Surprise: NSO Group Pegasus Is in the News Again
July 28, 2022
On July 27, 2022, the winger wonder Pegasus cast a shadow over the desks of the House Intelligence Committee. The flapping of the mythical creatures wings could not be stilled. Gavel pounding, heavy breathing from lobbyists in the gallery, and convoluted statements by elected leaders did not cause the beastie to fly away. Nope. Pegasus with its NSO Group logo branded on its comely haunch was present. Even mythical creatures can leave behind a mess.
And it appears as if the mess is semi-permanent and odiferous.
“We’re Likely Only Seeing the Tip of the Iceberg of Pegasus Spyware Use Against the US” states:
US lawmakers heard testimony from Citizen Lab senior researcher John Scott-Railton; Shane Huntley, who leads Google’s Threat Analysis Group; and Carine Kanimba, whose father was the inspiration for Hotel Rwanda and who was, herself, targeted by Pegasus spyware. This, of course, is the now-infamous malware that its developer, Israel’s NSO Group, claims is only sold to legitimate government agencies — not private companies or individuals. Once installed on a victim’s device, Pegasus can, among other things, secretly snoop on that person’s calls, messages, and other activities, and access their phone’s camera without permission.
I like the Hotel Rawanda reference. Younger elected officials may not know much about intelware, but they definitely know about the motion picture in my opinion. Hutus Tutsis and a big box office. A target of Pegasus. Credibility? Yep.
The hearings continue of July 28, 2022. According to the article:
Schiff called NSO’s software and similar eavesdropping tools “a threat to Americans,” and pointed to news reports from last year about cellphones belonging to US diplomats in Uganda being compromised by Pegasus. It is my belief that we are very likely looking at the tip of the iceberg, and that other US government personnel have had their devices compromised, whether by a nation-state using NSO’s services or tools offered by one of its lesser known but equally potent competitors,” Schiff said.
Google — the go to source for objective information — is allegedly tracking 30 firms “that sell exploits or surveillance capabilities to government-backed groups.
Just 30? Interesting, but, hey, Google knows surveillance cold I suppose.
A handful of observations:
- NSO Group’s Pegasus continues to capture attention like a Kentucky Derby winner which allegedly has banned substances rubbed on its belly. Some of those rub ons have a powerful scent. Even a boozy race track veterinarian can wince when checking a specific thoroughbred’s nether region.
- The knock on effect of NSO Group’s alleged management oversight means that scrutiny of intelware companies is going to spotlight the founders, funders, and stakeholders. I think this is like a deer standing on railroad tracks mesmerized by the bright white light heading down the rails at 60 miles per hour. In the train versus deer competitions in the past, trains hold a decided advantage.
- Individual companies in the specialized software business face an uncertain future.
How uncertain?
Regulations and bans seem to be on the menus in a number of countries. Also, there are a finite number of big dollar contracts for specialized software and smaller firms are going to have to get big fast, sell out to a larger company with multiple lines of law enforcement, defense, and intelligence revenue, or find a way to market without marketing “too well.”
And the “too well”?
Since NSO Group’s spotlight appearances, smaller intelware companies have had to be very careful abut their sales and marketing activities. Why? There are reporters from big time newspapers nosing around for information. There are online podcasts which have guests who talk about what specialized software can do, where the data originate, and how a “food chain” of information providers provide high value information. There are the tireless contributors of Twitter’s #OSINT threads who offer sometimes dumb and less frequently high-value nuggets about specialized services vendors. Finally, there are the marketers at specialized services firms themselves who use email blasts to tout their latest breakthroughs. Other small specialized software vendors prowl the niche law enforcement and intelligence conferences in search of sales leads. In some cases, there are more marketers than there are individuals who can license a data set, an analytics package, or the whole enchilada needed to monitor — how shall I phrase it — comprehensively. These energetic marketers learn that their employer becomes a journalist’s subject of interest.
Net net: When I reflect on the golden years of specialized software and services marketing, testing, and deploying, I have one hypotheses: NSO Group’s visibility has changed the game. There will be losers and a very few big winners. Who could have foreseen specialized software and services working like a bet on the baccarat tables in Monaco? Who anticipated NSO Group-type technology becoming “personal” to the US? I sure did not. The light at the end of the tunnel, once the train clears the deer, is that the discipline of “marketing without marketing too much” may become mainstream in France, Germany, Israel, Switzerland, and the US. I hear that train a-comin’ do you?
