How Israeli-made spyware made it to the Arab world
Defense Ministry and Foreign Ministry officials have made it clear that while NSO, which is now controlled by US company Francisco Partners, was not involved in any data breach itself, they still claim that "any ties to a cyber attack on a human rights activist causes damage to the reputation of the state."
The exposure of the failed attempt to download the spy software on the mobile device of a human rights activist in the United Arab Emirates has elicited strong condemnation in Israel over the state's decision to allow such software to be used in Arab countries.
According to the defense officials, even while discussions were ongoing as to whether or not to grant NSO a license to export the technology, there were strong objections from senior officials in the ministry to allow the export of the system to an Arab nation, citing national security.
One official noted that, "it is scandalous that such a license was given."
Although Foreign Ministry officials have made it clear that while NSO—which is now controlled by US company Francisco Partners—was not involved in any data breach itself, they still noted that "any ties to a cyber attack on a human rights activist causes damage to Israel's reputation."
NSO was founded by three Israelis and employs veterans of elite Military Intelligence units in R&D positions.
The company promised customers that the Pegasus program will provide them with the ability to control mobile devices after implanting a Trojan horse via email. This means the moment the program is downloaded to the device, it accesses the microphone, allowing for eavesdropping on what is being said in the vicinity of the phone. It also receives everything that is being typed on the device or sent to it and gains access to all information stored on the phone, including bank account details and emails.
Competitors of NSO claimed that Pegasus constitutes unfair competition because it is based on knowledge accumulated by the Israeli intelligence community, but NSO insisted the system was their own development.
.jpg "Text message prompting Mansoor to download the spyware")
The system that was sold to the Arab nation was supposed to also include an upgrade allowing the user to hack and take over email accounts without the device's owner even having to click a malicious link. However, shortly after receiving the license, the DECA changed its terms, leaving NSO with no choice but to sell a version of the program that does require clicking the malicious link before a hostile takeover of the email account can occur.
The mediation for the deal with the Arab nation was done with the help of former Israeli defense officials. The sale itself, the installation of the system, and the instruction on its operations were done with the help of a private company in that nation.
This is not the first time NSO products have been used to spy on human rights activists. It has been previously reported that the Pegasus program was sold to rulers with dubious records on human rights in Panama, Mexico, Turkey, Mozambique, Kenya and Nigeria.
As far as it is known, NSO meets the conditions of its license and sells only with permission. However, the UAE activist iPhone hacking scandal underscores the problematic nature of information and expertise coming from the Israeli intelligence community leaving Israeli hands.
The Defense Ministry stressed that "The ministry operates a supervision mechanism, according to the law, and works closely with the Ministry of Foreign Affairs."
NSO has commented that the company "does activate the systems for their customers. NSO develops products designed to help governments fight crime and terrorism. The company only sells to government bodies that are licensed and certified in legal accordance with defense exports."
