Former Israel Police Commissioner Roni Alsheikh said Wednesday that the troubling reports accusing the law enforcement agency of using NGO Group's Pegasus surveillance technology illegally are "completely unfounded."

Follow Israel Hayom on Facebook, Twitter, and Instagram

A series of exposés by financial daily Calcalist alleging an unprecedented use of the spyware, originally developed as a counterterrorism measure, against civilians, including politicians and government functionaries, social activists, protesters, public servants, journalists, and businesspeople, has rattled the political system.

According to the reports, this "intelligence phishing expedition" was conducted prior to any official investigation against the targets and without judicial warrants, despite police officials knowing that any information obtained sans such warrants was inadmissible in court.

Lawmakers from across the political spectrum have demanded an independent commission of inquiry be named to investigate the matter in full.

Channel 12 News reported Wednesday that during Alsheikh's term as police chief, from 2015 to 2018, the police used or tried to use the spyware on 90 individuals. However, between 2018 and 2020, when then-acting Police Commissioner Motti Cohen was in office, 150 individuals were targeted.

Alsheikh said that "as someone who knew the system closely, I have no doubt that the picture painted by these reports has no bearing on reality."

Speaking with Channel 13 News, the former police chief explained that he has refrained from commenting until now because the report cites issues pertaining to ongoing legal proceedings, namely Former PM Benjamin Netanyahu trial, where it is believed the phones of key witnesses were hacked.

"Two days ago we were exposed to dramatic headlines according to which the Israel Police in general, and my leadership in particular, ignored the law and turned activity that was supposed to be pinpointed and regulated into a platform for uncontrollable phishing.

"My close friends, like many citizens of Israel, were stunned by the many publications and turned to me for answers. This was the turning point for me," he explained.

He reiterated that using wiretaps in general, especially tools as sophisticated as Pegasus, mandates a court order, and maintained that the police had cause to surveil public officials named in Calcalist's report as hacking victims.

"The various investigative tools operated against them were used legally, by order of a judge and in accordance with every law. Unfortunately, I saw with what contempt the findings of the police inspections were received," he noted.

"The enormous damage done to law enforcement requires clearer and more comprehensive answers from all those involved," Alsheikh told Channel 13 News. "I intend to present my position in a thorough and comprehensive manner. However, the time for that will come when I am convinced that this does not, God forbid, cause harm to a legal proceeding, or to any open investigation."

Tuesday saw Attorney General Gali Baharav-Miara order the Israel Security Agency and Mossad intelligence agency to weigh in on the investigation into the police's alleged abuse of spyware technology and the Pegasus software in particular.

The decision to include Shin Bet and Mossad cyber experts in the investigation stems from the fact that these are the only two intelligence agencies in Israel that are familiar with the full scope of Pegasus and similar spyware.

As the police cannot review themselves in this case, and as NSO is a private company whose employees cannot access police computer systems without supervision, it is necessary to involve cyber experts from the intelligence community in the investigation.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Former police chief says reports of spyware abuse 'completely unfounded' appeared first on www.israelhayom.com.

The growing list of individuals whose phones were apparently illegally hacked by the Israel Police grew by dozens of names on Monday, as financial daily Calcalist revealed that despite previously alleging that the use of Pegasus – NSO Group's now-infamous surveillance technology – was limited to special cases, it was, in fact, extensively used to obtain information from civilians ranging from politicians and government functionaries to social activists and journalists.

Follow Israel Hayom on Facebook, Twitter, and Instagram

The daily first revealed the police's use of Pegasus last month. Initial denials were quickly replaced with an admission that the police "misused" the spyware, but police officials insisted that all was above board in terms of the "few instances" when the surveillance technology was employed.

Monday's report in Calcalist, however, revealed that the measure – classified by the police as "technological and data-oriented policing" – was not limited to special cases, rather became a routine tool in intelligence-gathering. Moreover, the wide-ranged use of Pegasus was done without court orders or authorization from the Attorney General's Office, as required by law.

NSO Group's Pegasus software allows its users to remotely access mobile phones infected with the spyware. It exploits security vulnerabilities in cellular operating systems to retrieve a device's content, including text and email messages, photos, call history, and location data.

The spyware has been the focus of a global scandal since mid-July, when the Pegasus Project, a group of 17 media organizations – having been provided with information by Amnesty International, the Citizen Lab of University of Toronto and Forbidden Stories – revealed that the classified technology was being used to hack the phones of journalists, government officials and human rights activists around the world.

The latest installment in Calcalist's exposé on the matter said that under then-police chief Roni Alsheikh's command, officers with the Signals Intelligence Unit had hacked the phones of dozens of Israelis in what the daily described as an "intelligence phishing expedition."

These efforts were conducted prior to any official investigation against the targets and without judicial warrants, despite knowing that any information obtained sans such warrants was inadmissible in court.

Among the victims listed in the report as having been hacked are then-directors-general of the Transportation, Finance and Justice ministries Keren Turner, Shai Babad and Emi Palmor, respectively, as well as the leaders of social protest movements, including anti-Netanyahu activists, social activists for disability rights and Israelis of Ethiopian descent. Several mayors were also hacked, including Miriam Feirberg (Netanya), Yoram Shimon (Mevaseret Zion), Yaakov Peretz (Kiryat Ata), and Motti Sasson (Holon).

The Pegasus spyware was also installed on the phone of witnesses and persons of interest in Case 4,000 against then-PM Benjamin Netanyahu, Bezeq chief's wife Iris Elovich, who is a defendant in the case, former Communications Ministry chiefs Shlomo Filber and Avi Berger, Bezeq CEOs Stella Hendler and Dudu Mizrahi, Walla CEO Ilan Yeshua, former Walla editor-in-chief Aviram Elad and other journalists at the newsoutlet.

