Innovation & Research Symposium Cisco and Ecole Polytechnique 9-10 April 2018 Artificial Intelligence & Cybersecurity / © École polytechnique – J.Barande / Flickr / April 9, 2018 / CC BY-SA 2.0
The hacking continues as Apple notifies 11 U.S. State Department employees located in Uganda that their phones were hacked using a tool that was developed by NSO Group – an Israeli tech company that has been blacklisted by the Biden administration.
The mobile hacking tool is also known as Pegasus and is NSO Group’s first successful attack on American officials.
Pegasus is a spyware system that allows pervasive surveillance once the phone has been compromised, and it’s easier to gain control than you might think. They’ve developed a technique called the “zero-click” method, that can infect an iPhone without requiring the owner to click a link or open a file – giving the hacker access to a phone’s files, messages, microphone, and camera in an instant.
While the laws and regulations might be a bit hazy, the situation essentially goes like this: Biden recently placed the NSO Group on an export prohibition list, effectively restricting them from being able to obtain certain types of tech from the U.S.
This was announced after news came out that Pegasus – the NSO Group’s main software intrusion tool – has reportedly been used by law enforcement and intelligence agencies to target and break into the cellphones of politicians, human-rights activists, and journalists.
NSO Group responded to the incident in a statement, saying “Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations… To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case.”
NSO has claimed on multiple occasions that their technology has been used to save lives and help law enforcement, while still respecting privacy and the law. They’ve also said that they terminate contracts with countries that have abused their software.
This is not a good enough excuse for the people who can see all the ongoing issues.
Sen. Ron Wyden, a Democrat on the Senate Intelligence Committee has time and time again advocated for more serious restrictions on companies like NSO Group, and other hacking tool vendors. “Companies that enable their customers to hack U.S. government employees are a threat to America’s national security and should be treated as such by the government.”
NSO Group has acknowledged people’s concerns, by coming out and saying that they place restrictions on the use of their tools – one of which being that they are blocked from working on U.S. phone numbers.
But that doesn’t seem to be stopping hackers from finding loopholes, in a statement, NSO Group acknowledged that “once the software is sold to the licensed customer, NSO has no way to know who the targets of the customers are, as such, we were not and could not have been aware of this case.”
It seems like no one is truly safe anymore from hacking…
