The shock wave of the Pegasus affair continues to spread, but this time it is the European Union that is affected. Representatives of the European Parliament’s Committee of Inquiry into Pegasus and similar spyware recently visited Israel and learned from NSO staff that the company has active contracts with 12 of the 27 members of the European Union. “The responses of the Israeli firm to the questions of the European Commission reveal that the company works with many security forces in the EU,” says the Israeli daily. Ha’aretz.
This is a clear response to the claims of the Forbidden Stories consortium (grouping 17 western media) and Amnesty International through which the scandal took place and that the only European state using Pegasus software is Hungary led by Viktor Orban, true favorite mania. of European globalists. These media were quick to wrongly and selectively target countries like Morocco. But happily they did not know how to look at their own countries.
In detail, “representatives of the commission have visited Israel in recent weeks to further their investigation of the local information warfare industry and spoke with NSO employees, representatives of the Israeli Ministry of Defense and local experts. Among the members of said commission, a Catalan deputy, whose mobile phone was hacked by an NSO client.
The commission was created after the publication of Project Pegasus last year, and its goal is to create pan-European regulations for the acquisition, import and use of computer warfare software such as Pegasus. But while the members of the commission were in Israel, and especially since their return to Brussels, it has been revealed that in Europe there is also a well-developed industry in information warfare, many of whose clients are European.
Remember that the Israeli company’s Pegasus spyware and competitor products allow to infect the cell phone of the surveillance victim, then allow the operator to listen to their conversations, read the content of applications that must contain encrypted messages and provide access complete to the device. contacts and files. Pegasus also allows you to listen in real time to what is happening around the mobile phone, activating the camera and microphone.
22 customers and 12 European countries affected
During their visit to Israel, European lawmakers wanted to know the identities of NSO’s current customers in Europe and were surprised to discover that most EU countries had signed contracts with the company: 14 countries dealt with NSO in the past. and at least 12 still use Pegasus for legal interception of mobile calls, NSO response to committee questions says Ha’aretz.
In response to questions from European lawmakers, the company explained that NSO currently works with 22 “end users” (security and intelligence apparatuses and law enforcement agencies) in 12 European countries. In some of these countries, there is more than one customer, and the contract is not with the country, but with the operating organization.
In the past, as NSO wrote to the commission, the company has worked with two other countries, but ties have been severed in the meantime. NSO did not disclose which of these countries were still active customers, or which two countries had their contracts frozen. But according to sources in the cyberwarfare field, those countries are Poland and Hungary, which last year were removed from the list of countries to which Israel allows the sale of offensive computer technology.
Some members of the committee believed that the contract(s) with Spain could have been frozen after the surveillance of the leaders of the Catalan separatists was revealed, but sources on the ground explained that this country, which considers itself respectful of law, it is still on the list of countries approved by the Israeli Ministry of Defense. The same sources added that after the case broke, Israel, NSO and another Israeli company working in Spain demanded an explanation from Madrid, and were promised that the use of the Israeli devices was legal.
Sources interviewed by the Israeli newspaper affirm that the contract between the Israeli companies and the Spanish government has not been interrupted. Meanwhile, in Spain, it has been revealed that hacking operations, however problematic in political terms, have been carried out legally.
The scope of NSO activity in Europe sheds light on the generally common aspect of recourse to the offensive computer industry by Western countries, which operate by spying on the civilian population, under the terms of the law and judicial control, as opposed to dictatorships that covertly use these services against dissidents. NSO, other Israeli companies and new European providers compete for a market of legitimate clients, a job that usually does not involve misconduct.
This domain, called lawful interception, has in recent years drawn the ire of technology companies such as Apple (maker of the iPhone) and Meta (Facebook, owner of WhatsApp, through which the spyware is installed). These two companies have filed a lawsuit against NSO for hacking phones through their platforms and are currently waging a battle against this industry. This cyber war is also causing great discomfort in Europe, as the EU has passed comprehensive legislation on the subject of Internet privacy. However, this does not mean that there is no interest in these technologies or their use in the Old Continent.
