Posts Tagged ‘Pegasus’

NGOs demand EU to impose sanctions on NSO Group

December 7, 2021

Dozens of rights groups are urging the European Union to impose sanctions on the Israeli NSO Group to ban the company’s Pegasus surveillance technology. The letter sent to the EU was signed by 86 rights groups and independent experts, including Reporters Without Borders, Amnesty International, Human Rights Watch, the Electronic Frontier Foundation and Privacy International, among others. A consortium of media revealed that this powerful spyware was used extensively by several governments to spy on lawyers, journalists, political opponents and human rights activists.

Several victims of illegal surveillance have been identified in Hungary, where the government initially denied being a client of NSO Group, before admitting to having purchased the software. See also: https://humanrightsdefenders.blog/2021/11/10/palestinian-ngos-dubbed-terrorist-were-hacked-with-pegasus-spyware/

Several victims of illegal surveillance have been identified in Hungary, where the government initially denied being a client of NSO Group, before admitting to having purchased the software. See also:

There is overwhelming evidence that Pegasus spyware has been repeatedly used by abusive governments to clamp down on peaceful human rights defenders, activists and perceived critics,” Deborah Brown, senior digital rights researcher and advocate at Human Rights Watch, said in a statement. “The EU should immediately sanction NSO Group and ban any use of its technologies.”

The EU’s global human rights sanctions would allow the EU to adopt “ “targeted sanctions against entities deemed responsible for violations or abuses that are “of serious concern as regards the objectives of the common foreign and security policy”, including violations or abuses of freedom of peaceful assembly and of association, or of freedom of opinion and expression,” the letter read.

According to Human Rights Watch, these rights have been “repeatedly violated using NSO technology,” and, as highlighted by the UN Special Rapporteur on freedom of opinion and expression, “the use of spyware by abusive governments can also facilitate extrajudicial, summary or arbitrary executions and killings, or enforced disappearance of persons.” See also: https://humanrightsdefenders.blog/2021/10/04/big-coalition-urges-un-to-denounce-abuses-facilitated-by-spyware-technologies/

NSO Group was blacklisted by the US State Department at the beginning of November, and slapped with a sanction that drastically limited the business relationships the US company had with US customers or suppliers, according to the French newspaper Le Monde. “The EU should unequivocally close its doors to business with NSO Group,” Brown said.

“Targeted sanctions are necessary to that end, and to add to growing international pressure against the company and the out-of-control spyware industry.”

In Europe, several investigations are ongoing, but no sanctions have been formally imposed on the company. In addition to Hungary, several other countries are, or have been, customers of NSO Group – although this does not mean that all these countries have made illegal use of Pegasus.

In addition to Germany, several EU countries have purchased access to the software, according to Le Monde.

See also: https://www.haaretz.com/israel-news/tech-news/.premium.HIGHLIGHT.MAGAZINE-citizen-lab-vs-nso-the-institute-taking-down-israel-s-mercenary-spyware-firms-1.10536773

https://slate.com/technology/2021/12/apple-lawsuit-nso-group-q-cyber-pegasus.html

https://www.euronews.com/next/2021/12/03/pegasus-spyware-ngos-urge-the-eu-to-sanction-israeli-group-nso

And the latest: https://marketresearchtelecast.com/spyware-sale-at-nso-group-the-end-of-pegasus/226205/

as well as

https://www.irishtimes.com/news/ireland/irish-news/concern-activist-s-phone-infected-with-spyware-during-dublin-conference-1.4778962

US Court says Facebook can pursue lawsuit against NSO Group

November 10, 2021

On 8 November 2021 media (here Reuters) reported that a U.S. appeals court said Facebook can pursue a lawsuit accusing Israel’s NSO Group of exploiting a bug in its WhatsApp messaging app to install malware allowing the surveillance of 1,400 people, including journalists, human rights activists and dissidents. In a 3-0 decision on Monday, the 9th U.S. Circuit Court of Appeals in San Francisco rejected privately owned NSO’s claim it was immune from being sued because it had acted as a foreign government agent. See also: https://humanrightsdefenders.blog/2021/10/04/big-coalition-urges-un-to-denounce-abuses-facilitated-by-spyware-technologies/

Facebook, now known as Meta Platforms Inc, sued NSO for an injunction and damages in October 2019, accusing it of accessing WhatsApp servers without permission six months earlier to install its Pegasus malware on victims’ mobile devices. NSO has argued that Pegasus helps law enforcement and intelligence agencies fight crime and protect national security.

