NYT: In Secret Deal, US Govt Using Israeli Made Pegasus Spyware Banned by Commerce Dept

NYT: In Secret Deal, US Govt Using Israeli Made Pegasus Spyware Banned by Commerce Dept

Edited by: Fern Sidman

The United States government has apparently gained access to a powerful weapon that it once blacklisted and encouraged others not to use it or to patronize the company that manufactures it.

According to an April 2 report in the New York Times, a secret contract was signed in early November of 2021 in which the Israeli firm, NSO Group, gave the U.S. government access to the one of a kind spyware known as Pegasus. a  geolocation tool that can covertly infiltrate a target’s mobile phone, gaining access to messages and contacts, the camera and microphone and location history without the user’s consent. Only government law enforcement agencies can purchase the product and all sales are approved by Israel’s Defense Ministry.

Pegasus spyware can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. Pegasus is reportedly able to exploit all iOS versions up to 14.6, through a zero-click iMessage exploit, as was reported by Wikipedia. As of 2022, Pegasus was capable of reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device’s microphone and camera, and harvesting information from apps. The spyware is named after Pegasus, the winged horse of Greek mythology. It is a Trojan horse computer virus that can be sent “flying through the air” to infect cell phones, as was reported by Wikipedia.

The Times reported that the November 2021 deal was between a company that has acted as a front for the United States government and the American affiliate of the Israeli firm that created the spyware. The NYT reported that the deal was signed for the front company by a businessman using a fake name.

The report indicated that only five says before the deal was signed, the Biden administration had announced it was taking action against NSO, whose hacking tools for years had been used by some nefarious governments around the world to spy on political dissidents, human rights activists and journalists. The NYT also reported that the White House placed NSO on a Commerce Department blacklist, declaring the company a national security threat and sending the message that American companies should stop doing business with it.

In July of 2022, it was reported that an American military contractor was interested in purchasing the company responsible for creating Pegasus in a deal.

The contractor, known as L3Harris, sent a team to Israel numerous times in the first half of 2022 in their attempt to purchase NSO Group, the cyber hacking firm that is as notorious as it is technologically accomplished, as was reported by veteran investigative journalists, Ronen Bergman and Mark Mazzetti of the New York Times.

In January 2022, the New York Times revealed that the F.B.I. had purchased Pegasus software in 2019, and that government lawyers at the F.B.I. and the Justice Department had debated whether to deploy the spyware for use in domestic law enforcement investigations. Bergman and Mazzetti also reported that the Times indicated that in 2018 that the C.I.A. had purchased Pegasus for the government of Djibouti to conduct counterterrorism operations, despite that country’s record of torturing political opposition figures and imprisoning journalists.

“The upshot of the spyware story is that the United States initially condemned its usage and sought to punish Israel for the way it was used and for who was using it, but it now appears that the old adage of “if you can’t beat them, join them” is coming into play, “ said a cybersecurity expert who chose to remain anonymous.  “Because of the surreal potency of the Pegasus spyware, the United States government, rather than condemning its usage is now chomping at the proverbial bit to be in possession of it for its own panoply of reasons, “ he added.

NSO Group developed its first iteration of Pegasus spyware in 2011. Wikipedia reported that the company states that it provides “authorized governments with technology that helps them combat terror and crime.” NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.

Pegasus’ iOS exploitation was identified in August 2016. Arab human rights defender Ahmed Mansoor received a text message promising “secrets” about torture happening in prisons in the United Arab Emirates by following a link. Wikipedia reported that Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have broken his phone and implanted the spyware into it, in a form of social engineering.

Wikipedia reported that Pegasus had previously come to light in a leak of records from Hacking Team, which indicated the software had been supplied to the government of Panama in 2015.

The secret contract — which The New York Times is disclosing for the first time — violates the Biden administration’s public policy, and still appears to be active. The contract, reviewed by The Times, stated that the “United States government” would be the ultimate user of the tool, although it is unclear which government agency authorized the deal and might be using the spyware. It specifically allowed the government to test, evaluate, and even deploy the spyware against targets of its choice in Mexico, the NYT reported.

White House officials denied any knowledge of the spyware contract. A senior administration official told the NYT, responding on the basis of anonymity to address a national security issue that, “We are not aware of this contract, and any use of this product would be highly concerning.”

Spokesmen for the White House and Office of the Director of National Intelligence declined to make any further comment to the NYT which left some unresolved questions: What intelligence or law enforcement officials knew about the contract when it was signed? Did any government agency direct the deployment of the technology? Could the administration be dealing with a rogue government contractor evading Mr. Biden’s own policy? And why did the contract specify Mexico?

The NYT also reported that last week President Biden signed an executive order last week to clamp down on government use of commercial spyware. It prohibits federal departments and agencies from using hacking tools that might be abused by foreign governments, could target Americans overseas or could pose security risks if installed on U.S. government networks. The order covered only spyware from commercial entities, not tools built by American intelligence agencies, which have similar in-house capabilities.