The mobile phones of possibly thousands of journalists, human rights activists, politicians and officials around the world are said to have been hacked with Israeli-made spy software. While that news does not come as a total surprise in Israel, there are questions in the country about the involvement of government and authorities.
International media, including The New York Times, The Guardian and Le Monde, jointly revealed yesterday that leaked documents exist containing phone numbers of 50,000 possible victims of hacks with the spy software. The list includes 180 journalists, for example from CNN and the Reuters news agency. European politicians, top executives and human rights activists are also on it.
The spy software, called Pegasus, was developed by the Israeli company NSO Group. If the malware infects a phone, all kinds of files and photos can be downloaded remotely. The camera and microphone can also be turned on unintentionally.
Previously, the victim had to click on a malicious link, but new versions of the malware infect a device by exploiting vulnerabilities in apps. “With Pegasus, outsiders get total access to your phone,” said Gert-Jan Schenk, director of cybersecurity company Lookout in the NOS Radio 1 program News and Co.
Schenk first encountered the malware at a customer five years ago. “We were then approached by a journalist who felt that his device was not functioning properly. Then we found this very aggressive spy software.”
In the past, NSO’s founders are said to have worked for a branch of the Israeli army that deals with digital espionage. NSO has been proclaiming for years that the software is exclusively intended to track down and shadow criminals and terrorists. The malware is sold to governments, security services and the military.
“It was already well documented that the company’s software was also used for other practices. And with this disclosure there is an extra reason to take NSO’s statements with a large grain of salt,” says NOS correspondent Ties Brock.
Although the company says it only sells to “authorized governments”, its customer base also includes countries where press freedom and human rights are under pressure. Morocco, Bahrain, Saudi Arabia and Hungarian Prime Minister Viktor Orbán, among others, are said to have used the spy software.
Freedom of the press is one of the core values of the European Union.
Israeli media are now reporting on the hacks carried out with the malware. And politics is also stirring. “The leader of a left-wing coalition party will meet with the defense minister later this week. There are questions about the role of the Israeli government and authorities. The Ministry of Defense must give NSO permission before the spy software is transferred to another country. .”
“The list includes all kinds of countries, and not just Israel’s closest allies. So it seems that Israel doesn’t have many problems with the export of the software.”
‘Only for use within legal frameworks’
Israel’s Defense Ministry said today that exports of technology products “such as the spyware sold by NSO Group” were for use within legal frameworks and solely to combat crime and terrorism. NSO denies the allegations of international media, and Hungary, Morocco, India and Rwanda also contradict abuse of the software.
European Commission President Ursula von der Leyen reacted strongly to the news about Pegasus. “This needs to be verified, but if this is true, it is totally unacceptable. Press freedom is one of the core values of the European Union.”