Netanyahu's son, Avner, was also hacked, as were the phones of several members of the now-opposition leader's inner circle, including advisers Topaz Luk and Yonatan Urich.

Other prominent public figures whose phones were infected with the spyware include Businessman Rami Levy, and Yair Katz, the chairman of the workers union at Israel Aerospace Industries.

The Israel Police said in a statement that they are "cooperating with the Attorney General's Office review of the matter."

Outgoing Attorney General Avichai Mendelblit ordered an investigation into the spyware scandal last week in one of his last decrees before leaving office.

After the original story broke, Pegasus developer NGO Group issued a statement stressing that "the company does not operate the systems in its customers' possession and is not involved in their operation. NGO Group's employees are not privy to the purpose for which the software is used, nor are they privy to the information derived as part of the investigations conducted by clients.

"The company sells its products under the license and supervision of state security and law enforcement agencies to legally prevent crime and terrorism, according to court orders and local laws."

An NSO Group official told Calcalist, "There is no way for company employees to be exposed to the information gathered by clients" using Pegasus.

The revelation prompted immediate calls for a commission of inquiry into the scandal.

Interior Minister Ayelet Shaked said, "If this is true, it is an earthquake. These acts characterize dark regimes to which we cannot be similar.

"Mass privacy violation is nothing short of lawlessness and it must end today. We have to form an external commission of inquiry. This is not the purpose for which the police procured this software. The Knesset and the public deserve answers, now."

Constitution, Law, and Justice Committee Chairman MK Gilad Kariv called for a legislative change, saying, "The current laws were drafted before anyone could even imagine what powerful tools would be at [the police's] disposal. We have to make sure that the legislation keeps up with technology and that strict oversight is in place.

The Privacy Protection Authority also called for the formation of a commission of inquiry saying the implication of the report, if true, are "beyond far-reaching."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Lawmakers demand independent inquiry into police Pegasus scandal appeared first on www.israelhayom.com.

Poland's most powerful politician has acknowledged that the country bought advanced spyware from the Israeli surveillance software maker NSO Group, but denied that it was being used to target his political opponents.

Follow Israel Hayom on Facebook, Twitter, and Instagram

Jaroslaw Kaczynski, the leader of Poland's ruling conservative party, Law and Justice, said in an interview that the software, Pegasus, is now being used by secret services in many countries to combat crime and corruption. He noted that Pegasus represents a technological advancement over earlier monitoring systems, which did not allow the services to monitor encrypted messages.

"It would be bad if the Polish services did not have this type of tool," Kaczynski said in an interview to be published in the Monday edition of the weekly Sieci, excerpts of which were published Friday by the wPolityce.pl news portal.

The interview follows exclusive reports by The Associated Press that Citizen Lab, a cyber watchdog group at the University of Toronto, found that three Polish government critics were hacked with NSO's Pegasus spyware.

On Thursday, Amnesty International independently verified the finding by Citizen Lab that Sen. Krzysztof Brejza had been hacked multiple times in 2019 when he was running the opposition's parliamentary election campaign. Text messages stolen from Brejza's phone were doctored and aired by state-controlled TV as part of a smear campaign in the heat of the race, which the populist ruling party went on to narrowly win.

Brejza now maintains that the election was not fair since the ruling party would have had access to his campaign's tactical thinking and plans.

The revelations have rocked Poland, drawing comparisons to the 1970s Watergate scandal in the United States and eliciting calls for an investigative commission in parliament.

Kaczynski said he sees no reason to set up such a commission, and he denied that the surveillance played any role in the outcome of the 2019 elections.

"There is nothing here, no fact, except the hysteria of the opposition. There is no Pegasus case, no surveillance," Kaczynski said. "No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn't look for such excuses today."

The other two Polish targets confirmed by Citizen Lab were Roman Giertych, a lawyer who represents opposition politicians in a number of politically sensitive cases, and Ewa Wrzosek, an independent-minded prosecutor.

Kaczynski's allies had previously denied that Poland purchased and used Pegasus.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

Polish Prime Minister Mateusz Morawiecki called the Citizen Lab-AP findings "fake news" and suggested a foreign intelligence service could have done the spying – an idea dismissed by critics who said no other government would have any interest in the three Polish targets.

Deputy Defense Minister Wojciech Skurkiewicz in late December said "the Pegasus system is not in the possession of the Polish services. It is not used to track or surveil anyone in our country."

Media reports say Poland purchased Pegasus in 2017, using money from the so-called Justice Fund, which is meant to help the victims of crimes and rehabilitate criminals. According to investigations by the TVN broadcaster and Gazeta Wyborcza daily, it is used by the Central Anti-Corruption Bureau, a special service created to combat corruption in public life that is under the political control of the ruling party.

"The public money was spent on an important public purpose, related to the fight against crime and the protection of citizens," Kaczynski said.

Dozens of high-profile cases of Pegasus abuse have been uncovered since 2015, many by a global media consortium last year, with the NSO Group malware employed to eavesdrop on journalists, politicians, diplomats, lawyers and human rights activists from the Middle East to Mexico.

The Polish hacks are considered particularly egregious because they occurred not in a repressive autocracy but in a European Union member state.

The post Polish leader denies NSO Group's spyware used to hack political opponents appeared first on www.israelhayom.com.

A group of US lawmakers is asking the Treasury Department and State Department to sanction Israeli spyware firm NSO Group and three other foreign surveillance companies they say helped authoritarian governments commit human rights abuses.

