Follow us on social

Shutterstock_499281694-scaled

Israeli — not Chinese — firm caught exporting its 'authoritarian model'

Is there a double standard when government-linked makers and sellers of 'nasty' spyware used by autocrats are U.S. allies?

Analysis | Asia-Pacific

Politicians and pundits in Washington have long warned that China is seeking to erode global democracy and “export its authoritarian model,” but the culprit behind explosive spy revelations this week appears to be America’s closest military ally in the Middle East.

A private Israeli surveillance firm has been selling spyware to several governments for use in terrorism and criminal investigations, but some have turned it on journalists, activists, business executives, and politicians, an investigation by a consortium of 17 media organizations revealed on Sunday. 

Reports by The Guardian and Washington Post, among others, said that NSO Group, a private Israeli firm with links to the state, developed and sold governments licenses for hacking software called “Pegasus.” The tool is capable of penetrating smartphones, granting access to their most sensitive data, and remotely activating features such as cameras and microphones.

Investigations of a leaked data system containing 50,000 phone numbers concluded that it may have been a list of possible targets compiled by 10 countries with licenses to use the tool. Among them are several authoritarian or increasingly non-democratic countries, such as Kazakhstan, the United Arab Emirates, and Hungary, as well as others close to the U.S., including Saudi Arabia, India, and Mexico.

1,000 people spread across 50 different countries were identified as having numbers on the list. According to the Washington Post, among them are “several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials.” This includes Robert Malley, the Biden administration’s lead Iran negotiator, and journalists for CNN, the Associated Press, the Wall Street Journal, and the New York Times.

Forensic analysis of 67 implicated phones found that 37 showed traces of attempted or successful penetration; results for the remaining 30 were “inconclusive,” but did not definitively rule out an attempted hack. “After the investigation began,” the Post reported, “several reporters in the consortium learned that they or their family members had been successfully attacked with Pegasus spyware.”

Timothy Summers, a former cybersecurity engineer in the U.S. intelligence community quoted by the Post, described Pegasus as an “eloquently nasty” tool that could be used to “spy on almost the entire world population.”

The tool was developed by Israeli ex-cyberspies a decade ago, and has been in use since at least 2016. NSO counts 60 intelligence, military and law enforcement agencies across 40 countries as customers, and the Post characterizes the organization as a “worldwide leader in the growing and largely unregulated private spyware industry.”

For its part, NSO disputed the investigation’s findings. It claims that licensing contracts stipulate Pegasus is only to be used for terrorism and criminal investigations, and that it conducts a rigorous vetting process into potential customers’ human rights records. It denied that the leaked data constituted a list of targets, and said that it has terminated contracts with five governments over concerns about potential abuses.

The Israeli Ministry of Defense closely regulates NSO and individually signs off on new export licenses for its surveillance technology - making it likely that the program was well-known if not endorsed at the highest levels of the Israeli government.

Less than 24 hours after this bombshell dropped, the United States joined the European Union, NATO, Japan and its “Five Eyes” allies in a Monday morning media blitz accusing China of orchestrating a global cyber hacking campaign, including a large attack on Microsoft first disclosed in March.

Although U.S. intelligence agencies likely target China in cyberspace for non-commercial reasons, there is no doubt that China is a highly aggressive actor with a long history of targeting companies, universities and government agencies; it is also a leading exporter of some high-tech surveillance equipment, although the U.S. and other democracies are not far behind.

There is also no doubt that if a Chinese firm were found selling spyware to potentially dozens of governments, some of whom then used it to target activists and journalists, it would be held up as a leading example of how China is “exporting its authoritarian model” or “exporting its ideology,” adding fuel to the Biden administration’s fire that it is leading a great global struggle between democracies and autocracies to win the 21st century.

What ideology is one of America’s closest military and political partners exporting when it sells Pegasus to rights-abusing regimes with limited oversight? Was the U.S. government aware of this practice, and if so, for how long? What will the U.S. and its coalition of democracies do to hold Israel accountable for eroding global democratic norms?

That the Biden administration and Congress are unlikely to offer substantive answers to any of these questions — despite the fact that Washington has far more leverage over Israel than it does China — lends credence to the argument that being considered a threat to the “liberal rules-based order” is more about who you are than what you do.

It signals to China and others that, so long as you support Western power and primacy, you will get a pass; as long as you challenge it, you will be a threat. If so, what does China have to gain from exercising restraint, and what does it have to lose from taking aggressive actions such as hacking Microsoft?

Little to nothing. If China believes it is in a global struggle with the West simply over power and position, then it makes little sense to pass up any opportunity to gain any strategic advantage, no matter how much Western backlash it produces.


(shutterstock/Morrowind)
Analysis | Asia-Pacific
Kim Jong Un
Top photo credit: North Korean leader Kim Jong Un visits the construction site of the Ragwon County Offshore Farm, North Korea July 13, 2025. KCNA via REUTERS

Kim Jong Un is nuking up and playing hard to get

Asia-Pacific

President Donald Trump’s second term has so far been a series of “shock and awe” campaigns both at home and abroad. But so far has left North Korea untouched even as it arms for the future.

The president dramatically broke with precedent during his first term, holding two summits as well as a brief meeting at the Demilitarized Zone with the North’s Supreme Leader Kim Jong-un. Unfortunately, engagement crashed and burned in Hanoi. The DPRK then pulled back, essentially severing contact with both the U.S. and South Korea.

keep readingShow less
Why new CENTCOM chief Brad Cooper is as wrong as the old one
Top photo credit: U.S. Navy Vice Admiral Brad Cooper speaks to guests at the IISS Manama Dialogue in Manama, Bahrain, November 17, 2023. REUTERS/Hamad I Mohammed

Why new CENTCOM chief Brad Cooper is as wrong as the old one

Middle East

If accounts of President Donald Trump’s decision to strike Iranian nuclear facilities this past month are to be believed, the president’s initial impulse to stay out of the Israel-Iran conflict failed to survive the prodding of hawkish advisers, chiefly U.S. Central Command (CENTCOM) chief Michael Kurilla.

With Kurilla, an Iran hawk and staunch ally of both the Israeli government and erstwhile national security adviser Mike Waltz, set to leave office this summer, advocates of a more restrained foreign policy may understandably feel like they are out of the woods.

keep readingShow less
Putin Trump
Top photo credit: Vladimir Putin (Office of the President of the Russian Federation) and Donald Trump (US Southern Command photo)

How Trump's 50-day deadline threat against Putin will backfire

Europe

In the first six months of his second term, President Donald Trump has demonstrated his love for three things: deals, tariffs, and ultimatums.

He got to combine these passions during his Oval Office meeting with NATO Secretary General Mark Rutte on Monday. Only moments after the two leaders announced a new plan to get military aid to Ukraine, Trump issued an ominous 50-day deadline for Russian President Vladimir Putin to agree to a ceasefire. “We're going to be doing secondary tariffs if we don't have a deal within 50 days,” Trump told the assembled reporters.

keep readingShow less

LATEST

QIOSK

Newsletter

Subscribe now to our weekly round-up and don't miss a beat with your favorite RS contributors and reporters, as well as staff analysis, opinion, and news promoting a positive, non-partisan vision of U.S. foreign policy.