• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

NSO Group: Now the Women Allegedly Harmed Gain Media Traction. Wowza!

I read “I Will Not Be Silenced: Women Targeted in Hack and Leak Attacks Speak Out about Spyware.” My first reaction to the story was, “How many college sociology and poli-sci classes will make NSO Group, its product Pegasus, and the implications of “targeting” a subject for a case study, discussion groups, and papers? My second thought was, “NSO Group has been able to watch the ripples of intelware crashing against the awareness of the naïve, the clueless, and the mobile phone addicts.”

I don’t know if the peacock’s news report is accurate or just one of those weird bird noises made by the species. That probably doesn’t matter because the write up pulls in women and hooks intelware to a quite magnetic topic: The treatment of women.

The peacock squawked:

Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them.

Now that’s a heck of an assertion. True or not, the idea of “personal” pix nestling in distributed and local storage devices is not something that most people want to have happen.

Here’s a quote from the write up, and it will be interesting to watch how the crisis management advisors to NSO Group tap dance across this allegedly true statement:

“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”

That’s a whiz bang statement which drags in nuances of privacy invasion and personal safety. Let’s call a meeting and maybe issue another feel good, make streets safer story. Yeah, how’s that working out?

The write up has another quote that glues NSO Group to the notion of freedom. Hello, Israel?

“Pegasus is a spyware tool and a weapon used against freedom of the press, freedom of expression, human rights activism and journalism,” said Rasha Abdul Rahim, director of Amnesty Tech, a division of Amnesty International focused on technology and surveillance tools. “Women’s freedom of expression is abused and targeted in a very specific way both online and offline. “The focus is on silencing them, putting the attention on their bodies or what they should be wearing or saying,” she added.

I have noticed that more people are aware of intelware as a result of this NSO Group toe stubbing.

What about those intelligence conference organizers? How about those experts pitching intel-related conferences on LinkedIn? What about those nifty white papers on intelware vendors’ Web sites?

My thought is that as more content is downloaded and more of the journalists chasing NSO Group info punch their searches into the Google, the more those ripples will be agitated.

Yikes. No easy fix it seems. Chasing revenues and making intelware into a household word are problematic. Many entities are likely to be suffering the slings and arrows of outrageous fortune. PR is good until it is not.

Stephen E Arnold, August 2, 2021

NSO Group and an Alert Former French Diplomat: Observation Is Often Helpful

I read “French Ex-Diplomat Saw Potential for Misuse While Working at NSO.” The allegedly accurate write up reports that Gerard Araud [once a French ambassador] took a position at NSO Group. The write up adds:

His one-year mission from September 2019, along with two other external consultants from the United States, was to look at how the company could improve its human rights record after a host of negative news stories. Earlier that year, the group’s technology had been linked publicly to spying or attempted spying on the murdered Saudi journalist Jamal Khashoggi by Saudi Arabian security forces, which it denied. The group was acquired in 2019 by a London-based private equity group, Novalpina, which hired Araud to recommend ways to make the company’s safeguard procedures “more rigorous and a bit more systematic,” he said.

The write up explains how a prospect becomes an NSO Group customer:

Its [the Pegasus software and access credentials] export is regulated “like an arms sale,” said Araud, meaning NSO must seek approval from the Israeli government to sell it, and state clients then sign a lengthy commercial contract stipulating how the product will be used. They are meant to deploy Pegasus only to tackle organised crime or terrorism — the company markets itself this way — but Araud said “you could see all the potential for misuse, even though the company wasn’t always responsible.”

The argute veteran of the French ambassadorial team maybe, possibly, could have discerned the potential for misuse of the Pegasys system.

The write up includes this information, allegedly direct from the former diplomat, who obviously provides information diplomatically:

In a firm that practices “a form of extreme secrecy,” he says he nonetheless became convinced that NSO Group worked with Israel’s Mossad secret services, and possibly with the CIA. He said there were three Americans who sat on the group’s advisory board with links to the US intelligence agency, and the company has said that its technology cannot be used to target US-based numbers.  “There’s a question about the presence of Mossad and the CIA. I thought it was both of them, but I have no proof,” he said. “But I suspect they’re both behind it with what you call a ‘backdoor’.” A “backdoor” is a technical term meaning the security services would be able to monitor the deployment of Pegasus and possibly the intelligence gathered as a result.