Follow Israel Hayom on Facebook and Twitter 

Their letter sent late Tuesday and seen by Reuters also asks for sanctions on top executives at NSO, the United Arab Emirates cybersecurity company DarkMatter, and European online bulk surveillance companies Nexa Technologies and Trovicor.

The lawmakers asked for sanctions under the Global Magnitsky Human Rights Accountability Act, which punishes those who are accused of enabling human rights abuses by freezing bank accounts and banning travel to the United States.

DarkMatter could not be reached for comment. The other three companies did not immediately reply to requests by Reuters for comment.

The letter was signed by the Senate Finance Committee Chairman Ron Wyden, House Intelligence Committee Chairman Adam Schiff and 16 other Democratic lawmakers. Along with other reporting on the industry, they cite a recent Reuters article this month showing that NSO spyware was used against State Department employees in Uganda.

The lawmakers said the spyware industry relies on US investment and banks. "To meaningfully punish them and send a clear signal to the surveillance technology industry, the US government should deploy financial sanctions," they wrote.

The letter says the companies facilitated the "disappearance, torture and murder of human rights activists and journalists." Surveillance firms have drawn increasing scrutiny from Washington as a barrage of media reports has tied them to human rights abuses.

"These surveillance mercenaries sold their services to authoritarian regimes with long records of human rights abuses, giving vast spying powers to tyrants," Wyden told Reuters. "Predictably, those nations used surveillance tools to lock up, torture and murder reporters and human rights advocates. The Biden administration has the chance to turn off the spigot of American dollars and help put them out of business for good."

In November, the Commerce Department put NSO on the so-called Entity List, prohibiting US suppliers from selling software or services to the Israeli spyware maker without getting special permission.

A number of legal challenges also threaten the industry. Last week a prominent Saudi activist and the non-profit Electronic Frontier Foundation sued DarkMatter, alleging the group hacked into her phone.

Apple sued NSO Group in November, saying that it violated US laws by breaking into the software installed on iPhones.

A 2019 Reuters investigation cited in the letter also exposed a secret hacking unit within DarkMatter, known as Project Raven, that helped the UAE spy on its enemies. In a September settlement with the Justice Department, three members of that unit, all former US intelligence operatives, admitted to breaking hacking laws.

In an interview with Israel Hayom in July, NSO Group co-founder and then-CEO Shalev Hulio denied the company was directly or knowingly involved in human rights abuses allegedly perpetrated by some of its customers and suggested that NSO was under a coordinated attack by vested parties.

"If it turns out that there was some client who exploited our system to track journalists or human rights workers, they'll be cut off immediately. We've proven that in the past, including with some of our biggest customers, and we stopped working with them," he said.

"It looks like someone decided to come after us," Hulio added. "This whole story isn't just incidental. The Israeli cyber sector is under attack, in general. There are so many cyber intelligence companies in the world, but everyone just focuses on the Israeli ones… it looks like there's a guiding hand behind it."

Asked if he knew the identity of those behind the allegations, Hulio said:  "I believe that in the end, it will turn out to be Qatar, or the BDS movement, or both. In the end, it's always the same entities. I don't want to sound cynical, but there are people who don't want ice cream to be imported here [to Israel] or for technology to be exported."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

Indeed, many companies across the globe, and in Israel, sell the exact same products as NSO Group.

Meanwhile, high-profile American companies such as Lockheed-Martin, Northrop Grumman, and others have been trying to gain a foothold in the market occupied by NSO Group and other competitors, and the Biden administration has allocated billions of dollars to these companies for research and development.

"This has nothing to do with human rights, and everything to do with business," Isaac Ben-Israel, a world-renowned expert in the field, told Israel Hayom in August. "They can stop with their sanctimony."

The post US lawmakers call for sanctions against Israel's NSO, other spyware firms appeared first on www.israelhayom.com.

The US Treasury Department said on Sunday it will partner with Israel to combat ransomware, with the two countries launching a joint task force to address cybersecurity.

Follow Israel Hayom on Facebook and Twitter

The task force will develop a memorandum of understanding supporting information sharing related to the financial sector, including cybersecurity regulations and threat intelligence, the US Treasury Department said.

The announcement follows a virtual meeting on ransomware held at the White House in October with the European Union and more than 30 countries, including Israel.

Deputy Secretary of the Treasury Wally Adeyemo asked then for international cooperation to address the abuse of virtual currency and disrupt the ransomware business model.

Adeyemo met with Finance Minister Avigdor Lieberman, Director-General of the National Cyber Directorate Yigal Unna, Central Bank Governor Amir Yaron, as well as local fintech and cybersecurity entrepreneurs in Israel on Sunday to establish a bilateral partnership, the department said in a statement.

The partnership follows measures taken to combat a surge in ransomware that has struck several big US companies, including an attack on the largest fuel pipeline in the United States that crippled fuel delivery for several days. A broader US-Israeli task force was also launched on Sunday to "support fintech innovation that features robust cybersecurity protections and that can advance compliance with international standards on anti-money laundering, counter-terrorist financing, and countering the financing of proliferation."

These technical exchanges, according to the US Treasury, "will examine how cyber analytics firms, as well as fintech and regtech innovators, are developing new ways to mitigate illicit finance risk and to enhance public sector analytical and enforcement activities."

In that spirit, the US Treasury also said it will participate in the CyberTech Global Tel Aviv conference in Israel in January 2022.

"Harnessing both the power of international cooperation and of technology innovation will position us to support economic competitiveness, prosperity, and to combat global threats including ransomware," said Adeyemo.

"As the global economy recovers and ransomware and other illicit finance threats present a grave challenge to Israel and the United States, increased information exchanges, joint work, and collaboration on policy, regulation, and enforcement are critical to our economic and national security objectives," he added.

