Skip to Content
Computing

Israel begins investigation into NSO Group spyware abuse

“We want them to check everything,” says the CEO of a cybersecurity company implicated in campaigns against politicians, activists, and other notable figures.

NSO headquarters
NSO headquarters
AP Photo/Daniella Cheslow, File

Israeli government officials visited the offices of the hacking company NSO Group on Wednesday to investigate allegations that the firm’s spyware has been used to target activists, politicians, business executives, and journalists, the country’s defense ministry said in a statement today.

An investigation published last week by 17 global media organizations claims that phone numbers belonging to notable figures have been targeted by Pegasus, the notorious spyware that is NSO’s best-selling product.

The Ministry of Defense did not specify which government agencies were involved in the investigation, but Israeli media previously reported that the foreign ministry, justice ministry, Mossad, and military intelligence were also looking into the company following the report. 

NSO Group CEO Shalev Hulio confirmed to MIT Technology Review that the visit had taken place but continued the company’s denials that the list published by reporters was linked to Pegasus.

“That’s true,” he said. “I believe it’s very good that they are checking, since we know the truth and we know that the list never existed and is not related to NSO.”

The reports focused largely on the successful hacking of 37 smartphones of business leaders, journalists, and human rights activists. But they also pointed to a leaked list of over 50,000 more phone numbers of interest in countries that are reportedly clients of NSO Group. The company has repeatedly denied the reporting. At this point, both the source and meaning of the list remain unclear, but numerous phones on it were hacked, according to technical analysis by Amnesty International’s Security Lab.

When asked if the government’s investigation process will continue, Hulio said he hopes it will be ongoing.

“We want them to check everything and make sure that the allegations are wrong,” he added.

International scandal

Despite the emphatic denials, the “Pegasus Project” has drawn international attention.

In the United States, Democratic members of Congress called for action against NSO.

“Private companies should not be selling sophisticated cyber-intrusion tools on the open market, and the United States should work with its allies to regulate this trade,” the lawmakers said. “Companies that sell such incredibly sensitive tools to dictatorships are the AQ Khans of the cyber world. They should be sanctioned, and if necessary, shut down.”

The French government has said it will question Israeli defense minister Benny Gantz after French president Emmanuel Macron’s phone showed up on the leaked list. NSO denied any attempt to hack French officials. 

NSO is not the only Israeli hacking company in the news lately. Microsoft and the University of Toronto’s Citizen Lab also recently reported on hacking tools developed by Candiru that were subsequently used to target civil society groups.

NSO Group is under the direct regulation of Israel’s Ministry of Defense, which approves each sale. Critics say the export licensing process is broken because it results in sales to authoritarian regimes that have used the hacking tools to commit abuses. NSO recently said the company has cut off five customers for abuse.

The ministry said last week that it will “take appropriate action” if it finds that NSO Group violated its export license.

Deep Dive

Computing

Linux hack concept
Linux hack concept

The US military wants to understand the most important software on Earth

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

Close up of worker inspecting chip in a clean room
Close up of worker inspecting chip in a clean room

Corruption is sending shock waves through China’s chipmaking industry

The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

inflection point post-NSO concept
inflection point post-NSO concept

The hacking industry faces the end of an era

But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.

The Western Union Building, 60 Hudson Street, c. 1931.
The Western Union Building, 60 Hudson Street, c. 1931.

Energy-hungry data centers are quietly moving into cities

Companies are pushing more server farms into the hearts of population centers.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.