back to article Israeli authorities investigate NSO Group over Pegasus spyware abuse claims

Israel's Ministry of Defense says the nation's government has visited spyware-for-governments developer NSO Group to investigate allegations its wares have been widely – and perhaps willingly – misused. A Ministry tweet delivered the news in Hebrew, and online translate-o-tronic services render the text as follows: …

  1. A random security guy

    NSO caught with its pants down

    They can pretend all they want but the game is up. Israel will try to whitewash NSO's behavior but they will have to back off.

    1. Anonymous Coward
      Anonymous Coward

      Re: NSO caught with its pants down

      And if other nations determine that NSOG is guilty then those nations will put pressure on Israel. If Israel refuses to acknowledge those concerns then they could find themselves the target of U.N. sanctions. They can defend NSOG if they want, but doing so may leave them in a position where the rest of the world says "Wrong answer. Do not pass Go, do not collect $200, go directly to Jail." It will be a proverbial jail, but Israel may find itself just as trapped as if it were real.

      1. MrReynolds2U

        Re: NSO caught with its pants down

        Erm... you didn't mark your post as sarcasm.

        Both the US and the UK would veto any attempt to sanction Israel.

        1. James12345

          Re: NSO caught with its pants down

          It depends on if it is a Security Council item, where the US has the ability to veto items. The UK also has that ability, but tends to be more than happy to put the boot into Israel.

          1. Yet Another Anonymous coward Silver badge

            Re: NSO caught with its pants down

            >The UK also has that ability, but tends to be more than happy to put the boot into Israel.

            They could face the ultimate sanction - a visit from Priti Patel

        2. teknopaul

          Re: NSO caught with its pants down

          European sanctions perhaps, then the UK and the US don't get a vote.

  2. henryd

    Why target the NSO?

    Amnesty have a well documented obsession with Israel.

    Will they now go after other bad actors in the UK, US, China, Russia?

    Methinks not, its so much easier to go after a soft target.

  3. BebopWeBop
    Trollface

    Maybe the Israeli MoD are concerned that NSO ware has been used to target them - or are there revelations to come regarding Israeli use against the US and EU countries?

  4. Pete 2 Silver badge

    If NSO spyware is any good ...

    > Representatives from a number of bodies came to the NSO company today

    They would have known about this visit weeks ago.

    1. Anonymous Coward
      Facepalm

      Re: If NSO spyware is any good ...

      It's just a PR move where Israel can say they are investigating and other countries need to wait until the investigation is complete. In a year or so they will report that they found no illegal activities by which time the spotlight will have moved on.

  5. Pascal Monett Silver badge
    FAIL

    "[NSO] does not authorise use of the software other than for matters of national security"

    Well whoop-dee-doo. As if that mattered when you're selling spyware to governments.

    Besides, you're not the one deciding what is a matter of national security. By your own definition, there are no governments using your software illegally - all they need to do is define each usage as a matter of national security.

    And everyone is operating legally. Ba-doum, tish !

  6. Headley_Grange Silver badge

    How does it work?

    Something I've not been able to work out from the coverage so far - does NSO retain some control over it's product after they have sold it? The seem adamant that many of the phone numbers on the lists which the press have published aren't targets, which implies that they have knowledge of their customers' targets. I sort of find this hard to believe, but also can imagine that they'd want to keep some sort of control of the product, given how dangerous it could be if it got into the wild. Then again, if everything went through their servers that could bring its own dangers!

    Anyone know?

    1. doublelayer Silver badge

      Re: How does it work?

      We don't have knowledge of everything in their code, so these points are based on partial information which has been released:

      First, NSO operates several servers which are used to install and operate the malware. This means they know at least some of the targets because they are infecting them on behalf of their clients. We don't know whether it's possible to change those servers to ones that NSO don't operate. Similarly, we know that NSO has target limits where certain licenses are paid depending on how many devices you want to force spyware onto. That implies but doesn't necessarily mean that there is some mechanism for checking whether a client has complied with those licenses or preventing them from infecting others when they have run out of credits. This would also imply that they know when and by whom someone was infected even if they go to some effort not to know who the victim was.

      More speculatively now, I think NSO must continue to control the malware after they've sold it because they are operating in a very ambiguous area. They do have some protection from Israel for some reason which has never really made sense to me, but if Israel decided they no longer supported NSO, there would be major problems for the company. Therefore, NSO needs to make sure that, whichever governments or groups (yeah, I'm not buying their claims) they sell it to, they don't sell it to someone who will cause Israel to abandon them. For instance, they could sell it to governments for repression of the local populace, but selling it to someone who would use it against Israeli government figures is something they'll do a lot to avoid. Making a version available which is easily controlled without their knowledge is an invitation to do exactly that. They have strong financial and safety incentives to control who gets to buy and who gets to be the victims, and I'm going to assume that they know these things very well.

      1. Headley_Grange Silver badge

        Re: How does it work?

        Thanks, doublelayer.

        1. teknopaul

          Re: How does it work?