A US Treasury Department report in October found that the rise of digital currencies and a decline in the use of the dollar by US adversaries mean that the US needs to take a more multilateral approach to sanctions policy.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

Earlier this month, the US Justice Department charged a Ukraine national and a Russian in one of the worst ransomware attacks against American targets.

Less than two weeks ago, the US blacklisted NSO Group – the maker of Pegasus spyware – and another Israeli company for developing spyware, banning it from receiving exports from American companies.

NSO said at the time it was dismayed "given that our technologies support US national security interests and policies by preventing terrorism and crime."

The post US to partner with Israel to combat ransomware attacks appeared first on www.israelhayom.com.

US Deputy Treasury Secretary Wally Adeyemo will travel to the Middle East on Friday, a Treasury spokesperson told Reuters, where he will seek to build partnerships on ransomware and cybersecurity as hackers wreak havoc among some of America's more vital industries.

Follow Israel Hayom on Facebook and Twitter

Adeyemo, in the highest-ranking visit of a Treasury official to the region under US President Joe Biden's administration, will also discuss countering terrorist financing and proliferation as well as economic recovery following the coronavirus pandemic in his visits to Israel, Saudi Arabia, the United Arab Emirates and Qatar.

In Israel, Adeyemo will raise how to focus technology to counter ransomware and other cyber-related threats, the spokesperson said.

It was unclear if he would raise Israeli spyware company NSO Group, which the US Commerce Department added to its trade blacklist this month, saying they sold spyware to foreign governments that used the equipment to target government officials, journalists and others.

Biden has made the government's cybersecurity response a top priority following a series of attacks this year that threatened to destabilize US energy and food supplies.

Hackers use ransomware to take down systems that control everything from hospital billing to manufacturing. They stop only after receiving hefty payments, typically in cryptocurrency.

This year, gangs have hit numerous US companies in large-scale hacks. One such attack on pipeline operator Colonial Pipeline led to temporary fuel supply shortages on the US East Coast. Hackers also targeted an Iowa-based agricultural company, sparking fears of disruptions to grain harvesting in the Midwest.

The US Treasury Department in a sanctions review last month warned that digital currencies and payment systems could reduce the efficacy of US sanctions, allowing the transfer of funds outside the dollar-based financial system.

"The Deputy Secretary's visit comes on the heels of a sanctions review that emphasized multilateral coordination on sanctions, as well as the threats posed by emerging technologies like virtual assets," the spokesperson said.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post US Treasury official departs for Middle East to build cybersecurity partnerships appeared first on www.israelhayom.com.

The US Commerce Department added four companies from Israel, Russia, and Singapore to its "entity list" on Wednesday, saying they engaged in "activities that are contrary to the national security or foreign policy interests of the United States."

Follow Israel Hayom on Facebook and Twitter

They are the NSO Group and Candiru of Israel, Positive Technologies of Russia, and Computer Security Initiative Consultancy PTE LTD, from Singapore, the department said in a statement.

"NSO Group and Candiru were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments," the department wrote, mentioning that the function of the tools was to "maliciously target government officials, journalists, business people, activists, academics, and embassy workers."

"The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad," added US Secretary of Commerce Gina M. Raimondo in a statement of her own.

NSO says its product is intended only for use by government intelligence and law enforcement agencies to fight terrorism and crime, including pedophile rings and sex and drug trafficking rings. It claims its software has helped save thousands of lives.

In July however, its Pegasus spyware was revealed to have been allegedly used in attempted and successful hacks of 37 smartphones belonging to journalists, government officials, and human rights activists around the world. The phone numbers that had been implicated included several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials – including several heads of state and prime ministers.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post US blacklists NSO over 'activities contrary to national security interests' appeared first on www.israelhayom.com.

The Israel-based NSO Group has ended its contract with the United Arab Emirates to use its powerful Pegasus state spyware tool because Dubai's ruler was using it to hack the phones of his ex-wife and some close to her, her lawyers told England's High Court.

Follow Israel Hayom on Facebook and Twitter

Sheikh Mohammed bin Rashid al-Maktoum, vice president and prime minister of the UAE, ordered the hacking of six phones belonging to Princess Haya bint al-Hussein, her lawyers, and her security team, England's High Court ruled in a judgment made public Wednesday.

The hacking took place last year during the couple's ongoing multi-million dollar custody battle in London over their two children.

During the hearings, the court heard that NSO had canceled its contract with the UAE for breaching its rules on using Pegasus, a sophisticated "wiretap" system used to harvest data from the mobile devices of specific suspected major criminals or terrorists.

"Whenever a suspicion of a misuse arises, NSO investigates, NSO alerts, NSO terminates," the firm, which only licenses its software to government intelligence and law enforcement agencies, said in a statement after the rulings were published.

It said it had shut down six systems of past customers with contracts worth more than $300 million. NSO did not go into specifics.

The sheikh rejected the court's conclusions, saying they were based on an incomplete picture.

"I have always denied the allegations made against me, and I continue to do so," he said in a statement.

The hacking of Haya and those connected to her, including her lawyer Fiona Shackleton, a lawmaker in Britain's House of Lords, came to light at the start of August last year.

A cyber expert studying the possible use of Pegasus against a UAE activist realized the phones had been hacked and passed on the information, according to documents and evidence presented to the court.

At the same time, a whistleblower alerted NSO that the software was being misused to target Haya and her legal team, a source familiar with the company told Reuters.

It immediately informed Cherie Blair, a high-profile British lawyer hired by NSO to work as an external adviser on human rights, to warn the princess.

