What Is the NSO Group? Human Rights Groups Raise Alarm Bells Over Israeli Firm Linked to WhatsApp Hack

An Israeli woman uses her iPhone in front of the building housing the Israeli NSO Group, Herzliya, Israel, on on August 28, 2016. Jack Guez/AFP/Getty Images

Human rights groups filed a petition in an Israeli court this week asking the government to revoke the license of a cybersecurity firm that reportedly created a type of malware that enabled attackers to spy on users of the popular messaging platform WhatsApp.

The Financial Times on Tuesday reported that the Israeli surveillance firm NSO Group had developed a malware called Pegasus that allowed its users to spy on their targets by calling them on WhatsApp. The malware is able to record voice calls and text messages even if the end user doesn't answer the call. It can also record location data and activate a phone's microphone and camera.

Human rights advocates and journalists, including the Saudi journalist Jamal Khashoggi, who was killed in October last year, have been targeted using the malware, according to experts. Researchers and human rights groups have been raising the alarm bells about NSO Group and their products for several years.

An Israeli woman uses her iPhone in front of the building housing the Israeli NSO Group, Herzliya, Israel, on on August 28, 2016. Jack Guez/AFP/Getty Images

The human rights group Amnesty International claims that Israel's Ministry of Defense (MOD) has jeopardized human rights by allowing NSO Group to export its products abroad. Amnesty claims that its staff has been specifically targeted by the Pegasus malware, as have journalists in countries like Saudi Arabia, Mexico and the United Arab Emirates.

"NSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics," Danna Ingleton, deputy director of Amnesty International's tech division, said on Sunday.

The rights group filed a legal action on Monday that was supported by at least 30 individuals.

"The Israeli MOD has ignored mounting evidence linking NSO Group to attacks on human rights defenders, which is why we are supporting this case. As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International's staff and that of other activists, journalists and dissidents around the world is at risk," Ingleton continued.

NSO Group was founded in Israel in 2010. The Citizen Lab at the Munk School of Global Affairs, part of the University of Toronto, has been researching the NSO Group and the abuse of its spyware since 2016 and determined that the company "fails to engage in adequate due diligence concerning the sale of their Pegasus spyware and its human rights impacts," according to a letter dated February 28, 2019.

One example was a 2016 attack on human rights defender Ahmed Mansoor, who is based in the UAE.

The NSO Group released a statement on Tuesday claiming that its technology was created "for the sole purpose" of fighting crime and terror. But it did not refute the claims that it had been used to target human rights advocates.

WhatsApp, meanwhile, has urged its users to update their version of the app in order to protect themselves from vulnerabilities. Cybersecurity experts warned that the breach demonstrates that even encrypted messaging apps like WhatsApp, widely believed to be safe from interception, can also be accessed.

"If you consider how widely used WhatsApp is, by journalists, confidential sources, activists, lawyers, businesses and everyday citizens—this attack is extremely concerning," Tom Kellermann, chief cybersecurity officer at the software company Carbon Black, said. "Encrypted messaging is not bulletproof."