Private Israeli malware used to spy on journalists, activists: Report

The alleged spying has ignited fears of widespread privacy and rights abuses. PHOTO: REUTERS

TEL AVIV (NYTIMES) - A major Israeli cybersurveillance company, NSO Group, has come under heightened scrutiny after an international alliance of news outlets reported that governments used its software to target journalists, dissidents and opposition politicians.

The Israeli government also faced renewed international pressure for allowing the company to do business with authoritarian regimes that use the spyware for purposes that go far afield of the company's stated aim: targeting terrorists and criminals.

NSO has attracted scrutiny since 2016, when the company's software was said to be used against a rights activist in the United Arab Emirates and a journalist in Mexico.

Since then, The New York Times has reported that the software was deployed against journalists, rights campaigners and policymakers in Mexico and Saudi Arabia.

But the allegations in the new reports that appeared on Sunday (July 18) suggested that the firm's software had been used against more people in more countries than had previously been reported.

Among other actions, the company is said to have supplied a sophisticated surveillance application known as Pegasus to governments and groups that the journalism consortium said appears to have been used to attempt to hack at least 37 smartphones owned by journalists from countries including Azerbaijan, France, Hungary, India and Morocco.

Separately, a person familiar with NSO contracts told The Times that NSO systems were sold to the governments of Azerbaijan, Bahrain, India, Mexico, Morocco, Saudi Arabia and the UAE.

Pegasus can allow spies to gain access to an infected phone's hard drive and view photos, videos, e-mail messages and texts, even on applications that offer encrypted communication, such as Signal. The software can also let spies record conversations made on or near a phone, use its cameras and locate the whereabouts of its users.

The allegations may escalate concerns that the Israeli government has abetted government abuses by granting NSO an export licence to sell software to countries that use it to suppress dissent.

The latest accusations, reported by The Washington Post and an alliance of 16 other international news outlets, follows recent reporting by The Times that found Israel permitted NSO to do business with Saudi Arabia, and encouraged it to keep doing so even after the Saudi government was implicated in the 2018 assassination of Saudi journalist and dissident Jamal Khashoggi.

In a statement, NSO said: "We firmly deny the false allegations made in their report. Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims.

"In fact, these allegations are so outrageous and far from reality, that NSO is considering a defamation lawsuit."

The Israeli prime minister's office declined to comment, and the Israeli Defence Ministry said it had not been given enough to time to respond to a request for comment.

The ministry has previously told The Times that it would revoke export licences granted to any Israeli company that sold software that contravened the terms of the license, "especially after any violation of human rights".

The new accusations heightened concerns among privacy activists that no smartphone user - even those using encrypted software - is safe from governments and anyone else with the right cybersurveillance technology.

Activists say that without access to surveillance-free communications, journalists will no longer be able to contact sources without fear of exposing them to government retaliation. And rights campaigners will be unable to freely communicate with victims of state-led abuses.

The journalist consortium linked NSO to a leaked list of more than 50,000 mobile numbers from more than 50 countries that it said appeared to proposed surveillance targets for the company's clients. The alliance said the list contained the numbers of hundreds of journalists, media proprietors, government leaders, opposition politicians, political dissidents, academics and rights campaigners.

The list was first obtained by Amnesty International, a human rights watchdog, and Forbidden Stories, a group that focuses on free speech. They then shared the list with the journalists.

The consortium said the numbers on the list include those of the editor of The Financial Times, Ms Roula Khalaf; people close to Mr Khashoggi; a Mexican reporter who was gunned down on the street, Mr Cecilio Pineda Birto; and journalists from CNN, The Associated Press, The Wall Street Journal, Bloomberg News, and The Times.

In a statement posted on its website, NSO said the list of numbers had not come from its database. "Such data never existed on any of our servers," the statement said.

"As NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi," the statement continued. "We can confirm that our technology was not used to listen, monitor, track, or collect information regarding him or his family members mentioned in the inquiry."

In an interview, the firm's chief executive and founder Shalev Hulio said he had first been made aware of the list in June, when four separate people told him that hackers were attempting to sell a list supposedly stolen from the company's servers.

Mr Hulio said that NSO did not have any active servers from which such data could be stolen, and that from the moment he saw the list, he realised that it was "not a list of targets attacked by Pegasus, or something born out of Pegasus' system or any other NSO product". He said the list appeared to have been produced by users of a separate app called HLR LookUp.

The Times journalists whose numbers are said to be on the leaked list include Mr Azam Ahmed, a former Mexico City bureau chief who has reported widely on corruption, violence and surveillance in Latin America, including on NSO itself; and Mr Ben Hubbard, The Times' bureau chief in Beirut, who has investigated rights abuses and corruption in Saudi Arabia and wrote a recent biography of Saudi Crown Prince Mohammed bin Salman.

In January 2020, Mr Hubbard published an account of a hacking attempt against his own phone. Mr Hulio denied that Mr Hubbard's phone was attacked by Pegasus, and suggested he was the target of a rival Israeli tech firm.

Mr Michael Slackman, The Times' assistant managing editor for international news, said: "Azam Ahmed and Ben Hubbard are talented journalists who have done important work uncovering information that governments did not want their citizens to know. Surveilling reporters is designed to intimidate not only those journalists but their sources, which should be of concern to everyone."

Join ST's Telegram channel and get the latest breaking news delivered to you.