It was appealing a trial judge’s July 2020 refusal to award it “conduct-based immunity,” a common law doctrine protecting foreign officials acting in their official capacity. Upholding that ruling, Circuit Judge Danielle Forrest said it was an “easy case” because NSO’s mere licensing of Pegasus and offering technical support did not shield it from liability under federal law, which took precedence over common law.

Whatever NSO’s government customers do with its technology and services does not render NSO an ‘agency or instrumentality of a foreign state,'” Forrest wrote. “Thus, NSO is not entitled to the protection of foreign sovereign immunity.”

The case will return to U.S. District Judge Phyllis Hamilton in Oakland, California.

Asked for comment on the decision, NSO said in an email that its technology helps defend the public against serious crime and terrorism, and that it “stands undeterred in its mission.”

WhatsApp spokesman Joshua Breckman in an email called the decision “an important step in holding NSO accountable for its attacks against journalists, human rights defenders and government leaders.”

Facebook’s case drew support from Microsoft Corp (MSFT.O), Alphabet Inc’s (GOOGL.O) Google and Cisco Systems Corp (CSCO.O), which in a court filing called surveillance technology such as Pegasus “powerful, and dangerous.”

On Nov. 3, the U.S. government blacklisted NSO and Israel’s Candiru for allegedly providing spyware to governments that used it to “maliciously target” journalists, activists and others. See also: https://humanrightsdefenders.blog/2021/11/10/palestinian-ngos-dubbed-terrorist-were-hacked-with-pegasus-spyware/.

https://www.reuters.com/technology/facebook-can-pursue-malware-lawsuit-against-israels-nso-group-us-appeals-court-2021-11-08/

https://gadgets.ndtv.com/apps/news/facebook-meta-pegasus-nso-group-lawsuit-whatsapp-hack-spyware-us-appeals-court-2604175

Palestinian NGOs dubbed terrorist were hacked with Pegasus spyware

November 10, 2021

Investigation by Front Line Defenders finds NGO employees’ phones were infiltrated months before Israel designated them as ‘terrorist organisations’

Phones of Palestinians working for human rights organisations recently designated by Israel as “terrorist organisations” [see: https://humanrightsdefenders.blog/2021/10/23/assault-by-israel-on-palestinian-human-rights-ngos/] were hacked using the Israeli-made spyware at the heart of a global surveillance scandal. [see: https://humanrightsdefenders.blog/2021/07/21/nsos-pegasus-spyware-now-really-in-the-firing-line/]

Dublin-based Front Line Defenders (FDL) examined 75 phones belonging to Palestinian human rights workers and detected that six were infected with Pegasus spyware between July 2020 and April 202. Four out of the six phones belong to staff members at NGOs that were blacklisted last month for alleged ties to a group labelled by some states as a “terrorist organisation”, a move that has sparked international condemnation.

Those alleged to have been hacked include US citizen Ubai al-Aboudi, who heads the Bisan Center for Research and Development, and French national Salah Hammouri, a researcher at Addameer. 

At a press conference in Ramallah on Monday, representatives of the six organisations called for the international community to take action. “We call on the United Nations to launch an investigation to disclose the party that stood behind using this programme on the phones of human rights activists, a move that put their lives at risk,” Tahseen Elayyan, a legal researcher with Al-Haq, told Reuters.

FDL’s findings, which were reviewed and confirmed by Citizen Lab and Amnesty International Security Lab, will raise further concerns about Pegasus, the controversial spyware alleged to have been used to hack heads of state, journalists and activists in a series of explosive stories published this summer.

NSO Group, the Israeli-based tech firm behind Pegasus, only licences the product to sovereign states or the law enforcement or intelligence agencies of those states.

Haaretz reported on Monday that the export licence issued by the Israeli defence ministry to NSO Group only permits Israeli security services to monitor Israeli phone numbers.

An FDL spokesperson told Middle East Eye on Monday that the organisation does not know which state was behind the hacking it uncovered, but believes that the timeline of events over the past month may be critical in answering that question.

On 16 October, three days before the organisations were designated, Al-Haq approached FDL, suspecting that a staff member’s phone had been hacked. The same day, an FDL investigator found initial traces of Pegasus on the phone.

