Apple sues Israeli NSO Group for spying on users

Technology giant Apple takes legal action against the infamous Israeli spyware firm for targeting its customers through its devices.

Apple Inc. filed a lawsuit on Tuesday against Israel’s notorious surveillance firm NSO Group for targeting users through infecting devices with its Pegasus spyware.

The tech giant is holding the NSO Group responsible for surveillance and targeting Apple users. It says it can provide the courts with new findings on how the spyware firm used Pegasus to infect people’s devices.

“To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices,” the smart devices maker said in its press release.

NSO Group has been systematically colluding with foreign governments to target and surveil government officials, activists, journalists, academics and embassy workers around the world, including several in Qatar.

Its state-sponsored surveillance technology could breach multiple platforms, including iOS and Android.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering.

Pegasus spyware enables governments to discreetly hack into mobile phones without knowledge of the user, essentially providing access to crucial information such as messages, location tracking as well as the ability to tap into cameras and microphones.

“Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors,” said Ron Deibert, director of the Citizen Lab at the University of Toronto.

“I applaud Apple for holding them accountable for their abuses, and hope in doing so Apple will help to bring justice to all who have been victimized by NSO Group’s reckless behavior.”

The Israeli firm reportedly sold its spyware to several repressive governments around the world, claiming it was used for tackling national security issues such as capturing terrorists and criminals.

Several reports however showed that the surveillance firm in fact targeted a great number of activists and journalists mainly in the Arab world and during political events, such as the 2017 Gulf Crisis and the 11-day Israeli war on the besieged Gaza Strip.

A research group at the University of Toronto was among the first to report on the Israeli spyware firm’s questionable collusion with governments.

Citizen Lab’s previous report found that the spyware was used in targeting activists, journalists and politicians in Palestine, Iran, Lebanon, Britain, Turkey, Yemen and other countries.

Amnesty International also revealed in July that some 180 journalists, across 20 countries were selected for potential targeting between 2016 and June 2021 using the Pegasus spyware tool, including several Al Jazeera staff.

Among them were Emirati activist Alaa Al-Siddiq, who passed away earlier this year in a tragic accident while exiled in London, as well as renowned Qatari businessman, President of French football giants PSG and beIN chief Nasser Al Khelaifi.

“While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe,” Federighi said in a statement.

“Apple’s legal complaint provides new information on NSO Group’s FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim’s Apple device and install the latest version of NSO Group’s spyware product, Pegasus,” Apple stated.

“The lawsuit also seeks redress for NSO Group’s flagrant violations of US federal and state law, arising out of its efforts to target and attack Apple and its users,” the tech firm said, confirming legal action has been taken to put an end to the issue.

Apple warned that NSO Group and its clients utilize high-end technologies and immense resources to launch targeted cyberattacks, through which they gain access to the microphone, camera, and sensitive data on all iOS and Android devices.

“To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge,” Apple mentioned.

The tech firm pointed out that despite reported misuse to deliver FORCEDENTRY, “Apple servers were not hacked or compromised in the attacks,” stressing that it constantly invests in boosting privacy and security protections for its users.

“For example, researchers have found that other mobile platforms have 15 times more malware infections than iPhone,2 and a recent study showed that less than 2 percent of mobile malware targets iOS devices.”

The latest iOS 15 software update contains new built-in security protection features, such as an upgraded BlastDoor security mechanism, according to Apple.

“While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions,” it added, urging all users to immediately update their devices and always use the latest software.

“At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Ivan Krstić, head of Apple Security Engineering and Architecture.

“Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon,” Krstić added.

In further efforts to support groups like the Citizen Lab and Amnesty Tech in identifying cyber surveillance abuses and help protect victims, Apple invested “$10 million, as well as any damages from the lawsuit, to organizations pursuing cyber surveillance research and advocacy.

“Apple will also support the accomplished researchers at the Citizen Lab with pro-bono technical, threat intelligence, and engineering assistance to aid their independent research mission, and where appropriate, will offer the same assistance to other organizations doing critical work in this space.”

Apple stressed that all targeted users will be notified of any privacy invasion attempt by state-sponsored spyware.

Pegasus uses during the Gulf crisis 2017

Last year, the UAE and Saudi Arabia were accused of hacking at least 36 Al Jazeera journalists, and one journalist from the London-based Al Araby TV, with the Pegasus spyware.

On 21 December 2020, Citizen Lab published an incendiary report detailing how the UAE and Saudi Arabia used the intrusive electronic spyware tool Pegasus to hack journalists working at the Qatar-based news channel Al Jazeera.

The 36 Al Jazeera journalists formed the large bulk of the 50-or-so journalists known to have been targeted with Pegasus. That’s a whopping 72%.

The consequences of such tracking costs journalists their freedom, liberty, and in some cases, their lives.

Politically, the Citizen Lab report came on the back of talks of reconciliation between Qatar and Saudi Arabia, who, along with the UAE, Bahrain and Egypt, severed diplomatic and economic ties with Qatar in 2017.

That crisis ended in January after all parties involved signed the Al Ula accord to end the rift and resume diplomatic ties.

Additionally, Qatar’s former prime minister, Hamad bin Jassim Al Thani, also revealed in a previous tweet that he has been monitored through his own device for years, without specifying whether it was conducted using the Pegasus spyware.

Follow Doha News on Twitter, Instagram, Facebook and Youtube