Within two hours, the company shut down the customer's system and prevented any other client from being able to use Pegasus to target British numbers, a measure still in place today, the source said.

Blair, wife of former British Prime Minister Tony Blair, said in a statement to the court: "During a conversation with the NSO senior manager, I recall asking him whether their client was the big state or the little state, the manager clarified it was the little state, which I took to be the state of Dubai."

She told Shackleton that NSO had immediately stopped that country from using Pegasus and had demanded answers.

"Cherie Blair said if they weren't using the software to find genuine terrorists, they had a problem," Haya's lawyer Charles Geekie told the court. "Her client did not want to be connected to this type of behavior and wanted to help."

In a letter to the court on Dec. 14 last year, NSO said it had canceled its contract with its client, who the company declined to identify.

"As the NSO letter of December 2020 makes plain, after its investigation NSO has adopted the extreme remedy of terminating its customer's use of the Pegasus software," Judge Andrew McFarlane, President of the Family Division in England and Wales, said in his ruling.

"In commercial terms, this step is to be understood as having great significance."

In recent months, NSO's Pegasus has become the focus of international attention following several reports that the spyware was being used by governments to illicitly target human rights campaigners, journalists and politicians.

In October 2019, WhatsApp sued NSO, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents with targets including diplomats, political dissidents and senior government officials.

The firm had about 45 countries as customers, but had refused to do business with 90 others because they couldn't trust them over human rights issues, the source said.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post NSO ends UAE spyware contract after Dubai ruler hacks ex-wife's phone appeared first on www.israelhayom.com.

NSO Group CEO Shalev Hulio welcomes the decision to look into claims that various governments used the company's attack software to spy on tens of thousands of clients, including politicians, journalists, and human rights activists.

Follow Israel Hayom on Facebook and Twitter

"We'll be very happy if there is an investigation into the affair, because we'll be able to clear our name," Hulio says in an interview to the Israel Hayom weekend supplement.

"We don't have and have never had any ties to the list that was published, and if it turns out that there was some client who exploited our system to track journalists or human rights workers, they'll be cut off immediately. We've proven that in the past, including with some of our biggest customers, and we stopped working with them," he says.

Q: If your system wasn't used for nefarious purposes, like you claim, why don't you open everything and show everyone that everything is fine?

"Because there are issues of privacy, and matters of national security and trade agreements with the countries we work with, and I can't go out and say, 'This we did, and this we didn't do.' But if any government entity approaches me – anyone, from any country – I'm willing to open everything, let them come in, dig around. Let them come."

Pegasus is considered the most advanced program in the world when it comes to cracking cellphones. It allows the user to pull all the data out of the device, including correspondence (even encrypted) and photos, without leaving traces. It also allows the program user to activate the compromised device's camera and microphone remotely. The expose published this week was based on a leaked list of 50,000 cellphone numbers that various governments allegedly asked to crack using NSO's program.

Hulio, 39, says that he first learned of the affair about a month ago.

"A third party reached out to me, someone we work with not involved [in the affair] and said, 'Listen, they've broken into your servers in Cyprus and the entire list of NSO targets has been leaked.' I started to get stressed, but after a moment I calmed down, both because we don't have servers in Cyprus and also because we don't have a list of 'targets.' It doesn't work that way: every customer is a unique customer. We don't have any central location where all the customers' targets are collected."

Q: What did you do?

"In the meantime, we checked our servers, and we checked with the customers, and we didn't find anything that had been cracked. But because it seemed strange, I asked the guy to bring us examples from the leaked list. We got them – a few phone numbers – and started to check them with our customers. Not a single one was a target for Pegasus. I realized it had nothing to do with us, and we moved on."

"There are people who don't want Israel to import ice cream or export cybertechnology"

But the story refused to die. A few days later, Hulio was contacted by another businessman with an identical story about an NSO "list of targets" that was going around the market, and beyond that, a list of questions from the consortium of journalists who exposed the affairs this week in the international media.

"There were crazy allegations there. At first, I laughed, and said to myself that someone is going to fall hard, but then a friend told me I wasn't getting that they were going to come down on us, hard. At that stage, we already knew it was a list that had nothing to do with us. We hired a firm of lawyers and started to send out letters, and the fact is that most media outlets were convinced. The editor [in chief] of the Washington Post even wrote that she didn't know where the list had come from or who had put the numbers on it, and that she had no confirmation that the numbers were associated with Pegasus or had even ever been targets or potential targets."

Q: So who is behind this story?

"It looks like someone decided to come after us. This whole story isn't just incidental. The Israeli cyber sector is under attack, in general. There are so many cyber intelligence companies in the world, but everyone just focuses on the Israeli ones. Forming a consortium like this of journalists from all over the world and bringing Amnesty [International] into it – it looks like there's a guiding hand behind it."

Q: Whose?

"I believe that in the end, it will turn out to be Qatar, or the BDS movement, or both. In the end, it's always the same entities. I don't want to sound cynical, but there are people who don't want ice cream to be imported here [to Israel] or for technology to be exported. The way I see it, it's no coincident that the same week that people try to prevent Cellebrite's IPO, an expose about [cyber firm] Candiru is published, and now us. It can't be that this is all coincidental."

Q: The expose indicated that of the 65 numbers that were checked, 37 were targets of Pegasus.

"They have a problem with their story. Let's assume that this is a list of Pegasus targets – where are all the cases that claims were made about in the past, from journalists to human rights activists in Mexico? Why aren't they there? They need to decide. Either the reports in the past were wrong, or the current list is wrong. I'm saying with certainly that it's nonsense. Since we founded the company, all the years [we've operated], we haven't had 50,000 targets."

