NSO Group’s Cyber Intelligence Solutions: Good Cop or Bad Cop?
Spyware. Before we dig too deep into NSO Group and the work they’ve done with an expressed focus of global security in mind, it’s a good idea to spend a bit of time understanding the term: spyware.
In its most basic sense, it’s a term that has become commonplace among the general public, but for a purpose other than its genuine, original design. In our common vernacular, ‘spyware’ generally refers to programs or apps designed to infect a computer device. Most commonly (or at least traditionally within the consumer realm), spyware has affected Windows-based operating systems far more than any other OS, but that tide is changing.
Google Android and yes, even Apple, can become victimized by spyware. These are small programs, viruses, that can allow a remote user to control your computer, tablet, or smartphone.
They can turn the microphone or camera on without you even knowing it (okay, take a close look at yours right now … is someone watching you? It’s creepy, isn’t it?). Some spyware programs are designed to survey the websites you visit, track and monitor specific targets like banks and other financial institutions, and will record and transmit your keystrokes when you enter your username and password.
Oh, yes, the risks are real. And prevalent. But these are -for the most part- minor in comparison to the challenges government and law enforcement agencies face trying to protect their citizens.
A New Age of Threats
Having every penny drained from your checking account sounds awful, especially if you have thousands of dollars sitting there and a host of bills to pay. Getting the shock of your life when you open your credit card statement and realizing the number was stolen and used to max it out in some place you’ve never even heard of, much less visited, is frustrating.
However, what if one morning you were walking to work down a relatively busy city street, you hear the familiar roar of jet engines cruising overhead, but far too close and too low to be normal. A few moments later you’re rocked by an explosion that echoes years later around the world.
Terrorism didn’t start on 9-11; it’s been affecting nations and civilians for hundreds of years. Only in the past several decades, though, has its use been focused on inflicting maximum pain, suffering, and death on innocent civilians.
In order to fight crime and terrorism in an increasingly technological society, the tools used must adjust. Traditional spies and techniques are being put to good use still, but so is a different kind of spyware, one that perhaps opened the door to hackers and criminals taking advantage of unsuspecting people just using their devices for some fun or entertainment or shopping.
Welcome to the World of Cyber Espionage
The ‘Dark Web’ has been portrayed in movies and television dramas, but it’s real. It exists. If you’re a criminal or wish to perpetuate activities you’d prefer law enforcement or government agencies don’t spot, you might turn to the dark web for resources.
Human trafficking, drug trafficking, illegal arms sales, pedophiles, and many others take to the dark web as a means of communicating, buying and selling ‘goods’ or ‘services’ and basically hiding from enforcement. While government agencies are notoriously slow to catch up to changing technologies and laws fall woefully behind the times to prosecute certain ‘digital’ crimes, private companies tend to stay a few steps ahead of those bulky government bureaucracies.
Enter NSO Group, an Israeli tech company that creates cyber intelligence software designed for government use in cracking down on terrorism and other serious crimes. The stated mission of NSO Group is to ‘work to save lives and create a better, safer world.’
According to their website, NSO Group is “a Q Cyber Technologies company [that develops] technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.”
Its target market are governments and law enforcement agencies. While this type of cyber intelligence has been credited with preventing numerous terrorist attacks around the world, thus saving untold numbers of lives, NSO is also accused of providing these tools and resources to less scrupulous governments, including Saudi Arabia, which then allegedly turns around and uses it to track certain dissidents, citizens, and others who oppose their policies, actions, or belief systems.
The Khashoggi Fallout
You might have heard about a Saudi journalist Jamal Khashoggi, though perhaps the details have slipped through the tapestry of a hectic work or family life. He had reported negatively about the Saudi royal family along with Omar Abdulaziz, another critic of the royals who is living in exile in Canada now.
He went into self-imposed exile in 2017 and in October, 2018 was last seen entering the Saudi consulate in Istanbul, Turkey to collect some personal documents to finalize a divorce. He was never seen again.
The CIA eventually concluded that Saudi Crown Prince Mohammad bin Salman ordered his assassination. It’s unclear what evidence the CIA has to support the claim, but to date there has been no formal response by the U.S. or other allies against the Saudi government.
According to Abdulaziz, the Saudi government used the Pegasus spyware program purchased from NSO to monitor conversations he had with Khashoggi. According to news reports, NSO approved the sale of Pegasus to Saudi Arabia in an effort to build stronger alliances between Israel and its neighbors, namely Saudi Arabia. However, NSO denies its software was used to track Khashoggi and it’s only fair to note that when he entered the consulate to obtain documents, his location would have been immediately known.
The Pressing Questions
Considerable attention has since been paid to the legitimacy of certain cyber intelligence programs, especially whether or not they should be offered to all governments or if some will use the tools for the wrong purpose.
Often, when you think about cyber intelligence or espionage, what’s the first thing that comes to mind? For most of us it’s governments seeking to protect citizens from external threats. Good cop, in other words.
Rarely are you going to immediately think it’s going to be used by those same government agencies to do the dirty work of unscrupulous or even belligerent leaders. Bad cop.
