The NSO Group, known for its suite of exploitation tools, found itself again at the center of unwanted attention when Apple revealed that it had warned a number of people, including 11 members of the the US Embassy in Kampala, that their iPhones had been compromised. . The compromise was made, according to Apple, by an unknown entity using “Pegasus” spyware designed by NSO Group.
NSO Group has pledged to end its sales and support to customers who misused its software, but has yet to identify those customers, including those who caused the compromise of department staff. of American state. In a reassuring gesture, phone numbers with the U.S. country code +1 are believed to be blocked from exploitation by NSO Group’s Pegasus software.
The question remains: who is the NSO group’s customer targeting US interests?
Eyes on the NSO Group
In July 2021, the NSO Group described its toolkit as the reason millions of people around the world could sleep well at night because their technology was made available to intelligence and law enforcement. fighting, among other things, against terrorism, according to Business-Standard.
But also in July 2021, the Israeli government announced the formation of a high-level inter-ministerial team to determine whether spyware developed by Israeli companies was, in fact, being abused. At the same time, French President Emmanuel Macron called for an investigation into Pegasus after learning he had been targeted by spyware.
In September 2021, Citizen Lab provided its independent spyware research, which prompted Apple to update its iOS to fix the identified vulnerability.
On November 3, 2021, the US Department of Commerce Added NSO Group to its list of entities for malicious cyber activity. NSO Group has been described as a company that “developed and supplied spyware to foreign governments who used these tools to maliciously target government officials, journalists, businessmen, activists, academics. and embassy employees ”.
The National Security Council’s statement regarding the turn of events involving NSO Group was blunt: “We have been deeply concerned that commercial spyware like NSO Group software poses a serious counterintelligence and security risk to U.S. personnel, which is one of the reasons the Biden-Harris administration has placed several companies involved in the development and proliferation of these tools on the Commerce Department’s entity list.
Targets identified by Apple
November 23, 2021, Apple sued NSO Group, describing the entity as “notorious hackers – amoral 21st mercenaries of the century who have created highly sophisticated cyber-surveillance mechanisms that invite routine and flagrant abuse. Two days later, they began sending notices to individuals in Uganda, El Salvador and Thailand, informing them that their devices were being targeted:
“These attackers are probably targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, it may be able to remotely access your sensitive data, communications, or even the camera and microphone. While it is possible that this is a false alarm, please take this warning seriously.
Craig Federighi, senior vice president of software engineering at Apple, commented: “State-sponsored players like the NSO Group are spending millions of dollars on sophisticated surveillance technology without effective accountability. This must change.
NSO Group, for its part, denies any knowledge of abuse or misuse, noting that they only sell the tools – the customer determines the target.
Apple’s visibility to NSO spyware victims is not expected to be limited to just three countries, and similar notifications will be sent for other targets and locations.
Summit for Democracy
The United States is leading a global initiative in the next Summit for Democracy which will bring together more than 100 nations on December 9 and 10, 2021. The goal of the initiative will be to prevent authoritarian governments from using technology to carry out surveillance activities and human rights abuses. Spyware developed by the NSO group will undoubtedly be at the heart of these discussions.