Interesting. Several years ago, the BBC published “When Is a Diplomat Really Just a Spy?” In that 2018 write up, the Beeb stated:

So where do you draw the line between official diplomacy and the murky world of espionage? “Every embassy in the world has spies,” says Prof Anthony Glees, director of the Centre for Security and Intelligence Studies at the University of Buckingham. And because every country does it, he says there’s “an unwritten understanding” that governments are prepared to “turn a blind eye” to what goes on within embassies.

Would French diplomats have some exposure to ancillary duties at a French embassy? Potentially.

Stephen E Arnold, August 3, 2021

NSO Group: Talking and Not Talking Is Quite a Trick

I read “A Tech Firm Has Blocked Some Governments from Using Its Spyware over Misuse Claims.” First, let’s consider the headline. If the headline is factual, the message I get is that NSO Group operates one or more servers through which Pegasus traffic flows. Thus, the Pegasus system includes one or more servers which have log files, uptime monitoring, and administrative tools which permit operations like filtering, updating, and the like. Thus, a systems administrator with authorized access to one or a fleet of NSO Group servers supporting Pegasus can do what some system administrators do: Check out what’s shakin’ with the distributed system. Is the headline accurate? I sure don’t know, but the implication of the headline (assuming it is not a Google SEO ploy to snag traffic) is that NSO Group is in a position to know — perhaps in real time via a nifty AWS-type dashboard — who is doing what, when, where, for how long, and other helpful details about which a curious observer finds interesting, noteworthy, or suitable for assessing an upcharge. Money is important in zippy modern online systems in my experience.

My goodness. That headline was inspirational.

What about the write up itself from the real news outfit National Public Radio or NPR, once home to Bob Edwards, who was from Louisville, not far from the shack next to a mine run off pond outside my door. Ah, Louisville, mine drainage, and a person who finds this passage suggestive:

“There is an investigation into some clients. Some of those clients have been temporarily suspended,” said the source in the company, who spoke to NPR on condition of anonymity because company policy states that NSO “will no longer be responding to media inquiries on this matter and it will not play along with the vicious and slanderous campaign.”

So the company won’t talk to the media, but does talk to the media, specifically NPR. What do I think about that? Gee, I just don’t know. Perhaps I don’t understand the logic of NSO Group. But I don’t grasp what “unlimited” means when a US wireless provider assures customers that they have unlimited bandwidth. I am just stupid.

Next, I noted:

NSO says it has 60 customers in 40 countries, all of them intelligence agencies, law enforcement bodies and militaries. It says in recent years, before the media reports, it blocked its software from five governmental agencies, including two in the past year, after finding evidence of misuse. The Washington Post reported the clients suspended include Saudi Arabia, Dubai in the United Arab Emirates and some public agencies in Mexico. The company says it only sells its spyware to countries for the purpose of fighting terrorism and crime, but the recent reports claim NSO dealt with countries known to engage in surveillance of their citizens and that dozens of smartphones were found to be infected with its spyware.

Okay, if the headline is on the beam, then NSO Group, maybe some unnamed Israeli government agencies like the unit issuing export licenses for NSO Group-type software, and possibly some “trusted” third parties are going to prowl through the data about the usage of Pegasus by entities. Some of these agencies may be quite secretive. Imagine the meetings going on in which those in these secret agencies. What will the top dogs in these secret outfits about the risks of having NSO Group’s data sifted, filtered, and processed by Fancy Dan analytics’ systems tell their bosses? Yeah, that will test the efficacy of advanced degrees, political acumen, and possible fear.

And what’s NSO Group’s position. The information does not come from an NSO Group professional who does not talk to the media but sort of does. Here’s the word from the NSO Group’s lawyer:

Shmuel Sunray, who serves as general counsel to NSO Group, said the intense scrutiny facing the company was unfair considering its own vetting efforts.

“What we are doing is, what I think today is, the best standard that can be done,” Sunray told NPR. “We’re on the one hand, I think, the world leaders in our human rights compliance, and the other hand we’re the poster child of human rights abuse.”

I like this. We have the notion of NSO Group doing what it can do to the “best standard.” How many times has this situation faced an outfit in the intelware game, based in Herliya, and under the scrutiny of an Israeli agency which says yes or no to an export license for a Pegasus type system. Is this a new situation? Might be. If true, what NSO Group does will define the trajectory of intelware going forward, won’t it?

Next, I like the “world leaders” and “Human rights compliance.” This line creates opportunities for some what I would call Comedy Central comments. I will refrain and just ask you to consider the phrase in the context of the core functions and instrumentality of intelware. (If you want to talk in detail, write benkent2020 at yahoo dot com and one of my team will get back to you with terms and fees. If not, I am retired, so I don’t care.)

Exciting stuff and the NSO Group ice cream melt is getting stickier by the day. And in Herzliya, the temperature is 29 C. “C” is the grade I would assign to this  allegedly accurate statement from the article that NSO Group does not talk to the media. Get that story straight is my advice.

And, gentle NPR news professional, why not ask the lawyer about log file retention and access to data in Pegasus by an NSO system administrator?

Stephen E Arnold, July 30, 2021

Digital Kudzu: Constant Gardeners Arrive at the NSO Group Orangerie

Is this a line from a motion picture? “Hello, we’re from the government and we’re here to help you.” I can’t remember. But constant gardeners do make visits to places where stuff grows, even in 2021 in the midst of a spike in respiratory diseases and quite toasty 31 C weather with some inclement weather expected.

I read “Israel Begins Investigation into NSO Group Spyware Abuse.” I am never sure about the accuracy of information when the source is one of Jeffrey Epstein’s sources of academic inspiration. (Wasn’t there some fancy wordsmithing about MIT’s interactions with this high water mark of human interaction?) As M. Macron might say, “Petits pois.” So shall we assume that the “Israel Begins…” article is in the capable hands of an honest vendeur de fruits, shall we?

The write up asserts:

The Ministry of Defense did not specify which government agencies were involved in the investigation, but Israeli media previously reported that the foreign ministry, justice ministry, Mossad, and military intelligence were also looking into the company following the report. NSO Group CEO Shalev Hulio confirmed to MIT Technology Review that the visit had taken place but continued the company’s denials that the list published by reporters was linked to Pegasus.

Ah, a coincidence. There are so many in the modern world. Example, you want? Less driving during Covid, more traffic deaths? See coincidence.

The write up notes:

NSO is not the only Israeli hacking company in the news lately. Microsoft and the University of Toronto’s Citizen Lab also recently reported on hacking tools developed by Candiru that were subsequently used to target civil society groups.

Yep, Candiru. But are there other specialized software firms which the Israeli government might call, text, email, or Facetime? I don’t know from nothing because the Epstein-fave MIT “real” journalists did not mention any other firms. Am I to conclude that NSO Group and the Candiru outfit are rare birds, almost one of a kind?

Is it possible that NSO Group’s comments, the government’s alleged visit, and the grousing from the land of a couple of hundred different types of cheese are like the complaints of irritated customers of the orangerie’s delicate comestibles? If you got money, you can buy what the French call fruits mystérieux, right?

Observations:

1. A visit in itself is surprising in the midst of a surge in Israel
2. There indeed other firms providing specialized services, but these have been fortunate enough or wise enough to remain in the shed at rear of the orangeries in Herzliya
3. The MIT Review is saddled with that Epstein thing; thus, it is difficult to do much more than ask, “Is this the rest of the story?”

Worth watching. Because fruits mystérieux. The care of constant gardeners may be needed. Could it be too late? Could the blight migrate to haricots verts, tomates allongées, and petit avocats.

Avocats? Fruits or conseillers juridique?

Stephen E Arnold, July 29, 2021

NSO Group: A PR Consequence and Expected If Not Anticipated

The intelware outfit NSO Group has moved from a narrow, somewhat wonky specialized services niche to a different arena. The development was discussed my the DarkCyber research team when the news of the NSO Group ice cream spill floated to the top of the info river. (Why are we using the code phrase ice cream meltdown? Maybe a Ben and Jerry’s reference to certain interests not aligned with those of Israel’s specialized services industry? Metaphors are the stuff of poetry, so you will have to reach your own conclusions.)

So the ice cream meltdown is getting messy. DarkCyber was not surprised to read “Snowden Skewers Big Tech, Amoral Capital Firms for Enabling Insecurity Industry & Calls for Urgent Action.” The write up appears in an interesting publication which runs advertising to supplement its other sources of income. Snowden, as you may recall, is a former security sector worker bee who dumped documents, many of which are marked as secret or classified. Then Mr. Snowden found himself within the fashionable confines of Sheremetyevo International Airport. He then repaired to a more permanent location in Moscow and crafted a bit of work thinking, writing blog posts, doing lectures, and giving interviews. The topics are mostly about security, which is a shorthand way of rippling the fabric of some countries’ intelligence gathering nets.

The write up states:

In a searing post on his blog, ‘Continuing Ed’, the NSA whistleblower pointed to the Pegasus scandal as a “turning point” that exposed the “fatal consequences” of private-sector companies like the NSO Group that are part of this “out-of-control” industry – whose “sole purpose is the production of vulnerability.” “The phone in your hand exists in a state of perpetual insecurity, open to infection by anyone willing to put money in the hand of this new Insecurity Industry,” Snowden noted, adding that its clients range from countries to “sex-criminal Hollywood producers who can dig a few million out of their couch cushions.”

The write up, not content to link to Mr. Snowden’s intriguing blog, includes one of his tweets which is in italics below:

If you want to see Microsoft have a heart attack, talk about defining legal liability for bad code in a commercial product. To give Facebook nightmares, talk about making it legally liable for leaks of their unnecessarily collected personal records.

Several observations I want to capture before I forget them are:

1. The NSO Group ice cream melting has become a sticky mess. The PR problem spilled into the political arena in Israel, and now it has captured other entities and their methods as well. I think it is crisis management time, not SEO content management time.
2. Mr. Snowden’s comments indicate that he is not a fan of some of the business practices associated with the US and its allies. This raises the question, “To what is Mr. Snowden allied?”
3. The language of the Russia Today write up makes it clear that NSO Group has jumped from specialized software to the foil for state-sponsored cyber activities. The NSO Group’s actions, one might conclude, make the actions of a few young hackers look like very small potatoes like those grown near the border of Estonia.

The NSO Group ice cream melt may spread farther, attract flies, and damage some very expensive kitchen furnishings, maybe a careless person’s jumper, and require replacement of some placemats.

Yep, melting ice cream. A mess with consequences for the specialized services sector.

Stephen E Arnold, July 28, 2021

Facebook and NSO Group: An Odd Couple or Squabbling Neighbors?

Late in 2019, The Adware Guru published “Facebook Sues NSO Group Spyware Maker Due to Exploitation of WhatsApp Vulnerability.” That write up stated:

The cause of [Facebook’s]  lawsuit was WhatsApp’s zero-day vulnerability, which Facebook claims was sold to the NSO Group, and then the company helped use the problem to attack human rights defenders, journalists, political dissidents, diplomats, and governmental officials. According to court documents, more than 1,400 people in Bahrain, the United Arab Emirates, and Mexico suffered a total of 11 days from attacks. Facebook has already sent WhatsApp special messages to everyone affected.

In April 2020, Technadu published “The NSO Group Is Accusing Facebook of Having Tried to License Their Spyware.” That write up stated:

The ‘NSO Group’ is now turning the tables, claiming that they rejected Facebook’s proposal to license Pegasus because they only did it for governments and not private companies. In addition to that, they describe Facebook’s accusations as baseless and even accuse the social media company of failing to prepare the legal paperwork properly, which resulted in legislative procedure problems. NSO says Facebook didn’t have powerful methods to spy on iOS devices in the same way that they did with Android, and they felt like Pegasus could solve this problem for them. Facebook, on the other side, completely dismissed these statements by saying that these allegations had the sole purpose of distracting the court from the real facts.

Technadu added:

even if Facebook wasn’t trying to add Pegasus in Onavo for iOS, they are giving the NSO Group something to hold on to and make allegations that are at least seemingly realistic. At the very least, this development will complicate the legal process by much now.

Jump to the present. The Guardian’s story “Officials Who Are US Allies Among Targets of NSO Malware, Says WhatsApp Chief” reported on July 24, 2021:

Cathcart said that he saw parallels between the attack against WhatsApp users in 2019 – which is now the subject of a lawsuit brought by WhatsApp against NSO – and reports about a massive data leak that are at the centre of the Pegasus project… When WhatsApp says it believes its users were “targeted”, it means the company has evidence that an NSO server attempted to install malware on a user’s device.

