Skip to main content

Amnesty pushes Israel to restrict NSO Group after spyware used to target activists

Amnesty International to file legal petition in effort to block Israeli firm from selling spyware to foreign governments
Several reports have shown Israeli technology being used by Gulf states against their own citizens (AFP/File photo)

Amnesty International is pushing for Israel's defence ministry to withdraw an export license for NSO Group, an Israeli tech firm that the human rights group has accused of selling spyware to repressive governments to spy on activists.

In a statement on Monday, Amnesty said it plans to file a legal petition to the District Court of Tel Aviv on Tuesday to block the export licenses.

NSO Group, an Israel-based firm, sells a spyware software called Pegasus, which Amnesty said allows governments to "obtain access to targeted individuals' private data, including the ability to secretly control a target's mobile device".

Danna Ingleton, deputy director of Amnesty Tech, said in an affidavit on Monday that NSO Group has not done its job to protect human rights defenders from being targeted.

Instead, many reports have shown that governments have deployed Pegasus spyware "to surveil human rights defenders", Ingleton said.

"The absence of evidence that NSO Group has undertaken adequate due diligence and corrective measures or other steps to prevent such foreseeable misuses of its products, demonstrate the basis for Amnesty International's recommendation…that NSO Group's export license must be revoked," she said.

Israeli spyware sold to UAE owned by US company with UK offices
Read More »

NSO Group has been under increased scrutiny after a series of reports about the ways in which its spyware programme has been used against prominent human rights activists.

Last year, a report by CitizenLab, a group at the University of Toronto, showed that human rights defenders in Saudi Arabia, the United Arab Emirates and Bahrain were targeted with the software.

"Our findings paint a bleak picture of the human rights risks of NSO's global proliferation. At least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society," the report said.

In October, US whistleblower Edward Snowden said Pegasus had been used by the Saudi authorities to surveil journalist Jamal Khashoggi before his death.

"They are the worst of the worst," Snowden said of the firm.

Another prominent critic of the Saudi government, activist Omar Abdulaziz, said his phone was hacked in summer 2018, obtaining access to more than 400 text messages between Abdulaziz and Khashoggi.

'Secretive company'

Pegasus software can be hacked into phones in several ways, from users clicking on a malicious link to "refined techniques to infect a device without any user interaction", Amnesty said.

Once installed, "operators" gain full access to a person's phone, including their contacts, text messages, photos, call history and even location information.

Amnesty International said in August that a staffer's phone was infected with the Pegasus software via a WhatsApp message.

The message came from a number the staff member didn't recognise, and it was about a protest supposedly taking place at the Saudi embassy in Washington, DC.

"When Amnesty's tech team analysed the message, we found that clicking the link would have installed highly potent spyware - the Saudi protest was just carefully chosen bait," Amnesty said.

It added that closer look at the domain name tied the message to a "secretive company: NSO Group".

An investigation by the Financial Times on Monday also revealed that attackers had been exploiting WhatsApp's call function to spread the spyware by ringing up targets.

The FT quoted a spyware dealer saying that the malicious software could be transmitted even if users did not answer the call request, and that calls often disappeared from call logs.

A person familiar with the issue told the FT that WhatsApp, which is used by 1.5bn people worldwide, were too early into their own investigation of the issue to estimate how many people had been infected this way.

Amid the backlash, NSO Group said in November that it adheres to the law.

The company says it operates "solely in compliance with defence export laws and under the guidelines and close oversight of all elements of the defense establishment, including all matters relating to export policies and licenses".

In a 60 Minutes interview in March, NSO Group's CEO Shalev Hulio declined to divulge who purchases Pegasgus and said the software is well-intended.

"I only say that we are selling Pegasus in order to prevent crime and terror," he said.