Hulio says that NSO currently has 45 customers, and each one is permitted by their program license to track 100 targets, on average, per year. It's the customer who chooses the targets, and NSO is uninvolved in the selection or the tracking.

"When we founded the company we decided on four rules. First, we would sell to governments only, and not companies or individuals. You can imagine how many people and companies tried to buy the technology, and we always said no. The second rule is that we don't sell to every government, because not every government in the world should have these tools. Looking back 11 years after the company was founded, we have 45 customers, but 90 countries to whom we refused to sell. The third rule is that we don't activate the system, we just install it, instruct how to use it, and leave. The fourth rule is that we want to be under the Defense Ministry's regulatory oversight. We have been under voluntary oversight since 2010, even though the law for defense and security oversight of cyber companies was written only in 2017. We haven't ever made a deal that wasn't under oversight."

Q: Why did you refuse to sell to certain countries?

"Because there are governments that you know you can't trust. That violate human rights, that bug journalists, that are corrupt."

Q: Some of the countries you do sell to also have problematic track records: Saudi Arabia, Morocco, the United Arab Emirates.

"I won't discuss any specific customer, but most of the countries we work with, more than two-thirds, are European countries. They comprise most of our business, and these are countries that use this tool to fight terrorism and crime. The attempt to portray a situation in which all these governments do is sit and listen to journalists is completely delusional."

Q: Still, the list that was published includes plenty of journalists who were allegedly tracked.

"If any of our customers listened to journalists, that's really bad, and they won't be a customer any longer."

Q: You say that it's the customer who decides the list of targets. It could be that your customers exploit the system, and simply haven't been caught.

"We choose our customers carefully, and we make very strong deals with them that allow us – in the case that they are found to be exploiting [our tools] – to cut them off. Every customer receives very clear instruction about what they are allowed and forbidden to do with the system."

Q: Still, what oversight do you have for them?

"There is plenty. We limit the number of targets, and we limit them to certain territory in which they are allowed to operate. In every instance when we receive reliable information about abuse, we investigate. According to the contract, the customer has to give us access to some log and shows all the actions in which the system is used, and if we see anything out of bounds, we can shut them down."

Q: Has that happened?

"Yes. We had five customers whose systems we shut down in the past few years."

Hulio defines Pegasus as a "lifesaving program." He says that in a world in which conversations are encrypted end-to-end, there is no other alternative when it comes to battling major crime and terrorism.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

"Once, you'd go to a cellular operator with a warrant and listen in on conversations. Today, there are applications that process data [in a way] that even the companies that develop them can't access. So encryption is fantastic for regular citizens, but intelligence and law enforcement organizations need tools to prevent the next terrorist attack or crime. Thanks to our program, terrorist attacks have been prevented on almost every continent, and in the last few years over 100 pedophiles have been arrested. That wouldn't have happened without Pegasus."

Q: You always fall back on catching pedophiles and terrorists.

"Why was the company founded?"

Q: To make money.

"If all I wanted to do was make money, I wouldn't forgo customers. In the past two years, we declined $300 million because of customers we shut off or did not agree to sell to, so apparently it's not just about money."

Q: Pegasus is a weapon. It's good when it's in good hands, and can be bad when it's in less good hands.

"Unlike guns, which the minute you sell them you have no control over them, here we have control. If someone misuses it, we can cut them off."

Q: But you say that you don't have control, that the customer decides whom to track.

"I don't understand. Mercedes sells a care, then a drunk person gets behind the wheel, runs someone over, and kills them. Does anyone blame Mercedes? It's not clear why we are under fire. If there are complaints, they should be directed at the governments who violated [regulations] and listened in on journalists. Let people claim they violated human rights."

Q: You really don't understand? As we've said, this is a weapon. There are claims that your system helped with the murder of [Saudi journalist] Jamal Khashoggi.

"That claim was made, and we checked with all our customers to see if Pegasus had been activated against him, his family, his wife, his fiancée. We investigated very carefully, and discovered that our tools weren't employed at any stage. It's simply incorrect."

Q: You claim that this is part of a wave of allegations, but NSO has been making negative headlines for years. There have bene plenty of reports that exposed cases of your system being exploited.

"I think that there is someone who is trying to paralyze these technologies by any means possible, and bringing everything possible to bear on the matter."

Q: The fact is, NSO has become synonymous with "bad company."

"It's a crappy feeling. The countries that work with us understand our contribution to their national security, and you know you've done the right thing, that you're saving lives. But you never get credit for that, and that's 99% of the cases."

Q: And there is the one percent in which this system does bad things.

"True, and we handle that one percent. We shut down systems. But to say that because of that one percent the rest of the things we do aren't good just doesn't make sense."

Q: The chief prosecutor in France has announced that an investigation will be launched into allegations that Pegasus was used by Morocco's intelligence apparatus to track journalists. Are you worried?

"The opposite. I want them to investigate and look into it. Because the moment that a normal entity conducts a probe like that, they'll realize that there's nothing to it."

Q: An investigation has also been launched in Israel.

"Great. Nothing could be better, because it will turn out that we operate strictly in accordance with the permits we were given and have never stepped over the line, and that the latest reports have nothing whatsoever to do with us.

"We're the only company in Israel and one of the few in the world that has adopted the UN human rights standard"

"it's time for someone to look into this story once and for all. There are plenty of other companies that are just chasing dollars, an entire industry of companies throughout the world whose entire business model is based on approaching customers with whom NSO refused to work or stopped working. In almost every case, even when it turned out that other technologies had been used, we were blamed immediately because we're the poster boy for the industry."

Q: Yet you yourself say there were instances in which the program was exploited for nefarious purposes.

