According to news reports, nothing less than nine employees of the US State Department working in or with Uganda were victims of phone hack with spyware made by NSO Group. The Wall Street Journal says different, putting the number of hacked workers at about 11. Although it’s unclear where the hack originated from or for exactly what purpose, however, NSO Group has made it clear that it is only responsible for selling its software to government organizations that have gotten approval from the Israeli government and didn’t mastermind the said hack.
NSO has further disclosed that its spyware is not designed to target US phone numbers, however, this case proves NSO’s claim wrong. According to reports, while employees of the State Department were targeted, their phone numbers were foreign numbers being used for official State Department business. This claim however suggests that NSO may be guilty of an espionage effort against the US government.
NSO’s Pegasus spyware has the ability to remotely log data from an iOS or Android device which has been affected. After the infected device has remotely been logged into, the spyware can then be used to covertly turn on the phone’s microphones or cameras. NSO’s spyware is also designed to infect phones using a “zero-click” attack. In the zero-click attack method, just like the name implies the spyware can be installed with zero forms of action from the target. Pegasus is not supposed to leave any traces, though investigators have developed some new methods to determine if a phone was hacked by it or not.
NSO is based in Israel and before it can be sold to another government or agency, the Israeli Ministry of Defense must give approval. NSO was co-founded by Shalev Hulio who have insisted that the company have no idea who its clients are trying to spy on using its software. The company has said it will swing into investigating its clients if Pegasus is been used on off-limits targets and should there be evidence of abuse will see to cutting off that client’s access to the software.
NSO spokesperson in an interview revealed that the company would swing into investigating these claims that have made it to light. The Israeli embassy revealed that a government targeting US officials with Pegasus would be “a severe violation” of its licensing agreements.
The US has recently added NSO to its entity list, this means that American companies have been heavily restricted from being able to sell their products or services to the group. In the private sector, a lawsuit was filed by Apple against the NSO Group, accusing the company of breaking its terms of service by creating 100+ iCloud accounts for the purpose of sending malicious data via iMessage. Apple says that it has had to patch the specific vulnerability NSO used to install Pegasus with iOS 14.8 and additional certain protections in iOS 15, which Pegasus has been able to breach yet.
When news of the lawsuit broke, Apple immediately took to sending notifications to users who might have been targeted by the state-sponsored spying campaign. In November, Norbert Mao who happen to be a Ugandan politician was one of those who received such notifications. He confirmed that via a tweet The Wall Street Journal also reported that the US officials equally received these notifications.
Reports say that the US government is putting together an initiative with other countries which would prevent sophisticated surveillance tools and technology from being sold to governments that are perceived as authoritarian. According to reports from The Wall Street Journal, efforts will focus primarily on export controls and will most likely be announced at the Summit for Democracy, which starts on the 9th of December.