Spyware created by Israeli company NSO Group has been used to hack at least nine iPhones belonging to State Department officials this year, four officials familiar with the matter confirmed to Reuters. The hacks took place in the last few months and mostly affected State Department employees either based in Uganda or on assignment pertaining to the country.
NSO Group has swiftly risen from obscurity to become one of the most talked-about spyware-makers in the world. The company’s software is now infamous enough that Apple has gone ahead and sued it for “surveillance and targeting of Apple users” around the world.
But NSO does not see its software as malicious and routinely defends its distribution as being for “lawful interception” only. The company said in a statement yesterday that it didn’t see any indication its software had been used for spying on U.S. officials, though it did promise to cancel “relevant accounts” and investigate the hacking. Not much else is known at this time.
Not us, no way — Despite its software being used many times over for spying purposes, NSO Group consistently denies that it allows its products to be used for harm. The go-to line is either “we don’t have any information about this” or simply “our software is actually just used for good.”
In this case NSO Group chose the latter. The company’s official statement on the matter is that its technology “helps stop terrorism,” according to Reuters, and that it has added measures to stop it from being used on innocent targets. Those failsafes — like not working on phones with U.S. numbers — don’t always work as intended. In this case, for example, the U.S. officials had numbers registered overseas.
Spyware empire — As much as NSO Group would like the public to believe otherwise, its software is being used for spying. This has been revealed so many times now that activists like Edward Snowden have called for an international ban on spyware.
NSO Group’s spyware is particularly tricky because it’s incredibly easy to deploy. Victims in the past have had their phones infected via an iMessage that needed no engagement to operate. The spyware can install quietly in the background, the iPhone user none the wiser.
The Israeli embassy in Washington has condemned the use of NSO Group’s software for malicious purposes. “Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes," a spokesperson for the embassy said. "The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions."