The Israeli security software maker is at the center of an international scandal after media investigations revealed that at least 50,000 phones, including those of 600+ senior politicians and officials and hundreds of journalists, had been targeted by its military-grade spyware.
The Israeli government was heavily involved in pushing NSO Group’s Pegasus software to foreign state clients, and even intervened directly in situations where the cybersecurity giant showed hesitation to do so, Israel’s Haaretz newspaper has reported, citing half-a-dozen officials and businesspeople said to be familiar with the situation.
NSO Group would not have been able to sell its products, whose export is regulated by the Defence Ministry, to countries like Saudi Arabia, with which Israel has no formal diplomatic relations, unless Tel Aviv allowed them to do so.
One senior official told the newspaper that “Israel marked Saudi Arabia as a strategic target” for an aggressive spyware marketing campaign in 2017, with Tel Aviv reportedly considering Riyadh to be a ‘moderate’ force in the Arab world and actively seeking to exacerbate the Gulf kingdom’s tensions with regional rival Iran, which is also a key strategic adversary of Israel’s.
A second senior official said Israel sought to “arm the Saudis” with its spyware tech, including Pegasus, amid Tel Aviv’s quiet efforts to normalize relations with Riyadh and other Gulf sheikdoms.
A third official, who also requested that their identity be withheld, told the newspaper that Saudi Arabia deserved Israeli help via spyware sales amid “serious threats from Iran and its different terror cells and proxies.”
One person said to be present at a 2017 tech event in Cyprus where NSO Group demonstrated its products recalled the company’s showcasing of its zero-click hack capability to Saudi officials, during which a freshly-bought iPhone was hacked using only its phone number. “They went to discuss it amongst themselves. You don’t need to know Arabic to understand that they were in awe and super excited from what they saw – it was clear that this was what they were looking for,” the person said.
Riyadh reportedly went on to purchase NSO software in a $50 million multi-year deal.
One of the officials indicated that the outsized power of Israel’s cyber industry in proportion to the country itself gives it a “relative advantage” which it could trade with other intelligence services.
Another businessman said an official acting on behalf of the Israeli government had asked them to “take the deal” with one country because “it helps Israel’s security.”
Responding to the newspaper’s reporting, the Israeli Defence Ministry confirmed that the government was “in charge of overseeing the sale of cyber tools from Israel,” and added that “a number of considerations” are taken into account, among them defence and security deliberations, as well as diplomatic and strategic ones, when it comes to military exports.
NSO Group has similarly suggested that its software is made strictly for the purposes of fighting crime and terrorism, that its products have saved “tens of thousands” of lives, and has offered a blanket rejection of the wave of reporting on the potential illegal use of its products.
Sources speaking to The Guardian partially corroborated the statements made by Haaretz’s state and business sources, with anonymous sources telling the British newspaper that Saudi Arabia was temporarily cut off from being allowed to use Pegasus in 2018 after the murder of Jamal Khashoggi, but had its access to the software restored in 2019 following pressure from the Israeli government.