Politicians and pundits in Washington have long warned that China is seeking to erode global democracy and “export its authoritarian model,” but the culprit behind explosive spy revelations this week appears to be America’s closest military ally in the Middle East.
A private Israeli surveillance firm has been selling spyware to several governments for use in terrorism and criminal investigations, but some have turned it on journalists, activists, business executives, and politicians, an investigation by a consortium of 17 media organizations revealed on Sunday.
Reports by The Guardian and Washington Post, among others, said that NSO Group, a private Israeli firm with links to the state, developed and sold governments licenses for hacking software called “Pegasus.” The tool is capable of penetrating smartphones, granting access to their most sensitive data, and remotely activating features such as cameras and microphones.
Investigations of a leaked data system containing 50,000 phone numbers concluded that it may have been a list of possible targets compiled by 10 countries with licenses to use the tool. Among them are several authoritarian or increasingly non-democratic countries, such as Kazakhstan, the United Arab Emirates, and Hungary, as well as others close to the U.S., including Saudi Arabia, India, and Mexico.
1,000 people spread across 50 different countries were identified as having numbers on the list. According to the Washington Post, among them are “several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials.” This includes Robert Malley, the Biden administration’s lead Iran negotiator, and journalists for CNN, the Associated Press, the Wall Street Journal, and the New York Times.
Forensic analysis of 67 implicated phones found that 37 showed traces of attempted or successful penetration; results for the remaining 30 were “inconclusive,” but did not definitively rule out an attempted hack. “After the investigation began,” the Post reported, “several reporters in the consortium learned that they or their family members had been successfully attacked with Pegasus spyware.”
Timothy Summers, a former cybersecurity engineer in the U.S. intelligence community quoted by the Post, described Pegasus as an “eloquently nasty” tool that could be used to “spy on almost the entire world population.”
The tool was developed by Israeli ex-cyberspies a decade ago, and has been in use since at least 2016. NSO counts 60 intelligence, military and law enforcement agencies across 40 countries as customers, and the Post characterizes the organization as a “worldwide leader in the growing and largely unregulated private spyware industry.”
For its part, NSO disputed the investigation’s findings. It claims that licensing contracts stipulate Pegasus is only to be used for terrorism and criminal investigations, and that it conducts a rigorous vetting process into potential customers’ human rights records. It denied that the leaked data constituted a list of targets, and said that it has terminated contracts with five governments over concerns about potential abuses.
The Israeli Ministry of Defense closely regulates NSO and individually signs off on new export licenses for its surveillance technology – making it likely that the program was well-known if not endorsed at the highest levels of the Israeli government.
Less than 24 hours after this bombshell dropped, the United States joined the European Union, NATO, Japan and its “Five Eyes” allies in a Monday morning media blitz accusing China of orchestrating a global cyber hacking campaign, including a large attack on Microsoft first disclosed in March.
Although U.S. intelligence agencies likely target China in cyberspace for non-commercial reasons, there is no doubt that China is a highly aggressive actor with a long history of targeting companies, universities and government agencies; it is also a leading exporter of some high-tech surveillance equipment, although the U.S. and other democracies are not far behind.
There is also no doubt that if a Chinese firm were found selling spyware to potentially dozens of governments, some of whom then used it to target activists and journalists, it would be held up as a leading example of how China is “exporting its authoritarian model” or “exporting its ideology,” adding fuel to the Biden administration’s fire that it is leading a great global struggle between democracies and autocracies to win the 21st century.
What ideology is one of America’s closest military and political partners exporting when it sells Pegasus to rights-abusing regimes with limited oversight? Was the U.S. government aware of this practice, and if so, for how long? What will the U.S. and its coalition of democracies do to hold Israel accountable for eroding global democratic norms?
That the Biden administration and Congress are unlikely to offer substantive answers to any of these questions — despite the fact that Washington has far more leverage over Israel than it does China — lends credence to the argument that being considered a threat to the “liberal rules-based order” is more about who you are than what you do.
It signals to China and others that, so long as you support Western power and primacy, you will get a pass; as long as you challenge it, you will be a threat. If so, what does China have to gain from exercising restraint, and what does it have to lose from taking aggressive actions such as hacking Microsoft?
Little to nothing. If China believes it is in a global struggle with the West simply over power and position, then it makes little sense to pass up any opportunity to gain any strategic advantage, no matter how much Western backlash it produces.