The advanced spyware Pegasus, created by Israeli firm NSO Group and used by governments like Saudi Arabia to gather intelligence on those it deems terrorists or criminals, has reportedly been detected on at least 11 iPhones used by US officials in Uganda or conducting business related to the country, as well as locals working for the embassy.
That news — first reported Friday by Reuters — will likely exacerbate NSO Group’s fraught relationship with the US government; while the company says Pegasus can’t be used on phones with US numbers, the recent hack shows there are loopholes that allow foreign governments to spy on US citizens and government employees. It’s the first known incident of the technology being used against American officials, although it’s not yet known which of NSO Group’s clients hacked the devices.
NSO Group has long claimed that its clients — which run the gamut from monarchies like the UAE to democratic nations like Germany and Mexico — are closely vetted, but there is a long record of its technology being misused for nefarious purposes, like spying on dissidents or estranged spouses, as the ruler of Dubai is alleged to have done.
NSO Group scandals also pose a diplomatic problem; though NSO is a private company, it’s closely linked to the Israeli government, and Israel’s defense ministry has to sign off on the export license for the technology, ostensibly ensuring that it’s used only for the purposes “of preventing and investigating crime and counterterrorism,” according to an Israeli defense spokesperson who spoke to the Washington Post in July.
Extensive reporting from a group of 17 media outlets and more than 80 journalists proves that hasn’t always been the case. Among other incidents, Pegasus was allegedly used to surveil Saudi dissident and Washington Post columnist Jamal Khashoggi before his murder in October 2018.
More recently, the US has started to take action against the company. In November, NSO Group was placed on the Commerce Department’s “entity list,” which severely restricts the export of American technologies that could be used by NSO Group to support Pegasus and similar projects.
Now, given the recent reporting on Pegasus’s use against State Department employees, harsher crackdowns on NSO and similar technology could be on the horizon. On Thursday, the Biden administration announced plans for a US-led initiative on the use of surveillance technology — like Pegasus — by authoritarian regimes. The aim, according to the Wall Street Journal, is to create a framework around the export and licensing controls of such technology, …….
Source: https://www.vox.com/2021/12/4/22817236/nso-group-israeli-spyware-pegasus-hack-us-diplomats-uganda