AP Source: NSO Group spyware used to hack State employees

Dec 3, 2021, 12:52 PM | Updated: Dec 7, 2021, 7:12 am
FILE - A logo adorns a wall on a branch of the Israeli NSO Group company, near the southern Israeli...

FILE - A logo adorns a wall on a branch of the Israeli NSO Group company, near the southern Israeli town of Sapir, Aug. 24, 2021. The phones of 11 U.S. State Department employees were hacked using technology from Israel's NSO Group, the world's most infamous hacker-for-hire company, a person familiar with the matter said Friday, Dec. 3. (AP Photo/Sebastian Scheiner, File)

(AP Photo/Sebastian Scheiner, File)

WASHINGTON (AP) — The phones of 11 U.S. State Department employees were hacked with spyware from Israel’s NSO Group, the world’s most infamous hacker-for-hire company, a person familiar with the matter said Friday.

The employees were all located in Uganda and included some foreign service officers, said the person, who was not authorized to speak publicly about an ongoing investigation. Some local Ugandan employees of the department appear to have been among the 11 hacked, the person said.

The hacking is the first known instance of NSO Group’s trademark Pegasus spyware being used against U.S. government personnel.

It was not known what individual or entity used the NSO technology to hack into the accounts, or what information was sought.

“We have been acutely concerned that commercial spyware like NSO Group software poses a serious counterintelligence and security risk to U.S. personnel,” White House press secretary Jen Psaki said at briefing Friday.

Senior researcher John Scott-Railton of Citizen Lab, the public-interest sleuths at the University of Toronto who have been tracking Pegasus infections for years, called the discovery a giant wake-up call for the U.S. government about diplomatic security.

“For years we have seen that diplomats around the world are among targets,” he said, “and it looks like the message had to be brought home to the U.S. government in this very direct and unfortunate way. There is no exceptionalism when it comes to American phones in diplomats’ pockets.”

News of the hacks, which were first reported by Reuters, comes a month after the U.S. Commerce Department blacklisted NSO Group, barring U.S. technology from being used by the company. And Apple sued NSO Group last week seeking to effectively shut down its hacking of all iPhones and other Apple products, calling the Israeli company “amoral 21st century mercenaries.”

The State Department employees were hacked on their iPhones, the person familiar with the matter said.

NSO Group said in a statement that after being asked Thursday about the Ugandan phones “we immediately shut down all the customers potentially relevant to this case,” but did not say who the customers were. The company said its spying technology is blocked from hacking phones based in the U.S. and is only sold to licensed customers.

If the allegations turn out to be true “they are a blunt violation” of contract terms and NSO Group “will take legal action against these customers,” it added.

In announcing the lawsuit, Apple sent out notifications globally to people whose iPhones were hacked with Pegasus in countries ranging from El Salvador to Poland. The targeted State Department employees were among them.

Apple declined comment Friday on the Uganda hacks.

Marketed to governments for use solely against terrorists and criminals, Pegasus has been abused by NSO customers to spy on human rights activists, journalists and politicians from Saudi Arabia to Mexico, including such high-profile targets as the fiancee of Jamal Khashoggi, the Saudi journalist murdered in his country’s consulate in Istanbul.

NSO Group has been broadly denounced for allowing such targeting, and its placement on the Commerce Department’s “entity list” last month was the first time a company outside of China had been added over human rights violations, said Kevin Wolf, an attorney at Akin Gump and former top commerce official in the Obama administration.

Analysts wonder whether NSO Group can survive financially under such circumstances. Last week, Moody’s downgraded NSO Group’s financial outlook to negative, saying it risked defaulting on more than $300 million in loans as a result of “high uncertainty” of its ability to sell new licenses. It said NSO Group, which is privately held, has about 750 employees with 60 customers in more than 35 countries

The impact on companies blacklisted by the Commerce Department, about half of which are Chinese, is often far broader than barring them from using U.S. technology. Wolf said many companies choose to avoid doing business with them completely “in order to eliminate the risk of an inadvertent violation” and the legal costs of analyzing whether they can.

NSO Group was asked by The Associated Press prior to Friday’s news whether it could survive as long as it is on the entity list. While not directly responding, it said it was “working on all appropriate channels to reverse the Department of Commerce’s decision.”

