Israel pushed spyware companies to work with Saudi despite Khashoggi's killing: Report

Despite international condemnation and even after the Saudi killing of journalist Jamal Khashoggi, Israel reportedly authorised a group of cyber-surveillance firms to work for the government of Saudi Arabia. According to a New York Times report, after the murder of Khashoggi in 2018, one of the firms, NSO Group, had cancelled its contracts with the kingdom amid accusations that its hacking tools were being misused to abet heinous crimes. However, the Israeli government encouraged the intelligence company and two other firms to keep working with the Saudis, and even reportedly issued a new license for a fourth to do similar work. 

Since then, Saudi Arabia has continued to use spyware to monitor dissidents and political opponents. According to NYT, one of the firms given permission by the Defense Ministry to work with Saudi Arabia was Candiru, which Microsoft accused earlier this week of helping its government clients spy on more than 100 journalists, politicians, dissidents and human rights advocates around the world. Microsoft said that Candiru had used malware to exploit a vulnerability in Microsoft products, enabling its government clients to spy on perceived enemies. 

According to the report, the other two firms that have licenses to work with Saudi Arabia are Verint and Quadream. While Verint was licensed before the Khashoggi killing, Quadream signed a contract with the kingdom after the killing. A fifth company, Cellebrite, which manufactures physical hacking systems for mobile phones, has also sold its services to the Saudi government, but without ministry approval. 

In a statement to the media outlet, the Israeli Defence Ministry said that it will revoke the license of any company whose wares are used to violate human rights, while declining to discuss specific licenses it has issued. However, the ministry added that a “wide range of security, diplomatic and strategic considerations are taken into account” when considering whether to grant a license to export offensive cyber technology. 

NSO’s Pegasus software

It is worth noting that NSO is by far the best known of the Israeli firms, largely because of revelations in the past few years that its Pegasus program was used by numerous governments to spy on human rights activists. NSO sold Pegasus to the kingdom in 2017, but it is still not clear whether Saudi Arabia used the spyware in the plot to kill Khashoggi. NSO has denied that its software was used.

The Pegasus software infects individuals’ phones by sending them text messages that tempt them to click an attached link. If the target clicks on the link, the company then gains full control over the phone, including its contents and history. It also gains the ability to activate its microphone and camera at will.

It is clear that Saudi Arabia has continued to use NSO software to spy on perceived opponents abroad. According to NYT, in a case that has come to light, dozens of journalists at Al Jazeera, a Qatari state-owned media company, were targeted by advanced spyware, in an attack likely linked to the governments of Saudi Arabia and the UAE. as per reports, iMessages were infecting targeted cellphones without the users taking any action. Through push notifications alone, the malware instructed the phones to upload their content to servers linked to the NSO Group turning journalists’ iPhones into powerful surveillance tools. 

(Image: AP)