NSO Group, the PR Champ of Intelware Does It Again: This Time Jordan
April 11, 2022
I hope this write up “NSO Hacked New Pegasus Victims Weeks after Apple Sought Injunction” is one of those confections which prove to be plastic. You know: Like the plastic sushi in restaurant windows in Osaka. The news report based on a report from Citizen Lab and an outfit called Front Line Defenders delineates how a Jordanian journalist’s mobile device was tapped.
The article reports:
The NSO-built Pegasus spyware gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and precise location. Many victims have received text messages with malicious links, but Pegasus has more recently been able to silently hack iPhones without any user interaction, or so-called “zero-click” attacks. Apple last year bolstered iPhone security by introducing BlastDoor, a new but unseen security feature designed to filter out malicious payloads sent over iMessage that could compromise a device. But NSO was found to have circumvented the security measure with a new exploit, which researchers named ForcedEntry for its ability to break through BlastDoor’s protections. Apple fixed BlastDoor in September after the NSO exploit was found to affect iPads, Macs, and Apple Watches, not just iPhones.
This is “old news.” The incident dates from 2021, and since that time the MBA infused, cowboy software has sparked a rethinking of how software from a faithful US ally can be sold and to whom. Prior to the NSO Group’s becoming the poster child for mobile surveillance, the intelware industry was chugging along in relative obscurity. Those who knew about specialized software and services conducted low profile briefings and talks out of the public eye. What better place to chat than at a classified or restricted attendance conference? Certainly not in the pages of online blogs, estimable “real news” organs, or in official government statements.
Apple, the big tech company which cares about most of its customers and some of its employees (exceptions are leakers and those who want to expose certain Apple administrative procedures related to personnel), continues to fix its software. These fixes, as Microsoft’s security professionals have learned, can be handled by downplaying the attack surface its systems present to bad actors. Other tactics include trying to get assorted governments to help blunt the actions of bad actors and certain nation states which buy intelware for legitimate purposes. How this is to be accomplished remains a mystery to me, but Apple wanted an injunction to slow down the NSO Group’s exploit capability. How did that work out? Yeah. Other tactics include rolling out products in snazzy online events, making huge buyout plays, and pointing fingers at everyone except those who created the buggy and security-lax software.
I am not sure where my sympathies lie. Yes, I understand the discomfort the Jordanian target has experienced, but mobile devices are surveilled 24×7 now. I understand that. Do you? I am not sure if I resonate with either NSO Group’s efforts to build its business. I know I don’t vibrate like the leaves in the apple orchard.
The context for these intelware issues is a loss of social responsibility which I think begins at an early age. Without consequences, what exactly happens? My answer is, “Lots of real news, outrage, and not much else.” Without consequences, why should ethics, responsible behavior, and appropriate regulatory controls come into play?
Stephen E Arnold, April 11, 2022