The following day, on 17 October, FDL said it held a meeting with all six organisations to inform them of the initial findings and see if others would want their phones investigated. NSO Group: US blacklists Israeli firms for harming ‘national security interests’.

On 18 October, Israel’s interior ministry notified Hammouri of its decision to revoke his permanent residency in Jerusalem and deport him on the basis of his alleged “breach of allegiance to the State of Israel”.

Then on 19 October, Israeli Defence Minister Benny Gantz designated all six organisations which had gathered with FDL as “terrorist organisations.”

At this point, the organisations were reportedly only considered “terrorist” groups in Israel. But on 3 November – just ahead of the release of FDL’s findings –  Israel’s commander-in-chief of the Central Command issued an order to outlaw the organisations in the West Bank.

“It seems to us that [Israeli officials] were slow to react to what was transpiring and they were unprepared,” FDL spokesperson Adam Shapiro told MEE. “It suggests we caught them doing something they didn’t want us to.”

However, Shapiro emphasised that FDL could not say definitively what state was behind the hacking, a comment echoed by Addameer’s director, Sahar Francis.

“We don’t have evidence. We can’t accuse a certain party since we don’t have yet enough information about who carried out that action,” she told Reuters, calling on the UN to launch an investigation.

Israeli officials have not made a public statement yet about FDL’s findings. NSO Group told Reuters the company “does not operate the products itself … and we are not privy to the details of individuals monitored”.

The US government last week blacklisted the NSO Group and a second Israeli spyware firm, Candiru, saying their activities are contrary to US foreign policy and national security interests.

https://www.middleeasteye.net/news/israel-spyware-pegasus-used-hack-palestinian-rights-activists-phones

https://www.theguardian.com/world/2021/nov/08/hacking-activists-latest-long-line-cyber-attacks-palestinians-nso-group-pegasus-spyware

https://www.occrp.org/en/daily/15450-experts-pegasus-spyware-found-in-phones-of-palestinian-activists

https://www.timesofisrael.com/report-palestinian-activists-phones-hacked-with-controversial-nso-group-tech/

Big Coalition urges UN to denounce abuses facilitated by spyware technologies

October 4, 2021

During the 28th U.N. Human Rights Council (HRC) Access Now joined 94 other civil society organizations and independent experts in urging member states to denounce abuses facilitated by spyware technologies.

The Pegasus Project revealed a long list of journalists, activists, human rights defenders, lawyers, world leaders, and civil society actors that were a target of NSO Group’s Pegasus Spyware. The U.N. HRC should mandate comprehensive measures to investigate and prevent further violations linked to the sale, export, and use of Pegasus spyware and cases of targeted surveillance. For earlier post on this hot topic, see: https://humanrightsdefenders.blog/tag/pegasus/

Member States must urgently act to address the perpetual human rights abuses by States facilitated by NSO Group’s Pegasus spyware,” said Laura O’Brien, UN Advocacy Officer at Access Now. “The clandestine surveillance industry must be held accountable.

The recent revelations showcased the unprecedented scale of human rights violations by States facilitated by the use of Pegasus with Budapest-based photojournalist Dániel Németh being the latest victim targeted by the spyware.

In the Middle East and North Africa (MENA), governments continue to use digital surveillance tools to target journalists and activists. In 2016, a Citizen Lab investigation revealed that the UAE spied on human rights defender Ahmed Mansoor, who is now serving 10 years in prison under inhumane conditions. The Pegasus Project revealed that friends and family of slain Saudi journalist, Jamal Khashoggi, were also targets of Pegasus spyware with the iPhone of Khashoggi’s Turkish fiancée, Hatice Cengiz, targeted and successfully infected. Last June, Access Now and the Gulf Centre for Human Rights launched the MENA Surveillance Coalition, convening civil society organizations working to defend freedom of expression, privacy, and fundamental rights, to call for an end to the sales of digital surveillance tools to repressive governments in the region.

“Invasive surveillance invades and corrodes the lives and work of human rights defenders, journalists, and activists across the globe,” said Kassem Mnejja, MENA Campaigner at Access Now. “Companies like NSO have been given free rein to proliferate the market with the dangerous Pegasus spyware used to facilitate these dehumanising and unsafe actions — this must end now.”

