NSO’s Pegasus Scandal Is Just the Tip of the Iceberg of Israeli Spyware

“Stop what you’re doing and read this. This leak is going to be the story of the year,” wrote the eminent NSA whistleblower Edward Snowden last month as Amnesty International and Forbidden Stories obtained a leaked list of 50,000 phone numbers of potential targets of the Israeli spyware company, NSO Group.

NSO’s main service is Pegasus, a malware that infects iPhones and Android devices to enable the tool’s operators to extract messages, photos, and emails; record calls; and secretly activate microphones. The geographical scope of both NSO clients and victims seems limitless – from the Middle East to Europe, the U.S., Africa, East Asia, and Latin America. Traces of the Pegasus malware were most recently discovered on phones in the United Kingdom and France, amongst 45 other countries where the virus was found.

This latest revelation underlines one crucial conclusion: NSO is out of control. Its malicious hacking services, which are virtually unconstrained, have become a major security threat in cyberspace, and it has the full backing of an Israeli government willing to turn a blind eye to the company’s activities in order to bolster its regional and international relations.

Indeed, NSO is just the tip of the iceberg. Israel is an international hub for spyware companies whose main personnel almost always comes from the Israeli military, especially the Israeli Military Intelligence Unit 8200. The Israeli Defense Forces (IDF) have perfected a multitude of surveillance strategies as a result of their decades-long abuse of Palestinians in the Occupied Territories in flagrant violation of their right to privacy.

The services Israeli hacking companies offer are the strongest selling point for normalization between autocratic regimes that are terrified of their own people ever since the Arab Spring and of Israel. For decades, the security apparatus of the latter has been showcasing its ability to utilize cutting-edge technologies in brutalizing, suppressing, and containing an occupied population, making it a regional go-to for authoritarian rulers.

Even the way NSO’s spyware is marketed sounds awfully familiar to Palestinians as it borrows textbook propaganda from the Israeli army. NSO claims that it provides authorized governments with hacking services that help them “combat terror and crime.” This is an identical talking point regularly used by Israel’s army to justify every brutal action against Palestinian civilians.

The hour of reckoning is now finally looming for the company as it crossed a redline- namely, putting its cyberattack tools to the service of autocrats against Western states that have traditionally been some of Israel’s strongest allies, such as the UK and France.

And NSO wouldn’t be the only one facing retribution, for the Israeli government is wholly complicit in these malicious activities as it has long provided the company with full impunity to wreak havoc freely and unconstrained.

Israel’s Ministry of Defense claims to maintain stringent criteria for issuing permits for the export of cyber-intelligence technologies that come after a strenuous process of extreme vetting. The ministry further claims that it continues to oversee such projects even after a permit has been issued. However, NSO is one of a number of cyber companies that not only get a free pass on their dangerous and destructive exports to repressive regimes, but enjoy the full protection by Israel’s government.

The Israeli government under Benjamin Netanyahu was even NSO’s patron, whereby it promoted and pushed its spyware sales across the world. This positions Israel as a force for regional and international destabilization where state-sanctioned – and state-sponsored – private spyware firms like NSO have been the informal arm of the Israeli government that are employed “off the record” to do the dirtiest work, such as espionage and interference in foreign countries.

This can also be seen in the activities of another Israeli cybersecurity firm, Psy-Group, which ran a $2 million voter suppression operation in support of Donald Trump’s 2016 campaign, according to the 2020 report of the U.S. Senate Select Committee on Intelligence. The Israeli government’s complicity with NSO’s cyberweapons should raise more than eyebrows. Accountability is paramount. The very least Israel’s government should do is to immediately revoke NSO’s export license and ban spyware trade.

Newsletter SignUp

About Muhammad Shehada 1 Article
The author is a Sweden-based writer and analyst. He’s a columnist at the Forward and a contributing writer to Haaretz. His work appeared in Aljazeera, Vice, the Nations, the New Arab, and others.