attacked. Investigators could see the content of the messages, as well as the locations of different BlackBerry devices. “Suddenly we started to see and hear anew,” says a former CISEN leader. “It was like magic.” In his view, the new system had revitalized their entire operation — “Everyone felt like maybe for the first time we could win.” It was also a win for Israel. Mexico is a dominant power in Latin America, a region where Israel for years has waged a kind of diplomatic trench warfare against anti-Israeli groups supported by the country’s adversaries in the Middle East. There is no direct evidence that Mexico’s contracts with NSO brought about a change in the country’s foreign policy toward Israel, but there is at least a recognizable pattern of correlation. After a long tradition of voting against Israel at United Nations conferences, Mexico slowly began to shift “no” votes to abstentions. Then, in 2016, Enrique Peña Nieto, who succeeded Calderón in 2012, went to Israel, which had not seen an official visit from a Mexican president since 2000. Netanyahu visited Mexico City the following year, the first visit ever by an Israeli prime minister. Shortly after, Mexico announced that it would abstain from voting on several pro-Palestinian resolutions that were being considered by the United Nations.

 

In a statement, Netanyahu’s spokesman said that the former prime minister never sought a quid pro quo when other countries wanted to buy Pegasus. “The claim that Prime Minister Netanyahu spoke to foreign leaders and offered them such systems in exchange for political or other measures is a complete and utter lie. All sales of this system or similar products of Israeli companies to foreign countries are conducted with the approval and supervision of the Ministry of Defense, as outlined in Israeli law.”

 

The Mexico example revealed both the promise and the perils of working with NSO. In 2017, researchers at Citizen Lab, a watchdog group based at the University of Toronto, reported that authorities in Mexico had used Pegasus to hack the accounts of advocates for a soda tax, as part of a broader campaign aimed at human rights activists, political opposition movements and journalists. More disturbing, it appeared that someone in the government had used Pegasus to spy on lawyers working to untangle the massacre of 43 students in Iguala in 2014. Tomás Zerón de Lucio, the chief of the Mexican equivalent to the F.B.I., was a main author of the federal government’s version of the event, which concluded that the students were killed by a local gang. But in 2016 he became the subject of an investigation himself, on suspicion that he had covered up federal involvement in the events there. Now it appeared that he might have used Pegasus in that effort — one of his official duties was to sign off on the procurement of cyberweapons and other equipment. In March 2019, soon after Andrés Manuel López Obrador replaced Peña Nieto after a landslide election, investigators charged that Zerón had engaged in torture, abduction and tampering with evidence in relation to the Iguala massacre. Zerón fled to Canada and then to Israel, where he entered the country as a tourist, and where — despite an extradition request from Mexico, which is now seeking him on additional charges of embezzlement — he remains today.

 

The American reluctance to share intelligence was creating other opportunities for NSO, and for Israel. In August 2009, Panama’s new president, Ricardo Martinelli, fresh off a presidential campaign grounded on promises of “eliminating political corruption,” tried to persuade U.S. diplomats in the country to give him surveillance equipment to spy on “security threats as well as political opponents,” according to a State Department cable published by WikiLeaks. The United States “will not be party to any effort to expand wiretaps to domestic political targets,” the deputy chief of mission replied.

 

Martinelli tried a different approach. In early 2010, Panama was one of only six countries at the U.N. General Assembly to back Israel against a resolution to keep the Goldstone Commission report on war crimes committed during the 2008-9 Israeli assault on Gaza on the international agenda. A week after the vote, Martinelli landed in Tel Aviv on one of his first trips outside Latin America. Panama will always stand with Israel, he told the Israeli president, Shimon Peres, in appreciation of “its guardianship of the capital of the world — Jerusalem.” He said he and his entourage of ministers, businesspeople and Jewish community leaders had come to Israel to learn. “We came a great distance, but we are very close because of the Jewish heart of Panama,” he said.

 

Behind closed doors, Martinelli used his trip to go on a surveillance shopping spree. In a private meeting with Netanyahu, the two men discussed the military and intelligence equipment that Martinelli wanted to buy from Israeli vendors. According to one person who attended the meeting, Martinelli was particularly interested in the ability to hack into BlackBerry’s BBM text service, which was very popular in Panama at that time.

 

Within two years, Israel was able to offer him one of the most sophisticated tools yet made. After the installation of NSO systems in Panama City in 2012, Martinelli’s government voted in Israel’s favor on numerous occasions, including to oppose the United Nations decision to upgrade the status of the Palestinian delegation — 138 countries voted in favor of the resolution, with just Israel, Panama and seven other countries opposing it.

 

According to a later legal affidavit from Ismael Pitti, an analyst for Panama’s National Security Council, the equipment was used in a widespread campaign to “violate the privacy of Panamanians and non-Panamanians” — political opponents, magistrates, union leaders, business competitors — all “without following the legal procedure.” Prosecutors later said Martinelli even ordered the team operating Pegasus to hack the phone of his mistress. It all came to an end in 2014, when Martinelli was replaced by his vice president, Juan Carlos Varela, who himself claims to have been a target of Martinelli’s spying. Martinelli’s subordinates dismantled the espionage system, and the former president fled the country. (In November, he was acquitted by Panamanian courts of wiretapping charges.)

 

NSO was doubling its sales every year — $15 million, $30 million, $60 million. That growth attracted the attention of investors. In 2014, Francisco Partners, a U.S.-based global investment firm, paid $130 million for 70 percent of NSO’s shares, then merged another Israeli cyberweapons firm, called Circles, into their new acquisition. Founded by a former senior AMAN officer, Circles offered clients access to a vulnerability that allowed them to detect the location of any mobile phone in the world — a vulnerability discovered by Israeli intelligence 10 years earlier. The combined company could offer more services to more clients than ever.

 

Through a series of new deals, Pegasus was helping to knit together a rising generation of right-wing leaders worldwide. On Nov. 21, 2016, Sara and Benjamin Netanyahu welcomed Prime Minister Beata Szydlo of Poland and her foreign minister, Witold Waszczykowski, for dinner at their home. Shortly after, Poland signed an agreement with NSO to purchase a Pegasus system for its Central Anti-Corruption Bureau. Citizen Lab reported in December 2021 that the phones of at least three members of the Polish opposition were attacked by this spy machine. Netanyahu did not order the Pegasus system to be cut off — even when the Polish government enacted laws that many in the Jewish world and in Israel saw as Holocaust denial, and even when Prime Minister Mateusz Morawiecki, at a conference attended by Netanyahu himself, listed “Jewish perpetrators” among those responsible for the Holocaust.

 

In July 2017, Narendra Modi, who won office on a platform of Hindu nationalism, became the first Indian prime minister to visit Israel. For decades, India had maintained a policy of what it called “commitment to the Palestinian cause,” and relations with Israel were frosty. The Modi visit, however, was notably cordial, complete with a carefully staged moment of him and Prime Minister Netanyahu walking together barefoot on a local beach. They had reason for the warm feelings. Their countries had agreed on the sale of a package of sophisticated weapons and intelligence gear worth roughly $2 billion — with Pegasus and a missile system as the centerpieces. Months later, Netanyahu made a rare state visit to India. And in June 2019, India voted in support of Israel at the U.N.’s Economic and Social Council to deny observer status to a Palestinian human rights organization, a first for the nation.

 

The Israeli Defense Ministry also licensed the sale of Pegasus to Hungary, despite Prime Minister Viktor Orban’s campaign of persecution against his political opponents. Orban deployed the hacking tools on opposition figures, social activists, journalists who conducted investigations against him and families of former business partners who had become bitter enemies. But Orban has been Israel’s devoted supporter in the European Union. In 2020, Hungary was one of the few countries that did not publicly speak out against Israel’s plan at the time to unilaterally annex swaths of the West Bank. In May of that year, European Union foreign ministers tried to reach unanimity when calling for a cease-fire between Israel and the Palestinian Islamic group Hamas, as well as for increased humanitarian aid for Gaza. Hungary declined to join the other 26 countries.

 

Image

Credit…Photo illustration by Cristiana Couceiro

 

Arguably the most fruitful alliances made with Pegasus’s help have been those between Israel and its Arab neighbors. Israel first authorized the sale of the system to the U.A.E. as something of an olive branch, after MOS agents poisoned a senior Hamas operative in a Dubai hotel room in 2010. It was not the assassination itself that infuriated Crown Prince Mohammed bin Zayed, the de facto Emirati leader, so much as it was that the Israelis had carried it out on Emirati soil. The prince, widely known as M.B.Z., ordered that security ties between Israel and the U.A.E. be severed. In 2013, by way of a truce, M.B.Z. was offered the opportunity to buy Pegasus. He readily agreed.

 

The Emirates did not hesitate to deploy Pegasus against its domestic enemies. Ahmed Mansoor, an outspoken critic of the government, went public after Citizen Lab determined that Pegasus had been used to hack his phone. When the vulnerability was made public, Apple immediately pushed out an update to block the vulnerability. But for Mansoor, the damage had already been done. His car was stolen, his email account was hacked, his location was monitored, his passport was taken from him, $140,000 was stolen from his bank account, he was fired from his job and strangers beat him on the street several times. “You start to believe your every move is watched,” he said at the time. “Your family starts to panic. I have to live with that.” (In 2018, Mansoor was sentenced to 10 years in prison for posts he made on Facebook and Twitter.)

