Follow us on social

Screen-shot-2021-11-18-at-11.33.55-am

Israel lobbies hard to get controversial spy firm off US blacklist

The NSO Group is starting to face consequences for malicious cyber activity tied to its military-grade software, Pegasus.

Analysis | Middle East

The Commerce Department’s Bureau of Industry and Security recently added the NSO Group  — an Israeli cyber intelligence and security firm — to its Entity List, a trade restriction list comprised of companies or items deemed to threaten American national security or foreign policy interests. The decision has put significant strain on the traditionally tight relationship between the United States and Israel, as the Israeli Defense Ministry has stated it would press the Biden administration to remove the firm from the list despite new allegations of foreign governments using software developed by the NSO Group to target journalists, dissidents, and activists.

The NSO Group develops technology for government agencies, and their premiere military-grade spyware is called Pegasus. The NSO Group has fiercely defended its product, claiming it was intended to prevent and investigate crime that has traditionally been invisible to law enforcement due to end-to-end encryption. Yet mounting evidence shows that the company supplied the Pegasus spyware to foreign governments who then used it to conduct what the Commerce Department deemed “transnational repression.”

Government surveillance evokes scenes of old-fashioned bugging and wiretaps, but Pegasus is “extremely sophisticated spying.” When an agency identifies a target, the target will receive a text message with an accompanying link. Once the target clicks on the link, Pegasus software infects their phone and the government agency can access and extract data, contacts, messages, and phone records as well as switch on the microphone and camera to clandestinely record the target.

In late 2020, a Paris-based journalism nonprofit called Forbidden Stories partnered with Amnesty International to release a target list of 50,000 phone numbers. These phone numbers were concentrated in countries that are clients of the NSO Group with a record of citizen surveillance. The Pegasus Project, an investigation released in July 2021 by 17 media outlets in 10 countries coordinated by Forbidden Stories and Amnesty International, connected 37 phone numbers to attempted or successful hacks of journalists, activists, and dissidents and those close to them.

For example, the project found that the spyware had targeted individuals close to Jamal Khashoggi, the Saudi Arabian journalist and Washington Post columnist who was brutally murdered by agents of the Saudi government while at their consulate in Istanbul. Targets included Khashoggi’s son, friends, and the Turkish prosecutor in charge of his murder investigation. Khashoggi’s fiancée was also targeted in the days after his murder.

More recently, the Associated Press reported that Front Line Defenders, an Ireland-based human rights group, found Pegasus spyware on cell phones that belong to six Palestinian activists. Three of those activists are affiliated with groups that the Israeli defense minister controversially designated as terrorist organizations with little evidence. While it is not clear who infected the activists’ phones, the group is certain the spyware belongs to the NSO Group.

This is not the first time the NSO Group has faced scrutiny over its spyware. In 2016 and 2017, Carmen Aristegui, a prominent investigative journalist in Mexico and one of the earliest targets of the Pegasus malware, received dozens of highly personalized messages from numbers pretending to be the U.S. Embassy, colleagues, and her bank and phone company.

In January 2020, the United Nations released a report that concluded Saudi Crown Prince Mohammed bin Salman most likely used Pegasus malware to hack Jeff Bezos’s phone in 2018 “in an effort to influence, if not silence, The Washington Post's reporting on Saudi Arabia.” Last week, the 9th U.S. Circuit Court of Appeals also denied foreign sovereign immunity to the NSO Group, which means WhatsApp, which is owned by Meta, the parent company of Facebook, can sue the company for Pegasus’s alleged role in targeting 1,400 devices belonging to journalists and dissidents through an exploit in the messaging app.

A few weeks before the United Nations released its explosive report, the Q Cyber Technologies, the company name the NSO Group uses in Israel, contracted Mercury Public Affairs, a global strategy firm in Washington, DC to clean up its image. For a mere $120,000 per month, Mercury Public Affairs would consult on the firm’s public, media, and government relations. Mercury Public Affairs also meticulously logged statements attributed to NSO Group spokespeople into the Foreign Agents Registration Act website, a Department of Justice database that tracks the political activities of foreign principals, and their contents are revealing.

From January 2020 through earlier this month when Mercury Public Affairs cut ties with Q Cyber Technologies, the FARA website lists 99 pieces of informational material the firm disseminated on behalf of the NSO Group and its business practices. In July alone, when the Pegasus Project launched, Mercury Public Affairs filed 14 statements attributed to the NSO Group.

The tone of these comments ranged from shocked outrage over the alleged abuses to venomous contempt for the Project, often making a sales pitch in the same breath as its defense. “If and when NSO will receive a credible proof of misuse of its technologies, it will conduct a thorough investigation, as it always had and always will,” one statement from July 2021 insisted, adding, “NSO products are saving lives and helping governments fight crime and terror.” Repeatedly, the informational materials available on the FARA website exhibited this deny-sell-justify pattern: essentially, national security interests trump human rights concerns.

