Israel’s Pegasus spyware: Tested in Palestine, sold to the world

Israel’s Pegasus spyware: Tested in Palestine, sold to the world

Israel has branded itself as a tech giant that specializes in cybersecurity. One spyware product has been used to hack into phones of world leaders.

Private Israeli firm NSO Group is under fire again. Its Pegasus spyware has hacked into 50,000 phone numbers belonging to activists, journalists, and world leaders, violating rights to privacy and international human rights law. NSO founders’ roots are in the IDF. NSO Group regularly tests its technologies on Palestinians…

by Sahar Amer, reposted from the New Arab, August 4, 2021

In July, private Israeli firm NSO Group’s Pegasus spyware was found to have hacked into 50,000 phone numbers belonging to activists, journalists, and world leaders.

Once installed on phones, the software enables an attacker to have complete access to the device’s contacts, messages, emails, photos, microphone, and camera.

Pegasus spyware has been used in 40 countries, but so far only 11 countries have been identified as customers of NSO Group, including Mexico, Morocco, Saudi Arabia, the United Arab Emirates (UAE), Rwanda, India, Hungary, Kazakhstan, Azerbaijan, Bahrain, and Togo.

The leaked list of numbers was connected to many high-profile names where the spyware was used both within and outside of countries, including French President Emmanuel Macron, Pakistan’s Imran Khan, Morocco’s PM Saad-Eddine El Othmani, as well as family members and close connections of murdered Saudi dissident Jamal Khashoggi.

The investigation was led by a Paris-based non-profit media group, Forbidden Stories, along with 16 media organisations in 10 countries, and technical support from Amnesty International’s Security Lab who provided forensic testing on mobile phones to detect traces of the spyware.

The organisations are accusing NSO Group of creating and distributing a tool that impedes on rights to privacy by design and violates international human rights law.

NSO Group issued a statement to The Guardian and other media organisations stating that the company “firmly denies false claims” made in the investigation and that “many of which are uncorroborated theories that raise serious doubts about the reliability of sources”.

NSO Group suggests that the list of numbers has nothing to do with them and could have come from their clients or retrieved from a basic Home Location Register (HLR) Lookup service – a way to check a mobile numbers’ home network and where they are currently roaming.

Israel uses a range of spyware on Palestinians in the occupied West Bank.
Israel uses a range of spyware on Palestinians in the occupied West Bank. (Getty)

Amnesty has subsequently published their methodology on the investigation and stands by their allegations against NSO Group. Although the technology firm is technically operating within the boundaries of Israeli law as the export of its products requires a license from the Ministry of Defence, there appears no direct mention of upholding human rights in the Defense Export Control Law.

The focus now is on the surveillance technology being sold to abusive regimes and the Israeli government licensing these sales. Israeli Defence Minister Benny Gantz mentioned that they “are studying the information published on the matter”, after calls for a moratorium on the export, sale, and use of Pegasus spyware.

Threats to democracy and human rights

This is not the first time NSO Group has been under fire for the misuse of its technology, as Israeli Cyberlaw attorney Jonathan J. Klinger tells The New Arab. Between 2016 and 2018, Citizen Lab, a laboratory that researches information and communication technologies, human rights, and global security, have tracked Pegasus spyware operating in 45 countries.

The group investigated a zero-day exploit chain, which they named Trident, that showed how spyware was installed on mobile phones. The case was bought to them by award-winning human rights activist, Ahmed Mansoor, based in the UAE, who received an SMS message in 2016 which said he could access “new secrets” regarding detainees tortured in UAE jails if he clicked an attached link.

UAE authorities are considered to be behind the assault, considering they detained Mansoor in 2011, added him to a travel ban list, and monitored him using other malicious spyware. Mansoor was imprisoned in 2017 and is currently still in jail.