          I have rule of thumb for government spyware and hacking: if they can do it, they are doing it.

      2. MacroRodent

        Re: How does it work?

        I have wondered about the origin and reason for the existence of that famous list of phone numbers. Being part of NSO:s license control is one reason that makes sense. However having a plaintext master list of targets feels like bad security.

        1. Cliffwilliams44 Silver badge

          Re: How does it work?

          Regardless of whether you think what NSO are doing is right or wrong I always wonder why:

          When members of the International Left, of which Amnesty is a major player, "steal" proprietary and confidential intellectual information or communications from a government or corporation it is seen as some public service but when it is done in the reverse, i.e. The DNC emails it is viewed as a crime! This smacks of the typical legal double standard the Left always wants to operate under.

          This incident requires answer:

          1. Does NSO retain control of the distribution of the spyware to targeted individuals.

          2. Is this supposed list accurate as to submitted targets by their customers. or

          3 Has Amnesty just made up this list (including the dead journalists) as a way to target a known adversary of theirs, Israel.

          4. If the list is genuine, was it obtained legally? An insider leaking the list is NOT legal.

          5. If not then those who stole it and those who received it should be prosecuted.

    2. arachnoid2

      Re: How does it work?

      Command and Control as with much of the malware used to lock systems will be in overall control of the main designer/operator.It will undoubtedly be licensed out on a per-user basis with the end user only having a basic interface, not the actual code required to achieve the access and lock.

      That is unless a third party or state nation has somehow copied the code from their servers and is using/selling it themselves or a facsimile which leaves traces of other vendors spyware as a feint if discovered.

  7. DS999 Silver badge

    Israel seems to be a hotbed for evil tech companies

    There are a bunch of them - Cellebrite is another that's been the subject of multiple Register articles that's based in Israel. Not that the US lacks them, but while Cisco and AT&T may do some bad things on the side that's not their entire business model like the ones in Israel.

    I imagine the US and other "five eyes" prefer not having such companies in their country to avoid the risk of their lawmakers getting upset and passing inconvenient laws when big revelations come out like the recent NSO Group news. Israeli citizens long ago surrendered to the idea that giving up privacy for security is a good thing, so there's no worry about that there.

    1. Anonymous Coward
      Anonymous Coward

      Re: Israel seems to be a hotbed for evil tech companies

      Suppose your country was surrounded by hostile nations.

      Suppose you saw your military's job to defend the country and not just shuffle defense spending to each politician's locale

      Suppose you saw that cyber gave you an asymetric advantage compared to massed ranks of infantry trooping past a saluting stand or aircraft carriers with no planes.

      Suppose your military recruitment was based on which school you went to - but for the courses you took and grades you got rather than knowing which direction to pass the port.

      1. teknopaul

        Re: Israel seems to be a hotbed for evil tech companies

        Being surrounded by enemies is a state you get yourself into.

        Hacking and spying on all your neighbours does not help.

        Talking about the UK, natch.

    2. doublelayer Silver badge

      Re: Israel seems to be a hotbed for evil tech companies

      This isn't really accurate. For example, you've mentioned Cellebrite, whose most well-known product is a tool for breaking into mobile devices. They aren't the only company to make products for that purpose. Another well-known one is Grayshift, which is based in the U.S. You can find companies producing malware with government support in many countries.

      Israel is a special case mostly because they have an unusually large tech sector for the size of their country, and many of their tech people have trained in security-related issues and chose to make that the core of their companies. They just have a lot of companies in that area, meaning they're bound to have some well-known malware ones in that mix. Some of those companies also get unusual levels of support by the Israeli government, but that's not unique to them either. This doesn't exonerate Israel for the crimes its companies engage in without investigation, but there are other countries who are culpable of the same.

  8. Ashto5

    PR Stunt

    It is the same as the USA investigation into its tech sector pure unfiltered BS

    Nothing to see here move along, everyone is doing the right thing.

  9. Anonymous Coward
    Anonymous Coward

    Give them a break

    Offence is the best defence. Whatever Israel has to do to survive in a hostile world, it will. When your neighbours are Hamas, Hezbollah, Assad and the Ayatollahs, you do not need to make excuses. Instead of singling out this state for one-sided and hypocritical venom, we should be standing up for it as the only place in the region or indeed the world where Arab citizens have free and fair elections or where you can safely have LGBTQ marches in public. It is remarkable what they have achieved in high-tech and so much else despite living in such a hostile environment.

  10. Toni the terrible Bronze badge
    Megaphone

    Nothing New Here

    Most major Governments using spyware on its citizens phones - worldwide. Not a surprise. That the spyware was devloped by a commercial group - not a surprise. A country like Israel has such groups and produced a very successful piece of spyware which they sold and cannot really control the use - not surprising certainly after Russian Federation, Five Eyes and ROC actions. That Israels enemys will use its existance, it or knockoffs against Israel - only to be expected.

    That we live in an electronic Panoptican that is getting worse each year - are you surprised?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like