 

The messy outcome of the Dubai assassination aside, Israel and the U.A.E. had, in fact, been growing closer together for years. The calcified animosities between Israel and the Arab world that for years drove Middle East politics had given way to a new uneasy alliance in the region: Israel and the Sunni states in the Persian Gulf lining up against their archenemy, Iran, a Shia nation. Such an alliance would have been unheard-of decades ago, when Arab kings proclaimed themselves to be the protectors of the Palestinians and their struggle for independence from Israel. The Palestinian cause has less of a hold on some of the next generation of Arab leaders, who have shaped much of their foreign policy to address the sectarian battle between Sunni and Shia, and they have found common cause with Israel as an important ally against Iran.

 

No leader represents this dynamic more than Saudi Arabia’s Crown Prince Mohammed bin Salman, the son of the ailing king and the kingdom’s de facto ruler. In 2017, Israeli authorities decided to approve the sale of Pegasus to the kingdom, and in particular to a Saudi security agency under the supervision of Prince Mohammed. From this point on, a small group of senior members of the Israeli defense establishment, reporting directly to Netanyahu, took a lead role in the exchanges with the Saudis, all “while taking extreme measures of secrecy,” according to one of the Israelis involved in the affair. One Israeli official said that the hope was to gain Prince Mohammed’s commitment and gratitude. The contract, for an initial installation fee of $55 million, was signed in 2017.

 

Years prior, NSO had formed an ethics committee, made up of a bipartisan cast of former U.S. foreign-policy officials who would advise on potential customers. After the Khashoggi killing in 2018, its members requested an urgent meeting to address the stories circulating about NSO involvement. Hulio flatly denied that Pegasus had been used to spy on the Washington Post columnist. Pegasus systems log every attack in case there is a complaint, and — with the client’s permission — NSO can perform an after-the-fact forensic analysis. Hulio said his staff had done just that with the Saudi logs and found no use of any NSO product or technology against Khashoggi. The committee nonetheless urged NSO to shut off the Pegasus system in Saudi Arabia, and it did. The committee also advised NSO to reject a subsequent request by the Israeli government to reconnect the hacking system in Saudi Arabia, and it stayed off.

 

Then, the following year, the company reversed course. Novalpina, a British private-equity firm, acting in cooperation with Hulio, purchased Francisco Partners’ shares of NSO, with a valuation of $1 billion — more than five times more than it was when the American fund acquired it in 2014. In early 2019, NSO agreed to turn the Pegasus system in Saudi Arabia back on.

 

Keeping the Saudis happy was important for Netanyahu, who was in the middle of a secret diplomatic initiative he believed would cement his legacy as a statesman — an official rapprochement between Israel and several Arab states. In September 2020, Netanyahu, Donald Trump and the foreign ministers of the United Arab Emirates and Bahrain signed the Abraham Accords, and all the signatories heralded it as a new era of peace for the region.

 

But behind the scenes of the peace deal was a Middle East weapons bazaar. The Trump administration had quietly agreed to overturn past American policy and sell F-35 joint strike fighters and armed Reaper drones to the U.A.E., and had spent weeks assuaging Israel’s concerns that it would no longer be the only country in the region with the sophisticated F-35. Pompeo would later describe the aircraft deals in an interview as “critical” to obtaining M.B.Z.’s consent to the historic move. And by the time the Abraham Accords were announced, Israel had provided licenses to sell Pegasus to nearly all the signatories.

 

Things hit a snag a month later, when the Saudi export license expired. Now it was up to the Israeli Defense Ministry to decide whether or not to renew it. Citing Saudi Arabia’s abuse of Pegasus, it declined to do so. Without the license, NSO could not provide routine maintenance on the software, and the systems were crashing. Numerous calls among Prince Mohammed’s aides, NSO executives, the MOS and the Israeli Defense Ministry had failed to resolve the issue. So the crown prince placed an urgent telephone call to Netanyahu, according to people familiar with the call. He wanted the Saudi license for Pegasus renewed.

 

Prince Mohammed had a significant amount of leverage. His ailing father, King Salman, had not officially signed on to the Abraham Accords, but he offered the other signatories his tacit blessing. He also allowed for a crucial part of the agreement to move forward: the use of Saudi air space, for the first time ever, by Israeli planes flying eastward on their way to the Persian Gulf. If the Saudis were to change their mind about the use of their airspace, an important public component of the accords might collapse.

 

Netanyahu apparently had not been updated on the brewing crisis, but after the conversation with Prince Mohammed his office immediately ordered the Defense Ministry to have the problem fixed. That night, a ministry official called NSO’s operations room to have the Saudi systems switched back on, but the NSO compliance officer on duty rebuffed the request without a signed license. Told that the orders came directly from Netanyahu, the NSO employee agreed to accept an email from the Defense Ministry. Shortly afterward, Pegasus in Saudi Arabia was once again up and running.

 

The next morning, a courier from the Defense Ministry arrived at NSO headquarters delivering a stamped and sealed permit.

 

In December 2021, just weeks after NSO landed on the American blacklist, the White House national security adviser, Jake Sullivan, arrived in Israel for meetings with Israeli officials about one of the Biden administration’s top foreign-policy priorities: getting a new nuclear pact with Iran three years after President Trump scuttled the original deal.

 

The visit carried historical weight. In 2012, Sullivan was one of the first American officials to talk with Iranian officials about a possible nuclear deal — meetings that President Obama chose to keep secret from the Israelis out of fear they might try to blow up the negotiations — and Israeli officials were furious when they found out. Now, years later, Sullivan arrived in Jerusalem to make his case for a united front in the next round of Iran diplomacy.

 

But there was another matter that Israeli officials — including the prime minister, the minister of defense and the foreign minister — wanted to discuss: the future of NSO. The Israelis pressed Sullivan about the reasons behind the blacklist decision. They also warned that if NSO went bankrupt, Russia and China might fill the vacuum and expand their own influence, by selling their own hacking tools to nations that could no longer buy from Israel.

 

Unna, the former head of the Israel National Cyber Directorate, says he believes the move against the Israeli firms, which was followed by Facebook’s blacklisting of more Israeli cyberweapons and intelligence companies, is part of something bigger, a plan to neuter Israel’s advantage in cyberweapons. “We have to prepare for a battle to defend the good name that we earned honestly,” he says.

 

Biden administration officials dismiss this talk of a deep conspiracy, saying the decision about NSO has everything to do with reining in a dangerous company and nothing to do with America’s relationship with Israel. There is far more at stake in the decades-old alliance, they say, than the fate of a hacking firm. Martin Indyk, a former American ambassador to Israel, agrees. “NSO was providing the means for states to spy on their own people,” he says. “From my point of view it’s straightforward. This issue is not about Israel’s security. It’s about something that got out of control.”

 

Under the ban, NSO’s future is in doubt, not just because of its reliance on American technology but also because its presence on an American blacklist will probably scare away prospective clients — and employees. One Israeli industry veteran says that the “sharks in the water smell blood,” and Israeli officials and industry executives say there are currently a handful of American companies, some with close ties to intelligence and law-enforcement agencies, interested in buying the company. Were that to happen, the new owner could potentially bring the company in line with U.S. regulations and start selling its products to the C.I.A., the F.B.I. and other American agencies eager to pay for the power its weapons offer.

 

Israeli officials now fear a strategic takeover of NSO, in which some other company — or country — would take command over how and where the weapon is used. “The State of Israel cannot allow itself to lose control of these types of companies,” a senior Israeli official said, explaining why such a deal was unlikely. “Their manpower, the knowledge they’ve gathered.” Foreign ownership was fine, but Israel had to maintain control; a sale was possible “only under conditions that preserve Israel’s interests and freedom of action.”

 

But the days of Israel’s near monopoly are over — or soon will be. The intense desire inside the United States government for offensive hacking tools has not gone unnoticed by the company’s potential American competitors. In January 2021, a cyberweapons firm called Boldend made a pitch to Raytheon, the defense-industry giant. According to a presentation obtained by The Times, the company had developed for various American government agencies its own arsenal of weapons for attacking cellphones and other devices.

 

One slide in particular underscored the convoluted nature of the cyberweapons business. The slide claimed that Boldend had found a way to hack WhatsApp, the popular messaging service owned by Facebook, but then lost the capability after a WhatsApp update. This claim is especially remarkable because, according to one of the slides, a major Boldend investor is Founders Fund — a company run by Peter Thiel, the billionaire who was one of Facebook’s first investors and remains on its board. The capability to hack WhatsApp, according to the presentation, “doesn’t currently exist” in the United States government, and the intelligence community was interested in acquiring that capability.

 

In October 2019, WhatsApp sued NSO, arguing that NSO tools had exploited a vulnerability in its service to attack approximately 1,400 phones around the world. Beyond the question of who controls the weapons, at stake in that lawsuit is who is responsible for the damage they do. NSO’s defense has always been that the company only sells the technology to foreign governments; it has no role in — or responsibility for — targeting specific individuals. This has long been the standard P.R. line of weapons manufacturers, whether Raytheon or Remington.

 

Facebook is out to prove that this defense, at least in NSO’s case, is a lie. In its lawsuit, the tech giant argues that NSO was an active participant in some of the hacks, pointing to evidence that it leased some of the computer servers used to attack WhatsApp accounts. Facebook’s argument is essentially that without NSO’s constant involvement, many of its clients would not be able to aim the gun.