The Guardian story includes this statement from the PR savvy NSO Group:

An NSO spokesperson said: “We are doing our best to help creating a safer world. Does Mr Cathcart have other alternatives that enable law enforcement and intelligence agencies to legally detect and prevent malicious acts of pedophiles, terrorists and criminals using end-to-end encryption platforms? If so, we would be happy to hear.”

Are Facebook’s statements credible? Is NSO Group’s version believable? Are these two behaving like the characters in Neil Simon’s “Odd Couple” or like the characters in the 1981 film “Neighbors”? Does each firm have something the other needs?

Stephen E Arnold, July 28, 2021

NSO Group: Investigative Reporters Are Investigating

What happens when one puts a family of beavers (the furry animals once prized for hats) in what remains of the Chrysler Building in Midtown? Well, those beavers will try to build a dam. What do investigative reporters do from more than a dozen newspapers enthralled by the NSO Group intelware story? The answer, gentle reader, is investigate.

What’s been made public in the last few days?

There were a handful of data nuggets I found mildly interesting; for example:

• The very wonderful UK Daily Mail reported that NSO Group “spent millions of dollars on Washington lobbyists, consultants, and lawyers, as it tried to sell its Pegasus spyware to the US government.” One name disclosed in the article was Tom Ridge, the first secretary of homeland security. The estimable Daily Mail notes that the Washington Post knew this factoid too. The Daily Mail added, that NSO Group retained “The Who’s Who of government figures runs through at least three administrations.” The money flowed from OSY Technologies and Francisco Partners, which once owned NSO Group.
• Mashable published “QAnon Believers Don’t Know How to Handle Michael Flynn’s Ties to Spyware Firm Behind Pegasus.” In addition to the QAnon trigger word, the Mashable story noted, “Edward Snowden is call it [Pegasus] the story of the year.” Mashable reported: “Many QAnon followers still don’t exactly know what to make of the news. Some seemed to accept the idea that this “doesn’t look good” for Flynn.”
• Axios (via Yahoo News) reported that Francisco Partners “…The firm finally exited NSO in early 2019, selling it back to the [NSO Group] company’s founders and London-based private equity firm Novalpina, which pledged “a new model for public transparency. Since then, NSO has become the pulsing heart of a dispute between the partners of Novalpina. And, in an ironic twist, it involves leaked WhatsApp messages and a lawsuit against one of the newspapers that later became part of the Pegasus consortium.”

My hunch is that the investigative reporters will continue just like the hypothetical beavers. Beavers were skinned by intrepid traders. Will the investigative reporters find themselves in a similar business process? Flipping stones with the NSO Group logo stenciled on them may reveal some surprises.

Stephen E Arnold, July 27, 2021

DarkCyber for July 27, 2021: NSO Group Again, Making AWS Bots, How Bad Actors Scale, and Tethered Drones

The 15th DarkCyber for 2021 addresses some of the NSO Group’s market position. With more than a dozen news organizations digging into who does what with the Pegasus intelware system, the Israeli company has become the face of what some have called the spyware industry. In this program, Stephen E Arnold, author of the Dark Web Notebook, explains how bad actors scale their cyber crime operations. One thousand engineers is an estimate which is at odds with how these cyber groups and units operate. What’s the technique? Tune in to learn why Silicon Valley provided the road map for global cyber attacks. If you are curious, you can build your own software robot to perform interesting actions using the Amazon AWS system as a launch pad. The final story explains that innovation in policing can arrive from the distant pass. An 18^th century idea may be the next big thing in law enforcement’s use of drones. DarkCyber is produced by Stephen E Arnold, who publishes Beyond Search. You can access the blog at www.arnoldit.com/wordpress and view the DarkCyber video at this link.

Kenny Toth, July 27, 2021

The NSO Group Story: Inspiring, Incriminating, or Obfuscating?

The Washington Post or Wapo to some in the DC orbit is an influential newspaper. The outfit has a connection to the world’s richest man. That billionaire’s idea for an online bookstore spawned a massive online service. One of the customers using that service was allegedly given some good news. The idea was that this particular customer could go elsewhere for online services. This factoid does not appear in “Somebody Has to Do the Dirty Work: NSO Founders Defend the Spyware They Built.” I mention this omission because the ties within the intelware and policeware industry are many and often quite important.

The write up explains:

This week, The Washington Post and a consortium of 16 other media partners reported that the company’s military-grade spyware was used in attempted and successful hacks of 37 smartphones belonging to journalists, business executives, and two women close to the murdered Saudi journalist Jamal Khashoggi.