This pattern jumped off the page into reality again last week. The same day the Associated Press revealed that FLD found Pegasus spyware on activists’ phones, the Israeli Defense Ministry announced its campaign to convince the Biden administration that Pegasus is a vital tool for national security. Israel wants the Commerce Department to remove the NSO Group from the Entity List and stated that the Defense Ministry, which oversees the licensing of the software, would tighten supervision on what government agencies have access to Pegasus. The Defense Ministry said it did not know who used Pegasus to target Palestinian phones, however, and the NSO Group refused to confirm who used the software and insisted they cannot access information on alleged targets.

National security has been used to justify bad behavior in our post-9/11 world, but it is in the true interest of security writ large to stop the proliferation of dangerously invasive spyware to governments with a record of human rights abuses and citizen surveillance. The Commerce Department took a bold, necessary step in adding the NSO Group to its Entity List, and the Biden administration needs to back it up.

Thanks to our readers and supporters, Responsible Statecraft has had a tremendous year. A complete website overhaul made possible in part by generous contributions to RS, along with amazing writing by staff and outside contributors, has helped to increase our monthly page views by 133%! In continuing to provide independent and sharp analysis on the major conflicts in Ukraine and the Middle East, as well as the tumult of Washington politics, RS has become a go-to for readers looking for alternatives and change in the foreign policy conversation. 

 

We hope you will consider a tax-exempt donation to RS for your end-of-the-year giving, as we plan for new ways to expand our coverage and reach in 2025. Please enjoy your holidays, and here is to a dynamic year ahead!

Analysis | Middle East
Romania's election canceled amid claims of Russian interference
Top photo credit: Candidate for the presidency of Romania, Calin Georgescu, and his wife, Cristela, arrive at a polling station for parliamentary elections, Dec. 1, 2024 in Mogosoaia, Romania. Georgescu one the first round in the Nov. 24 presidential elections but those elections results have been canceled (Shutterstock/LCV)

Romania's election canceled amid claims of Russian interference

QiOSK

The Romanian Constitutional Court’s unprecedented decision to annul the first round results in the country’s Nov. 24 presidential election and restart the contest from scratch raises somber questions about Romanian democracy at a time when the European Union is being swept by populist, eurosceptic waves.

The court, citing declassified intelligence reports, ruled that candidate Călin Georgescu unlawfully benefitted from a foreign-backed social media campaign that propelled him from an obscure outsider to the frontrunner by a comfortable margin. Romanian intelligence has identified the foreign backer as Russia. Authorities claim that Georgescu’s popularity was artificially inflated by tens of thousands of TikTok accounts that promoted his candidacy in violation of Romanian election laws.

keep readingShow less
Palestinians Israel
Top photo credit: Palestinians take part in a "Great March of Return" demonstration, on the Gaza-Israel border, in east of Gaza city in the Gaza Strip. 07 December, 2018. Palestinian Territory, Gaza City (Shutterstock/hosny f. Salah)

Why the Israeli-Palestinian conflict has endured

Middle East

The retiring United Nations envoy for the Middle East peace process has insightfully identified a major reason the conflict between Israelis and Palestinians continues to boil and to entail widespread death and destruction.

In a recent interview with the New York Times, Norwegian diplomat Tor Wennesland criticized the international community for relying on short-term fixes such as improving quality of life in occupied territory or diversions such as seeking peace deals between Israel and other Arab states. The crescendo of bloodshed during the past year underscores the ineffectiveness of such approaches.

keep readingShow less
US military syria SDF
Top photo credit: A U.S. Soldier oversees members of the Syrian Democratic Forces as they raise a Tal Abyad Military Council flag over the outpost, Sept. 21, 2019. (U.S. Army photo by Staff Sgt. Andrew Goedl)

US forces still fighting inside Syria amid power vacuum

QiOSK

A surprise offensive by Islamist, al-Qaida-linked group Hayat Tahrir al Sham (HTS) has forced President Bashar al-Assad out in Syria. In turn, the U.S. is ramping up its long-term involvement in a country already devastated by years of war.

According to a Sunday statement by President Joe Biden, the U.S. has made haste to strike a freshly post-Assad Syria 75 times, allegedly hitting ISIS targets with B-52 bombers and F-15 fighters. “We’re clear-eyed about the fact that ISIS will try and take advantage of any vacuum to reestablish its credibility, and create a safe haven,” Biden explained. “We will not allow that to happen.”

keep readingShow less

Trump transition

Latest

Newsletter

Subscribe now to our weekly round-up and don't miss a beat with your favorite RS contributors and reporters, as well as staff analysis, opinion, and news promoting a positive, non-partisan vision of U.S. foreign policy.