Stephen E Arnold, July 28, 2022
NSO Group: Lobbying Is Often Helpful
July 20, 2022
More NSO Group news. “Pegasus Spyware Maker NSO Is Conducting a Lobbying Campaign to Get Off U.S. Blacklist.” The article states as actual factual:
NSO has invested hundreds of thousands of dollars in the past year in payments to lobbyists, public relations companies and law firms in the U.S., in the hope of reversing the Biden administration’s November decision, according to public records filed under the Foreign Agent Registration Act and conversations with people familiar with the effort. These firms have approached members of the U.S. House and Senate, as well as various media outlets and think tanks across the U.S., on NSO’s behalf.
Who knew? NSO Group has been able to attract media attention for months.
The write up points out:
NSO is trying to get the matter raised during a meeting between U.S. President Joe Biden and Israeli Prime Minister Yair Lapid when the former visits Israel this week. In addition, NSO lobbyists unsuccessfully tried to set up a meeting between representatives of the company and U.S. National Security Adviser Jake Sullivan, but it did not take place. Asked for comment, an NSO spokesperson declined to comment on the campaign but “thanked” Shomrim for publishing an article on its efforts, which he described as “supportive.”
Interesting. Why won’t world leaders do what a high tech outfit providing specialized services want?
NSO Group has been trying to explain its position; for example, the cited article notes:
In a different letter distributed by the firm this year, NSO states it has “developed a human rights governance compliance program,” saying it would conduct a review of all users to see whether they might use the technology used to “violate human rights.”
In my upcoming lecture for a law enforcement group, I point out that with each passing day it is increasingly difficult to figure out what information is “valid”. As a result, the utility of open source information is eroding. Perhaps the Golden Age of OSINT is darkened with weaponized information?
Interesting?
Stephen E Arnold, July 20, 2022
NSO Group and the Big Mango
July 19, 2022
“Pegasus Used to Spy on Protesters, a Popular Actress, and Dozens More in Thailand, Report Shows” presents more allegedly accurate information about the NSO Group. The Israeli company has demonstrated a remarkable ability to make headlines. The cited article states:
At least 30 Thai citizens were targeted by the Pegasus phone-hacking software between October 2020 and November 2021, according to a forensic report by the Canadian digital rights organization CitizenLab and Thai NGOs iLaw and DigitalReach.
What’s interesting about this article about the Pegasus software is the assertion about the targets of the alleged surveillance. I noted this passage:
An anti-government rapper, Dechathorn “Hockhacker” Bamrungmuang; a famous Thai actress, Intira Charoenpura; and a political science professor, Prajak Kongkirati, were also among those attacked.
Fascinating. A rapper named Hockhacker. Curious I searched YouTube and located this audio track: https://www.youtube.com/watch?v=qcqoxUICnU8.
Who knew? Will Hockhacker surge to the pinnacle of musical popularity? Will Hockhacker match NSO Group’s PR-ability? Life is chock full of opportunities.
Stephen E Arnold, July 19, 2022
NSO Group: Sort of For Sale and More Remarkable PR
July 12, 2022
I read “Defense Firm Said US Spies Backed Its Bid for Pegasus Spyware Maker.” Okay, NSO Group, the backchannel produced and identified L3 Harris. The proposed acquisition encountered headwinds. Not particularly surprising. What’s interesting is the “play” a specialized software vendor gets. The estimable New York Times, which is enthusiastic in its business reporting, states:
The talks continued in secret until last month, when word of NSO’s possible sale leaked and sent all the parties scrambling. White House officials said they were outraged to learn about the negotiations, and that any attempt by American defense firms to purchase a blacklisted company would be met by serious resistance. Days later, L3Harris, which is heavily reliant on government contracts, notified the Biden administration that it had scuttled its plans to purchase NSO, according to three United States government officials, although several people familiar with the talks said there have been attempts to resuscitate the negotiations.
I don’t have a dog in this fight. What catches my attention is that NSO Group and the Pegasus words are attention magnets. Doesn’t it seem reasonable that discussions about a company providing specialized hardware, software, and services acquiring an intelware vendor be handled the old fashioned way: Quietly and confidentially.
I have learned that quiet and confidential are not part of today’s world. Consequently, I read the articles about NSO Group and the “deal” and think:
- Another outfit (possibly not American) has an opportunity to snag the systems and methods, software, data, and customers of the PR magnet
- The use of NSO Group and its outstanding marketing and sales methods have altered in a substantive way the specialized software and services market. The changes may not be net positives in my opinion. (Way to go zoom zoom executives.)
