Israeli company’s spyware is used to target US embassy employees in Africa

A man reads at a stand of the NSO Group Technologies, an Israeli technology firm known for its Pegasus spyware enabling the remote surveillance of smartphones, at the annual European Police Congress in Berlin, Germany, February 4, 2020. Reuters
The iPhones of 11 US Embassy employees working in Uganda were hacked using spyware developed by Israel’s NSO Group, the surveillance firm that the United States blacklisted a month ago, saying the technology has been used by foreign governments to repress dissent, several people familiar with the breach said Friday.

The hack is the first known case of the spyware, known as Pegasus, being used against US officials. Pegasus is a sophisticated surveillance system that can be remotely implanted in smartphones to extract sound and video recordings, encrypted communications, photos, contacts, location data and text messages.

There is no suggestion that NSO itself hacked into the phones, but rather that one of its clients, mostly foreign governments, had directed it against embassy employees.

The disclosure is bound to heighten the tension with Israel over the recent American crackdown on Israeli firms that make surveillance software that has been used to track the locations of dissidents, listen in on their conversations and secretly download files that move through their phones.

President Joe Biden plans to make efforts to further crack down on the use of such software a key element of a summit next week at the White House, to which he has invited dozens of countries — including Israel.

US diplomats have been hacked before, notably by Russia, which has repeatedly pierced the State Department’s unclassified email systems. But in this case, the software was written by a company that operates closely with one of the United States’ most vital allies.

NSO has insisted it carefully selects its clients, and turns many away. But the United States concluded last month that the company’s software, and its operations, run contrary to American foreign policy interests, and placed it on the Commerce Department’s “entities list,’’ which bans it from receiving key technologies.

Representatives for the State Department and Apple declined to comment.

NSO said it would conduct an independent investigation into the allegations and cooperate with any government inquiry.

Reuters reported earlier Friday that Apple had notified the US Embassy employees in Uganda on Nov 23 about the hack. The people affected include a mix of foreign service officers and locals working for the embassy, all of whom had tied their Apple IDs to their State Department email addresses, according to someone familiar with the attack.

©2021 The New York Times Company