July 19, 2021

US 'Power Brokers' Benefited From Defending Israeli Spyware Maker

NSO Group, the Israeli surveillance firm behind Pegasus (Screen shot from The Hindu)


A massive journalism project involving 17 media outlets from around the world exposed the dark underbelly of Israeli surveillance firm NSO Group and their collaboration with governments to target journalists, human rights activists, and even powerful regime opponents.

That underbelly includes the “power brokers” in the United States who benefited from the NSO Group’s business ambitions.

Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates each reportedly hired NSO Group. The firm preyed upon thousands through spyware known as Pegasus.

National Security Agency whistleblower Edward Snowden called for trade to be halted around this technology. “We won’t be safe until we change the game.”

The Guardian reported, “At least 50 people close to Mexico’s president, Andrés Manuel López Obrador—including his wife, children, aides and doctor,” were included in a list of phone numbers prior to his election in 2018.

Daraj, a Lebanese media outlet, found the United Arab Emirates targeted ministers in the Yemen government led by Abd Rabbo Mansour Hadi.

The Flemish news magazine known as the Knack reported that Belgian American Carine Kanimba, the daughter of Paul 'Hotel Rwanda' Rusesabagina, contained “numerous traces of Pegasus spyware.”

In India, The Wire called attention to the targeting of Rahul Gandhi, who led the country’s opposition party in the general election against Prime Minister Narendra Modi. The outlet suggested what they uncovered raised “troubling questions about the integrity of the electoral process.”

The NSO Group has not established a foothold in the U.S., however, former and current officials of the Obama, Trump, and Biden administrations were paid to defend the NSO Group, according to the Washington Post.

An NSO subsidiary known as OSY paid former Homeland Security secretary Jeh Johnson, who was part of the Obama administration, to review the company’s updated human rights policy. He gave it a “stamp of approval.”

Johnson contended the policy was “substantially aligned” with United Nations principles, but a UN expert disagreed, maintaining it failed to address the “legacy of harm perpetuated as a result of NSO Group’s failure to ensure that its technology is used responsibly.”

WhatsApp sued the NSO Group in October 2019, alleging the NSO Group exploited a vulnerability in their app to target 1,400 mobile phones belonging to “attorneys, journalists, human rights activists, political dissidents, diplomats, and senior foreign government officials.”

Law firm King & Spalding was hired to lead the the NSO Group’s legal defense. Rod Rosenstein, former Trump deputy attorney general, was one of the advisers involved, the Post added.

“In 2019,” as the Post detailed, the NSO Group “embarked on a VIP spending spree in hopes of cleaning up its reputation” following a lawsuit against their alleged role in the murder of Jamal Khashoggi.

Three people were hired to help the NSO Group continue their work: Tom Ridge, the first Homeland Security secretary, Gerard Araud, France’s former ambassador to the U.S., and Juliette Kayyem, who was a Homeland Security official under Obama.

A Tool Prized By 'Press Freedom Predators'


All of the above revelations stem from Amnesty International’s Security Lab, which accessed a leak of more than 50,000 records containing phone numbers of targets for surveillance. More than 15,000 were tied to Mexico.

There will be more revelations as articles are published throughout the week.

Direkt36 described how the lab “examined 67 devices that may have been targeted in spyware attacks based on the leaked database. In 23 of these cases, it was found that the phones had indeed been hacked with Pegasus, and in 14 other cases, traces of an attempted intrusion were discovered.”

“There were no such results in the remaining 30 forensic analyses, but in many instances this was due to the fact that since the date of the suspected surveillance, people have already replaced their phones and therefore lost data. In addition, among the phones examined were 15 Android devices, which, unlike iPhones, do not store the kind of information that would allow AI’s staff to clearly determine the device’s hacking.”

Direkt36 added, “Even among these Android phones were three that showed signs of hacking attempts, as they were found with text messages bearing the traces of Pegasus.”

Forbidden Stories brought the media consortium together. They said the list of journalists hacked by Pegasus is long and includes “award-winning Azerbaijani journalist Khadija Ismayilova; reporter Szabolcs Panyi from Direkt36, an Hungarian investigative media outlet."

"Freelance Morrocan journalist Hicham Mansouri, the director of the French investigative site Mediapart, Edwy Plenel, and the founders of the Indian independent media The Wire, one of the few news organizations in the country that does not rely on money from private business entities," were targeted too.

“This is appalling,” Reporters Without Borders secretary-general Christophe Deloire declared. “The revelations about the use of the Pegasus spyware inspire shock and revulsion, given the extent of the surveillance and targeting of journalists. No, NSO Group does not contribute to ‘global security and stability,’ contrary to what the company claims."

“Pegasus is a vile and loathsome tool, invented by digital mercenaries and prized by ‘press freedom predators’ for use in persecuting journalists,” Deloire added.

Tim Dawson, the chair of the International Federation of Journalist’s expert group on surveillance, asserted, “Allowing tyrants, despots, and the enemies of freedom access to tools such as Pegasus is the 21st century equivalent of smashing printing presses and storming TV stations."

We Must 'Change The Game'


Snowden plainly contended the revelations around Pegasus showed the potential for phones to spy on users was worse than a lot of what he contemplated. An entire industry has been created  to take control of phones and turn those devices against the people who bought and paid for their phones but no longer truly own them.

“This is an industry that should not exist,” Snowden stated, noting that NSO Group was one notorious surveillance firm out of several others. “When I look at this, what the Pegasus Project has revealed is a sector, where their only product are infection vectors.”

“They’re not security products. They’re not providing any kind of protection, any kind of prophylactic. They don’t make vaccines. The only thing they sell is the virus. And I think buying that they only sell this to governments doesn’t make that better when you look at who the targets are that have just been revealed,” Snowden added.

Thomas Drake, an NSA whistleblower, said that “surveillance of others” is big business. Businesses hired to monitor for profit and revenge direct their tools at those who “expose lawfare, abuses of power, and corruption.” They are especially drawn to pursue these individuals if their work poses a threat to the power of nation states or “mercenary ‘security’ cabals.”

United Nations human rights chief Michelle Bachelet was outraged and said a “red line has been crossed again and again with total impunity.”

Much of the focus is on the vulnerability of Apple’s iPhones to Pegasus, but the systematic targeting of journalists, human rights activists, and political opponents by authoritarian governments will not be stopped by technology corporations adopting better security.

Predatory firms will simply move on to the next vulnerabilities, and governments will still hire companies like the NSO Group.

The Pegasus Project has given global citizens an extremely detailed accounting of how a surveillance firm can profit off state repression, but it is worth acknowledging that WikiLeaks published emails from Italian surveillance malware vendor Hacking Team in 2015 that offered a quite a glimpse into the business of “digital predators.”

WhatsApp’s lawsuit has also provided an opening for action against spyware developers. A U.S. federal court already concluded the messaging app had grounds to proceed against the NSO Group, but the firm appealed.

Out of all the responses, Snowden offered the most profound call to action. “There are certain industries, certain sectors, from which there is no protection. We don’t allow a commercial market in nuclear weapons.”

“If you want to protect yourself, you have to change the game, and the way we do that is by ending this trade.”