Application Security , Governance & Risk Management , Incident & Breach Response
Israeli Officials Investigate Police's Alleged Spyware Use
Report Links Pegasus to Journalists, Local Leaders, Former PM's SonIsraeli officials announced on Monday that they will set up a commission of inquiry to investigate reports that the nation's police force used the flagship spyware of Israeli firm NSO Group, called Pegasus, to break into the phones of Israeli public officials, journalists and activists without proper court documents.
See Also: Netskope FERPA Mapping Guide
Israeli Prime Minister Naftali Bennett said on Monday that if the reports are true - including Pegasus targeting former Prime Minister Benjamin Netanyahu's son Avner Netanyahu - they are "very serious." Names of dozens of Pegasus targets have now been reported by Israeli publication Calcalist, which originally broke the news last month that Israel Police had allegedly used Pegasus improperly. Israeli officials backed the force's methods to combat serious crimes, including terrorism, but vowed to investigate any impropriety. This came amid backlash from members of Knesset, Israel's legislature.
In a statement issued on Monday, Bennett said: "[These tools] were not intended to be used in phishing campaigns targeting the Israeli public or officials - which is why we need to understand exactly what happened."
Bennett confirmed that Deputy Attorney General Amit Merari is "looking into the matter" and that he intends to meet with incoming Attorney General Gali Baharav-Miara to "understand the full picture."
The prime minister took office in June 2021, shortly before a consortium of journalists reported some 50,000 potential targets of Pegasus worldwide, including high-ranking officials, human rights activists and journalists. Pegasus software was subsequently found on the phones of some of those listed.
Bennett noted of the talks he plans to have with Baharav-Miara: "We will not leave the public without answers on the matter. We understand the severity of this matter. … Things allegedly happened here that are very serious."
According to Israeli publication Haaretz, Bennett said, however, that the tool itself should not be discarded - citing its ability to fight "crime families and serious offenses." Instead, the Israeli prime minister is seeking clear regulation.
Calcalist also reports that a witness in former Prime Minister Netanyahu's corruption trial was also allegedly monitored via Pegasus.
SIGINT Activity
Calcalist claimed on Monday that Israel Police's cyber unit, SIGINT, "phished for intelligence" without judicial warrants, with targets including:
- Director-generals of the ministries of transport, finance and justice;
- Protest leaders from disability rights groups and citizens of Ethiopian descent;
- Mayors from Netanya, Mevaseret Zion, Kiryat Ata and Holon;
- Witnesses in a case involving allegations of corruption against Netanyahu and telecom company Bezeg's controlling shareholder Shaul Elovitch;
- The CEO, former editor-in-chief and journalists at news outlet Walla;
- Avner Netanyahu, and two of the former prime minister's media advisers, among others.
Timeline of Events
Since 2021, NSO Group has been mired in controversy - although it has maintained that its tool is legally used by law enforcement agencies.
New developments have come to light since the 2021 disclosure, including reports that Pegasus was found on devices belonging to U.S. State Department employees working in Uganda (see: Report: NSO Group Spyware Found on State Department Phones).
Critics say the technology has been leveraged by authoritarian governments for domestic surveillance. The Israeli firm has previously stated that it does not operate its customers' software.
With the tool, those surveilling mobile devices can reportedly extract messages, photos, emails and call recordings and potentially access the device's microphone and camera.
By November 2021, the U.S. Department of Commerce had added the NSO Group to its Entity List for allegedly engaging in activities "contrary to the national security or foreign policy interests of the U.S." (see: US Commerce Department Blacklists Israeli Spyware Firms).
'Addressed by International Leaders'
To some cybersecurity experts, the NSO Group revelations merit an international response.
"The evolution of the international commercial surveillance industry and the lack of regulation or international treaties should be addressed by international leaders," says Rosa Smothers, a former CIA threat analyst and technical intelligence officer.
Smothers, who is currently the senior vice president of cyber operations at the firm KnowBe4, tells ISMG: "Countries are obligated to have in place adequate legal safeguards to prevent violations - that is what import/export control laws are for.
"There are many companies that could create sophisticated attack tools like Pegasus but they are focused on defense, rather than monetizing offensive tools without regard for the ethical considerations."
President, Ministers Weigh In
On Monday, Israeli President Isaac Herzog, who holds largely ceremonial authority, backed a comprehensive investigation.
According to BBC News, Herzog stated: "We must not lose our democracy. We must not lose our police. And we must certainly not lose public trust in them. This requires an in-depth and thorough investigation."
Public Security Minister Omer Barlev said the government's inquiry should be led by a retired judge, who would pursue any alleged violations of civil rights and privacy, according to the BBC.
According to The Times of Israel, Netanyahu told the Knesset on Monday that it was a "dark day for Israeli democracy."
He accused the police of using "the most aggressive tools" to spy on citizens, likening the spyware use to the Israeli Defense Forces, the nation's military, turning air attacks meant for its adversaries on Israelis.
A district court in Jerusalem postponed the next session of Netanyahu's trial involving alleged corruption - which the former Israeli leader has denied - to allow investigators to probe the Pegasus claims, the BBC writes.
In January, reports emerged that the U.S. Federal Bureau of Investigation had bought and tested NSO Group's spyware, to use for domestic surveillance. Reporters at The New York Times Magazine wrote that the FBI paid millions of dollars when it considered deploying the Pegasus surveillance tool in the U.S. (see: FBI Reportedly Considered Buying NSO Spyware).
The agency reportedly later decided against deploying the tool, according to the Times.