Just last week, revelations revealed that Greece was using Predator, a Pegasus-like spyware, against an investigative journalist and the leader of the Socialist party. Prime Minister Kyriakos Mitsotakis said the wiretapping was legal and based on a court order. It is worth noting in this connection that the Predator is manufactured by the Cytrox IT company, which is registered in North Macedonia and operates from Greece.
Spyware made in the EU
Cytrox belongs to the Intellexa group, which is owned by Tal Dilian, a former high-ranking member of the Israeli intelligence services. Intellexa was previously located in Cyprus, but after a series of compromising incidents, the company transferred its activities to Greece. While the export of Pegasus, the NSO software, is overseen by the Israeli Ministry of Defense, the activity of Intellexa and Cytrox is not.
Also in the Netherlands, a public debate recently took place following further shocking revelations that the Dutch secret service used Pegasus to catch Ridouan Taghi, a drug lord arrested in Dubai and charged with 10 murders in sordid circumstances. Although the use of Pegasus was legal and activated against a criminal element, people in the Netherlands wanted to know why the secret services were involved in an internal investigation of the Dutch police. Therefore, there have been requests for a self-examination of how spyware has been used in the Netherlands.
In addition to Israeli companies active on the continent, Europe has several spyware manufacturers. Last week, Microsoft revealed the existence of a new spyware, Subzero, made by an Austrian company located in Lichtenstein, called DSIRF. This spyware exploits a sophisticated zero-day weakness to hack into computers.
Unlike NSO, which waited several years before admitting to working with clients in Europe, the Austrians fought back. Two days after Microsoft’s disclosure, they reacted harshly, explaining that their spyware “has been developed for official use in EU countries only, (…) the software has never been intelligently misused.”
In Europe, companies that make spyware have more experience: A few weeks ago, Google security researchers revealed a new spyware, Hermit, made by an Italian company called RSC Labs, a successor to Hacking Team, an old and well-known competitor, whose The correspondence was the source of a major leak, Wikileaks, in 2015. Hermit also exploited a little-known security flaw to allow hacking of iPhones and Android devices, and its presence has been found on devices in Italy, but also in countries as distant. away as Kazakhstan and Syria.
Again, there is an indication that the clients of RSC Labs, whose offices are in Milan, with branches in France and Spain, include official European police organisations. On its website, the company is proud to report more than “10,000 successful and legal hacking actions in Europe.”
Other spyware for mobile phones and computers have been revealed in the past under the names of FinFisher and FinSpy. In 2012, the New York Times revealed how the Egyptian government used this device, originally designed to fight crime, against political activists. In 2014, spyware was found on the device of an Ethiopian-American, raising suspicions that Addis Ababa authorities are also customers of British-German manufacturer Lench IT Solutions.
Quoted by Ha’aretzEU lawmaker Sophie In’t Veld, who is a member of Pegasus Inquiry, said that “if a single company serves 14 member states as customers, you can imagine the scale of the industry as a whole. There appears to be a large market for commercial spyware and EU governments are very keen buyers. But they’re very low-key about it, keeping it out of the public eye.”
So companies like NSO face a dilemma: Revealing the identities of client governments that legally use their tools will help deal with public criticism from organizations like Citizen Lab, the media, and lawmakers, but will put deals at risk. future, taking into account the confidentiality clauses concluded in their contracts with their clients.
“We know that spyware is being developed in several EU countries. Italy, Germany and France are not the least important,” said Ms. In’t Veld. “Even if they use them for legitimate purposes, they have no appetite for more transparency, oversight and safeguards. The Secret Service has its own universe, where normal laws don’t apply. To an extent, that has always been the case, but in the digital age they have become all-powerful, virtually invisible, and totally elusive,” she says. Ha’aretz.
Questioned by the newspaper, NSO declined to comment. But one thing is certain: in Europe and elsewhere almost everyone uses Pegasus or similar. And pointing to Morocco is definitely just the tree that hides the forest, very European that one.
#Révélations #NSO #Group #concepteur #Pegasus #clients #dans #lUE #les #fournisseurs #logicielsespions #sont #légion