This week refers to the period from July 19 to July 22, 2021, when information about the use of once-classified technology became readily available. What’s happened is that a single intelware and policeware company, the commercial-government connections in Israel, and the threads which tie many of the Herliya-based intelware and policeware companies to American firms is a subject of interest to lots of investigative journalists. I want to point out that the best investigative journalists fit the profile of intelligence operatives and first-class detectives working in government institutions. A few journalists have this type of work experience as well.

This means that a poster child for intelware and policeware is going to be a focal point for a news cycle or two. That’s the good news. The bad—actually really bad, bad news—is that the collateral information could be untangled. Then what will the investigative journalists find?

The Wapo article cited above adds some interesting detail; for example, “it was not appropriate to have any direct knowledge of the internal national security matters of foreign countries. They also thought they weren’t equipped to make political decisions about whom to sell to.”

And this factoid: One of the founders “was on a volunteer search-and-rescue mission in Haiti, pulling bodies out of the rubble of a collapsed university.”

Plus, one founder runs on “little sleep, Diet Coke and takeout sushi.”

There is a suggestion about managing the cyber security industry. How about this idea:

The situation would be better …if the cybersecurity industry were regulated by a global body. More importantly, he said, the Israeli government has a role to play: Countries that violate their agreements should be banned from being recipients of any of Israel’s cyber technology.

One can hypothesize about the questions my DarkCyber research team might raise about this statement, but I won’t speculate.

This article strikes me as a “make nice” write up. That’s good for NSO Group. However, I am not sure the 80 journalists and 17 news organizations are going to leave the NSO Group with stories about hard working entrepreneurs who created a successful company. Some questions I think this group of intrepid “real news” professionals could explore include:

• What’s the story behind NSO Group selling itself to Francisco Group and then buying itself back?
• Who have become the primary stakeholders in the NSO Group since Eddy Shalev made an investment in the company?
• What government contracts has the NSO Group landed in the last two years?
• What vendors resell or provide hosting services to the NSO Group?
• What partnerships exist between NSO Group and other companies?
• What conferences does NSO Group attend? What are the presentations NSO Group professionals deliver?
• What interactions exist among NSO Group and other intelware and policeware companies in Herzliya?
• What companies are now employing former NSO Group professionals?
• Who are the principal technical contractors NSO Group compensates to assist with technology development?
• What university professionals are associated with NSO Group?
• Who has nominated NSO Group for intelware and policeware awards?

There are other questions the 80 journalists and 17 news organizations can address. Digging might yield more useful information than “how quickly the pace of tech and the
advent of smartphones had enabled criminals to outrun law enforcement” or the the founders “didn’t have the background of the typical Israeli entrepreneur.”

Isn’t there more to this story? Weren’t the founders in the Israeli Army? Is that important? Perhaps the 80 journalists and 17 news organizations can answer this question,  a question I think it is quite important to pull the knots from this puzzle.

Stephen E Arnold, July 23, 2021

NSO Group: The Rip in the Fabric of Intelware

A contentious relationship with the “real news” organizations can be risky. I have worked at a major newspaper and a major publisher. The tenacity of some of my former colleagues is comparable to the grit one associates with an Army Ranger or Navy Seal, just with a slightly more sensitive wrapper. Journalists favored semi with it clothes, not bushy beards. The editorial team was more comfortable with laptops than an F SCAR.

Communications associated with NSO Group — the headline magnet among the dozens of Israel-based specialized software companies (an very close in group by the way)— may have torn the fabric shrouding the relationship among former colleagues in the military, government agencies, their customers, and their targets.

Whose to blame? The media? Maybe. I don’t have a dog in this particular season’s of fights. The action promises to be interesting and potentially devastating to some comfortable business models. NSO Group is just one of many firms working to capture the money associated with cyber intelligence and cyber security. The spat between the likes of journalists at the Guardian and the Washington Post and NSO Group appears to be diffusing like spilled ink on a camouflage jacket.

I noted “Pegasus Spyware Seller: Blame Our Customers Not Us for Hacking.” The main point seems to be that NSO Group allegedly suggests that those entities licensing the NSO Group specialized software are responsible for their use of the software. The write up reports:

But a company spokesman told BBC News: “Firstly, we don’t have servers in Cyprus.