 

When they first presented their case against NSO, Facebook’s lawyers thought they had evidence to disprove one of the Israeli company’s longtime claims — that the Israeli government strictly prohibits the firm from hacking any phone numbers in the United States. In court documents, Facebook asserted it had evidence that at least one number with a Washington area code had been attacked. Clearly someone was using NSO spyware to monitor an American phone number.

 

But the tech giant didn’t have the entire picture. What Facebook didn’t appear to know was that the attack on a U.S. phone number, far from being an assault by a foreign power, was part of the NSO demonstrations to the F.B.I. of Phantom — the system NSO designed for American law-enforcement agencies to turn the nation’s smartphones into an “intelligence gold mine.”

Anonymous ID: 72f94b Feb. 3, 2022, 5:49 p.m. No.3200   🗄️.is 🔗kun   >>3204 >>3257 >>3272

NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli technology firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones.[2] It was founded in 2010 by Niv Karmi, Omri Lavie, and Shalev Hulio.[3][4][5] It is based in Herzliya, near Tel Aviv, Israel. It employed almost 500 people as of 2017.[1][6][7]

 

NSO deals with government clients only.[8] NSO claims that it provides authorized governments with technology that helps them combat terror and crime.[9][10] Pegasus spyware is classified as a weapon by Israel and any export of the technology must be approved by the government.[11]

 

According to several reports, NSO Group spyware has been used to target human rights activists and journalists in various countries,[12][13][14] was used for state espionage against Pakistan,[15] for warrantless domestic surveillance of Israeli citizens by Israeli police,[16] and played a role in the murder of Saudi dissident Jamal Khashoggi by agents of the Saudi government.[17]

 

In 2019, instant messaging company WhatsApp and its parent company Meta Platforms (then known as Facebook) sued NSO under the United States Computer Fraud and Abuse Act (CFAA).[9][10] In 2021, Apple filed a lawsuit against NSO in the U.S.,[18] and the US included NSO Group in its Entity List for acting against U.S. national security and foreign policy interests, effectively banning U.S. companies from supplying NSO.[19]

Corporate profile

Overview

 

NSO Group is a subsidiary of the Q Cyber Technologies group of companies.[10] Q Cyber Technologies is the name the NSO Group uses in Israel, OSY Technologies in Luxembourg, and in North America it has a subsidiary formerly known as Westbridge. It has operated through other companies around the world.[20]

Founding

 

NSO Group was founded in 2010 by Niv Karmi, Omri Lavie, and Shalev Hulio.[3][4][5] Hulio and Lavie were school friends who went into the technology start-up sector during the mid-2000s. The pair founded a company - CommuniTake - which offered a tool that let cellphone tech support workers access the devices of costumers (with the costumers permission). After a European intelligence agency expressed interest in the product, the pair realised they could instead develop a tool that could access phones without authorisation and market it to security and intelligence agencies. Karmi, who served in military intelligence and the Mossad, was brought on board to help market the tool with the help of his contacts. The first iteration of NSO's Pegasus spyware was finalised in 2011.[8]

Operations

 

NSO Group has come to employ over 700 personnel globally. Almost all of NSO's research team is made up of former Israeli military intelligence personnel, most of them having served in Israel's Military Intelligence Directorate, and many of these in its Unit 8200. The company's most valuable staff are graduates of the military intelligence's highly selective advanced cyberweapons training programs. NSO seeks to uncover a surfeit of zero-day exploits in target devices to ensure smooth continuous access even as some of the security vulnerabilities exploited by NSO are inevitably discovered and patched, with labs in the company's Herzliya headquarters featuring racks stacked with phones being tested against new exploits.[8]

Relationship with the Israeli state

 

Pegasus spyware is classified as a military export by Israel and its sale is controlled by the government.[11] Israel has used NSO products as a diplomatic bargaining chip to advance its foreign policy interests. Israel, wary of angering the U.S. in the wake of the Snowden revelations, required NSO to prevent Pegasus from targeting American phone numbers. Israel has used Pegasus to advance its interests in the region, with Pegasus playing a role in negotiating the Abraham Accords. A New York Times investigation highlighted several instances in which the sale of Pegasus to a particular government coincided with that government's increased support of Israel.[8]

Corporate history

 

The company's start-up funding came from a group of investors headed by Eddy Shalev, a partner in venture capital fund Genesis Partners which invested a total of $1.8 million for a 30% stake.[21][3]

 

In 2013, NSO's annual revenues were around US$40 million.[3][22]

 

In 2014, the U.S.-based private equity firm Francisco Partners bought the company for $130 million.[23]

 

In 2014, the surveillance firm Circles (which produces is a phone geolocation tool) was acquired by Francisco Parterns for $130 million, and thus became a corporate affiliate of NSO's.[24]

 

In 2015 Francisco was seeking to sell the company for up to $1 billion.[22]

 

Annual revenues were around $150 million in 2015.[3][22]

 

In June 2017, the company was put up for sale for more than $1 billion by Francisco Partners (roughly ten times what Francisco originally paid to acquire it in 2014).[6] At the time it was put up for sale, NSO had almost 500 employees (up from around 50 in 2014).[6]

 

On February 14, 2019, Francisco Partners sold a majority (60%) stake of NSO back to co-founders Shalev Hulio and Omri Lavie, who were supported in the purchase by European private equity fund Novalpina Capital.[25] Hulio and Lavie invested $100 million, with Novalpina acquiring the remaining portion of the majority stake, thus valuing the company at approximately $1 billion.[26] The day after the acquisition, Novalpina attempted to address the concerns raised by Citizen Lab with a letter, stating their belief that NSO operates with sufficient integrity and caution.[27]

Foreign offices and export controls

 

In late 2020, Vice Media published an article in which it reported that NSO group had closed the Cyprus-based offices of Circles, the company it had acquired in 2014. The article, based on interviews with two former employees, described the integration between the two companies as "awful" and stated that NSO would rely on Circles' Bulgarian office instead. According to Vice, this came just over a year after an activist group known as Access Now wrote to authorities in both Cyprus and Bulgaria, asking them to further scrutinise NSO exports.[28] Access now had stated that they had received denials from both the Bulgarian and Cypriot authorities, with both countries stating that they had not provided export licenses to the NSO group.[29] Despite this, an article written by The Guardian during the 2021 Pegasus scandal quoted NSO Group as saying that it had been "regulated by the export control regimes of Israel, Cyprus and Bulgaria".[30] NSO's own "Transparency and Responsibility Report 2021", published about a month before the scandal, makes the same statement, adding that those were the three countries through which NSO exported its products.[31] Circles' Bulgarian office, in particular, was stated to have been founded as a "bogus phone company" in 2015 by Citizen Lab citing IntelligenceOnline, a part of Indigo Publications.[32] This report was reprinted by the Bulgarian investigation publication Bivol in December 2020, which appended it with public registry documents which indicated that the company's Bulgarian office had grown to employ up to 150 people and had received two loans worth about 275 million American dollars in 2017 from two offshore companies and a Swiss bank registered in the Cayman Islands.[33]

History

 

In 2012, the Federal government of Mexico announced the signing of a $20 million contract with NSO.[3] It was later revealed by a New York Times investigation that NSO's product was used to target journalists and human rights activists in the country.[34]

 

NSO Group pitched its spyware to the Drug Enforcement Administration (D.E.A.), which declined to purchase it due to its high cost.[35]

 

In 2015, the company sold surveillance technology to the government of Panama. The contract later became the subject of a Panamanian anti-corruption investigation following its disclosure in a leak of confidential information from Italian firm Hacking Team.[36]

 

In August 2016, NSO Group (through its U.S. subsidiary Westbridge) pitched its U.S. version of Pegasus to the San Diego Police Department. In the marketing material, Westbridge emphasized that the company is U.S. based and majority owned by a U.S. parent company. A SDPD Sergeant responded to the sales pitch with "sounds awesome". The SDPD declined to purchase the spyware as it was too expensive.[37]

 

Around 2016, NSO Group reportedly sold Pegasus software to Ghana.[38]

 

In June 2018, an Israeli court indicted a former employee of NSO Group for allegedly stealing a copy of Pegasus and attempting to sell it online for $50 million worth of cryptocurrency.[39]

 

In August 2018, the human rights group Amnesty International accused NSO Group of helping Saudi Arabia spy on a member of the organization's staff.[40]

 

In April 2019, NSO froze its deals with Saudi Arabia over a scandal alleging NSO software's role in tracking murdered journalist Jamal Khashoggi in the months before his death.[41]

 

In May 2019, messaging service WhatsApp alleged that a spyware injection exploit targeting its calling feature was developed by NSO.[42][43] WhatsApp stated that the exploit targeted 1,400 users in 20 countries, including "at least 100 human-rights defenders, journalists and other members of civil society".[44][45][46] NSO denied involvement in selecting or targeting victims, but did not explicitly deny creating the exploit.[43] In response to the alleged cyberattack, WhatsApp sued NSO.[47]

 