"Certainly there were, and there are countries we stopped working with because of that. We're the only company in Israel and one of the few cyber companies in the world that has adopted the UN human rights standard. We do appropriate checks on every customer, put out transparency reports through a US legal firm, maintain an external committee that reviews us, and we also have internal committees that approve every deal. The amount of energy we invest in this is endless, and any attempt to create another story is bullshit. Just delusional."

Q: Why don't you put together a team of your own to probe this affair?

"Because we've already checked, and if new information arrives, we'll check again. We check every number that we get. Thus far, we've received about 50 numbers off the list. Of all the big names that have come up so far – French President Emmanuel Macron, the king of Morocco, French journalists and diplomats, the prime minister of Belgium – none has ever been a target. So I'm saying – I wish they'd investigate. Anyone who wants is welcome to."

Q: How can you be so confident they won't find anything? You yourself say that you don't know whom your customers track.

"Because I know what we do, and with whom we do it."

Q: You do realize that this could reach critical mass, and defeat you.

"So what? The world will be more of a bummer, with more crime and more terrorism and more pedophiles. That's exactly what will happen. And apparently there will be a lot more small companies, without regulation, who will go to all sorts of havens abroad and do the same thing. So now we're doing everyone a favor and drawing all the fire for the industry, but I'm not willing to break. On principle. Because I don't think we've done anything bad. The opposite. I think we do good things, and that our customers recognize that, and our workers recognize that, and mainly – the alternative is much worse."

Q: The government could step in and say that NSO Group does Israel more harm than good.

"If the government says that it doesn't want any more cybertechnology in Israel, I'll salute it and close up shop. But I don't think that's the situation."

Q: Still, NSO is creating quite a headache for Israel.

"That's true, and the country doesn't deserve it. If we were a company operating in the US or Britain, this wouldn't be happening. A big part of what comes our way is because we're Israeli."

Q: Maybe the regulatory bodies in the US or Britain wouldn't have allowed you to operate in some of the places you do.

"I don't think so. We don't currently sell anywhere that the Americans wouldn't allow us to operate. China, Russia, Qatar, Egypt, North Korea – these are countries we won't sell to, on moral grounds. There's not even a question."

Q: But it's in the Israeli government's interest that you keep operating, certainly in countries with which our relations are sensitive, like some Arab states.

"Any attempt to ties us to the state is wrong. We're a private company. The government gives us permits to sell, just like they give Elbit or Rafael."

Q: So why are you under attack?

"Because no missiles have hit anyone, but everyone has iPhones. Everyone is afraid of it. It's gotten to the stage where people get a text message with a coupon for pizza and email us saying that someone tried to infect their phone with Pegasus. The amount of disinformation is insane."

Q: Can't you understand why?

"Yes, but I want to make it clear – it's not like we're talking about something on a grandiose scale. All the headlines and noise right now are because of 100 targets per year per customer. We're not Microsoft."  

Q: How will the affair end?

"I've already said I'll be happy if there's a probe, and that I'm committed to cooperating fully with any such probe. And I believe with all my heart that the probe will end with nothing, and it will turn out that the list has nothing to do with us. I only hope that all the newspapers that attacked us this week will apologize. Beyond that, I don't want anything."

In the past few days, Israeli officialdom has been squirming after the wave of reports about widespread spying by governments around the world using NSO's Pegasus software.

"China, Russia, Qatar, Egypt, North Korea – these are countries we won't sell to, on moral grounds"

NSO might be a private company, but its activity is fully under the oversight of the Defense Export Control Agency (DECA) in the Defense Ministry. Apart from that, the government has a clear interest in NSO's activity, for a few reasons. Cyber sales in general and cyberattack sales in particular currently comprise a major part of defense exports, and bring billions of dollars into Israel per year; advanced cybertechnologies allow it to strengthen ties and cooperation with various countries, including ones with whom we do not have formal relations, in the battle against common enemies like Iran or various terrorist groups; and various past reports have claimed that some of the technologies have backdoors that allow the government to use them for its own purposes.

Given all this, it's clear why the top political and defense echelons are disinclined to launch an immediate and open investigation into the affair. The most obvious concern is not only the economic ramifications to cyber companies and thereby to national revenue, but possible harm to relations with some countries. Naturally, this applies mainly to NSO's most sensitive customers – Saudi Arabia, the UAE, Bahrain, and Morocco, countries with problematic human rights records, certainly when compared to most of NSO's customers, which are western democracies.

On the other hand, officials in Israel realize that the flood of reports by media outlets worldwide cannot go unanswered. Not only because of the need to clarify that Pegasus has not been used for widespread attacks against citizens, but also because there is indirect criticism of Israel for allowing – if not pushing and promoting – sales of the system throughout the world, making the government complicit in alleged wholesale human rights violations.

Ultimately, the government decided on a probe that will be managed by officials from the Prime Minister's Office and the foreign, defense, and justice ministries, as well as from the Mossad and the IDF. The purpose of the probe is not only to determine whether the system has been used for unacceptable goals that violate its license, but also to placate governments and organizations around the world that have expressed concern following reports of the affair.

Clarifying the facts of the case is important not only to NSO and its sales, but also to Israel. It will allow the government to handle diplomatic pressure that could spring up on other governments to refrain from buying Israeli cybertechnology, and also deal with international lawsuits and boycotts, should there be need to. Even if due to the nature of the affair and privacy not all the details are made public, the probe has to go ahead. Anyone who claims they have nothing to hide has no reason to worry.

The post 'Israeli cyber sector is under attack,' says NSO Group chief appeared first on www.israelhayom.com.