Despite the mounting evidence of its human rights abuses, the NSO Group continues to repeat its false claim that its spyware is only used for legitimate purposes like investigating crime and terror. This cannot continue.

U.N. human rights experts and civil society groups have previously called on governments to immediately implement a global moratorium on the sale, export, transfer, and use of private surveillance technology. Supporting this call, civil society organizations and independent experts are today requesting member states of the U.N. HRC to urgently denounce and mandate independent investigations into the human rights violations facilitated by this technology.

Read the full letter.

https://www.scoop.co.nz/stories/WO2110/S00016/act-now-against-spyware-coalition-tells-un-human-rights-council.htm

NSO’s Pegasus spyware now really in the firing line

July 21, 2021

Frank Andrews in the Middle East Eye of 20 July 2021 tracks the history of the unhealthy story to which also thsi blog has regularly paid attention: see https://humanrightsdefenders.blog/tag/nso-group/

Claims made this week that the Israeli company’s Pegasus spyware technology has been used to surveil 50,000 phones – belonging to heads of state, journalists, human rights defenders, political opponents and more – may be the highest-profile accusations against the firm, but they are not the first.

Pegasus, which infects phones with spyware through various means, has proven to be a boon to digital authoritarians wanting to track anyone perceived as critical of their rule. It has also been the subject of numerous lawsuits and legal complaints.

It begun in August 2016, when the United Arab Emirates was found to be tracking the iPhone of Emirati human rights activist Ahmed Mansoor using Pegasus spyware, according to a report by Citizen Lab and Lookout Security. [see also: https://humanrightsdefenders.blog/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/]

Geneva experts on cybersecurity and digital governance tell Geneva Solutions what citizens must do to stem the erosion of our right to privacy.

U.N. High Commissioner for Human Rights Michelle Bachelet, in a statement, said that the revelations “are extremely alarming, and seem to confirm some of the worst fears about the potential misuse of surveillance technology to illegally undermine people’s human rights.” See statement by @UNHumanRights Chief @mbachelet: https://ohchr.org/EN/NewsEvents/

https://www.middleeasteye.net/news/israel-pegasus-spyware-nso-group-history-accusations-denials

https://www.rawstory.com/as-un-human-rights-chief-urges-stricter-rules-snowden-calls-for-end-to-spyware-trade/https://www.rawstory.com/as-un-human-rights-chief-urges-stricter-rules-snowden-calls-for-end-to-spyware-trade/

https://indianexpress.com/article/explained/the-making-of-pegasus-from-startup-to-spy-tech-leader-israel-invasive-spyware-7414370/

New investigation shows global reach of NSO Group’s spyware

July 5, 2021

On 3 July 2021, a new interactive online platform by Forensic Architecture, supported by Amnesty International and the Citizen Lab, maps for the first time the global spread of the notorious spyware Pegasus, made by cyber-surveillance company NSO Group.

‘Digital Violence: How the NSO Group Enables State Terror’ documents digital attacks against human rights defenders around the world, and shows the connections between the ‘digital violence’ of Pegasus spyware and the real-world harms lawyers, activists, and other civil society figures face.   NSO Group is the worst of the worst in selling digital burglary tools to players who they are fully aware actively and aggressively violate the human rights of dissidents, opposition figures, and journalists. Edward Snowden, President of Freedom of the Press Foundation.

NSO Group is a major player in the shadowy surveillance industry. The company’s Pegasus spyware has been used in some of the most insidious digital attacks on human rights defenders. When Pegasus is surreptitiously installed on a person’s phone, an attacker has complete access to a phone’s messages, emails, media, microphone, camera, calls and contacts. For my earlier posts on NSO see: https://humanrightsdefenders.blog/tag/nso-group/

“The investigation reveals the extent to which the digital domain we inhabit has become the new frontier of human rights violations, a site of state surveillance and intimidation that enables physical violations in real space,” said Shourideh C. Molavi, Forensic Architecture’s Researcher-in-Charge. 

Edward Snowden narrates an accompanying video series which tell the stories of human rights activists and journalists targeted by Pegasus. The interactive platform also includes sound design by composer Brian Eno. A film about the project by award-winning director Laura Poitras will premiere at the 2021 Cannes Film Festival later this month.

The online platform is one of the most comprehensive databases on NSO-related activities, with information about export licenses, alleged purchases, digital infections, and the physical targeting of activists after being targeted with spyware, including intimidation, harassment, and detention. The platform also sheds light on the complex corporate structure of NSO Group, based on new research by Amnesty International and partners.