- The let’s reveal as much as possible may have some downstream consequences because there are more significant clear and present data actions underway that deserve more attention. Will I mention TikTok and its data? No, of course not.
How much longer will the dead horse take whacks? Probably months, maybe years? And to what end? Selling real news? Embarrassing a US company? Providing weaponized information about political behaviors? My hunch is that the reason is, “Hey, it’s just right.” Do you agree L3 Harris?
Stephen E Arnold, July 12, 2022
TikTok: One US Government Agency Is Not Addicted
July 6, 2022
“U.S. FCC Commissioner Wants Apple and Google to Remove TikTok from Their App Stores” appears to have avoided the digital addiction which some attribute to TikTok. As I have pointed out in my lectures, some Silicon Valley “real news” types are just thrilled with TikTok. Others, like myself, view the app with considerable suspicion. It appears that the UD Federal Communications Commission has some doubts as well.
The write up states:
A leader of the U.S. Federal Communications Commission said he has asked Apple and Google to remove TikTok from their app stores over China-related data security concerns.
The article points out:
- A China connection
- Data hoovering
- A surveillance tool.
The real news folks did not mention TikTok’s usefulness as a psyops weapon.
Oh, well. Why would psyops be important? Possibly manipulation, blackmail, weaponized information. Yeah, no big deal.
Stephen E Arnold, June xx, 2022
NSO Group: The EU Parliament Has an Annoyed Committee
June 27, 2022
I almost made it through a week without another wild and crazy NSO Group Pegasus kerfuffle. Almost is not good enough. I read “EU Parliament’s Pegasus Committee Fires Against NSO Group.” Do committees tote kinetic weapons in Western Europe?
The write up states:
On Tuesday (21 June), the committee scrutinized the NSO Group by questioning Chaim Gelfand, the tech firm’s General Counsel and Chief Compliance Officer. The MEP and rapporteur Sophie in ‘t Veld said the way Gelfand responded to or declined to answer several questions was “an insult to our intelligence” and that there was a “complete disconnect between reality and what you are saying”.
Does this mean “dismissive”? Maybe “arrogant”? Possibly “exasperated”?
The write up includes a question from a Polish representative; to wit:
“Who and how was checking the governments of Hungary and Poland? How on earth could they be verified by you?”
Not surprisingly, NSO Group has yet to find the equivalent of Meta (Zuckbook’s spokes human). Perhaps NSO Group will find an individual who does not stimulate EU Parliament committee members to be more forceful?
Stephen E Arnold, June 27, 2022
TikTok: Allegations of Data Sharing with China! Why?
June 21, 2022
If one takes a long view about an operation, some planners find information about the behavior of children or older, yet immature, creatures potentially useful. What if a teenager, puts up a TikTok video presenting allegedly “real” illegal actions? Might that teen in three or four years be a target for soft persuasion? Leaking the video to an employer? No, of course not. Who would take such an action?
I read “Leaked Audio from 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed from China.” Let’s assume that this allegation has a tiny shred of credibility. The financially-challenged Buzzfeed might be angling for clicks. Nevertheless, I noted this passage:
…according to leaked audio from more than 80 internal TikTok meetings, China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users…
Is the audio deeply faked? Could the audio be edited by a budding sound engineer?
Sure.
And what’s with the TikTok “connection” to Oracle? Probably just a coincidence like one of Oracle’s investment units participating in Board meetings for Voyager Labs. A China-linked firm was on the Board for a while. No big deal. Voyager Labs? What does that outfit do? Perhaps it is the Manchester Square office and the delightful restaurants close at hand?
The write up refers to data brokers too. That’s interesting. If a nation state wants app generated data, why not license it. No one pays much attention to “marketing services” which acquire and normalize user data, right?
Buzzfeed tried to reach a wizard at Booz, Allen. That did not work out. Why not drive to Tyson’s Corner and hang out in the Ritz Carlton at lunch time. Get a Booz, Allen expert in the wild.
Yep, China. No problem. Take a longer-term view for creating something interesting like an insider who provides a user name and password. Happens every day and will into the future. Plan ahead I assume.
Real news? Good question.
Stephen E Arnold, June 21, 2022
Quick NSO Group Update
June 20, 2022
Two items for the estimable NSO Group caught my attention.
The first is a Reuters (the trust outfit!) item called “Spanish Court Calls CEO of Israel’s NSO to Testify in Spying Case.” The trusted write up reports that t6he “rogatory” commission will head to Israel and investigate. Nothing new with this. The CEO appears to be a person of interest.