Israel will launch an inquiry into claims that private Israeli firm NSO Group's "Pegasus" spyware was used by governments across the globe to spy on political rivals, journalists, and human rights activists.

Follow Israel Hayom on Facebook and Twitter

The inquiry team is expected to include representatives from the Defense Ministry, National Security Council, Mossad, other agencies, and legal experts. Its goal will be to determine whether NSO Group acted in contravention of the defense export permit it received from the Defense Ministry's Defense Exports Control Agency (DECA), and whether its products were used by various clients in contravention of the conditions of the permit.

The decision to launch the inquiry came on the heels of an investigation by 17 media organizations into NSO's spyware published on Sunday on how it was being used to target prominent individuals.

The cellphones of French President Emmanuel Macron and 15 members of the French government may have been among potential targets in 2019 of the surveillance spyware, according to French newspaper Le Monde.

An official in Macron's office said authorities would investigate Le Monde's report, and if the targeting is proven, it would be "extremely grave."

Le Monde quoted NSO as saying the French president was never targeted by its clients.

Fifty people close to Mexico's president, Andres Manuel Lopez Obrador, were also on the potential target list. They include his wife, children, aides and cardiologist. Lopez Obrador was in opposition at the time. A Mexican reporter whose phone number was added to the list in that time period, Cecilio Pineda, was assassinated in 2017.

After Mexico, the largest share of potential targets was located in the Middle East, where Saudi Arabia is reported to be among NSO clients. Also on the list were numbers in Bahrain, the United Arab Emirates, India, Hungary, Azerbaijan, Kazakhstan and Pakistan, Morocco and Rwanda.

Radio France reported on Tuesday that Moroccan King Mohammed VI's phone was on a list of numbers of people identified as potential Pegasus spyware targets by Morocco's intelligence services.

Morocco on Monday denied the allegations, saying it had "never acquired computer software to infiltrate communication devices."

Jean Asselborn, the foreign minister of Luxembourg, said Tuesday NSO Group was present in Luxembourg via its subsidiaries, and that he would be writing a letter to the directors of those Luxembourg units of NSO to remind them of the importance of protecting human rights.

NSO denies ever maintaining a list of "potential, past or existing targets." It claims to sell only to "vetted government agencies" for use against terrorists and major criminals.

Israel's Defense Ministry said in a statement that it "approves the export of cyber products exclusively to governmental entities, for lawful use, and only for the purpose of preventing and investigating crime and counterterrorism." It said national security and strategic considerations are taken into account.

Last year, an Israeli court dismissed an Amnesty International lawsuit seeking to strip NSO of its export license, citing insufficient evidence.

United Nations human rights chief Michelle Bachelet on Monday said the apparent widespread use of the Pegasus spyware to illegally undermine the rights of those under surveillance, including journalists and politicians, was "extremely alarming" and confirmed "some of the worst fears" surrounding the potential misuse of such technology.

The recent reports have caused considerable embarrassment within Israel's diplomatic-security echelon. NSO operates from Israel and its products are exported under DECA's oversight. Moreover, official Israeli representatives have helped the company sell its products in several countries with which Israel doesn't have official diplomatic relations. The purpose of these efforts, allegedly, was to help these countries fight terrorist groups, and pave the path for the sale of additional Israeli products. The New York Times reported earlier this week that such help was provided in Saudi Arabia, among other countries.

Defense Minister Benny Gantz asserted Tuesday that Israel operates fully within international law.

"We are aware of recent publications regarding the use of systems developed in certain Israeli cyber companies," said Gantz in a speech to Cyber Week at Tel Aviv University, without mentioning NSO Group by name. "Israel, as a liberal Western democracy, controls exports of cyber products in accordance with its defense export control law, complying with international export control regimes."

Gantz added that "as a matter of policy, the State of Israel authorizes the export of cyber products solely to governments, only for lawful use, and exclusively for the purposes of preventing and investigating crime and terrorism. The countries acquiring these systems must abide by their commitments to these requirements. We are currently studying the information that is published on the subject."

However, other officials in Israel said Tuesday that the severity of the affair and its possible repercussions obligate "clearer actions and statements" from the government.

The officials expressed concern that sufficing with "studying" the issue won't reduce the international criticism against Israel. Some officials warned that a "critical mass" of pressure could form and that failing to launch a public and transparent investigation could create the impression that Israel had something to hide, and that Pegasus was used for illegal purposes with the knowledge and approval of the government.

However, other officials said such an investigation could complicate relations with numerous sensitive countries, such as Saudi Arabia, the UAE, Morocco and Bahrain. In their view, Israel has a vested and clear interest in cooperating with the rulers of these countries against shared threats, such as Iran and Islamic terror, and said such an investigation could embarrass some of them and directly harm diplomatic relations.

Shalev Hulio, founder and CEO of NSO Group, responded Tuesday to the growing firestorm surrounding his company, saying he "wishes the Israeli government would launch an investigation to clear us of these false accusations."

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

Hulio said the "wrong" report published on Sunday against his company was "based on incorrect premises, within the framework of a well-organized and well-timed campaign by known interested parties. The company is weighing its legal steps against the delusional claims put forth in the report.

Speaking to 103FM Radio, Hulio said, "The platform that we create is a platform that saves lives and prevents terrorist attacks, and that needs to be understood. NSO has no list of targets. We made some decisions that are like the NSO Group constitution, and they accompany us to this day. The first is that we only sell to governments and intelligence agencies, not to individuals or [private] organizations."

"The second decision was that we won't sell to every government, since there are some governments that should not have such tools," he said.

The post Israeli officials: NSO probe could jeopardize sensitive diplomatic relations appeared first on www.israelhayom.com.