“And secondly, we don’t have any data of our customers in our possession.

“And more than that, the customers are not related to each other, as each customer is separate.

“So there should not be a list like this at all anywhere.”

And the number of potential targets did not reflect the way Pegasus worked.

“It’s an insane number,” the spokesman said.

“Our customers have an average of 100 targets a year.

“Since the beginning of the company, we didn’t have 50,000 targets total.”

For me, the question becomes, “What controls exist within the Pegasus system to manage the usage of the surveillance system?” If there are controls, why are these not monitored by an appropriate entity; for example, an oversight agency within Israel? If there are no controls, has Pegasus become an “on premises” install set up so that a licensee has a locked down, air tight version of the NSO Group tools?

The second item I noticed was “NSO Says ‘Enough Is Enough,’ Will No Longer Talk to the Press About Damning Reports.” At first glance, I assumed that an inquiry was made by the online news service and the call was not returned. That happens to me several times a day. I am an advocate of my version of cancel culture. I just never call the entity again and move on. I am too old to fiddle with the egos of a younger person who believes that a divine entity has given that individual special privileges. Nope, delete.

But not NSO Group. According to the write up:

“Enough is enough!” a company spokesperson wrote in a statement emailed to news organizations. “In light of the recent planned and well-orchestrated media campaign lead by Forbidden Stories and pushed by special interest groups, and due to the complete disregard of the facts, NSO is announcing it will no longer be responding to media inquiries on this matter and it will not play along with the vicious and slanderous campaign.” NSO has not responded to Motherboard’s repeated requests for comment and for an interview.

Okay, the enough is enough message is allegedly in “writing.” That’s better than a fake message disseminated via TikTok. However, the “real journalists” are likely to become more persistent. Despite a lack of familiarity with the specialized software sector, a large number of history majors and liberal arts grads can do what “real” intelligence analysts do. Believe me, there’s quite a bit of open source information about the cozy relationship within and among Israel’s specialized software sector, the interaction of these firms with certain government entities, and public messages parked in unlikely open source Web sites to keep the “real” journalists learning, writing, and probing.

In my opinion, allowing specialized software services to become public; that is, actually talk about the capabilities of surveillance and intercept systems was a very, very bad idea. But money is money and sales are sales. Incentive schemes for the owners of specialized software companies guarantee than I can spend eight hours a day watching free webinars that explain the ins and outs of specialized software systems. I won’t but some of the now ignited flames of “real” journalism will. They will learn almost exactly what is presented in classified settings. Why? Capabilities when explained in public and secret forums use almost the same slide decks, the same words, and the same case examples which vary in level of detail presented. This is how marketing works in my opinion.

Observations:

1. A PR disaster is, it appears, becoming a significant political issue. This may pose some interesting challenges within the Israel centric specialized software sector. NSO Group’s system ran on cloud services like Amazon’s until AWS allegedly pushed Pegasus out of the Bezos stable.

2. A breaker of the specialized software business model of selling to governments and companies. The cost of developing, enhancing, and operating most specialized software systems keeps companies on the knife edge of solvency. The push into commercial use of the tools by companies or consumerizing the reports means government contracts will become more important if the non-governmental work is cut off. Does the world need several dozen Dark Web indexing outfits and smart time line and entity tools? Nope.

3. A boost to bad actors. The reporting in the last week or so has provided a detailed road map to bad actors in some countries about [a] What can be done, [b] How systems like Pegasus operate, [c] the inherent lack of security in systems and devices charmingly labeled “insecure by design” by a certain big software company, and [d] specific pointers to the existence of zero day opportunities in blast door protected devices. That’s a hoot at ??????? ???? “Console”.

Net net: The NSO Group “matter” is a very significant milestone in the journey of specialized software companies. The reports from the front lines will be fascinating. I anticipate excitement in Belgium, France, Germany, Israel, the United Kingdom, and a number of other countries. Maybe a specialized software Covid Delta?

Stephen E Arnold, July 22, 2021

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • FOGINT: Security Tools Over Promise & Under Deliver
  • More Googley Human Resource Goodness
  • Point-and-Click Coding: An eGame Boom Booster
  • China Smart, US Dumb: LLMs Bad, MoEs Good
  • Management Brilliance Microsoft Suggests to Customers, “You Did It!”

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org