Apple joins the NSO pile-on

US puts smartphone spyware company NSO on its entity list

The American gadget giant Apple is suing the Israeli smartphone spyware manufacturer NSO Group on behalf of iPhone users, which it claims to have had their phones hacked.

The NSO has been under increasing scrutiny this year following the publication of a lot of stories by a media alliance called the Forbidden Stories, which claimed that some governments used NSO’s Pegasus software to hack selected individuals’ phones. The exact motives for such actions can only be speculated about, but suffice it to say that there is often a fine line between national security and political expediency.

Inevitably, some of the phones that were allegedly hacked were iPhones, something Apple seems to take personally. Its legal complaint hits the ground, saying, “Respondents are notorious hackers – 21st-century amoral mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and overt abuse.” How Apple should frame this as a moral crusade. We were not aware of any public statements on this matter from the NSO at the time of writing.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s SVP of Software Engineering. “Apple devices are the most secure consumer hardware on the market – but private companies that developing state-sponsored spyware has become even more dangerous. Although these cyber security threats only affect a very small number of our customers, we take any attack on our users very seriously and we are constantly working to strengthen the security and privacy of iOS to keep all our users safe. “

Since the U.S. government already acted against the NSO earlier this month, this appears to be at least in part a piece of opportunistic virtue signaling from Apple that the self-promotion in the quote above derives. Knowing that they have the support of the US government, Apple can present itself as the smart champion for its otherwise vulnerable customers.

That said, it looks like Apple has added the pool of knowledge on this issue, and continues to offer new information about NSO Groups FORCEDENTRY, an exploit of a now-patched vulnerability used to break into in an Apple device and install the latest version of Pegasus. The lawsuit seeks to ban the NSO even more than it already is, and to get ‘redress’ for the hacking it activated.

“The steps we are taking today will send a clear message: In a free society, it is unacceptable to arm powerful state-sponsored spyware against those who seek to make the world a better place,” said Ivan Krstić, head of Apple Security. Technology and architecture. “Our threat intelligence and engineering team works around the clock to analyze new threats, quickly correct vulnerabilities and develop industry-leading new protections in our software and silicon. Apple operates one of the most sophisticated security operations in the world and we will continue to work tirelessly to protect our users from violent state-sponsored actors such as the NSO Group. “

More thinly veiled self-promotion – yay. Apple says it will add $ 10 million to all the cash it gains from the lawsuit (it’s not clear if it’s after it has covered its costs) and donate it to groups like the Citizen Lab at the University of Toronto, which was the first to identify exploitation used by FORCEDENTRY. We trust that Apple will not be less vigilant if it ever finds out that the US government (or the French) are doing similar tricks.


Please enter your comment!
Please enter your name here