Lawsuits claim Israeli firm spied for Emirati regime: report
AP Photo/Matt Dunham, Pool
The United Arab Emirates has for more than a year utilized Israeli spyware firm NSO Group’s technology to covertly hack mobile phones belonging to individuals in opposition to the government at home and abroad, and NSO is now facing two lawsuits, The New York Times reported on Friday.
According to emails leaked regarding the lawsuits, the Israeli company offered Emirati governmental officials an updated version of their software, called Pegasus, and the UAE was concerned that it would successfully function.
In response to the potential client’s request to see the technology worked, a company representative reportedly responded several days later, “Please find two recordings attached.”
Two recordings of phone calls, reportedly made by Abdulaziz Alkhamis editor of the London-based Al-Arab Newspaper, were attached.
Alkhamis told The Times he was unaware that he was under surveillance but had made calls this week.
The two lawsuits were reportedly filed in Cyprus and Israel by a Qatari national and Mexican activists who accuse NSO of targeting them with their surveillance software.
After Mexican journalists, activists, and detectives claimed they were targeted by NSO’s spyware, the government of Mexico announced it would investigate the matter. Over a year later, the Mexican individuals and groups have joined the lawsuits filed by Mahjna and Masri in an attempt to find out more about the company’s actions.
The report says an entity associated with the NSO Group attempted to use spyware technology on foreign government officials and showed the software’s capability by successfully recording Alkhamis all at the request of UAE officials three years ago.
The threat of cyber weaponry concerns many international actors, and the twin lawsuits against NSO - which reportedly accuse the firm of “actively participating in illegal spying” - may be part of a global response to the reality of present-day warfare.
Earlier this month, Amnesty International accused NSO of illegally spying on one of its employees, after the Pegasus software originating from the Israeli company was found on the employee’s smartphone.
NSO responded to the accusation stating that their Pegasus software “is intended to be used exclusively for the investigation and prevention of crime and terrorism” and any violations of this policy will be investigated and addressed. It also insists that the software is only sold to official state actors, though NSO has been implicated in a number of cases where their technology has been used in hacking non-state actors.
NSO has been implicated in a number of incidents involving secretly installed surveillance software including an attempt to hack prominent activist Ahmed Mansoor’s mobile phone which prompted Apple to update its iPhone software to eliminate security flaws that allowed the spyware through.
In 2015, Hacking Team, an Italian spyware firm that competes with NSO, leaked a document detailing Pegasus’ product description.
The leak revealed that Pegasus disguises the final destination of its servers behind a system of “anomymized nodes,” so that when a device-user clicks on a link sent via Enhanced Social Engineering Message and the Pegasus Anonymizing Transmission Network, there is no trace of newly installed software.
In the UAE, the messages used to bait targeted individuals were specifically written for the region reportedly containing messages like, “Ramadan is near -- incredible discounts” and “keep your car tires from exploding in the heat.”
The company also allegedly helped its UAE clients to receive data regarding the communications of individuals under surveillance through a complex encrypted computer network.
“We are pushing to make the law catch up with the technology” and hold spyware makers accountable by showing they “are complicit in these privacy violations, Alaa Mahjna, an Israeli lawyer who is one of the filers of the lawsuits alongside Mazen Masri who is a law lecturer at the City University of London.
NSO group and the Emirati Embassy in Washington did not provide a comment to The Times.
The Pegasus software was created to permit remote control of a cell phone via a Trojan horse email link. Once Pegasus infects a phone, it allows audio surveillance; real-time observation of the screen; downloading of all its data; and control of the battery.
NSO Group says it vets the governmental clients based on their human rights records. But the company adds that once the cybersecurity tools are sold, it does not know how or if they will be abused.
Previous reports have said that the Pegasus software was sold to rulers with dubious human rights records in countries including Panama, Mexico, Turkey, Mozambique, Kenya, and Nigeria.
You need to be logged in in order to post comments. Sign up or log in