Israel: 'Rogue' cyber company must have licence revoked over surveillance spyware

Amnesty International is taking legal advice in order to revoke the export licence of Israel-based NSO Group, after it was revealed the cyber firm’s spyware had been used in an attempt to spy on an Amnesty staff member.

A recent investigation by the Haaretz newspaper has uncovered the that fact that the company’s sophisticated ‘Pegasus’ surveillance tool was offered to the Saudi Arabian authorities last year.

Two weeks ago, Amnesty International Israel submitted an urgent request to the Israeli Ministry of Defence, demanding that NSO Group's defence export licence be revoked in light of an attempted cyber attack on an Amnesty staff member via NSO's spyware.

But this week, the Israeli Defence Ministry refused to revoke the firm’s licence, and Amnesty is now considering taking legal action to challenge this decision.

Molly Malekar, Amnesty International Israel Programmes Director, said:

“We thoroughly reject this inadequate response. The mountain of evidence and reports on NSO Group and the sale of its spyware to human rights-violating regimes is substantial proof that NSO has gone rogue.

“The Ministry of Defence must answer for their failure to properly regulate NSO Group as they are in charge of controlling Israeli defence exports.

“By continuing to approve of NSO Group, the Ministry of Defence is practically admitting to knowingly cooperating with NSO Group as their software is used to commit human rights abuses.”

In June this year, an Amnesty International staff member was targeted by a sophisticated surveillance campaign, in what the organisation suspects was a deliberate attempt to spy on its staff by a government hostile to human rights work.

Danna Ingleton, Deputy Director of Amnesty International Tech, said:

“Amnesty International will not stand idly by as companies such as NSO Group profit from selling their invasive Pegasus software to repressive states around the world.

”NSO Group’s software has been used to attack Amnesty staff and fellow human rights defenders globally. As the Israeli Ministry of Defence refused our request to revoke the export licence, it is clear that we now need to take additional legal steps to expose the truth and seek accountability for the attack against us.”

Targeting of Amnesty International staff

Earlier this year, an Amnesty staff member received a suspicious WhatsApp message in Arabic. The text contained details about an alleged protest outside the Saudi embassy in Washington DC, followed by a link to a website. Investigations by Amnesty’s technology team revealed that clicking the link would have installed “Pegasus”, a sophisticated surveillance tool developed by the NSO Group.

The WhatsApp message was sent to Amnesty in a week when the organisation was campaigning for the release of six women’s rights activists detained in Saudi Arabia. The link, if clicked, would have allowed the Pegasus software to infect the user’s smartphone, tracking keystrokes, taking control of the phone’s cameras and microphone and accessing contact lists.

Amnesty’s investigation has also discovered that another Saudi rights activist, who later publicly identified himself as Yahya Asiri, received a similar malicious message.

In a statement to Amnesty at the time, NSO Group said that their product “is intended to be used exclusively for the investigation and prevention of crime and terrorism”, and that any other use violate their policies and contracts.

Connection to NSO Group and suspicious websites

Further investigations by Amnesty have revealed that the domain link in the message belongs to a large infrastructure of more than 600 malicious domains, some of which had been previously connected to NSO Group.

Amnesty is concerned that these could be used to “bait and spy” on activists in numerous countries including Kenya, Democratic Republic of the Congo and Hungary, in addition to countries of the Gulf. Pegasus was also used to target the Emirati award-winning human rights defender Ahmed Mansoor, who has been in prison in the United Arab Emirates since March 2017.

While law-enforcement agencies in many countries have used secret surveillance in relation to national security objectives, Amnesty is concerned that in many cases surveillance is being carried out in a manner contrary to international human rights law. Tools like Pegasus are especially problematic from a human rights law perspective as they are so deeply invasive. As laid out in the UN Guiding Principles on Business and Human Rights, companies have a responsibility to respect human rights wherever they operate in the world.

View latest press releases