The most pressing question then lies in where do the benefits of global security measures blur into nefarious devices or programs? When does any cyber intelligence gathering tool created by NSO or other organizations go from being a benefit to a liability and, perhaps playing piggyback on that question is where do the responsibilities of the companies that makes these programs end?
In response to a lawsuit filed against it by Abdulaziz, NSO Group made a statement and said its products are “licensed for the sole use of providing governments and law enforcement agencies the ability to lawfully fight terrorism and crime in the modern age.”
Diving into the Dark
On the dark web, you can theoretically find almost anything you want, no matter your fetish or deep, dark desires. It’s the electronic meeting place for classified ads and other forums where people want to remain hidden. In the dark.
This is one of the greatest struggles for law enforcement agencies today. It’s where encryption is fierce, protecting one’s identity is not only sacred but religious in nature, and where crime runs rampant.
That isn’t to say everyone who accesses the dark web is a criminal, but being that the vast majority of sites and forums involve some type of illegal activity, it’s a pretty safe bet you’ll find the majority are hunkering in a virtual darkened Internet world to keep out of view of law enforcement.
People can obtain just about anything to buy for their deviant sexual desires, including sex slaves and children. They can order a host of services, weapons, and even otherwise illegal apps and programs, like cyber intelligence gathering software.
NSO Group isn’t the only game in town. While this company is highly protective about its creative processes, clients, and developers, there are other organizations and entities throughout the world bent on creating hacking programs that can successfully break into almost any device.
Some of these are available on the dark web. So, a country like Saudi Arabia or even Iran or North Korea, for example, doesn’t have to reach out and strike a deal with a legitimate company if it’s after something nefarious. They can find it on the dark web (New York Times). In fact, NSO has to gain approval from the Israeli Defense Ministry before any sale to a foreign entity can be completed (CBS News).
It’s a long and difficult process and one that has more than just company profits as its core focal point. The point here is that if you want to commit terrorism, crime, treason, or simply spy on others, you can get the tools you need from the dark web.
As far as finding the dark web is concerned, that’s not something we condone or even advocate. It’s a dangerous place on its own and somewhere you should simply avoid at all cost. The point we’re making here is the fact not whether or not cyber intelligence gathering software is good or bad, but that it’s available to whomever wants it and has the financial resources to pay.
Shalev Hulio, NSO’s founder noted during an interview with CBS that despite the allegations leveled against the company that its Pegasus software program was used to surveil Khashoggi and determine his whereabout and where he would be at a specific time, upon their internal investigation there was simply no evidence to support it.
“Khashoggi murder is horrible. Really horrible. And therefore, when I first heard there are accusations that our technology [had] been used on Jamal Khashoggi or on his relatives, I started an immediate check about it. And I can tell you very clear, we had nothing to do with this horrible murder.”
It’s not a direct statement that their program wasn’t used but that they had nothing to do with the murder. The comment may not end the debate regarding the extent Pegasus was used to find Khashoggi.
A New Age
The world has changed dramatically in just a couple of decades since the Internet reached a consumer audience. It’s changed the way companies reach customers, make sales, generate leads, and grow. It’s also changed the way people communicate.
Access to the Internet provides just about everyone with a bastion of information, which is why this time period is often referred to as The Information Age. A person generally has access to more information within a few seconds (and clicks) than at any other time in history.
And still the world changes with dramatic shifts along the tectonic plates of technological innovations. Along with those changes that offer consumers more access to information, entertainment, and even being able to telecommute and video teleconference with family and friends around the world, criminals and terrorists also have means to plan and execute in more advanced ways.
NSO has built a solid business model that focused on a small market: government and law enforcement agencies. Confronting crime and terrorism is often referred to as a ‘fight’ and in these fights, the winning side generally has the better weapons, or tools.
When government agencies operate at a gruelingly slow pace, barely catching or keeping up with changing times, the enemy -the criminal, terrorist, etc.- is often a few steps ahead.
Cyber intelligence is a necessary part of fighting terrorism in a modern technological age and there are going to be threats from numerous places. Protecting against these threats requires those tasked with it to have the best tools.
A Key to Focus On … for Now
One thing that’s crucial to focus on when it comes to NSO’s Pegasus is the delivery system. A government or law enforcement agency can’t use this program unless the intended target clicks on a link (which downloads the code behind the scenes), thus giving them access to whatever device is targeted. That link is usually deliver via text (or email), using an enticing message.
Technology isn’t going away and the threats you face aren’t simply by bombs and guns; it’s coming from those who hide out in the dark, in that nefarious place referred to as the dark web.
In order to combat these threats, law enforcement and governments will need access to the tools necessary to engage the enemy. Some will use it for good. Some for bad. A weapon used to stop a murder is considered good. One used to hurt is considered bad. What if it’s the same weapon?
In other words, cyber intelligence tools are here. They aren’t going away. It’s simply leading us to the next phase in the fight against crime and terror. With the right tools, legitimate, honest law enforcement will begin taking the fight into the dark. Into the dark web.