In June 2019, NSO began setting up a test facility in New Jersey for the FBI which had procured NSO's services, and began testing a version of Pegasus developed for U.S. government agencies to be used on U.S. phones. After two years of deliberations in the FBI and Department of Justice, the FBI decided not to deploy the tools for domestic use in the summer of 2021, with the New Jersey facility laying dormant as of early 2022. The DEA, Secret Service, and United States Africa Command had also held discussions with NSO which however did not proceed beyond that stage.[8]

 

In April 2020, Motherboard reported about an incident that occurred several years prior in which an NSO employee used a client's Pegasus tool to spy on a love interest (a female personal acquaintance) during a work trip to the UAE. The employee broke into the client's office outside of office hours to use the tool, prompted an alert and an investigation by the client. The employee was detained by authorities, and fired by NSO, Motherboard's sources said. Sources also told Motherboard that NSO leadership held a meeting to prevent similar incidents in the future, and subsequently adopted more rigorous screening of employees that interact with clients.[48]

 

In July 2020, Motherboard reported that the US branch of NSO Group was pitching its brand of Pegasus to the US Secret Service during 2018.[49]

 

In November 2021, the United States added the NSO Group to its Entity List, for acting "contrary to the foreign policy and national security interests of the US" and it effectively bans the sale of hardware and software to the company.[19] The listing deprived NSO of U.S. technology on which NSO relies, imperiling its operations.[8]

 

In December 2021, 86 human rights organisations sent a joint letter calling on the EU to impose global sanctions against NSO Group and seek to "prohibit the sale, transfer, export and import of the Israeli company’s surveillance technology" due to the risks NSO's technology poses for human rights globally.[50]

 

On January 2022, Calcalist published an investigatory piece detailing the widespread unlawful use of Pegasus by the Israeli Police.[51] Although the Israeli Police formally denied this, some senior police officials have hinted that the claims were true.[52] On February 1, the police admitted that there was, in fact, misuse of the software.[53]

Products and services

Pegasus

 

NSO Groups offers the smartphone spyware tool Pegasus to government clients for the exclusive intended purpose of combating crime and terrorism.[48] The first version of Pegasus was finalised in 2011.[8] Pegasus spyware is classified as a weapon by Israel and any export of the technology must be approved by the government.[11] The Israeli Ministry of Defense licenses the export of Pegasus to foreign governments, but not to private entities.[54]

 

Pegasus is compatible with iPhone and Android devices. It can be deployed remotely. Once deployed, it allows the client to access the target phone's data and sensors, including: location data, texts, emails, social media messages, files, camera, and microphone. The client-facing side of the tool is user friendly, and all that may be required (depending upon the case) of the client to begin deployment of Pegasus is to enter the target's phone number into the tool.[48]

Phantom

 

Phantom is a phone hacking product marketed by Westbridge, the United States branch of NSO Group. According to a former NSO employee, "Phantom" is the brand name for the Pegasus in the U.S., but that the two tools are otherwise identical.[49] Israel required NSO Group to program Pegasus so as not to be able to target US phone numbers. NSO then launched Phantom for the U.S. market for use on U.S. targets, receiving permission from Israel to develop it as a specialty tool for exclusive use by U.S. governmental agencies.[8]

Circles

 

In 2014, the surveillance firm Circles was acquired by Francisco Partners, becoming a corporate affiliate of NSO Group. Circles' product is a phone geolocation tool.[24] The firm has two systems. One operates by connecting to the purchasing country's local telecommunications companies’ infrastructure. The other separate system, known as the “Circles Cloud”, is capable of interconnecting with telecommunications companies across the globe.[55][56]

 

In December 2020, the Citizen Lab reported that Supreme Council on National Security (SCNS) of the United Arab Emirates was set to receive both these systems. In a lawsuit filed against the NSO group in Israel, email exchanges revealed links between Circles and several customers in the United Arab Emirates. Documents also revealed that Circles sent targets’ locations and phone records to the UAE SCNS. Aside from Israel and the UAE, the report named the governments of Australia, Belgium, Botswana, Chile, Denmark, Ecuador, El Salvador, Estonia, Equatorial Guinea, Guatemala, Honduras, Indonesia, Kenya, Malaysia, Mexico, Morocco, Nigeria, Peru, Serbia, Vietnam, Zambia, and Zimbabwe as likely customers of Circles surveillance technology.[55][56]

 

In September 2021, Forensic News published shipping records showing that in 2020 Circles supplied equipment to Uzbekistan's State Security Service (SGB).[57]

Criticism and controversies

Use of undercover private investigators to pursue critics

 

In October 2018, Associated Press reported that two Citizen Lab researchers were being pursued by undercover operatives with false identities. The undercover agents had been inquiring about their work involving NSO Group, and also appeared to be trying to goad the researchers into making anti-Semitic or otherwise damaging remarks. After growing suspicious, one researcher contacted AP reporters. Together, they managed to arrange a sting during a meeting with a suspected undercover operative at a hotel luncheon with AP journalists secretly awaiting nearby; after the journalists approached the operative to question him, the operative fled, bumping into chairs and circling the room as he tried to get away. There also appeared to be two additional undercover operatives in the room. The operative that met the researcher appeared to be filming the researcher with a hidden camera during the meeting, and one of the operatives standing nearby appeared to be recording the meeting as well. The operative was later identified as a former Israeli security official. Responding to the AP report, NSO denied any involvement. It was later also uncovered that the identified undercover agent had previously worked on a case linked to the Israeli private intelligence agency Black Cube; NSO Group subsequently denied contracting Black Cube, and Black Cube denied involvement as well.[58]

 

In February 2019, Associated Press reported that at least four more individuals - three lawyers involved in lawsuits against NSO Group for alleged sales of NSO spyware to governments with poor human rights records, and one journalist who had been covering said litigation - were being pursued by undercover operatives for their work on NSO. Undercover agents again tried to goad the individuals into making racist or anti-Israel remarks. Two of the individuals were surreptitiously recorded by the undercover operatives. Channel 12, an Israeli television channel, obtained and aired the secret recordings made by the undercover operatives shortly before the AP published the revelations.[59] Channel 12 claimed the two individuals were attempting to smear NSO Group on behalf of Qatar.[60] Channel 12 also confirmed that Black Cube undercover investigators were involved.[60][59]

WhatsApp lawsuit

 

In May 2019, messaging service WhatsApp alleged that a spyware injection exploit targeting its calling feature was developed by NSO.[42][43] Victims were exposed to the spyware payload even if they did not answer the call.[61] WhatsApp told the Financial Times that "the attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems."[62] NSO denied involvement in selecting or targeting victims, but did not explicitly deny creating the exploit.[43] In response to the alleged cyberattack, WhatsApp sued NSO under the CFAA and other US laws in a San Francisco court on October 29.[47] WhatsApp stated that the exploit targeted 1,400 users in 20 countries, including "at least 100 human-rights defenders, journalists and other members of civil society".[44][45][46] WhatsApp alerted the 1,400 targeted users. In at least one case, the surveillance was authorized by a judge.[63]

 

NSO employees had complained to WhatsApp about improved security, according to the court filings by WhatsApp and its parent company Facebook:[64]

 

On or about May 13, 2019, Facebook publicly announced that it had investigated and identified a vulnerability involving the WhatsApp Service (CVE-2019-3568). WhatsApp and Facebook closed the vulnerability, contacted law enforcement, and advised users to update the WhatsApp app. Defendants subsequently complained that WhatsApp had closed the vulnerability. Specifically, NSO Employee 1 stated, "You just closed our biggest remote for cellular … It's on the news all over the world."

 

In April 2020, NSO group blamed its government clients for the hacking of 1,400 WhatsApp users, including journalists and human rights activists. However, the firm did not disclose the names of the clients which, as Citizen Lab stated, include authorities in Saudi Arabia, UAE, Bahrain, Kazakhstan, Morocco, and Mexico.[65] In court filings WhatsApp alleged that its investigation showed that the hacks originated from NSO Group servers rather than its clients'. WhatsApp said "NSO used a network of computers to monitor and update Pegasus after it was implanted on users' devices. These NSO-controlled computers served as the nerve centre through which NSO controlled its customers' operation and use of Pegasus." WhatsApp said that NSO gained "unauthorised access" to WhatsApp servers by reverse-engineering the WhatsApp app to be able to evade security features. NSO responded "NSO Group does not operate the Pegasus software for its clients".[66]

Apple lawsuit

 

In November 2021, Apple Inc. filed a complaint against NSO Group and its parent company Q Cyber Technologies in the United States District Court for the Northern District of California in relation to the FORCEDENTRY exploit used to deploy the Pegasus spyware package, requesting injunctive relief, compensatory damages, punitive damages, and disgorgement of profits.[18][67][68]

See also

 

DarkMatter (Emirati company)

Israeli technology

Quadream

SCL Group

WhatsApp snooping scandalhttps://en.wikipedia.org/wiki/NSO_Group

 

Parent of Pegasus

Anonymous ID: 72f94b Feb. 3, 2022, 5:53 p.m. No.3201   🗄️.is 🔗kun   >>3204 >>3257 >>3272

https://www.dailymail.co.uk/news/article-9806709/NSO-Group-spent-millions-Washington-lobbyists-woo-government-pushed-Pegasus-spyware.html

 

Ethics filings and company records show how the Israeli cyberintelligence company NSO Group spent millions of dollars on Washington lobbyists, consultants and lawyers as it tried to sell its Pegasus spyware to the U.S. government.

