Microsoft, Google, Cisco, Dell join legal battle against hacking company NSO

The tech giants joined forces with Facebook in its lawsuit against NSO. PHOTOS: AFP, REUTERS
Updated
Dec 22, 2020, 08:45 AM
Published
Dec 22, 2020, 08:25 AM

SAN FRANCISCO/NICOSIA, Cyprus (REUTERS, AFP) - Tech giants including Microsoft and Google on Monday (Dec 21) joined Facebook's legal battle against hacking company NSO, filing an amicus brief in federal court that warned that the Israeli firm's tools were "powerful, and dangerous."

The brief, filed before the US Court of Appeals for the Ninth Circuit, opens up a new front in Facebook's lawsuit against NSO, which it filed last year after it was revealed that the cyber surveillance firm had exploited a bug in Facebook-owned instant messaging programme WhatsApp to help surveil more than 1,400 people worldwide.

NSO has argued that, because it sells digital break-in tools to police and spy agencies, it should benefit from "sovereign immunity" - a legal doctrine that generally insulates foreign governments from lawsuits.

NSO lost that argument in the Northern District of California in July and has since appealed to the Ninth Circuit to have the ruling overturned.

Microsoft, Alphabet-owned Google, Cisco, Dell Technologies-owned VMWare and the Washington-based Internet Association joined forces with Facebook to argue against that, saying that awarding sovereign immunity to NSO would lead to a proliferation of hacking technology and "more foreign governments with powerful and dangerous cyber surveillance tools."

That in turn "means dramatically more opportunities for those tools to fall into the wrong hands and be used nefariously," the brief argues.

NSO - which did not immediately return a message seeking comment - argues that its products are used to fight crime. But human rights defenders and technologists at places such as Toronto-based Citizen Lab and London-based Amnesty International have documented cases in which NSO technology has been used to target reporters, lawyers and even nutritionists lobbying for soda taxes.

Citizen Lab published a report on Sunday alleging that NSO's phone-hacking technology had been deployed to hack three dozen phones belonging to journalists, producers, anchors, and executives at Qatar-based broadcaster Al Jazeera as well as a device belonging to a reporter at London-based Al Araby TV.

NSO's spyware was also been linked to the slaying of Washington Post journalist Jamal Khashoggi, who was murdered and dismembered in the Saudi consulate in Istanbul in 2018.

Khashoggi's friend, dissident video blogger Omar Abdulaziz, has long argued that it was the Saudi government's ability to see their WhatsApp messages that led to his death.

NSO has denied hacking Khashoggi, but has so far declined to comment on whether its technology was used to spy on others in his circle.

Meanwhile, Citizen Lab reported that at least 36 Al Jazeera journalists had their mobile communications intercepted by sophisticated electronic surveillance, according to one of the targeted journalists.

"The impact is very clear and dangerous," Al Jazeera Arabic investigative reporter Tamer al-Misshal, who was targeted, told AFP.

Al Jazeera said it approached Citizen Lab in January after receiving suspicious messages on a device used to contact people for comment.

More On This Topic
WhatsApp hacked to spy on top government officials at US allies, say sources
'Powerful tradecraft': How foreign cyber-spies compromised America

The experts agreed to monitor the device's internet traffic, subsequently discovering data, which could have included sensitive material, was being sent clandestinely to a hostile server.

"We obtained logs from an iPhone 11 device inside Al Jazeera networks while it was infected. Our analysis indicates that the (spyware) has a number of capabilities," Citizen Lab said in its report.

These included interception of audio from the microphone - both calls and ambient noise - as well as images from the camera, the report said.

"In addition, we believe the implant can track device location, and access passwords and stored credentials," it added.

The attack targeted "36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera", Citizen Lab added.

Citizen Group claimed in the report that the hack used Pegasus spyware developed by Israel's NSO Group and could be installed without the need to trick a user into initiating a download.

But NSO Group said Citizen Lab's report was "speculation and lacks any evidence supporting a connection to NSO".

"Instead it relies on assumptions made solely to fit Citizen Lab's agenda," a company spokesman said in a statement.

NSO only supplies provides products to law enforcement and does not directly conduct surveillance, it added.

More On This Topic
Hackers tied to Russia hit US nuclear agency, 3 states; Microsoft breached
Trump downplays impact of massive breach of US government computer systems

Misshal said that without Citizen Lab's intervention, the breach would never have come to light.

"Without this process of monitoring and observation we wouldn't have been able to find it," he said.

"It's hard, you are a professional and this tool is a right to make your life easier and not to have a spy in your pocket," he said.

"Some of our sources don't want their names revealed. This is a violation and this is a crime."

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top