Recent findings show that the UAE listed 400 UK phone numbers as targets, including contact details of a member of the House of Lords and Princess Latifa, daughter of Sheikh Mohammed bin Rashid Al-Maktoum, Vice President and Prime Minister of the UAE. Latifa had reportedly been a target of UAE authorities after her attempted and unsuccessful escape in early 2018.

Similarly, Saudi Arabia was also accused of using the software to spy on human rights activists and journalists. Most notably, phones of people close to Khashoggi including his fiancée, Hatice Cengiz and the journalist’s son, Abdullah Khashoggi, both before and after his death.

The UAE and Saudi Arabia have been found through the report to have attempted to use Pegasus to monitor the Turkish murder investigation as well as the phone of Istanbul’s chief prosecutor for potential surveillance.

These findings further confirm stronger ties between the Gulf and Israel, considering the Abraham Accords – the UAE and Bahrain’s normalisation agreement with Israel in 2020. Where human rights issues and digital repression are already rife within the region, the impact of this all-seeing technology in the wrong hands is detrimental.

“This creates a place where we have nowhere safe to be ourselves, to discuss things with loved ones or to create freely,” said Klinger.

NPR reported that NSO Group has since announced that they have blocked governments over the misuse of its spyware but would not disclose who or how many as prohibited by Israeli defence regulations.

The role of the Israeli state

Although the focus has been on placing pressure on Israel to stop the licensing of surveillance tools like Pegasus, the state has probably had more influence than is being told. Yousef Munayyer, a political analyst for the Arab Centre Washington DC, says, “rather, it [Israel] plays a central role in the development, testing, and perfecting of this technology”.

NSO Group founders Omri Lavie, Shalev Hulio, and Niv Carmi are alumni of the Israel Defence Force Unit 8200 – the intelligence and cyber surveillance arm of the IDF. It comes as no coincidence that Israel is a major player in the high-tech surveillance industry.

[Editor’s note: For many years, the spouse of the head of Jewish Voice for Peace worked for an Israeli company with ties to Unit 8200]

Neve Gordon, Israeli professor and academic, told The Intercept that there are little to no legal limits on veterans “taking certain research ideas they worked on in the military and developing them”.

Prior to marketing the technology, Unit 8200 have been known to spy on Palestinians living in the West Bank following an open letter in 2014 from 43 soldiers who confessed to conducting invasive surveillance operations and subsequently refused assignment in a “moral duty to act”.

They also wrote that “a large part of their work was unrelated to Israel’s security or defence, but appeared designed to perpetuate the occupation by “infiltrating” and “controlling” all aspects of Palestinian life”.

Other invasive technologies are also used on Palestinians in Israel including AnyVision’s biometric data collection through checkpoints, facial recognition drone technology, and excessive social media and internet monitoring.

Although it has been reported that Israel has even spied on its own citizens, Palestinians are unique in that they are not protected by basic right laws and recourse to justice, which make them prime candidates to experiment new technology on.

“Israel has great benefit from testing these tools and later offering them outside of the country,” Klinger says. The Pegasus Project is not the first time Israel has profited from dictatorships and authoritarian regimes around the world.

Last year, Israeli firm Cellebrite sold its phone-hacking product to Nicolás Maduro’s regime in Venezuela, where over 9,000 people have been subject to extrajudicial killings under his presidency, as well as increasing arbitrary arrests, torture, and brutal repression.

Cellebrite also faced accusations from human rights activists that it sold its technology to Belarus during the 2020 – 2021 protests against the government, and to China during its pro-democracy crackdown in Hong Kong.

Until Israel ceases its occupation in Palestine, the sophistication and expansion of these surveillance technologies will continue to develop. As Munayyer stresses, “the abuses of the Israeli state against Palestinians…have consequences around the world”.

Sahar Amer is a freelance journalist based in London. She holds a master’s degree in Human Rights, Culture & Social Justice from Goldsmiths, University of London and her research interests include technology and digital rights




Enter your email address below to receive our latest articles right in your inbox.