 

Its parent companies paid $100,000 to Michael Flynn before he became President Trump's national security adviser; it took on the public relations firm cofounded by Anita Dunn, a senior White House adviser; and it relied on the legal and consulting services of a slew of figures with government experience, according to new reports.

 

The company's activities have exploded into public view during the past week with revelations from a media coalition, called the Pegasus Project, that its software was used by governments to spy on political opponents and journalists

 

Now it has emerged in the Washington Post that NSO, its founders or allied companies hired some of Washington's most prominent names as they tried to secure government contracts.

 

The include former heads of the Homeland Security and Justice departments as well as some of the city's most powerful public-relations and law firms.

 

The Israeli cyberintelligence company NSO Group retained some of Washington's most powerful lobbyists, consultants and PR advisers as it touted for business and tried to burnish its image, including President Trump's future National Security Adviser Michael Flynn (left) and his former Deputy Attorney General Rod Rosenstein

 

Tom Ridge, the first secretary of homeland security, was taken on in 2019 after the murder of Jamal Khashoggi, according to the Washington Post. And NSO Group also hired P.R. firm SKSD, which was includes Anita Dunn, now a

 

It even launched a separate company, Westridge Technologies, to pursue government contracts, pitching to the Drug Enforcement Agency and other law enforcement agencies - although the newspaper reported the approaches were unsuccessful.

 

More successful were its attempts to build a D.C. rolodex filled with influencers. Some were hired in the aftermath of the Saudi murder of journalist Jamal Khashoggi when the company faced a lawsuit accusing it of helping surveil the dissident.

 

They included Tom Ridge, the first homeland security secretary; Juliette Kayyem, a Department of Homeland Security official under President Obama; and Franc's former ambassador to Washington Gérard Araud.

 

Kayyem told the newspaper she had worked on ensuring NSO’s spyware 'protected and respected' human rights. The other two did not respond to requests for comment.

 

It also took on a prominent P.R. firm SKDK. Its cofounder Anita Dunn was communications director in the Obama White House and is now a senior adviser to President Biden.

 

The Who's Who of government figures runs through at least three administrations.

 

Obama's homeland security secretary Jeh Johnson was paid by NSO's parent company, OSY, to review its human rights policy.

 

And Trump's deputy attorney general from 2017 to 2019 Rod Rosenstein, partner at the law firm King and Spalding, was among its advisers last year when NSO was sued by WhatsApp, which accused it of hacing the accounts of 1400 users.

 

Rosenstein had prosecuted foreign hackers and denounced the murder of Khashoggi as 'lawless,' during his time at the Department of Justice.

 

Others who did work for NSO Group or its parent company included former French ambassador and prominent Twitter personality Gérard Araud (left) and former Obama Homeland Security Secretary Jeh Johnson

 

And a Public Financial Disclosure Report, filed when he joined the Trump administration, reportedly showed that NSO's parent company, OSY Technologies, and a previous owner, Fancisco Partners, paid about $100,000 to Flynn, a former director of the Defense Intelligence Agency.

 

The form offered no further details about his work.

 

The Israeli company said it would investigate its foreign government clients for 'abuses' of its Pegasus spyware after a damning Amnesty International report revealed on Sunday that it had been used to target some 50,000 phones - including those of journalists, public officials and Arab royals.

 

NSO Group sells Pegasus to government clients with the purported purpose of investigating terrorism and crime.

 

The Amnesty International report, along with another by a consortium of global media outlets, claimed that it was actually being used by governments to spy on journalists, officials, royals and individuals including murdered Saudi Arabian journalist Jamal Khashoggi's widow.

 

The journalists targeted included Ben Hubbard, the New York Times' Beirut Bureau Chief, and Azam Ahmed, the Times' Mexico Bureau Chief, along with other journalists based in India, the Morocco, Mexico and Azerbaijan.

 

Others include reporters working for the Associated Press, Bloomberg, The Wall Street Journal and CNN but many have not been named. 189 journalists were targeted.

 

NSO released a statement via its US-based lawyer, Clare Locke, to say it had nothing to do with any misuse of Pegasus.

 

Its CEO, Shalev Hulio, told The Washington Post: 'Every allegation about misuse of the system is concerning me.

 

The list includes some the 50,000 phone numbers that were exposed to the malware. The malware doesn't require users to click on it for it to work

 

NSO Group CEO Shalev Hulio, told The Washington Post : 'Every allegation about misuse of the system is concerning me'

 

'It violates the trust that we give customers. We are investigating every allegation … and if we find that it is true, we will take strong action.'

 

Amazon Web Services has disabled its network on Tuesday. It's unclear if that means it can still operate.

 

'When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts.'

 

The Amnesty report says NSO switched to use Amazon's CloudFront - a CDN - in 'recent months'.

 

Amnesty started investigating the group in 2018 after learning one of its staffers had been targeted.

 

It compiled a list of 50,000 phone numbers that were exposed to the malware. It's unclear if all were compromised or if the numbers are just a list of potential targets.

 

A spokesman for AP, which had two journalists targeted, told DailyMail.com: 'We are deeply troubled to learn that two AP journalists, along with journalists from many news organizations, are among those who may have been targeted by Pegasus spyware. We have taken steps to ensure the security of our journalists’ devices and are investigating.'

 

The New York Times said: 'Azam Ahmed and Ben Hubbard are talented journalists who have done important work uncovering information that governments did not want their citizens to know.

 

'Surveilling reporters is designed to intimidate not only those journalists but their sources, which should be of concern to everyone.'

 

The journalists targeted included Ben Hubbard, the New York Times' Beirut Bureau Chief (left) and Azam Ahmed, the Times' Mexico Bureau Chief (right) along with other journalists based in India, the Morocco, Mexico and Azerbaijan.

 

Financial Times editor Roula Khalaf was also among those whose phones were targeted

 

In a statement through lawyers Clare Locke, NSO said: 'NSO does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets.

 

'NSO does not operate its technology, does not collect, nor possesses, nor has any access to any kind of data of its customers.

 

NSO Group claims it is on a 'life-saving mission' to combat terrorism

 

'Due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as identity of customers of which we have shut down systems.'

 

It also said its software had 'nothing to do' with Jamal Khashoggi's murder, despite Amnesty International claiming it has proof his widow's phone was hacked using Pegasus after his death.

 

'NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds,' it said.

 

Foreign governments including India, Rwanda and Morocco have all denied using the software to collect data on targets.

 

Others targeted include several Arab royal family members, 65 Business executives, 85 human rights activists, 189 journalists including a 'small number from' CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar.

 

Some of the reporters are named Financial Times editor Roula Khalaf, Siddharth Varadarajan and Paranjoy Guha Thakurta from Indian news site Wire Omar Radi, a Moroccan journalist, Mexican freelance journalist Cecilio Pineda Birto and Azerbaijani investigative journalist Khadija Ismayilova.

 

In 2019, NSO Group reportedly contracted the SKDK - a PR firm run by Anita Dunn, one of President Biden's advisers.

 

She did not immediately respond to DailyMail.com's inquiries about the scope of her work with the firm.

Anonymous ID: 72f94b Feb. 3, 2022, 5:55 p.m. No.3202   🗄️.is 🔗kun   >>3204 >>3257 >>3272

https://www.theverge.com/2021/7/19/22583523/amazon-web-services-bans-nso-group-pegasus-spyware-infrastructure

 

Amazon Web Services bans accounts linked with Pegasus spyware

 

Amazon Web Services (AWS) has banned NSO Group, the company behind the Pegasus spyware program. Vice reported the ban this morning, the day after a sweeping report alleged Pegasus was used to target the phones of human rights activists and journalists.

 

An Amnesty International investigation into Pegasus says the tool compromised targets’ phones and routed data through commercial services like AWS and Amazon CloudFront, a move that it said “protects NSO Group from some internet scanning techniques.” (Vice notes that a 2020 report previously described NSO using Amazon services.) Amnesty International wrote that it had contacted Amazon about NSO and Amazon had responded by banning NSO-related accounts. “When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an Amazon Web Services spokesperson confirmed to The Verge.

 

AWS wasn’t the only service NSO apparently used. The Amnesty International report links it with several other companies, including DigitalOcean and Linode. NSO allegedly favored servers in Europe and the United States, particularly “the European data centers run by American hosting companies.” As the report describes it, NSO would deploy Pegasus malware through a series of malicious subdomains, exploiting security weaknesses on services like iMessage. Once Pegasus compromised a phone, it could collect data from the phone or activate its camera and microphone for surveillance.

 

NSO describes Pegasus as a tool for surveilling terrorists and cybercriminals. But yesterday’s reporting — comprising work from Amnesty International, Forbidden Stories, and 17 news outlets — says governments deployed it indiscriminately against political figures, dissidents, and journalists. That included attempting or completing attacks on 37 phones belonging to targets like New York Times and Associated Press journalists, as well as two women close to murdered Saudi journalist Jamal Khashoggi. The NSO has objected to the reporting, calling it “full of wrong assumptions and uncorroborated theories.”

