Exclusive: FBI probes use of Israeli firm's spyware in personal and
government hacks - sources
Send a link to a friend
 [January 31, 2020]
By Joseph Menn and Jack Stubbs
(Reuters) - The FBI is investigating the
role of Israeli spyware vendor NSO Group Technologies in possible hacks
on American residents and companies as well as suspected intelligence
gathering on governments, according to four people familiar with the
inquiry.
The probe was underway by 2017, when Federal Bureau of Investigation
officials were trying to learn whether NSO obtained from American
hackers any of the code it needed to infect smartphones, said one person
interviewed by the FBI then and again last year.
NSO said it sells its spy software and technical support exclusively to
governments and that those tools are to be used in pursuing suspected
terrorists and other criminals. NSO has long maintained that its
products cannot target U.S. phone numbers, though some cybersecurity
experts have disputed that.
The FBI conducted more interviews with technology industry experts after
Facebook filed a lawsuit in October accusing NSO itself of exploiting a
flaw in Facebook's WhatsApp messaging service to hack 1,400 users,
according to two people who spoke with agents or Justice Department
officials.
NSO said it was not aware of any inquiry.
"We have not been contacted by any U.S. law enforcement at all about any
such matters," NSO said in a statement provided by Mercury Public
Affairs strategy firm. NSO did not answer additional questions about its
employees conduct but previously said government customers are the ones
who do the hacking.
A spokeswoman for the FBI said the agency "adheres to DOJ's policy of
neither confirming nor denying the existence of any investigation, so we
wouldn't be able to provide any further comment."
Reuters could not determine which suspected hacking targets are the top
concerns for investigators or what phase the probe is in. But the
company is a focus, and a key issue is how involved it has been in
specific hacks, the sources said.
Part of the FBI probe has been aimed at understanding NSO's business
operations and the technical assistance it offers customers, according
to two sources familiar with the inquiry.
Suppliers of hacking tools could be prosecuted under the Computer Fraud
and Abuse Act (CFAA) or the Wiretap Act, if they had enough knowledge of
or involvement in improper use, said James Baker, general counsel at the
FBI until January 2018.
The CFAA criminalizes unauthorized access to a computer or computer
network, and the Wiretap Act prohibits use of a tool to intercept calls,
texts or emails.
[to top of second column]
|
Activists and journalists protest outside the Attorney General's
Office (PGR) after a criminal complaint following a report that
their smartphones had been infected with spying software sold to the
government to fight criminals and terrorists in Mexico City, Mexico
June 23, 2017. REUTERS/Carlos Jasso/File Photo
NSO is known in the cybersecurity world for its "Pegasus" software
other tools that can be delivered in several ways. The software can
capture everything on a phone, including the plain text of encrypted
messages, and commandeer it to record audio.
A business strategy firm retained on behalf of Amazon.com Inc Chief
Executive Jeff Bezos, FTI Consulting, said this month that NSO could
have supplied the software it said Saudi Arabia used to hack Bezos'
iPhone.
The phone began sending out more data hours after it received a
video from a WhatsApp account associated with Crown Prince Mohammed
bin Salman, FTI said. Saudi Arabia called the FTI allegation
"absurd," and NSO said it was not involved. Other security experts
said the data was inconclusive.
The FBI is investigating and has met with Bezos, a member of his
team told Reuters. A Bezos spokesman did not respond to a request
for comment.
FBI leaders have indicated that they are taking a hard line on
spyware vendors.
At a briefing at FBI Washington headquarters in November, a senior
cybersecurity official said that if Americans were being hacked,
investigators would not distinguish between criminals and security
companies working on behalf of government clients.
"Whether you do that as a company or you do that as an individual,
it's an illegal activity," the official said.
In the counterintelligence aspect of the probe, the FBI is trying to
learn if any U.S. or allied government officials have been hacked
with NSO tools and which nations were behind those attacks,
according to a Western official briefed on the investigation.
Outside of government, journalists, human rights activists and
dissidents in several countries have been victims of attacks using
NSO spyware, according to the University of Toronto's Citizen Lab
researchers.
In the past, NSO has denied involvement in some of those instances
and declined to discuss others, citing client confidentiality
requirements.
(Reporting by Joseph Menn in San Francisco and Jack Stubbs in
London; additional reporting by Raphael Satter and Chris Bing in
Washington; editing by Greg Mitchell and Grant McCool)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
