Search

Not a good week for Israeli cyber espionage

NSO Group’s CEO steps down as the company fires 100 employees; A massive leak reveals sensitive information about Cellebrite’s clients


Protestors outside the offices of NSO Group in Herzliya, Israel. July 25, 2021. Photo: REUTERS/Nir Elias
Protestors outside the offices of NSO Group in Herzliya, Israel. July 25, 2021. Photo: REUTERS/Nir Elias

This is not shaping up to be a good week for Israel’s cyber-espionage (offensive cyber) industry.


On Sunday, NSO Group announced that it would let go 100 of its employees, and that its CEO, Shalev Hulio (the “S” in the company’s name) would be stepping down effective immediately. He is to be replaced by Yaron Shohat, the company’s current COO.


NSO Group has been battling several fronts over the past couple of years. There is the media and public opinion front, constantly fueled by endless reports of how the company’s ultra-advanced spyware, Pegasus, was used repeatedly and worldwide against politicians, opposition leaders and dissidents, human rights activists, journalists and other civilian targets.


Then, in November 2021, the US Department of Commerce placed NSO Group (as well as another Israeli cyber-espionage company, Kandiru), on its Entity List. Now blacklisted, it would be almost impossible for the company to do any kind of business with American companies.


The following month, Israel’s Ministry of Defense announced that it would be tightening control of cyber exports, and updated the “End User Declaration”. Basically, the state cut down the number of foreign countries to which cyber companies are allowed to sell by roughly two thirds.


This act, in part to stay in the good graces of the US administration, has been described by experts as the “blow of death” for this industry. And to top this all, NSO is currently engaged in various court battles, with Facebook and Apple.


In the past few months, there have been reports that US defense contractor L3 Harris was in negotiations with NSO Group for its purchase – something that would also take the company out of the Entity List.


However, negotiations proved unsuccessful, and so the company decided to execute its latest move – which is framed by the company as a “company-wide reorganization (that) will examine all aspects of its business.” Hulio will remain in the company and focus on this “reorganization”.


The other Israeli cyber-espionage company taking heat this week is Cellebrite, a digital intelligence company that provides tools for federal, state, and local law enforcement as well as to companies in order to collect and analyze digital data.


On Monday, Israeli daily Haaretz / TheMarker reported that almost 500,000 emails, receipts, contracts and emails – including highly-classified information pertaining to the FBI and the Interpol – leaked from the company and ended up with Japanese authorities. Identities of clients – such as the Royal Canadian Mounted Police and the US Marshal Service – had been disclosed in those documents, which could be a potential problem.


Similar to NSO (and practically all Israeli cyber-espionage companies), Cellebrite has also been accused of lettings its technology fall into the wrong hands, who used it for malicious purposed.


Last week, Haaretz revealed that the company sold its product to Uganda – a regime accused of torturing and murdering regime critics, human rights activists, LGBTQ and others. While neither Cellebrite nor the State of Israel did not comment on the accuracy of these claims – they were confirmed on Monday by Ugandan Police.

15 views0 comments