 

 

'''Alexa, please send everything I say to MOS""

 

You got it, boss

Anonymous ID: 72f94b Feb. 3, 2022, 5:56 p.m. No.3203   🗄️.is 🔗kun   >>3204 >>3257 >>3272

https://www.occrp.org/en/daily/14869-pegasus-revelations-amazon-says-it-will-shut-down-infrastructure-linked-to-nso-spyware-firm

 

Pegasus Revelations: Amazon Says it will Shut Down Infrastructure Linked to NSO Spyware Firm

 

The reverberations from an international media investigation into Israeli spyware firm the NSO Group continue, with Amazon saying it will shut down cloud service infrastructure and accounts linked to the surveillance vendor. As Vice reported Monday, Amazon made the call after a global backlash to the firm’s methods.

 

AmazonAmazon said it will shut down cloud service infrastructure and accounts linked to the surveillance vendor. (Photo: Elliott Brown, Flickr, License)The Pegasus Project – an international collaboration of 17 media organizations including OCCRP, coordinated by Forbidden Stories – exposed how authoritarian governments worldwide are using NSO Group spyware to target journalists and activists. Often, this is done by hacking into phones via spy programs which do not even require users to click on an infected link.

 

"When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts," an Amazon spokesperson told Vice in a statement.

 

The Pegasus Project, named after NSO’s key spyware, has shown how technology made by the group has been used to surveil the phones of dozens of prominent figures. A number of reporters from the OCCRP network were suspected to have been tracked, including Khadija Ismayilova, a reporter who has become a target of the repressive regime in Azerbaijan. Her name had been included in a data leak of 50,000 phone numbers allegedly marked for spyware targeting.

 

Amazon became involved after Amnesty International’s forensic investigation into Pegasus showed that a phone infected with NSO malware sent information "to a service fronted by Amazon CloudFront, suggesting NSO Group has switched to using AWS (Amazon Web Services) in recent months."

 

NSO Group has denied the journalism partnership’s findings, describing them as “uncorroborated theories,” but global condemnation has followed the revelations.

 

UN High Commissioner for Human Rights Michelle Bachelet called the reporting “extremely alarming” in a statement on Monday. The allegations seem to “confirm some of the worst fears about the potential misuse of surveillance technology to illegally undermine people’s human rights,” Bachelet said.

 

European Commission President Ursula von der Leyen said Monday, Reuters reported: "Freedom of media, free press is one of the core values of the EU. It is completely unacceptable if this (hacking) were to be the case."

 

Meanwhile on Tuesday, the Paris prosecutor's office opened an investigation into the allegations surrounding Pegasus, following a complaint filed by French investigative site Mediapart and several of its journalists the day before.

 

Mediapart said its founder and director Edwy Plenel was among the many journalists whose communications had reportedly been infected by NSO Group software. On the list of phone numbers that were assessed during the investigation, more than 1,000 were French.

Anonymous ID: 72f94b Feb. 3, 2022, 6:08 p.m. No.3205   🗄️.is 🔗kun   >>3257 >>3272

https://threatpost.com/nso-group-pegasus-spyware-finnish-diplomats/178113/

 

NSO Group Pegasus Spyware Aims at Finnish Diplomats

 

Finland is weathering a bout of Pegasus infections, along with a Facebook Messenger phishing scam.

 

The controversial Pegasus spyware, developed by NSO Group, has been found on the devices of Finland’s diplomatic corps serving outside the country as part of a wide-ranging espionage campaign, according to Finnish officials.

 

They also said the infections were of the zero-click variety.

 

“The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing and without any action from the user’s part,” Finland’s Ministry for Foreign Affairs announced. “Through the spyware, the perpetrators may have been able to harvest data from the device and exploit its features.”

 

The disclosure said the espionage campaign was shut down and that the case was being investigated throughout the “autumn and winter 2021-2022.”

 

Although Finnish diplomatic communications conducted over mobile devices are usually not of the highest sensitivity, the Ministry added, the compromise is something the government is taking seriously.

 

“Information transmitted by telephone is public or classified at level 4 at the maximum, which is the lowest level of classified information,” the Ministry said. “However, it is worth noting that even if information is not directly classified, the information itself and its source may be subject to diplomatic confidentiality.”

The Pegasus, NSO Group Threat

 

This is precisely the type of scenario that put Israeli company NSO Group in the headlines when it was discovered the company had tools capable of monitoring private WhatsApp messages between journalists and human rights activists during a lawsuit filed by WhatsApp parent company Facebook in Oct. 2019.

 

Last summer, the Guardian newspaper published a report from journalists who reviewed data leaked from NSO Group that found 50,000 phone numbers they believe were being monitored for their clients, dating back to 2016, including Amnesty International employees, human rights lawyers and more.

 

NSO Group denies that it peddles malware to governments for spying and that it isn’t helping nations monitor other countries or their citizens. But just last month, the U.S. State Department said it found Pegasus installed on the iPhones of at least nine employees working abroad — echoing the recent Finnish announcement.

 

NSO said Pegasus doesn’t work on devices in the U.S., but those outside the country could be targeted by the spyware. A Washington Post investigation turned up evidence Pegasus was downloaded on the devices of about a dozen Americans working overseas as journalists, aid workers and diplomats.

 

Last November, NSO Group was added to the sanctions list by the U.S. Government for creating and selling the dangerous malware.

 

The latest reports from Finland seem to fit the Pegasus pattern.

Finland Also Targeted With Facebook Messenger Phishing Campaign

 

Adding to Finland’s cybersecurity woes, the country’s National Cyber Security Centre warned that its citizens were being targeted by a Facebook Messenger phishing scam aimed at tricking users to give up their two-factor authentication codes and phone numbers to hijack their Facebook accounts.

 

“The best way to protect yourself from this scam is to be wary of Facebook messages from all senders, including people you know,” the Cyber Security center cautioned.

Anonymous ID: 72f94b Feb. 3, 2022, 6:10 p.m. No.3206   🗄️.is 🔗kun   >>3257 >>3272

https://www.computerworld.com/article/3649208/second-israeli-firm-accused-of-undermining-iphones-like-nso-group.html

 

Second Israeli firm accused of undermining iPhones, like NSO Group

 

Appleholic, (noun), æp·əl-hɑl·ɪk: An imaginative person who thinks about what Apple is doing, why and where it is going. Delivering popular Apple-related news, advice and entertainment since 1999.

 

As if revelations around surveillance-as-a-service company NSO Group weren’t bad enough, a second Israeli firm has been accused of using the same hack to undermine iPhone security.

 

QuaDream also used the hack, Reuters claims

 

A Reuters report has the details:

 

QuaDream made use of the same flaw to commit similar attacks against iPhones.

The company is smaller than NSO Group, but also sells smartphone hacking tools to governments.

Both companies used the same highly sophisticated "zero-click" ForcedEntry attack, which enabled them to remotely break into iPhones without an owner needing to click a malicious link.

Once deployed, attackers using the software could access messages, intercept calls, and use the device as a remote listening device. They also gained access to the camera and more.

Apple closed this vulnerability in September 2021.

It is believed NSO Group software was used to target the family of murdered Saudi journalist Jamal Khashoggi.

 

The news follows the revelation that the FBI also obtained NSO’s Pegasus spyware, but claims it did not use it. That also follows another recent claim that NSO Group offered “bags of cash” in exchange for access to US cellular networks via the SS7 network.

Apple’s response so far

 

While we don’t know if Apple is aware of the actions of QuaDream, how it responded to the NSO Group attack may be instructional. Apple closed the ForcedEntry vulnerability soon after it was revealed. The company later filed a lawsuit against NSO Group saying the Israeli firm violated Apple’s terms of use.

 

Apple pulled no punches in its suit, which said:

 

“Defendants are notorious hackers — amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.”

 

Ivan Krstić, head of Apple Security Engineering and Architecture, said:

 

“Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users fromabusivestate-sponsored actorslike NSO Group.”

 

With that promise in mind, it’s easy to imagine Apple will now litigate against QuaDream for its abuse of the same vulnerability.

What these attacks are for

 

These attacks aren’t cheap. Reuters cites prices of $2 million and above for access to them. That expense implies most users needn’t worry at this time, particularly as Apple has now patched this vulnerability.

 

Sadly, this does not mean criminal and state-sponsored hackers won’t abuse other so-far-unknown ways to break into your digital lives. (They may be doing so already.)

 

For now, Apple is warning users it identifies as having been hit by these hacks. Some of those affected include Israeli citizens, US diplomats, journalists, dissidents, and opposition leaders in nations around the world.

 

“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors,” said Ron Deibert, director of the Citizen Lab at the University of Toronto.

 

NSO Group and an Israeli firm called Candiru have now been banned in the US. We don’t know if QuaDream will be added to that list, but there are many other firms that also should be constrained.

What you can do

 

The problem with attacks of this kind is that they are highly sophisticated, highly targeted, and, by their nature, hard to spot. They use unknown vulnerabilities to break into a device, and then try to take control of those devices. Until the attack is identified, security researchers and platform providers remain unaware that a flaw exists, so they cannot protect against it.

 

This is why Apple is contributing $10 million to support security research and (I imagine) will probably increase that investment moving forward.

 

Since the NSO Group attack was disclosed, Apple now provides threat notifications. So if it spots activity it sees as consistent with a state-sponsored attack, it will send the user who has been attacked an email, an iMessage, and a notification on that person’s Apple ID page.

 

When it comes to general security tips, Apple’s current advice is to:

 

Update devices to the latest software, which include the latest security fixes.