The company again claimed that it does not operate the Pegasus command-and-control system that remotely manages hacks “and has no access to the data collected by its customers.” Cybersecurity researchers who have closely tracked NSO’s spyware dispute that claim. They say NSO’s government clients are incapable of running the online infrastructure and their sleuthing has confirmed centralized control of post-infection operations.

Apple’s lawsuit added major heft to a Big Tech legal onslaught against NSO Group. Facebook sued it in 2019 for allegedly hacking its globally popular encrypted WhatsApp messaging app. Last month, a U.S. federal appeals court ruled that the case could go forward, rejecting NSO’s claim it should be thrown out because it is a “sovereign entity.”

___

Suderman reported from Richmond, Va., and Bajak from Boston. Josef Federman in Jerusalem contributed to this report.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - Judge J. Michelle Childs, who was nominated by President Barack Obama to the U.S. District C...
Associated Press

At least 3 judges eyed as Biden mulls Supreme Court pick

WASHINGTON (AP) — President Joe Biden is eyeing at least three judges for an expected vacancy on the Supreme Court as he prepares to quickly deliver on his campaign pledge to nominate the first Black woman to the nation’s highest court, according to aides and allies. With Justice Stephen Breyer planning to retire, early discussions […]
19 hours ago
Associated Press

Samsung reports robust profit based on chip strength

SEOUL, South Korea (AP) — Samsung Electronics Co. said Thursday its operating profit for the last quarter rose by more than 53% from the same period last year as it continued to thrive during the pandemic while relying on its dual strength in parts and finished products. Samsung’s operating profit of to 13.9 trillion won […]
19 hours ago
Associated Press

Another Navy officer pleads guilty in wide-spanning scandal

SAN DIEGO (AP) — A U.S. Navy commander admitted in federal court to sending a Malaysian defense contractor classified ship schedules for the Navy’s 7th Fleet in exchange for extravagant meals, luxury travel, cash and the services of prostitutes. Commander Stephen Shedd is the third member of the 7th Fleet to plead guilty to bribery […]
19 hours ago
FILE - Cristina Licup receives her COVID-19 booster shot where she works at the Hebrew Home at Rive...
Associated Press

Vaccine mandate to kick in for first wave of health workers

Health care workers in about half the states face a Thursday deadline to get their first dose of the COVID-19 vaccine under a Biden administration mandate that will be rolled out across the rest of the country in the coming weeks. While the requirement is welcomed by some, others fear it will worsen already serious […]
19 hours ago
Workers walk over London Bridge towards the City of London financial district during the morning co...
Associated Press

England lifts COVID restrictions as omicron threat recedes

LONDON (AP) — Most coronavirus restrictions including mandatory face masks were lifted in England on Thursday, after Britain’s government said its vaccine booster rollout successfully reduced serious illness and COVID-19 hospitalizations. From Thursday, face coverings are no longer required by law anywhere in England, and a legal requirement for COVID passes for entry into nightclubs […]
19 hours ago
FILE - Stewart Rhodes, founder of the citizen militia group known as the Oath Keepers speaks during...
Associated Press

Magistrate orders Oath Keepers leader jailed until trial

PLANO, Texas (AP) — The founder and leader of the far-right Oath Keepers militia group must remain behind bars until he goes on trial on sedition charges arising from last year’s assault on the U.S. Capitol, a federal magistrate ruled Wednesday. Stewart Rhodes had been jailed sincehis Jan. 13 arrest on charges that he plotted […]
19 hours ago

Sponsored Articles

...
Day & Night Air Conditioning, Heating and Plumbing

HVAC upkeep in Arizona saves money, keeps families prepared in the long run

Does your air conditioner make weird noises or a burning smell when it starts? If so, you may be due for an AC unit replacement.
...
Arizona State University

Gain insights on next year’s trends at 58th Annual Economic Forecast Luncheon

Employment is recovering from the severe contraction induced by the pandemic, but it is still way below levels at the start of 2020. Can it fully recover in the coming year?
(Facebook Photo/NHTSA)...
Sweet James

Upcoming holiday season is peak time for DUI arrests

The holiday season may be the most wonderful time of the year, but it’s also the most dangerous time of the year to be driving. That’s why it’s important to remember to call Sweet James Accident Attorneys if you’re injured or arrested because of a DUI accident.
AP Source: NSO Group spyware used to hack State employees