In the high-stakes, cloak-and-dagger intelligence industry, you need secrecy to survive. Criminals have always been good at using advanced technology to hide their identity from governments. Israeli startup NSO Group claims to be using the same strategy to help governments stay one step ahead of perceived threats.
The problem? ‘Threat’ has a different meaning for everyone: With the governments of the UAE and Mexico allegedly using the NSO Group’s software to target citizens expressing dissent, including human rights activists, the Israeli startup has found itself embroiled in controversy.
Get our weekly highlights directly in your inbox!Sign up
The mobile surveillance company sells advanced hacking tools to governments, intelligence agencies, and military entities. It has a reputation for being one of the most secretive spyware companies: Reuters recently reported that the startup has changed its name several times to maintain a low profile.
Despite these attempts at flying under the radar, the company has recently made headlines with a report that private equity company Blackstone, along with the Clear Sky fund, will acquire 40 percent of NSO for $400 million, bringing its valuation to a whopping $1 billion. A spokesman for the company told NoCamels he could not confirm the report. Blackstone will purchase the shares from the current owner, Francisco Partners, which acquired NSO in 2014 for $130 million.
Founded in 2009 by CEO Shilo Julio, VP Omri Lavi, and Niv Carmi, the NSO Group currently employs 500 people. It claims its mission is to make the world a safer place “by providing authorized governments with technology that helps them combat terror and crime.” Their strategy is to sell governments cutting-edge spyware that can be used to gain intelligence. The most well-known of these is the ‘Pegasus’ spy software, a “lawful intercept spyware product,” according to the University of Toronto cyber security research group, the Citizen Lab.
Cyber security experts have identified Pegasus as the tool used in several high-profile hacks. The software is capable of recording phone calls, monitoring phones’ cameras and microphones, and accessing text messages, photos, and web history. Not only does it breach privacy, it does so in a way that is hard to trace: it provides no alerts that it is present, and has a self-destruct mechanism that covers its trail.
It received global attention in 2016 when it was discovered to have been used to hack into the phone of Ahmed Mansoor, a United Arab Emirates human rights activist.
Mansoor received a text message offering to provide information about tortured detainees in the UAE if he clicked on a link in the message. Suspicious, he alerted the Citizen Lab, who traced the technology back to the NSO Group. Had Mansoor clicked on the link, the organization using the Pegasus software (suspected to be the UAE government) would have had full access to the activist’s phone.
“A new era of mobile hacking”
According to cyber security firm Lookout, the attack on Mansoor was “the most sophisticated mobile attack we’ve seen yet, and marks a new era of mobile hacking.”
A report from Citizen Lab released earlier this year revealed that the software had also been deployed in Mexico. 76 text messages were sent to targets within Mexico, including lawyers investigating the disappearance of 43 students, influential journalists, an anti-corruption academic, and a minor child of a journalist. Many of the text messages impersonated legitimate organizations. While experts cannot confirm that the Mexican government was responsible, circumstantial evidence suggests that this is the case.
Earlier this year, an Android version of the Pegasus malware (termed ‘Chrysaor’) was discovered. Google’s Vice President of Security Intelligence Mike Murray commented that Chrysaor was “one of the most sophisticated and targeted mobile attacks we’ve seen in the wild.” Google identified targets of the software located in Israel, Georgia, Mexico, Turkey, and the UAE.
The ethics of the industry are becoming increasingly unclear
Organizations such as Lookout and Citizen Lab are continuing to chase NSO’s trails and expose the company’s activities. It’s no longer a simple case of good guys versus bad guys: With governments misusing software sold by a legal company, the ethics of the industry are becoming increasingly murky.
It is not uncommon for governments to use spyware and hacking software to gain intelligence. Allied Market Research predicts that the global lawful interception market (which includes data gathering from government organizations and law enforcement agencies) will reach $3.3 billion by 2022. Companies such as Israel’s Cellebrite, which provides mobile forensic extraction, decoding, and analysis software, are also seeing success in the government sector.
NSO claims to work only with legitimate law enforcement agencies and governments; still, many are dissatisfied with the cooperation between spyware companies and governments with poor human rights records.
Whether or not the closely held NSO reveals more about its operation in the future, there is no doubt it can use its cutting-edge software to hack devices for the purpose of preventing crime and terrorism.