For years, NSO Group has shrouded its operations in secrecy and profited from working in the shadows. This platform brings to light the important connections between the use of its spyware and the devastating human rights abuses inflicted upon activists and civil society,” said Danna Ingleton, Deputy Director of Amnesty Tech.

Amnesty International’s Security Lab and Citizen Lab have repeatedly exposed the use of NSO Group’s Pegasus spyware to target hundreds of human rights defenders across the globe. Amnesty International is calling on NSO Group to urgently take steps to ensure that it does not cause or contribute to human rights abuses, and to respond when they do occur. The cyber-surveillance must carry out adequate human rights due diligence and take steps to ensure that human rights defenders and journalists do not continue to become targets of unlawful surveillance.

In October 2019, Amnesty International revealed that Moroccan academic and activist, Maati Monjib’s phone had been infected with Pegasus spyware. He continues to face harassment by the Moroccan authorities for his human rights work. In December 2020, Maati Monjib was arbitrarily detained before being released on parole on 23 March 2021.

Maati Monjib, tells his story in one of the short films, and spoke of the personal toll following the surveillance, “The authorities knew everything I said. I was in danger. Surveillance is very harming for the psychological wellbeing of the victim. My life has changed a lot because of all these pressures.”

Amnesty International is calling for all charges against Maati to be dropped, and the harassment against him and his family by the Moroccan authorities to end.

To find out more visit digitalviolence.org

https://www.amnesty.org/en/latest/news/2021/07/investigation-maps-human-rights-harm-of-nso-group-spyware/

https://www.techradar.com/news/spyware-toolkit-used-by-governments-hackers-to-break-into-windows-machines

Amnesty International’s bid to block spyware company NSO fails in Israeli court

July 15, 2020

Amnesty International’s bid to block spyware company NSO Group’s international export licence has been shut down in a Tel Aviv court, apparently due to a lack of evidence, reported several media, here in the New Statesman of 14 July 2020. [see: https://humanrightsdefenders.blog/2019/09/17/has-nso-really-changed-its-attitude-with-regard-to-spyware/ ]

The case argued that the Israeli defence ministry should revoke the group’s export licence in light of numerous allegations that its phone-hacking Pegasus spyware has been used by governments (including Mexico, Saudi Arabia, Morocco and the UAE) to spy on civilians including an Amnesty International employee, human rights activists, lawyers and journalists..

The district court judge Rachel Barkai wrote in a statement that there was not enough evidence to “substantiate the claim that an attempt was made to monitor a human rights activist”. She wrote that in reviewing materials provided by the Ministry of Defence and Ministry of Foreign Affairs, she was persuaded that export licences were granted as part of a “sensitive and rigorous process”, and closely monitored and revoked if conditions were violated, “in particular in cases of human rights violations.”

Amnesty International decried the court’s decision. Danna Ingleton, acting co-director of Amnesty Tech, said in a statement: “Today’s disgraceful ruling is a cruel blow to people put at risk around the world by NSO Group selling its products to notorious human rights abusers. […] The ruling of the court flies in the face of the mountains of evidence of NSO Group’s spyware being used to target human rights defenders from Saudi Arabia to Mexico, including the basis of this case – the targeting of one of our own Amnesty employees.

NSO said: “Our detractors, who have made baseless accusations to fit their own agendas, have no answer to the security challenges of the 21st century. Now that the court’s decision has shown that our industry is sufficiently regulated, the focus should turn to what answer those who seek to criticise NSO have to the abuse of encryption by nefarious groups.”

The NSO Group is currently embroiled in another lawsuit brought by WhatsApp, which alleges that Pegasus spyware was used to hack more than a thousand of the messaging platform’s users. [see: https://humanrightsdefenders.blog/2019/10/30/nso-accused-of-largest-attack-on-civil-society-through-its-spyware/]

https://tech.newstatesman.com/security/amnesty-international-nso-group-export-licence

NSO versus Whatsapp continues in court

May 5, 2020

WhatsApp logo is seen displayed on a smart phone screen on 11 December 2019 [Ali Balıkçı/Anadolu Agency]

WhatsApp logo is seen displayed on a smart phone screen on 11 December 2019 [Ali Balıkçı/Anadolu Agency]

