Israeli authorities have inspected the offices of the surveillance outfit NSO Group in response to the Pegasus project investigation into abuses of the company’s spyware by several government clients.
Officials from the defence ministry visited the company's offices near Tel Aviv on Wednesday, at the same time as the defence minister, Benny Gantz, arrived for a pre-arranged visit to Paris in which the Pegasus revelations were discussed with his French counterpart.
The French president, Emmanuel Macron, is one of the highest profile figures whose phone numbers appeared on a leaked database of 50,000 numbers that are believed to have been selected as candidates for possible surveillance by clients of NSO.
He spoke to the Israeli prime minister, Naftali Bennett, last week to stress the importance of “properly investigating” the project’s findings.
Early media reports described the moves on NSO’s offices as a raid, but the company said in a statement that the authorities had “visited” rather than raided its premises. NSO said it had been informed in advance that defence ministry officials responsible for overseeing commercial exports of sensitive cyber-exports would be doing an inspection. “The company is working in full transparency with the Israeli authorities,” it added.
Visit
The defence ministry said in a tweet that the visit conducted by several state bodies was related to disclosures stemming from the Pegasus project – a consortium of 17 media outlets, including the Guardian, which revealed last week that government clients around the world have used the hacking software sold by NSO to target human rights activists, journalists and lawyers.
NSO has said in multiple statements that the fact a phone number appeared on the leaked database was in no way indicative of whether it was selected for surveillance using Pegasus. “The list is not a list of Pegasus targets or potential targets,” the company said. “The numbers in the list are not related to NSO Group in any way.”
The appearance of a number on the leaked list does not mean it was subject to an attempted or successful hack. But the list is believed to provide insights into those identified as persons of interest by NSO’s clients. It includes people whose phones showed traces of NSO’s signature phone-hacking spyware, according to forensic analysis of their devices. The analysis was conducted by Amnesty International’s security lab, which discovered traces of Pegasus-related activity on 37 out of 67 phones that it analysed. NSO has said Mr Macron was not a “target” of any of its customers, meaning the company denies there was any attempted or successful Pegasus infection of his phone.
Disclosure
As the scale of the disclosures has become clearer, diplomatic pressure has mounted on Israel to explain the nature of the relationship between NSO and the state under the tenure of former prime minister, Benjamin Netanyahu. The wider Pegasus project investigation found that the Israeli government gave NSO explicit permission in 2017 to try to sell the hacking tools to Saudi Arabia in a deal reportedly worth at least €46 million ($55 million).
Mr Gantz told the French defence minister, Florence Parly, on Wednesday that Israel was investigating the matter “with the utmost seriousness”, according to a statement from the Israeli defence ministry.
Prior to their Paris meeting, French government spokesperson Gabriel Attal said Ms Parly was keen to “question her counterpart about the knowledge the Israeli government had of the activities of NSO’s clients” and what measures would be put in place “to prevent a misuse of these tools that are highly intrusive”.
Mr Gantz has previously defended export licences for the hacking tools, saying in a speech at a cyberware conference in Tel Aviv last week that “countries that purchase these systems must meet the terms of use”, which are solely for criminal and terrorism investigations.
The Israeli defence establishment has, however, appointed a review commission made up of several government bodies to examine whether policy changes are needed regarding exports of cyber-surveillance technologies. – Guardian