views
WASHINGTON: The phones of 11 U.S. State Department employees were hacked using technology from Israel’s NSO Group, the world’s most infamous hacker-for-hire company, a person familiar with the matter said Friday.
The employees were all located in Uganda and included some foreign service officers, said the person, who was not authorized to speak publicly about an ongoing investigation. Some local Ugandan employees of the department appear to have been among the 11 hacked, the person said.
The hacking is the first known instance of NSO Group’s spyware, known as Pegasus, being used against U.S. government personnel.
It was not known what individual or entity used the NSO technology to hack into the accounts, or what information was sought.
We have been acutely concerned that commercial spyware like NSO Group software poses a serious counterintelligence and security risk to U.S. personnel, White House press secretary Jen Psaki said at briefing Friday.
News of the hacks, which were first reported by Reuters, comes a month after the U.S. Commerce Department blacklisted NSO Group, barring U.S. technology from being used by the company. And Apple sued NSO Group last week seeking to effectively shut down its hacking of all iPhones and other Apple products, calling the Israeli company amoral 21st century mercenaries.
The State Department employees were hacked on their iPhones, the person familiar with the matter said.
NSO Group said in a statement that it had terminated the relevant customers access to its hacking system, but did not say who the customers were. The company said its spying technology is blocked from hacking phones based in the U.S. and only sells to licensed customers.
NSO has no way to know who the targets of the customers are, as such, we were not and could not have been aware of this case, the company said.
In announcing the lawsuit, Apple sent out notifications globally to people whose iPhones were hacked with Pegasus in countries ranging from El Salvador to Poland. The targeted State Department employees were among them.
Apple declined comment Friday on the Uganda hacks.
Marketed to governments for use solely against terrorists and criminals, Pegasus has been abused by NSO customers to spy on human rights activists, journalists and politicians from Saudi Arabia to Mexico, including such high-profile targets as the fiancee of Jamal Khashoggi, the Saudi journalist murdered in his countrys consulate in Istanbul.
NSO Group has been broadly denounced for allowing such targeting, and its placement on the Commerce Departments “entity list last month was the first time a company outside of China had been added over human rights violations, said Kevin Wolf, an attorney at Akin Gump and former top commerce official in the Obama administration.
Analysts wonder whether NSO Group can survive financially under such circumstances. Last week, Moodys downgraded NSO Groups financial outlook to negative, saying it risked defaulting on more than $300 million in loans as a result of high uncertainty of its ability to sell new licenses. It said NSO Group, which is privately held, has about 750 employees with 60 customers in more than 35 countries
The impact on companies blacklisted by the Commerce Department, about half of which are Chinese, is often far broader than barring them from using U.S. technology. Wolf said many companies choose to avoid doing business with them completely in order to eliminate the risk of an inadvertent violation and the legal costs of analyzing whether they can.
NSO Group was asked by The Associated Press prior to Fridays news whether it could survive as long as it is on the entity list. While not directly responding, it said it was working on all appropriate channels to reverse the Department of Commerces decision.
___
Suderman reported from Richmond, Va., and Bajak from Boston. Josef Federman in Jerusalem contributed to this report.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor
Read all the Latest News here
Comments
0 comment