The NSO Group has always maintained its innocence insisting that its spyware is purchased by government clients for the purpose of tracking terrorists and criminals and that it had no independent knowledge of how those clients use its spyware. This claim is contradicted by court documents in WhatsApp’s lawsuit filed last year against the Israeli firm. While bringing the lawsuit, WhatsApp said in a statement that 100 civil society members had been targeted and called it “an unmistakable pattern of abuse”. New documents seen last week indicate that servers controlled by NSO Group and not its government clients, as alleged by the Israeli firm, were an integral part of how the hacks were executed. “NSO used a network of computers to monitor and update Pegasus after it was implanted on users’ devices,” said WhatsApp, “these NSO-controlled computers served as the nerve centre through which NSO controlled its customers’ operation and use of Pegasus [software used to hack computers and phones].”NSO Group is also accused by WhatsApp of gaining “unauthorised access” to its servers by evading the company’s security features.

n the ongoing legal battle between Facebook and software surveillance company NSO Group, the social media giant is trying to get NSO Group’s legal counsel dismissed because of an alleged conflict of interest. In a court filing made public this week, Facebook asked a federal judge to disqualify law firm King & Spalding from representing NSO Group because the firm previously represented Facebook-owned WhatsApp in a different, sealed case that is “substantially related” to the NSO Group one. King & Spalding, an Atlanta-based firm with a range of big corporate clients, has denied there is a conflict of interest, according to the filing.“Any attorney defending this suit would love to have insight into how WhatsApp’s platform and systems work,” the court filing states. “And King & Spalding has that insight—because it was once WhatsApp’s counsel.”The dispute with Facebook is one of multiple legal battles currently facing NSO Group. Amnesty International is trying to get an Israeli court to revoke NSO Group’s export license in Israel, citing Pegasus’s alleged role in humans rights abuses. [see: https://humanrightsdefenders.blog/2019/09/17/has-nso-really-changed-its-attitude-with-regard-to-spyware/]https://www.amnesty.org/en/latest/news/2020/06/nso-spyware-used-against-moroccan-journalist/

https://www.cyberscoop.com/nso-group-lawsuit-whatsapp-conflict-of-interest-king-spalding/

Israel’s NSO Group accused of ‘unmistakable pattern of abuse’ in hacking case

Has NSO really changed its attitude with regard to spyware?

September 17, 2019

Cyber-intelligence firm NSO Group has introduced a new Human Rights Policy and a supporting governance framework in an apparent attempt to boost its reputation and comply with the United Nations’ Guiding Principles for Business and Human Rights. This follows recent criticism that its technology was being used to violate the rights of journalist and human rights defenders. A recent investigation found the company’s Pegasus spyware was used against a member of non-profit Amnesty International. [see: https://humanrightsdefenders.blog/2019/02/19/novalpina-urged-to-come-clean-about-targeting-human-rights-defenders/]

The NSO’s new human rights policy aims to identify, prevent and mitigate the risks of adverse human rights impact. It also includes a thorough evaluation of the company’s sales process for the potential of adverse human rights impacts coming from the misuse of NSO products. As well as this, it introduces contractual agreements for NSO customers that will require them to limit the use of the company’s products to the prevention and investigation of serious crimes. There will be specific attention to protect individuals or groups that could be at risk of arbitrary digital surveillance and communication interceptions due to race, colour, sex, language, religion, political or other opinions, national or social origin, property, birth or other status, or their exercise or defence of human rights. Rules have been set out to protect whistle-blowers who wish to report concerns about misuse of NSO technology.

Amnesty International is supporting current legal actions being taken against the Israeli Ministry of Defence, demanding that it revoke NSO Group’s export licence. In January 2020 an Israeli court ordered a  closed door hearing.

Danna Ingleton, Deputy Program Director for Amnesty Tech, said: “While on the surface it appears a step forward, NSO has a track record of refusing to take responsibility. The firm has sold invasive digital surveillance to governments who have used these products to track, intimidate and silence activists, journalists and critics.”

