A European Parliament committee of inquiry into Pegasus and similar spyware visited Israel and was surprised to discover the number of contracts linking the publishing company NSO to the EU, reports the Israeli daily Haaretz.
NSO alone has 22 and it is far from the only player in this "game". Explanations :
The shock wave of the Pegasus affair continues to widen, but this time it is the European Union that it affects. Representatives of the European Parliament's Committee of Inquiry into Pegasus and Similar Spyware recently visited Israel and learned from NSO staff that the company has active contracts with 12 of the 27 members of the European Union. "The Israeli firm's responses to questions from the European Commission reveal that the company works with many security agencies in the EU," reports the Israeli daily Haaretz.
“The committee members seek to further their investigation of the local computer warfare industry. They have spoken with NSO employees, Israeli Ministry of Defense officials and local experts. Among the members of the said commission, a Catalan deputy, whose mobile phone was hacked by an NSO client.
The commission was created after the publication of Project Pegasus last year, and its aim is to create pan-European regulations for the acquisition, import and use of computer warfare software such as Pegasus.
But while the commission members were in Israel, and especially since their return to Brussels, it was revealed that also in Europe there is a well-developed industry in computer warfare, many of whose customers are European.
The Israeli company's Pegasus spyware and similar products make it possible to infect the mobile phone of the victim of surveillance, then allow the operator to listen to his conversations, read the content of applications that should contain encrypted messages, and provide full access to device contacts and files. Pegasus also allows you to listen in real time to what is happening around the mobile phone, by activating the camera and the microphone.
12 European “customer” countries :
During their visit to Israel, European lawmakers wanted to know the identity of NSO's current customers in Europe and were surprised to discover that most EU countries had signed contracts with the company: 14 countries did deal with NSO in the past and at least 12 still use Pegasus for lawful interception of mobile calls, according to NSO's response to committee questions, Haaretz said.
In response to questions from European lawmakers, the company explained that NSO currently works with 22 “final users” — security and intelligence apparatuses and law enforcement agencies — in 12 European countries. In some of these countries, there is more than one customer, the contract being concluded not with the country, but with the operating organization.
In the past, as NSO wrote to the commission, the company has worked with two other countries - but ties have meanwhile been severed. NSO did not disclose which of these countries were still active customers, or the two countries that had their contracts frozen. But according to sources in the computer warfare field, those countries are Poland and Hungary, which last year were removed from the list of countries to which Israel allows the sale of offensive computer technology.
Some members of the committee believed that the contract(s) with Spain may have been frozen after the surveillance of leaders of the Catalan separatists was revealed, but sources on the ground explained that this country, which is considered to be law-abiding, is still on the list of countries approved by the Israeli Ministry of Defense.
The same sources added that after the case broke, Israel, NSO and another Israeli company working in Spain demanded an explanation from Madrid - and were promised that the use of the Israeli devices was legal.
The sources interviewed by the Israeli journal affirm that the contract between the Israeli companies and the Spanish government has not been interrupted. Meanwhile, in Spain, it has been revealed that the hacking operations - problematic as they are in political terms - have been carried out legally.
The extent of NSO's activity in Europe sheds light on the all-too-common aspect of recourse to the offensive computer industry by Western countries, which operate eavesdropping on civilians, according to the terms of the law and the judicial control, as opposed to dictatorships that use these services covertly against dissidents.
NSO, other Israeli companies and new European competitors are competing for a market of legitimate customers - a job that usually does not involve bad behavior. This field, called lawful interception, has in recent years drawn the ire of Hi-Tech companies such as Apple and Meta (Facebook, which owns WhatsApp, through which the spyware is installed). These two companies have filed a lawsuit against NSO for hacking phones through their platforms, and are currently waging a battle against this industry. This computer war is also causing great unease in Europe, as the EU has passed comprehensive legislation on the issue of internet privacy. However, this does not mean that there is no interest in these technologies or their use in the EU.