Protect devices with a passcode.

Use two-factor authentication and a strong password for Apple ID.

Install apps from the App Store.

Use strong and unique passwords online.

Don’t click on links or attachments from unknown senders.

 

It is important to note that any move to permit side-loading of apps on Apple’s platforms will undermine this security and make it easier for groups such as NSO Group or QuaDream to break into your iPhone.

 

Finally, if you think your device has been affected, one (not at all ideal) solution might be to return your device to factory settings and make use of a temporary SIM and a backup Apple ID pending review of your original files.

 

Stay safe out there.

Anonymous ID: 72f94b Feb. 3, 2022, 6:13 p.m. No.3207   🗄️.is 🔗kun   >>3257 >>3272

https://www.washingtonpost.com/politics/2022/02/03/trump-allies-planned-seize-nsa-data-prove-stolen-election/

 

Trump allies planned to seize NSA data to prove stolen election

 

In the waning weeks of Donald Trump’s presidency, allies proposed an extraordinary plan to keep him in office.

 

The plan, outlined in a memo floated to GOP lawmakers, involved seizing raw electronic communications collected by the National Security Agency. An outside team would then sift through that data looking for evidence foreign actors interfered in the 2020 election to aid Joe Biden’s victory, Josh Dawsey, Rosalind S. Helderman, Emma Brown, Jon Swaine and Jacqueline Alemany report this morning.

 

The previously undisclosed scheme – which doesn't appear to have ever reached the White House – would have marked an unprecedented use of the government’s intelligence powers for a president’s political advantage. It comes amid a crush of revelations about similar plans to overturn Biden’s victory, most of which relied on baseless and outlandish conspiracy theories about foreign powers hacking the election from China and Venezuela.

 

Another prominent memo, which is being investigated by the Jan. 6 committee, would have ordered the Defense Department to seize voting machines from local governments to search for evidence of such hacking.

 

The efforts collectively paint a picture of a radical — though ham-handed — effort to reverse the will of the voters in 2020.

 

The NSA memo seems to have been on the fringes of that effort.

 

It’s not clear who wrote the memo, though it was floated to Republican lawmakers by Michael Del Rosso, a failed GOP House candidate from Virginia. Del Rosso and others tried to get the memo into Trump’s hands, but there’s no evidence it ever reached the White House.

 

The plan called for Trump to ask acting secretary of defense Christopher Miller to seize the “NSA unprocessed raw signals data” and tap Del Rosso, former National Security Council member Richard Higgins and an Army lawyer named Frank Colon to do the review.

Colon, however, said he had never heard of the plan and has no idea who Del Rosso is. Colon currently serves as a civilian legal adviser assigned to a military intelligence brigade headquartered at Fort Meade in Maryland, home to NSA. Miller similarly said he had never heard of the plan.

Del Rosso sent the memo to Sen. Kevin Cramer (R-N.D.) after the pair met at a Jan. 4 meeting on election interference claims that was hosted by My Pillow magnate Mike Lindell, my colleagues report. He also sent it to Sen. Ron Johnson (R-Wis.), who was then chair of the Senate Homeland Security Committee.

NSA collects a wide range of foreign electronic data, ranging from emails and phone calls to satellite data. The spy agency is barred from targeting U.S.-based people’s communications without a court order.

 

It’s also not clear if the memo authors had the legal know-how to accomplish their goal.

 

The memo claimed the seizing of NSA data could be authorized by a classified White House policy memo — known as National Security Presidential Memorandum 13 — which deals primarily with the process for approving offensive cyberattacks.

 

Michael Daniel, who led White House cyber operations during the Obama administration, called that a misunderstanding of the policy’s authorities and described the memo as “a crazy tangle of things.”

 

“It would have been a radical departure from normal procedure,” Daniel, who now leads the Cyber Threat Alliance industry group, told my colleagues.

 

The final weeks of the Trump administration were chock-full of similarly outlandish plans to overturn the election results, people familiar with the period told my colleagues.

 

“That period in time was amateur hour with people who did not know Trump or had never met with Trump before in their lives, attempting to get into the Oval Office to get authorized to do investigations that the rest of the government had examined and had said there was no evidence for,” said Michael Pillsbury, an informal adviser to Trump at the time.

 

The keys

 

For the first time, the FBI acknowledged testing NSO spyware

 

The FBI explored how the controversial spyware might be used in criminal investigations, but never actually deployed it in any investigations, Ellen Nakashima reports. The FBI decided not to deploy the spyware last summer, around the time when The Washington Post and 16 media partners found that NSO’s Pegasus spyware was used to target the phones of activists, executives and journalists around the world, according to the New York Times Magazine.

 

One big concern: Using the spyware could complicate subsequent prosecutions if the Justice Department were to bring charges, people familiar with the events who spoke on the condition of anonymity because of the matter’s sensitivity told Ellen.

 

NSO critics expressed concern about the FBI’s moves. “This is extremely troubling and raises basic questions about whether Americans’ constitutional rights are being sufficiently protected as the FBI explores or uses hacking tools,” said John Scott-Railton, senior researcher at the University of Toronto research group Citizen Lab, which has examined infected devices and published research on NSO spyware. He called on the U.S. government to be “much more transparent about the use of such contractors and what ethical oversight is involved."

 

"Democracies and dictatorships shouldn’t share a hacking toolbox,” Scott-Railton said.

 

In other spyware news: Israeli police reportedly used spyware to hack a key person involved in a criminal case against former prime minister Benjamin Netanyahu, the Times of Israel reports. It’s not clear whether Pegasus was involved, but Israeli media reported that authorities discovered the hack as part of an investigation into reports that the country’s police illegally used NSO spyware. Netanyahu called the revelation an “earthquake.”

 

The Biden administration is considering rules that could expand government oversight of TikTok and other foreign-owned apps

 

The rules would apply to apps that can be exploited “by foreign adversaries to steal or otherwise obtain data.” They could let the Commerce Department require apps to submit to audits, opening the door to independent scrutiny of their source code and the types of data that they collect, Cat Zakrzewski and Drew Harwell report.

 

Trump earlier sought to outright ban TikTok, WeChat and other Chinese-owned apps — a move that had faced court challenges.

Biden revoked Trump’s order and launched a security review that produced the current proposed rules.

 

The Commerce Department doesn’t have a timeline for when the rules will be finalized.

 

North Korea targeted an American hacker. He retaliated by taking down the country’s Internet.

 

The spat began when North Korean hackers posed as security researchers and targeted Western researchers in an attempt to steal sensitive information on software vulnerabilities that they had discovered.

 

The hacker, who goes by the pseudonym P4x, said he successfully defended himself from the North Korean attacks. But he was so outraged that he decided to retaliate, WIRED’s Andy Greenberg reports. The U.S. government hasn’t publicly responded to the North Korean hacking campaign.

 

According to P4x, he found software vulnerabilities on systems that are essential for North Korea's connection to the global Internet and exploited them to take sites hosted in the country offline. He shared screen recordings with WIRED to show that he was responsible for the cyberattacks.

 

“It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” the hacker told Greenberg. “I want them to understand that if you come at us, it means some of your infrastructure is going down for a while.” The hacks were also meant as a message to the U.S. government that it should respond more aggressively to North Korea's digital belligerence, the hacker said.

 

Most of North Korea doesn’t have access to the global Internet. Many of the sites P4x took down were used for government activities like international propaganda, researchers said.

Anonymous ID: 72f94b Feb. 3, 2022, 6:23 p.m. No.3208   🗄️.is 🔗kun   >>3257 >>3272

>>3204

>They were using Pegasus to spy on Trump

https://www.theguardian.com/world/2020/feb/04/ex-obama-official-juliette-kayyemInauthentic Anonuits-israeli-spyware-firm-amid-press-freedom-row

 

Ex-Obama official exits Israeli spyware firm amid press freedom row

 

A former Obama administration official who has faced criticism from press freedom groups for her role as a senior adviser at NSO Group has stepped down from the Israeli spyware company.

 

The disclosure of the public departure of Juliette Kayyem, a high-profile national security expert and Harvard professor, as a senior adviser to NSO came just one day after a controversy over her role at the spyware group prompted Harvard to cancel an online seminar she was due to host.

 

The “webinar”, which was focused on female journalist safety, was cancelled after officials from the Committee to Protect Journalists, among others, criticised Kayyem’s work for NSO, whose technology is claimed to have been used to target journalists and human rights campaigners. NSO has denied the allegations.

 

Ahmed Zidan, CPJ’s digital manager, said in a tweet that the former Homeland Security official’s role at the event was akin to inviting a “coal executive to talk about renewable energy”.

 

The decision by Harvard’s Shorenstein Center to cancel the event after receiving criticism of Kayyem’s involvement in the webinar is the latest sign that spyware companies are coming under increasing scrutiny.

 

The circumstances around Kayyem’s departure are not clear.

 

The former Obama administration official did not respond to several requests for comment.

 

NSO announced six months ago it was hiring three new advisers to support the company’s work to “assist governments in fighting serious crime and terrorism”: Kayyem, Tom Ridge, the former US secretary of Homeland Security, and Gèrard Araud, the former French ambassador to the US.

 

The company has said its technology is only intended to be used to fight crime and that it investigates allegations of wrongdoing by customers who license its technology.

