× UK PoliticsWorld PoliticsVideosPrivacy PolicyTerms And Conditions
Subscribe To Our Newsletter

The Battle for the World's Most Powerful Cyberweapon



In June 2019, three Israeli computer engineers arrived at a New Jersey building used by the F.B.I. They unpacked dozens of computer servers, arranging them on tall racks in an isolated room. As they set up the equipment, the engineers made a series of calls to their bosses in Herzliya, a Tel Aviv suburb, at the headquarters for NSO Group, the world’s most notorious maker of spyware. Then, with their equipment in place, they began testing.

The F.B.I. had bought a version of Pegasus, NSO’s premier spying tool. For nearly a decade, the Israeli firm had been selling its surveillance software on a subscription basis to law-enforcement and intelligence agencies around the world, promising that it could do what no one else — not a private company, not even a state intelligence service — could do: consistently and reliably crack the encrypted communications of any iPhone or Android smartphone.

Since NSO had introduced Pegasus to the global market in 2011, it had helped Mexican authorities capture Joaquín Guzmán Loera, the drug lord known as El Chapo. European investigators have quietly used Pegasus to thwart terrorist plots, fight organized crime and, in one case, take down a global child-abuse ring, identifying dozens of suspects in more than 40 countries. In a broader sense, NSO’s products seemed to solve one of the biggest problems facing law-enforcement and intelligence agencies in the 21st century: that criminals and terrorists had better technology for encrypting their communications than investigators had to decrypt them. The criminal world had gone dark even as it was increasingly going global.

But by the time the company’s engineers walked through the door of the New Jersey facility in 2019, the many abuses of Pegasus had also been well documented. Mexico deployed the software not just against gangsters but also against journalists and political dissidents. The United Arab Emirates used the software to hack the phone of a civil rights activist whom the government threw in jail. Saudi Arabia used it against women’s rights activists and, according to a lawsuit filed by a Saudi dissident, to spy on communications with Jamal Khashoggi, a columnist for The Washington Post, whom Saudi operatives killed and dismembered in Istanbul in 2018.

None of this prevented new customers from approaching NSO, including the United States. The details of the F.B.I.’s purchase and testing of Pegasus have never before been made public. Additionally, the same year that Khashoggi was killed, the Central Intelligence Agency arranged and paid for the government of Djibouti to acquire Pegasus to assist the American ally in combating terrorism, despite longstanding concerns about human rights abuses there, including the persecution of journalists and the torture of government opponents. The D.E.A., the Secret Service and the U.S. military’s Africa Command had all held discussions with NSO. The F.B.I. was now taking the next step.

As part of their training, F.B.I. employees bought new smartphones at local stores and set them up with dummy accounts, using SIM cards from other countries — Pegasus was designed to be unable to hack into American numbers. Then the Pegasus engineers, as they had in previous demonstrations around the world, opened their interface, entered the number of the phone and began an attack.

This version of Pegasus was “zero click” — unlike more common hacking software, it did not require users to click on a malicious attachment or link — so the Americans monitoring the phones could see no evidence of an ongoing breach. They couldn’t see the Pegasus computers connecting to a network of servers around the world, hacking the phone, then connecting back to the equipment at the New Jersey facility. What they could see, minutes later, was every piece of data stored on the phone as it unspooled onto the large monitors of the Pegasus computers: every email, every photo, every text thread, every personal contact. They could also see the phone’s location and even take control of its camera and microphone. F.B.I. agents using Pegasus could, in theory, almost instantly transform phones around the world into powerful surveillance tools — everywhere except in the United States.

Ever since the 2013 revelations by Edward Snowden, a former National Security Agency contractor, about U.S. government surveillance of American citizens, few debates in this country have been more fraught than those over the proper scope of domestic spying. Questions about the balance between privacy and security took on new urgency with the parallel development of smartphones and spyware that could be used to scoop up the terabytes of information those phones generate every day. Israel, wary of angering Americans by abetting the efforts of other countries to spy on the United States, had required NSO to

By: Ronen Bergman and Mark Mazzetti
Title: The Battle for the World’s Most Powerful Cyberweapon
Sourced From: www.nytimes.com/2022/01/28/magazine/nso-group-israel-spyware.html
Published Date: Fri, 28 Jan 2022 10:00:23 +0000

Read More


Did you miss our previous article...
https://badpoliticians.com/us-politics/can-biden-prevent-a-north-korean-crisis