The second is an Axios story with a pat-on-the-back headline: “Scoop: Israelis Push US to Remove NSO from Blacklist.” The core of this item is that looked at one way, routine discussions are underway. Looked at another way, lobbyists are beavering away. NSO Group has not hired one law firm to work on the blacklisting. Nope, NSO Group has two law firms loosing legal eagles.
NSO Group has lost some PR traction to the Alphabet Google YouTube DeepMind Bob Hope-ism that its software is alive and as smart as a seven year old. I think crows are as smart as seven years old. Despite the best efforts of those who want to discredit the specialized software vendors, AGYD’s mastery of messaging is at the top of the heap.
Keep trying NSO Group.
Stephen E Arnold, June 20, 2022
The UK National Health Service: The Search for a Silver Bullet
June 13, 2022
Modern health care is a bit of muddle. The UK’s National Health Service has licensed, tested, tire kicked, and tried every angle to manage its myriad activities.
According to the odd orange newspaper (the Financial Times), the often befuddled NHS may be ready to embrace the PowerPoint assertions of a US company. “Palantir Gears Up to Expand Its Reach into UK’s NHS” reports:
Over the next few months, Palantir will bid for the five-year £360mn contract for the proposed Federated Data Platform (FDP), a new data tool to connect and integrate patient and other data sources from across the health system, so real-time decisions can be made effectively by clinicians and bureaucrats.
How similar is delivering health care to analyzing information to win a battle or figure out what an adversary is likely to do?
I am not sure. I do know that many intelware companies (this is my term for firms providing specialized software and services to law enforcement, crime analysts, and intelligence professionals) find that commercial clients can become squeamish under these conditions:
- Question from potential customer: “Who are your customers?” Intelware vendor: “Sorry, that information is classified.”
- Question from potential customer: “Can you provide a specific example of how your system delivered fungible results?” Intelware vendor: “We are not permitted to disclose either the use or effect of our system.”
- Question from potential customer: “How much consulting and engineering are needed before we can provide access to the system?” Intelware vendor: “That depends.” Customer asks a follow up question: “Can you be more specific?” Intelware vendors: “That information is classified.”
You can see how the commercial outfits not engaged in fighting crimes against children, drug smuggling, terrorist actions, termination of adversaries, etc. can be a tough sell.
But one of the big issues is the question, “Is our data available to government entities in our country or elsewhere without our knowledge or permission?”
Every licensee wants to here assurances that data are private, encrypted, protected by 20 somethings in Slough, or whatever is required to close the deal.
But there is the suspicion that when a company does quite a bit of work for certain government agencies in one or more countries, stuff happens. Data mining, insider actions, or loss of data control due to bad actors behavior.
It will be interesting to see if this deal closes and how it plays out. Based on NHS’s track record with Google-type outfits and Smartlogic-type innovators, I have a hunch that the outcome will be a case study of modern business processes.
Palantir needs many big wins to regain some stock market momentum. At least the Financial Times did not reference Palantir’s estimate of a 30 percent chance of nuclear war. Undoubtedly such a terrible event would stretch NHS’s capabilities regardless of technology vendor underpinning the outfit.
Stephen E Arnold, June 13, 2022
NSO Group: A Spanish Road Trip Planned
June 8, 2022
Spain’s judicial system stretches back centuries. The idea, as I understand it, was for Courts and Tribunals to administer justice in the name of the King of Spain. Now perhaps some of these alcaldes de crimen became frisky; support for the Catholic Church’s Index Librorum Prohibitorum, banishments, property seizures aimed at people of a certain religious persuasion, decisions about precious metals from the lands across the sea, etc., etc.
NSO Group now has an opportunity to interact with Spain’s judiciary up close and personal.
“Spanish Judge to Visit Israel Seeking Testimony from NSO on Pegasus Spyware Use” reports:
The [Spanish] court said that José Luis Calama has decided to lead a judicial commission that will travel to Israel to “take testimony from the CEO of the company that commercializes the Pegasus program.”
The article added:
NSO says that it only sells its Pegasus spyware to governments for security purposes. Pegasus has been linked to the hacking of other political leaders and activists in other countries. NSO has denied playing any part of this apparent misuse of its evasive technology that has come to light thanks to the work of digital-rights groups inspecting individual phones.
I assume that the trappings of the chat will be free of the methodologies used in investigations centuries ago. Probably pencils and papers because iPhones… well, you know.
Stephen E Arnold, June 8, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
