NSO Group and Collateral Damage: Shadowdragon
September 23, 2021
The NSO Group has captured headlines and given a number of journalists a new beat to cover: Special service vendors. This phrase “specialized service vendors” is the one I use to capture the market niche served by companies as diverse as Anduril to Voyager Labs. Most of these firms walk a fine line: Providing enough public information so that a would-be customer like a government agency can locate a contact point to staying out of the floodlights looking for next NSO Group to research and write about.
I read “Shadowdragon: Inside the Social Media Surveillance Software That Can Watch Your Every Move.” The exposé appearing in the The Intercept follows a predictable pattern: Surveillance, law enforcement, technology, sources, similar software (in this story Kaseware), and rights violations.
A Wall Street Journal reporter is allegedly working on a book that will surf on the the NSO Group’s tsunami of surveillance shock.
I have spelled out three concerns about what I call the conversion of NSO Group from a low-profile outfit to the poster child for misuse of certain types of technology. Let me recap these:
- SNOWDEN. Edward Snowden’s oath to keep information secret was broken with his notable data dump. Some of these 2013 materials provided sufficient information about specialized software and services to create or release a desire to know more about the market segment.
- CITIZENS LAB. In 2016 Citizen’s Lab kicked off its coverage of the specialized software niche with “The Million Dollar Dissident: NSO Group’s iPhone Zero Days Used against a UAE Human Rights Defender.”
- PITCHING NSO. In 2017, Francisco Partners’ mounted an effort to sell NSO Group for an asking price of around $1 billion. Venture and finance types perked up their ears. Some asked, “What’s this specialized service cyber software?”
- BOOK. In 2019, Shoshana Zuboff published “The Age of Surveillance Capitalism,” which provided a “name” to some of the specialized software functions.
Reporters, activists, researchers, academics, and companies not previously aware of the specialized service sector are now chasing information. Unlike some commercial market sectors, funds are available. The appetite for advanced software and services is growing.
Now back to the company named associated by some with an insect. What impact will the Intercept write up have. I don’t know, but I have three ideas:
First, the company will become a subject of interest for some; for example, an investigative reporter working on a book about the specialized service sector.
Second, non-LE and intel-related organizations will express an interest in licensing the software and gaining access to the firm’s database and other technology. (Voyager Labs has explored selling its software for “marketing.”)
Third, the company’s willingness to market its products and services more aggressively may be reduced. Shadowdragon advertised for a marketing professional, presumably to support the company’s sales efforts. One of the firm’s senior managers posts on LinkedIn in order to express support for certain activities and retain visibility in that Microsoft owned service.
From my narrow point of view, some information should not be exposed to the public; for example, the Snowden dump. And some of the marketing activities of specialized service providers should be wound back to the low profile activities of the pre-911 era.
Unfortunately it may be too late. Commercial success may be more important than creating solutions which support LE and intelligence operations. Today anyone can enjoy useful tools. Check out Hunchly OSINT or Maltego. Explore what these tools can do.
Will Shadowdragon become collateral damage as a consequence of NSO Group?
Stephen E Arnold, September 23, 2021