Recently, in fact, revelations made it possible to learn that Greece was using Predator, a spyware similar to Pegasus, against an investigative journalist and against the leader of the socialist party. Prime Minister Kyriakos Mitsotakis said the tapping was legal and based on an injunction. It is worth noting that Predator is manufactured by Cytrox, a computer company which is registered in North Macedonia and operates from Greece.
Spyware made in the EU :
Cytrox belongs to the Intellexa group, owned by Tal Dilian, a former high-ranking member of the Israeli intelligence services. Intellexa was previously located in Cyprus, but after a series of compromising incidents, the company transferred its activities to Greece. While the export of Pegasus, NSO's software, is supervised by the Israeli Ministry of Defense, the activity of Intellexa and Cytrox is not.
Also in the Netherlands, a public debate has recently taken place after other shock revelations that the Dutch secret service used Pegasus to catch Ridouan Taghi, a Dutch drug lord arrested in Dubai and charged with 10 murders in sordid circumstances. Although the use of Pegasus was legal and activated against a criminal element, in the Netherlands people wanted to know why the secret services were involved in an internal investigation by the Dutch police. So there have been requests for a self-examination regarding how the spyware has been used in the Netherlands.
In addition to Israeli companies active on the EU, Europe turns out to have a number of spyware manufacturers. Last week, Microsoft revealed the existence of a new spyware, Subzero, made by an Austrian company located in Lichtenstein, called DSIRF. This spyware exploits a sophisticated zero-day weakness to hack into computers.
Unlike NSO, which waited several years before admitting to working with customers in Europe, the Austrians defended themselves. Two days after Microsoft's revelation, they reacted harshly and explained that their spyware "has been developed only for official use in EU countries, (...) the software has never been misused wisely”.
In Europe, companies that design spyware are more experienced: a few weeks ago, Google security investigators revealed a new spyware, Hermit, made by an Italian company called RSC Labs, successor to Hacking Team, an old and well-known competitor, whose internal correspondence was the source of a huge leak, Wikileaks, in 2015. Hermit also exploited a little-known security flaw to allow the hacking of iPhones and Android devices, and its presence has been found on devices in Italy, but also in countries as far away as Kazakhstan and Syria.
Again, there is an indication that the customers of RSC Labs, whose offices are in Milan, with branches in France and Spain, include official European law enforcement organizations. On its website, the company proudly reports more than “10,000 successful and legal hacking actions in Europe”.
Other spyware for cell phones and computers have been revealed in the past under the names of FinFisher and FinSpy. In 2012, the New York Times revealed how the Egyptian government used this device, originally designed to fight crime, against political activists. In 2014, the spyware was found on the device of an Ethiopian-American, raising suspicions that authorities in Addis Ababa are also customers of British-German manufacturer Lench IT Solutions.
Dilemma :
Quoted by Haaretz, EU lawmaker Sophie In't Veld, who is a member of the Pegasus committee, said that "if a single company serves 14 member states as customers, you can imagine the scale of the sector as a whole . There seems to be a huge market for commercial spyware, and EU governments are very keen buyers. But they're very tight-lipped about it, keeping it out of the public eye."
Companies like NSO therefore face a dilemma: Revealing the identities of client governments that legally use its tools will help deal with public criticism from organizations such as Citizen Lab, the media and lawmakers, but will put deals at risk. future, taking into account the confidentiality clauses concluded in its contracts with its customers.
“We know that spyware is being developed in several EU countries. Italy, Germany and France are not the least,” said Ms. In't Veld. “Even if they use them for legitimate purposes, they have no appetite for more transparency, oversight and safeguards. The Secret Service has its own universe, where normal laws don't apply. To some extent that has always been the case, but in the digital age they have become all-powerful, and virtually invisible and totally elusive,” she told Haaretz. Questioned by the newspaper, NSO did not wish to comment.
תגובות