Endpoint Security , Fraud Management & Cybercrime , Governance & Risk Management
Israeli Officials Deny Claims of Improper Spyware Use
Attorney General Investigates Alleged Police Use of NSO Group's Pegasus SpywareNew developments have emerged in the case of Israel Police allegedly using the flagship spyware of NSO Group, Pegasus, on its own citizens, with reported targets including critics of former Prime Minister Benjamin Netanyahu, among others.
See Also: 2024 Threat Landscape: Data Loss is a People Problem
Following a bombshell report by Israeli business publication Calcalist, high-ranking Israeli officials have denied parts of the allegations.
On Tuesday, Calcalist first reported that NSO spyware that can remotely infect smartphones was used by the nation's civilian police force, which allegedly conducted warrantless phone taps on Israeli politicians and activists, among others (see: NSO Group Spyware Reportedly Used by Israeli Police Force).
According to the report, NSO Group, which was sanctioned by the U.S. Department of Commerce in November 2021, provided its spyware product to Israel Police in 2013, and it became operational by 2015, under then-Police Commissioner Roni Alsheikh, who had previously served as deputy head of Shin Bet, the country's domestic intelligence agency.
Calcalist alleges that the surveillance proceeded without court supervision or oversight on data use. A spokesperson for the Israel Police told the publication that the police force "acts according to the authority granted to it by law and when necessary according to court orders and within the rules and regulations set by the responsible bodies."
Cabinet Official Reacts
Following Calcalist's publication, which spurred immediate reaction among Israeli lawmakers, high-ranking officials argued that they did not conduct phone taps without required legal permissions.
Omer Bar Lev, who serves as Israel's minister of public security, tweeted that the police force does not wiretap devices without the approval of a judge.
Bar Lev, who then spoke with The Guardian on Wednesday, continued to back the country's police force - denying Calcalist's claims while asserting that the technology "isn't the issue - the issue is whether the police got legal permission from a judge to use it."
The cabinet official told the outlet that next steps would be decided by Attorney General Avichai Mandelblit, who said this week that his office is investigating the claims.
Bar Lev told The Guardian: "I am waiting to hear what Mandelblit will say. After that, if I am not 98% convinced - because there's no such thing as 100% convinced - I will think about how to deal with it."
Bar Lev also told the publication that he believed he had been "told the truth" by police regarding spyware use, adding: "There might always be an exceptional case, that one or two try to go around the rules. So first of all, if this happened, it's illegal. And secondly, this is what is being checked. If what happened is really what was described in the newspaper, it's unforgivable."
Police Commissioner
In a statement issued on Thursday, Israeli Police Commissioner Yaakov (Kobi) Shabtai reportedly said that after becoming aware of the allegations, the police conducted a "thorough internal investigation" that "did not yield any findings that indicate an alleged deviation from the provisions of the law," according to CNN.
The commissioner said police are seeking more details on the alleged incidents, and that he has instructed the force to "deepen examinations," including into alleged past use.
Shabtai added: "I assure all citizens of Israel that the police will continue to fulfill its complex and important tasks, and that it will not spare any legal, and only legal, means to thwart a serious crime in the State of Israel."
Alleged Pegasus Use
Calcalist claims that the police force allegedly tracked activists in "Black Flag" protests against the Netanyahu government - demonstrations that began in 2020 amid COVID-19-related lockdowns. The findings also allege that orders were given to hack phones - including those of local officials connected to bribery investigations - by "high-ranking police officers without a court warrant or the supervision of a judge." The campaigns were reportedly carried out by a special operations cyber unit called SIGINT.
NSO Group leaders have previously said that Israeli citizens cannot be targeted and that the spyware cannot infiltrate U.S. phone lines. In December, the spyware was reportedly detected on nine phones belonging to U.S. State Department officials working in Uganda or on Ugandan issues (see: Report: NSO Group Spyware Found on State Department Phones).
Assessing the impact of these surveillance programs, Javvad Malik, lead security awareness advocate for the firm KnowBe4, tells ISMG: "Repeatedly, across the world, we have seen instances where governments have used the technology without following due process or without having any legal basis. ... Until robust and reliable processes can be built around the terms of use of such tools, these are dangerous in the hands of government and private organizations."
NSO Group Responds
An NSO Group spokesperson previously told Calcalist: "We would like to clarify that the company doesn't operate the systems held by its clients and isn't involved in activating them. … The company sells its products under license and supervision to be used by national security and law enforcement agencies to prevent crime and terror in a legal manner and according to court orders and the local law of each country."
NSO Group did not immediately respond to ISMG's separate request for comment on Thursday.
The accusations highlight potential holes in global laws governing cybercrime and surveillance, says Hank Schless, senior manager of security solutions at the firm Lookout. "What's considered lawful use of a highly invasive surveillance-ware like Pegasus could be up for debate. Regardless, in order to invade the personal privacy of an individual, governments should be required to get permission from a judge to carry out the action," Schless says.
Last July, a consortium of journalists documented 50,000 potential targets of NSO Group's spyware, including high-ranking public officials. Although it is unclear whether they were targeted, the news made headlines around the globe, drawing sharp condemnation from democracy and human rights advocates.
The Israeli Ministry of Defense, which must approve of the export of such surveillance technology, has since reportedly reduced the number of nations to which its companies can export spyware.