AP Source: NSO Group Spyware Used to Hack State Employees | WGN 720 radio


WASHINGTON (AP) – The phones of 11 U.S. State Department employees have been hacked with spyware from the Israeli group NSO, the world’s most infamous hacking company, a person familiar with the matter said on Friday.

The employees were all located in Uganda and included foreign service officers, said the person, who was not authorized to speak publicly about an ongoing investigation. Some local Ugandan employees in the department appear to have been among the 11 hacked, the person said.

The hack is the first known case of NSO Group’s Pegasus spyware used against U.S. government personnel.

It was not known which person or entity used NSO technology to hack the accounts, nor what information was sought.

“We are deeply concerned that commercial spyware such as NSO Group software poses a serious counterintelligence and security risk to US personnel,” White House Press Secretary Jen said. Psaki, during a briefing on Friday.

Principal investigator John Scott-Railton of Citizen Lab, the University of Toronto public interest detectives who have tracked Pegasus infections for years, called the discovery a giant wake-up call to the US government on security. diplomatic.

“For years we have seen diplomats all over the world are among the targets,” he said, “and it looks like the message must have been delivered to the US government in this very direct and unfortunate manner. There are no exceptions when it comes to American phones in the pockets of diplomats.

The news of the hacks, which was first reported by Reuters, comes a month after the U.S. Department of Commerce blacklisted NSO Group, banning the company’s use of U.S. technology. And Apple sued NSO Group last week in an attempt to end its piracy of all iPhones and other Apple products, calling the Israeli company “amoral mercenaries of the 21st century.”

State Department employees have been hacked into their iPhones, the person familiar with the matter said.

NSO Group said in a statement that after being asked about Ugandan phones on Thursday “we immediately shut down all customers potentially affected by this matter,” but did not specify who those customers were. The company said its spy technology was blocked from being hacked into US-based phones and sold only to licensed customers.

If the allegations turn out to be true, “they constitute a flagrant violation” of the terms of the contract and NSO Group “will take legal action against these customers,” he added.

In announcing the lawsuit, Apple sent worldwide notifications to people whose iPhones were hacked with Pegasus in countries ranging from El Salvador to Poland. Targeted State Department employees were one of them.

Apple declined to comment on the Uganda hacks on Friday.

Marketed to governments for use only against terrorists and criminals, Pegasus has been abused by NSO clients to spy on human rights activists, journalists and politicians from Saudi Arabia to Mexico, including prominent targets like the fiancée of Jamal Khashoggi, the Saudi journalist. assassinated in his country’s consulate in Istanbul.

The NSO group has been widely denounced for allowing such targeting, and its placement on the Commerce Department’s “entity list” last month was the first time a company outside of China had been added for violations rights, said Kevin Wolf, lawyer at Akin Gump. and a former senior trade official in the Obama administration.

Analysts wonder if NSO Group can survive financially in such circumstances. Last week, Moody’s downgraded NSO Group’s financial outlook to negative, saying it risked defaulting on more than $ 300 million in loans due to “great uncertainty” over its ability to sell new licenses. He said that NSO Group, which is a private company, has around 750 employees and 60 customers in more than 35 countries.

The impact on companies blacklisted by the Commerce Department, about half of which are Chinese, is often far greater than banning them from using American technology. Wolf said many companies choose to avoid doing business with them altogether “to eliminate the risk of inadvertent breach” and the legal costs associated with analyzing their capacity.

The Associated Press asked NSO Group ahead of Friday’s news if it could survive while on the entity list. Without responding directly, he said he was “working through all appropriate channels to overturn the Commerce Ministry’s decision.”

The company reiterated that it does not operate the Pegasus command and control system which remotely handles hacks “and does not have access to data collected by its customers.” Cyber ​​security researchers who have closely followed the NSO spyware dispute claiming. They say NSO’s government clients are unable to manage the online infrastructure, and their detective has confirmed centralized control of post-infection operations.

Apple’s lawsuit added major weight to a Big Tech legal attack on NSO Group. Facebook sued him in 2019 for allegedly hacking its globally popular WhatsApp encrypted messaging app. Last month, a US federal appeals court ruled the case could go ahead, dismissing NSO’s claim that it should be dismissed because it is a “sovereign entity.”


Suderman reported from Richmond, Va., And Bajak from Boston. Josef Federman in Jerusalem contributed to this report.


Comments are closed.