Dozens of Al Jazeera journalists allegedly hacked using NSO Group spyware (opens in new tab)

(theguardian.com)

111 pointsaleksei5y ago22 comments

22 comments

Why are companies that stockpile zero-days for resale legal? Aren't they also a threat to the countries that host them, even if some or all of the intelligence is shared?

And why aren't countries that host these companies sanctioned?

stevenjohns5y ago

I'm willing to go one step further and say that NSO Group is operated by and is a core part of Israeli intelligence. It just has layers of deniability baked into the business structure like any good limited liability entity.

What it comes down to is that with NSO group:

1. Israel has access to the best 0-days it needs

2. The knowledge to develop further exploits is maintained within the Israeli intelligence apparatus

3. Israel is able to dominate the digital intelligence apparatus of autocratic regimes and, as a consequence, be able to defend itself against those tools

4. Israel is able to use it as a back channel for establishing and maintaining relationships, as well as exerting power and leverage on those nations

Given that it is an Israeli-government entity, much like the rest of the Israeli government, it is politically untouchable and buried under layers of denial. It's a direct, toxic exploitation of the relationship that Western countries maintain with Israel.

michael19995y ago

The same reasons that the companies that make guns, bombs, and tanks are legal.

1 more reply

fortran775y ago

NSO is owned by a European company Novalpina Capital with headquarters in London.

dessant5y ago

My original comment asked if we should assume that the NSO Group arsenal is shared with the Israeli Intelligence Community, given that we've talking about an Israeli company.

That's a valid question, because hosting such a company is a major diplomatic liability. Why would you consider this question, as you said, a slander?

2 more replies

1cvmask5y ago

Journalists as messengers have always been targeted, and even killed, and it seems that Apple’s messaging system was the attack vector here.

While the article decries NSO for being nefarious and selling to suspect “authoritarian” countries, high schools here in our democratic US have been buying hacking solutions to spy on students:

https://gizmodo.com/u-s-schools-are-buying-phone-hacking-tec...

primroot5y ago

Less than a decade ago NSO Group assisted the then president of Panama, Ricardo Martinelli, in spying his political adversaries. Around the same time Martinelli requested similar assistance from the US, but they refused his request (according to Wikileaks).

joemazerino5y ago

Journalists can't seem to keep up with the latest threat model material. I'm wondering if a resource for journalist training is a good idea considering the resources stacked against them.

filmgirlcw5y ago

Many journalists who are frequently engaging in conversations that would be deemed highly sensitive are keeping up with the latest thread model material and following best security practice, moreover, the circumstances we know in this case make me question if any individual outside of the most security paranoid, could have prevented being hacked in this way.

This was an iOS 0-day that appears to have targeted iMessage [1] and worked via zero-click, meaning user interaction wasn’t necessary. CitizenLabs says that in one case, the initial vector appears to be Apple’s own servers.

So you’ve got people with modern (if not the latest) phones running the latest software on what is considered to be the most secure mobile operating system and you have highly-targeted attacks that appear to be state-sponsored, with high precision, going after these individuals.

What could education do to help in this case? Literally every single person I know, and this includes some extremely sophisticated security experts, would have been victims here too.

In the abstract, I agree with more training — though I’ll offer that these resources are widely available already in many newsrooms — but in this case, it would have done nothing.

[1]: https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hac...

0_____05y ago

More of a failing of AJ's IT dept than anything else. Not sure if they were using AJ issued devices but they should be on managed devices that get updated on schedule, which may have mitigated this attack. Journos aren't necessarily deeply technical folks, that's really not their core competency.

filmgirlcw5y ago

Read the details on this attack. They were running the latest software. I wouldn’t be surprised if the devices were managed in some way too. It doesn’t matter. This highly-targeted attack couldn’t be mitigated and that’s exactly the point.

2 more replies

fakedang5y ago

When you work in a sensitive environment such as the middle east as a journalist, one really needs to go overboard and keep an insulated protection layer - separate devices, clean contacts, Tor and VPN, the whole gamut. It is the journalist's responsibility in such environments to ensure their survival and make sure that they don't engage in something stupid.

I presume AJ, just like the others, tends to use a lot of freelancers - in fact, they pay out some of the highest commissions to freelancers. Most freelancers are responsible for their own lives.

1 more reply

DSingularity5y ago

Join NSO! Protect your favorite colonial interests without the stigma of working for big tech!

j / k navigate · click thread line to collapse

22 comments

dessant5y ago

Why are companies that stockpile zero-days for resale legal? Aren't they also a threat to the countries that host them, even if some or all of the intelligence is shared?

And why aren't countries that host these companies sanctioned?

stevenjohns5y ago

What it comes down to is that with NSO group:

1. Israel has access to the best 0-days it needs

2. The knowledge to develop further exploits is maintained within the Israeli intelligence apparatus

3. Israel is able to dominate the digital intelligence apparatus of autocratic regimes and, as a consequence, be able to defend itself against those tools

4. Israel is able to use it as a back channel for establishing and maintaining relationships, as well as exerting power and leverage on those nations

michael19995y ago

The same reasons that the companies that make guns, bombs, and tanks are legal.

1 more reply

fortran775y ago

NSO is owned by a European company Novalpina Capital with headquarters in London.

dessant5y ago

My original comment asked if we should assume that the NSO Group arsenal is shared with the Israeli Intelligence Community, given that we've talking about an Israeli company.

That's a valid question, because hosting such a company is a major diplomatic liability. Why would you consider this question, as you said, a slander?

2 more replies

1cvmask5y ago

Journalists as messengers have always been targeted, and even killed, and it seems that Apple’s messaging system was the attack vector here.

While the article decries NSO for being nefarious and selling to suspect “authoritarian” countries, high schools here in our democratic US have been buying hacking solutions to spy on students:

https://gizmodo.com/u-s-schools-are-buying-phone-hacking-tec...

primroot5y ago

joemazerino5y ago

Journalists can't seem to keep up with the latest threat model material. I'm wondering if a resource for journalist training is a good idea considering the resources stacked against them.

filmgirlcw5y ago

What could education do to help in this case? Literally every single person I know, and this includes some extremely sophisticated security experts, would have been victims here too.

In the abstract, I agree with more training — though I’ll offer that these resources are widely available already in many newsrooms — but in this case, it would have done nothing.

[1]: https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hac...

0_____05y ago

filmgirlcw5y ago

2 more replies

fakedang5y ago

I presume AJ, just like the others, tends to use a lot of freelancers - in fact, they pay out some of the highest commissions to freelancers. Most freelancers are responsible for their own lives.

1 more reply

DSingularity5y ago

Join NSO! Protect your favorite colonial interests without the stigma of working for big tech!

j / k navigate · click thread line to collapse