Amnesty wants Israeli cyber firm’s licence revoked for allegedly spying on staff and Saudi dissidents

Rights groups says cyber company has ‘gone rogue’ and should be reined in

Bel Trew
MIddle East Correspondent
Thursday 29 November 2018 12:02
The rights group says the Israeli Ministry of Defence is knowingly co-operating with NSO Group
The rights group says the Israeli Ministry of Defence is knowingly co-operating with NSO Group

Amnesty International said it is considering legal action against an Israeli cyber firm for allegedly spying on its staff, after Israeli media reported the same company had offered Saudi Arabia surveillance software for hacking mobile phones belonging to activists connected to murdered journalist Jamal Khashoggi.

The rights group said it lodged a request two weeks ago with the Israeli defence ministry to revoke the export licence of Israel-based NSO Group, in light of an attempted cyber-attack on an Amnesty staff member in June.

When the request was rejected, the group said it decided to seek legal advice to challenge the ministry’s decision.

Amnesty’s statement came just days after an investigation by Israeli newspaper Haaretz reported NSO had peddled its powerful “Pegasus 3” software to the Saudis, to offer them the capability of hacking the phones of dissidents.

In a statement to Amnesty, NSO Group said its product “is intended to be used exclusively for the investigation and prevention of crime and terrorism”, and any other use violate its policies and contracts.

NSO told Haaretz it had acted “according to the law”, and reiterated its products are used in the fight against crime and terror.

In June, Amnesty said a staff member had received a “suspicious” WhatsApp message in Arabic, containing details about an alleged protest outside the Saudi embassy in Washington DC, followed by a link to a website.

Amnesty’s technology team investigated and said clicking the link would have installed “Pegasus”, NSO’s sophisticated surveillance software.

Amnesty’s investigation also found Saudi rights activist Yahya Asiri apparently received a similar malicious message from the Saudis.

The rights group claimed a further investigation revealed the link was part of an infrastructure of more than 600 malicious domains, some of which had previously been connected to NSO Group.

Omar Abdulaziz, a Saudi activist living in exile in Canada, said he was also targeted, and spoke about the incident in an interview with The Independent in October.

The mountain of evidence and reports on NSO Group and the sale of its spyware to human rights-violating regimes is substantial proof that NSO has gone rogue 

Molly Malekar, Amnesty’s Israel’s programmes director 

He said he was sent a link that appeared to lead to a message from a global courier service. “When I clicked on it, they bugged my phone,” he said at the time.

Both Mr Abdulaziz and Mr Asiri were in contact with Saudi journalist Mr Khashoggi, who was killed by Saudi officials in the kingdom’s consulate in Istanbul in October.

Edward Snowden, a former Central Intelligence Agency (CIA) contract worker who fled to Russia after releasing thousands of documents from the US National Security Agency, claimed this month Mr Khashoggi was being tracked by NSO technology.

Molly Malekar, Amnesty International Israel’s programmes director, said the reports about NSO had shown the company “had gone rogue”.

Facebook Hack: 50 million people's acounts exposed by major mistake in social network's code, company admits

“The [Israeli] Ministry of Defence must answer for their failure to properly regulate NSO Group, as they are in charge of controlling Israeli defence exports,” Ms Malekar said in a statement.

“The mountain of evidence and reports on NSO Group, and the sale of its spyware to human rights-violating regimes, is substantial proof that NSO has gone rogue.”

She added: “By continuing to approve of NSO Group, the Ministry of Defence is practically admitting to knowingly cooperating with NSO Group, as their software is used to commit human rights abuses.”

According to Haaretz, the Saudi dissidents were targeted after a June 2017 meeting between the Saudis and the Israeli software company, in which officials from the kingdom expressed an interest in the group’s technology. After subsequent meetings the newspaper said its investigations had found an agreement was drawn up to sell Pegasus 3 to the Saudis for $55m.

It is unclear if the deal was ever closed. The Independent was unable to independently verify the claims.

Haaretz reported that in June 2017, a meeting took place in a hotel room in Vienna between two Israeli businessmen representing NSO and Abdullah al-Malihi, a close associate of Prince Turki al-Faisal – a former head of Saudi Arabia’s intelligence services – as well as Nasser al-Qahtani, who presented himself as the deputy of the intelligence chief.

Haaretz said the Israeli businessmen presented the advanced technology to the Saudis and even demonstrated its capabilities by hacking a phone Mr Qahtani purchased by simply having the mobile phone number.

Pegasus 3 software, according to Haaretz is so advanced it does not require victims to click on a link before the phone is hacked. Instead, only the number of the phone’s SIM card is needed. As soon as the phone is breached, the speaker and camera can be used for recording conversations. Even encrypted apps like WhatsApp can be monitored, the newspaper says.

Amnesty said on Wednesday, it feared the technology was being used to “bait and spy” on activists in numerous countries, including Kenya, the Democratic Republic of Congo and Hungary, in addition to countries in the Gulf.

The group said Pegasus was apparently used to target Emirati human rights defender Ahmed Mansoor, who has been in prison in the United Arab Emirates since March 2017.

“Amnesty International will not stand idly by as companies such as NSO Group profit from selling their invasive Pegasus software to repressive states around the world,” said Danna Ingleton, deputy director of Amnesty International Tech.

She added: “NSO Group’s software has been used to attack Amnesty staff and fellow human rights defenders globally. As the Israeli Ministry of Defence refused our request to revoke the export licence, it is clear that we now need to take additional legal steps to expose the truth, and seek accountability for the attack against us.”

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments