Years of sporadic reporting on Pegasus exploded into a full-blown international scandal on Sunday, when over a dozen major news outlets from the US, UK, France, Germany, and other countries reported in near unison on the unlawful breach of tens of thousands of smartphones in over a dozen countries around the world by the malicious software.
The powerful spyware, which enables attackers to view all manner of content on a target’s phone, including encrypted messages, photos, and GPS location data is also capable of activating microphones and cameras, thereby turning phones into mobile bugs carried by users without their knowledge. The software is virtually untraceable on installation, infecting phones through a so-called zero-click attack, which requires no interaction from the phone’s user to install itself and begin sucking out information.
Origins
Created in 2010 and headquartered in Herzliya, Israel, NSO Group first came under international scrutiny in 2016 when it was discovered that spyware it had ostensibly created to fight criminal and terrorist targets was being used by the United Arab Emirates to spy on an activist charged with insulting the country’s authorities (forbidden under the Persian Gulf sheikhdom’s penal code). The company’s reputation took a further hit after it was discovered that its software was used by Saudi authorities during the scandalous 2018 murder of Jamal Kashoggi at the Saudi consulate in Istanbul.
A 2019 investigation by Ynetnews revealed that NSO Group’s now infamous Pegasus software was created in 2011. Pegasus’s exact origins remain a mystery, and it's not known if the company was able to develop the spyware from scratch, or used technologies created by or for Unit 8200, the shadowy intelligence corps unit of the Israeli Defence Forces from which NSO’s three founders hailed.
Israel Defense Forces cyberdefence troops. File photo.
© Photo : Israel Defence Force
The "NSO" in NSO Group stands for Niv, Shavel and Omri – Niv Carmi, Omri Lavie, and Shalev Hulio. The three men served in Unit 8200 before founding the company. Carmi, who also worked at the Israeli prime minister’s office, left the company shortly after it was created.
Funding
The company received $1.8 million in founding capital from Eddy Shalev of Genesis Partners, a Tel Aviv-based venture capital firm managing over $600 million in assets, principally in the technology sector, and operating in Israel, the US, China and other markets. Francisco Partners, a San Francisco-based private equity firm, bought a majority stake in NSO Group in 2014 for $120 million, before putting it up for sale for $1 billion in 2017. The firm sold majority control of NSO Group back to Hulio and Lavie in 2019, with the two men receiving assistance in the buy from Novalpina Capital, a London-based private equity firm.
Amid the scandals which were already swirling around the company at the time, Novalpina made public promises to make NSO Group more transparent and to work to ensure that its software was not used to illegally spy on journalists, opposition figures and activists. This apparently failed to take place, and bad press involving their troublesome purchase continued to pile up as Facebook revealed that NSO spyware was infecting WhatsApp, and media learned that the company was obtaining user data from Apple, Google, Facebook, Amazon and Microsoft servers without their knowledge. A highly publicised lawsuit by Amnesty International was launched in January 2020 to try to force Israel to place an export ban on NSO Group’s products amid growing evidence of misuse, but the case was slapped down by a Tel Aviv court, citing a ‘lack of evidence’.
In an interesting plot twist whose full significance is yet to be made clear, UK media have been reporting recently that a British investor named Stephen Peel has been involved in a bitter internal dispute within Novalpina over control of NSO Group with a Luxembourg-based subsidiary of the equity firm known as Novalpina Capital Group Sarl. Peel, a former British Olympic rower and political ally of Hungarian-American liberal philanthropist George Soros, is a member of advisory board at the Soros-funded Institute for New Economic Thinking, and has been a major donor to the Conservative Party and its anti-Brexit wing. Incidentally, Sunday’s revelations by world media on NSO Group’s activities are mostly based on an extensive investigation of Pegasus by Forbidden Stories, a Paris-headquartered journalism nonprofit which receives funding from Soros’ Open Societies Foundations.
In addition to Unit 8200 vets, NSO Group is believed to have hired former employees of Mossad, Israel’s national intelligence agency, and Shin Bet, the country’s internal security service. The company was estimated to have employed nearly 500 people in 2017, although a 2019 report by Business Insider said the company only had about 230 employees at that time.
Not by Pegasus Alone
Along with its Pegasus-related activities, NSO Group is known for other espionage-related software. In the spring of 2020, the company pitched coronavirus "track and trace" (i.e. spying) technology known as "Fleming" to the Israeli government. The pitch appeared to have been successful, but the company was soon mired in a new scandal after it was discovered that Fleming used an exposed database of over 30,000 mobile phones’ GPS location data in testing with no security or even password protections in place.
In a video released by the Israel Defense Forces on July 29, 2020, soldiers man the phones at the IDF Home Front Command's headquarters during a visit by coronavirus czar Prof. Ronni Gamzu
© Photo : Israel Defense Forces
Despite the long list of scandals now associated with it, NSO Group continues to maintain that its spyware is focused on combating crime and terrorism. In a 2019 interview with CBS’ 60 Minutes, Shalev Hulio claimed his company’s technology had saved “tens of thousands of people” and allowed intelligence agencies to collect valuable data on criminals even as cellphone hardware and encryption software became more and more complex.