CEO and co-founder Shalev Hulio, counters: “NSO has always taken governance and its ethical responsibilities seriously as demonstrated by our existing best-in-class customer vetting and business decision process. With this new Human Rights Policy and governance framework, we are proud to further enhance our compliance system to such a degree that we will become the first company in the cyber industry to be aligned with the Guiding Principles.

https://www.verdict.co.uk/nso-group-new-human-rights-policy/

https://www.ynetnews.com/article/HJSNKJAeU

Beyond WhatsApp and NSO – how human rights defenders are targeted by cyberattacks

May 14, 2019
Several reports have shown Israeli technology being used by Gulf states against their own citizens (AFP/File photo)

NSO Group has been under increased scrutiny after a series of reports about the ways in which its spyware programme has been used against prominent human rights activists. Last year, a report by CitizenLab, a group at the University of Toronto, showed that human rights defenders in Saudi Arabia, the United Arab Emirates and Bahrain were targeted with the software.

In October, US whistleblower Edward Snowden said Pegasus had been used by the Saudi authorities to surveil journalist Jamal Khashoggi before his death. “They are the worst of the worst,” Snowden said of the firm. Amnesty International said in August that a staffer’s phone was infected with the Pegasus software via a WhatsApp message.

——-

Friedhelm Weinberg‘s piece of 1 May is almost prescient and contains good, broader advice:

When activists open their inboxes, they find more than the standard spam messages telling them they’ve finally won the lottery. Instead, they receive highly sophisticated emails that look like they are real, purport to be from friends and invite them to meetings that are actually happening. The catch is: at one point the emails will attempt to trick them.

1. Phishing for accounts, not compliments

In 2017, the Citizen Lab at the University of Toronto and the Egyptian Initiative for Personal Rights, documented what they called the “Nile Phish” campaign, a set of emails luring activists into giving access to their most sensitive accounts – email and file-sharing tools in the cloud. The Seoul-based Transitional Justice Working Group recently warned on its Facebook page about a very similar campaign. As attacks like these have mounted in recent years, civil society activists have come together to defend themselves, support each other and document what is happening. The Rarenet is a global group of individuals and organizations that provides emergency support for activists – but together it also works to educate civil society actors to dodge attacks before damage is done. The Internet Freedom Festival is a gathering dedicated to supporting people at risk online, bringing together more than 1,000 people from across the globe. The emails from campaigns like Nile Phish may be cunning and carefully crafted to target individual activists.. – they are not cutting-edge technology. Protection is stunningly simple: do nothing. Simply don’t click the link and enter information – as hard as it is when you are promised something in return.

Often digital security is about being calm and controlled as much as it is about being savvy in the digital sphere. And that is precisely what makes it difficult for passionate and stressed activists!

2. The million-dollar virus

Unfortunately, calm is not always enough. Activists have also been targeted with sophisticated spyware that is incredibly expensive to procure and difficult to spot. Ahmed Mansoor, a human-rights defender from the United Arab Emirates, received messages with malware (commonly known as computer viruses) that cost one million dollars on the grey market, where unethical hackers and spyware firms meet. See also: https://humanrightsdefenders.blog/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/]

Rights defender Ahmed Mansoor in Dubai in 2011, a day after he was pardoned following a conviction for insulting UAE leaders. He is now in prison once more.

Rights defender Ahmed Mansoor in Dubai in 2011. Image: Reuters/Nikhil Monteiro

3. Shutting down real news with fake readers

Both phishing and malware are attacks directed against the messengers, but there are also attacks against the message itself. This is typically achieved by directing hordes of fake readers to the real news – that is, by sending so many requests through bot visitors to websites that the servers break down under the load. Commonly referred to as “denial of service” attacks, these bot armies have also earned their own response from civil society. Specialised packages from Virtual Road or Deflect sort fake visitors from real ones to make sure the message stays up.

 

A chart showing how distributed denial of service (DDoS) attacks have grown over time.

How distributed denial of service (DDoS) attacks have grown. Image: Kinsta.com; data from EasyDNS

Recently, these companies also started investigating who is behind these attacks– a notoriously difficult task, because it is so easy to hide traces online. Interestingly, whenever Virtual Road were so confident in their findings that they publicly named attackers, the attacks stopped. Immediately. Online, as offline, one of the most effective ways to ensure that attacks end is to name the offenders, whether they are cocky kids or governments seeking to stiffle dissent. But more important than shaming attackers is supporting civil society’s resilience and capacity to weather the storms. For this, digital leadership, trusted networks and creative collaborations between technologists and governments will pave the way to an internet where the vulnerable are protected and spaces for activism are thriving.

——–