 

But since that announcement, NSO has faced allegations that its technology has been used to target members of civil society. WhatsApp, the popular messaging app, is suing NSO in a US court and has alleged that the company’s spyware was used to hack 1,400 of its users over a two-week period last year. NSO has denied the allegations.

 

The company is also reportedly under investigation by the FBI, according to Reuters, and is facing separate lawsuits in Israel. Last week, a New York Times reporter working with Citizen Lab alleged his phone had been targeted by Saudi Arabia using NSO technology. The company has denied the allegation.

Juliette Kayyem waves to the crowd before her speech at the Democrat state convention in Worcester, Massachusetts, in 2014

 

Democrat state convention in Worcester, Massachusetts, in 2014. Photograph: Boston Globe/Boston Globe via Getty Images

 

The latest controversy began when the Shorenstein Center announced last week it would host a “webinar” featuring Kayyem that was focused on ways female journalists could protect themselves, both on- and offline.

 

In tweets that appear to have since been deleted, Kayyem joked that she would not be teaching women how to take down 200lb men, but that she would be offering advice to women that they might not like to hear, like not posting realtime photos of their children.

 

Press freedom advocates questioned the Shorenstein Center’s decision on Twitter. One campaigner, Courtney Radsch, noted the irony of Kayyem’s involvement, and said she wondered if the event would cover how journalists could protect themselves from NSO Group’s signature technology, Pegasus, which has been described as sophisticated malware that is almost impossible to detect.

 

A spokeswoman for the Shorenstein Center declined to comment on the decision to cancel the event.

 

But a person familiar with the matter said the the event’s organisers had not been familiar with Kayyem’s connection to NSO until after it was pointed out by critics on Twitter. Once Kayyem’s work for NSO was discovered, the person said it confronted Kayyem and that there was “no question” that it would be cancelled.

 

When the Guardian approached NSO late on Monday, the company said in an emailed statement that Kayyem had stepped down from NSO.

 

“Juliette played an important role advising NSO on its governance framework, and we’re grateful for her leadership and experience during her time as senior adviser,” the statement said. It added that her work for the company had concluded in 2019.

 

Asked to clarify the date of her departure, since Kayyem was still listed as working as an adviser on NSO’s website as recently as last weekend, NSO did not reply.

 

The revelation marks the second time Kayyem’s association with NSO has created controversy for the former Obama administration official. Kayyem was appointed last October to serve as an opinion section contributor at the Washington Post. At the time, an editorial page editor noted that Kayyem was a “leading voice in her field” and would “help make sense of how the US approaches its most challenging national security issues”.

 

But days later, Kayyem announced she would not accept the job after facing criticism on Twitter about her role at NSO. At the time, she said in a statement on Twitter that she was working at NSO to help “ensure that this technology is used appropriately, and that fundamental human rights are protected and respected”.

 

“I still believe reasonable people can disagree on issues of our security and rights and will continue to speak and write about that,” she said.

Anonymous ID: 72f94b Feb. 3, 2022, 6:25 p.m. No.3209   🗄️.is 🔗kun   >>3257 >>3272

https://prospect.org/power/biden-advisers-ride-on-pegasus-nso-spyware/

 

Biden Advisers Ride on Pegasus Spyware

 

 

A new investigation by The Washington Post and a consortium of 16 international news outlets reveals that software from an Israeli company named NSO Group has spied on hundreds of journalists, activists, executives, and government officials. Its infamous product Pegasus can crack into encrypted phones without a trace and is used by autocrats. The findings are part of the Pegasus Project, which has already presented evidence of the spyware being used to hack the slain Mexican journalist Cecilio Pineda Birto as well as two people close to the journalist Jamal Khashoggi.

 

But NSO Group has been deflecting from its relationship with authoritarian governments for years. After its surveillance tech was caught being used to target dissidents, the notorious Israeli company sought the assistance of WestExec Advisors, the consultancy founded by now–Secretary of State Tony Blinken and staffed by prominent national-security experts from the Obama administration.

 

More from Jonathan Guyer

 

WestExec turned the company down, but NSO was persistent. It was investing heavily in a revamp of its global reputation in response to accusations of its spyware’s abuse, especially in the hands of Saudi Arabia. NSO must have sensed just how influential Blinken’s tight-knit group of former policymakers was, though the client didn’t align with WestExec’s stated principles.

 

The consulting group stood firm, but NSO had actually already recruited one of its members. Dan Shapiro, a WestExec consultant based in Israel and Obama’s former ambassador to the country, had already been working for NSO.

 

Shapiro began independently advising NSO in mid-2017, months before WestExec was established. He counseled NSO on how to prevent the misuse of its technology and advised the company to stop selling its hacking tools to Saudi Arabia, according to The New York Times. Initially, NSO heeded. But then, under new ownership—and with the encouragement of the Israeli government and the Trump administration—NSO once again sold its powerful software to Saudi Arabia.

 

Many Washington operators were willing to do lucrative business for the NSO Group, and it hasn’t necessarily hurt their careers.

 

Shapiro advised NSO through the end of 2018 and participated in Biden campaign strategy calls in 2020. He is now under consideration to be President Biden’s special envoy to the Middle East.

 

That a consulting firm specializing in national-security tech like WestExec Advisors rejected NSO Group’s entreaties, while advising other defense contractors and tech companies, shows just how beyond the pale NSO’s products are. Working for Israeli hackers, WestExec consultants may have thought, would hurt their chances of re-entering government. (It’s a decision validated by Biden appointing more than 15 members of the boutique firm to the administration.)

 

Still, many Washington operators were willing to do lucrative business for the NSO Group, and it hasn’t necessarily hurt their careers. Shapiro has been floated for a State Department appointment to continue Trump’s policy of securing accords between Israel and Arab states. Shapiro declined to comment on the record.

 

The list of Washington operators who have benefited directly from working with NSO is long, and they don’t want to talk about it. The consultancy Beacon Global Strategies—founded by longtime Hillary Clinton adviser Andrew Shapiro, former CIA and Pentagon official Jeremy Bash, and former House aide Michael Allen—quietly provided advice to NSO until mid-2019. Attorney Dan Jacobson provided legal services to NSO’s parent company and joined the Biden administration this spring as general counsel for the Office of Administration. Rod Rosenstein, after two years as deputy attorney general, advised NSO in a lawsuit the Facebook affiliate WhatsApp had brought against it. Jeh Johnson, Obama’s homeland security secretary who was in the running to be Biden’s defense secretary, signed off on NSO’s human rights policy. Obama homeland security official Juliette Kayyem advised the hacking group.

 

The company’s PR is currently being done by Mercury Public Affairs, where retired Sen. Barbara Boxer is a co-chair and former Los Angeles Mayor Antonio Villaraigosa is a partner. Mercury, which receives $120,000 monthly to represent NSO, did not respond to a request for comment.

 

The list possibly includes one current White House official. Anita Dunn took a leave of absence from her consulting firm SKDKnickerbocker and joined the Biden White House in January as a senior adviser. Her firm advised NSO Group in 2019. It’s unclear whether she personally worked for the company. Dunn has circumvented federal ethics rules that require disclosures of income, assets, and clients by serving as a temporary employee in the executive branch and taking a salary just below a threshold that would require public filings. She says she plans to leave the White House soon.

 

Dunn’s firm defended NSO on the record. Even if she may have not been directly working for NSO, Dunn was willing to lend her name—hers is the D in SKDK—to repair the company’s image. “What sets NSO apart from many other cyber technology firms is its commitment to an ethical business framework that relies on the expertise of people with national security and intelligence backgrounds from around the world to evaluate potential customers and review current customers,” Dunn’s firm told The Intercept in 2019. SKDK declined to comment to the Prospect.

 

The experts counseling NSO have hardly helped bring it closer toward ethical behavior; in fact, as the Pegasus Project trickles out new reporting, what’s clear is that Washington consultants have lent a veneer of principle to a company whose malicious software has hacked more than 180 journalists and 14 world leaders.

 

The NSO Group’s co-founder says that its spyware is designed to target “bad guys,” and is only sold to states that comply with its protocol. But its first annual Transparency and Responsibility Report, released last month, is not all that transparent about its clients. There’s much more insight into the company—its high regard for itself, its Silicon Valley vibes—on NSO’s active LinkedIn page, with posts celebrating Pride Month or Earth Day, and photos of ​​a rave in the desert it hosted for employees to toast the end of Israel’s coronavirus lockdown.

 

Without any irony, the company celebrated World Data Privacy Day in January on social media. “At NSO Group, we have committed ourselves to high ethical business standards by embedding human rights protections throughout all aspects of our work,” it posted, above an image of a padlock set against neon-colored zeroes and ones. Amid damning revelations about its spyware, not even the best consultants can rebrand NSO.

Anonymous ID: 72f94b Feb. 3, 2022, 6:45 p.m. No.3210   🗄️.is 🔗kun

https://twitter.com/TheMarieOakes/status/1489428383297683458

 

The convoy is just making it to Quebec City, Quebec, Canada tonight for this weekends convoy protest.

Anonymous ID: 72f94b Feb. 3, 2022, 6:48 p.m. No.3211   🗄️.is 🔗kun

https://twitter.com/Resist_05/status/1489004963082604545

 

Australia has fallen.. 1 year and 3 year old children refused hospital care due to mother being unvaccinated.!