Journalists, activists among company spyware targets – The Journal
Global media consortium investigation alleges military-grade malware from Israeli group NSO used to spy on journalists, human rights activists and political dissidents
BOSTON (AP) – An investigation by a global media consortium on the basis of targeting data leaks provides further evidence that military-grade malware from the Israeli group NSO, the world’s most infamous hacker company , are used to spy on journalists, human rights activists and political dissidents.
From a list of more than 50,000 mobile phone numbers obtained by the Paris-based nonprofit journalism association Forbidden Stories and the human rights group Amnesty International and shared with 16 news organizations, the Journalists were able to identify more than 1,000 people in 50 countries who would have been selected by NSO Clients for potential surveillance.
They include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to the Washington Post, a member of the consortium. Journalists work for organizations such as the Associated Press, Reuters, CNN, the Wall Street Journal, Le Monde and the Financial Times.
Amnesty also reported that its forensics researchers determined that NSO Group’s flagship spyware, Pegasus, was successfully installed on the phone of Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after her assassination. at the Saudi consulate in Istanbul in 2018. The company had previously been involved in other spies on Khashoggi.
The NSO Group denied in an emailed statement that the data on which the report was based was leaked from its servers “since that data never existed on any of our servers.” He called the Forbidden Stories report “full of flawed assumptions and unsubstantiated theories.”
The company reiterated its claim that it only sells to governments for use against terrorists and serious criminals. Critics call the claims dishonest and say the repeated abuse of Pegasus spyware highlights the almost complete lack of regulation of the private global surveillance industry.
The source of the leak – and how it was authenticated – has not been disclosed. While the presence of a phone number in the data does not mean that an attempt was made to hack a device, the consortium said it believed the data represented potential targets for NSO’s government customers. The Post said it had identified 37 hacked smartphones on the list. The Guardian, another member of the consortium, reported that Amnesty found traces of Pegasus infections on the cellphones of 15 journalists who let their phones be examined after discovering their number was in the leaked data.
The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East. NSO Group’s spyware has been involved in targeted surveillance primarily in the Middle East and Mexico. Saudi Arabia is said to be among the NSO’s clients. The lists also included phones in countries such as France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.
“The number of journalists identified as targets vividly illustrates how Pegasus is being used as a tool to intimidate critical media. It is about controlling public speeches, resisting scrutiny and suppressing any dissent, ”Amnesty said, quoting its secretary general, Agnès Callamard.
AP Media Relations Director Lauren Easton said the company is “deeply troubled to learn that two AP journalists, as well as reporters from many news agencies, were among those who were able to be targeted by Pegasus spyware. She said the PA has taken steps to ensure the safety of the devices of its journalists and investigation.
The consortium’s findings are based on extensive work by cybersecurity researchers, primarily from the University of Toronto watchdog Citizen Lab. NSO targets identified by researchers from 2016 include dozens of journalists and Al-Jazeera executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption journalist Carmen Aristegui. His phone number was on the list, the Post reported.
Among more than two dozen Mexican targets already documented are supporters of a soda tax, opposition politicians, human rights activists investigating a mass disappearance and the widow of a murdered journalist. In the Middle East, the victims are mostly journalists and dissidents, who have reportedly been targeted by the governments of Saudi Arabia and the United Arab Emirates.
The consortium’s “Project Pegasus” reports reinforce accusations that not only autocratic regimes, but also democratic governments, including India and Mexico, used NSO Group’s Pegasus spyware for political ends. Its members, including Le Monde and Sueddeutsche Zeitung from Germany, promise a series of stories based on the leak.
Pegasus infiltrates phones to suck up personal and location data and surreptitiously control smartphone microphones and cameras. In the case of journalists, this allows hackers to spy on journalists’ communications with sources.
The program is designed to bypass detection and hide its activity. The NSO Group’s methods of infecting its victims have become so sophisticated that researchers say it can now do so without any user interaction, the so-called “zero-click” option.
In 2019, WhatsApp and its parent company Facebook sued NSO Group in US federal court in San Francisco, accusing it of exploiting a loophole in the popular encrypted messaging service to target – with only missed calls – some 1 400 users. NSO Group denies the charges.
The Israeli company was sued the previous year in Israel and Cyprus, two countries from which it exports products. The plaintiffs include Al-Jazeera journalists, as well as other Qatari, Mexican and Saudi journalists and activists who say the company’s spyware was used to hack them.
Several of the prosecutions rely heavily on leaked information provided to Abdullah Al-Athbah, editor of the Qatari newspaper Al-Arab and one of the alleged victims. The material appears to show officials in the United Arab Emirates discussing whether to hack the phones of senior officials in Saudi Arabia and Qatar, including members of the Qatari royal family.
NSO Group does not disclose its customers and says it sells its technology to governments approved by Israel to help them target terrorists and break down pedophile rings and drug and sex trafficking rings. He claims that his spyware is neither designed nor licensed for use against human rights activists or journalists. He says he has helped save thousands of lives in recent years. He denies that his technology was in any way associated with Khashoggi’s murder.
NSO Group also denies any involvement in any elaborate undercover operations uncovered by the PA in 2019 in which shadow operatives targeted NSO critics, including a Citizen Lab researcher, in an attempt to discredit them.
Last year, an Israeli court dismissed an Amnesty International lawsuit to revoke NSO’s export license, citing insufficient evidence.
Amnesty spokesperson Gil Naveh said of the company: “These are the most dangerous cyber weapons we know of, and they are not properly monitored.”
NSO Group is far from the only commercial spyware dealer. But his behavior has garnered the most attention, and critics say it is with good reason.
Last month it released its first transparency report, in which it says it rejected “over $ 300 million in sales opportunities as a result of its human rights review processes.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation and outspoken critic, tweeted: “If this report were printed, it wouldn’t be worth the paper it was printed on.
A new online interactive data platform created by the Forensic Architecture group with the support of Citizen Lab and Amnesty International lists the activities of the NSO group by country and by target. The group has teamed up with filmmaker Laura Poitras, best known for her 2014 documentary “Citzenfour” about NSA whistleblower Edward Snowden, which features video narratives.
Since 2019, UK private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported that the company was considering an initial public offering, most likely on the Tel Aviv Stock Exchange.