This Pegasus story isn't getting as much play in US media but overseas folks are getting all worked up over it. Spent an hour w/@johnmccumber for upcoming @HeardTellShow. He explains who is to blame, who is doing CYA, & please stop using "hacked". K. Thx.https://t.co/RE61rCk9SK
— Andrew Donaldson (@four4thefire) July 24, 2021
The NSO “Surveillance List”: What It Is and Isn’t. @KimZetter's unpacking on this topic is great.https://t.co/S3URVDHWec
— Dan Goodin (@dangoodin001) July 23, 2021
This was not made clear by Amnesty or by any outlets who picked up the #PegasusProject The ambiguity and backtracking makes it so much harder for those of us who have spent years tracking NSO, its customers and their real victims. Speechless. https://t.co/2OOwnbW2ag
— Nicole Perlroth (@nicoleperlroth) July 22, 2021
“Law-abiding” can mean very different things to different governments. https://t.co/r3NJoowPxj
— Adam Levin (@Adam_K_Levin) July 23, 2021
They probably do, at least temporarily, but why would all the numbers from all the campaigns be in one place? Their billing doesn't work like that right? Their infra seems to be more distributed. Compartmentalization and low retention of sensitive campaign material seems likely.
— Aaron Grattafiori (@dyn___) July 22, 2021
Journalists are still falsely reporting that there is proof that malware activity found on journalist phones can be attributed to Pegasus/NSO.
— Nadim Kobeissi (@kaepora) July 23, 2021
While there is good evidence for *some* malware, there is no strong evidence to allow attribution to a *particular* actor or malware. https://t.co/st3UEOu2oh
Let me summarize: The CEO of NSO promises that a) You won't be targeted if you are not a terrorist and b) they don't actually know who is getting targeted. Not sure how both of those statements can be true. But maybe that's just me. https://t.co/S3zFn4ewGx
— Andreas Proschofsky (@suka_hiroaki) July 22, 2021
The CEO of NSO Group, whose spyware tools have reportedly been used to target journalists and activists, says that people who aren't criminals shouldn't be afraid of being surveilled. https://t.co/wrECVdneBC pic.twitter.com/j8FIUdPsZo
— AppleInsider (@appleinsider) July 23, 2021
NSO coating itself in nationalistic b***s**t.
— Catalin Cimpanu (@campuscodi) July 24, 2021
This is not about them providing spyware to abhorrent regimes which have used it to kill innocent people. It's a Palestinian (or Qatar) conspiracy to ruin one of Israel's most successful businesses.
[eyeroll] https://t.co/KXfwwHbYAk
So the CEO of NSO thinks journalists are on par with Osama Bin Laden. Got it got it got it https://t.co/aQy6W1oV6b
— Greg Otto (@gregotto) July 22, 2021
NSO CEO also said said that "everyone just focuses on Israelis."
— Lorenzo Franceschi-Bicchierai (@lorenzofb) July 23, 2021
But researchers from Amnesty, Citizen Lab, as well as countless media outlets have covered competitors Hacking Team (??), FinFisher (??), Wolf Intelligence (??) etc, for literally a decade. https://t.co/fZp1wa7eZa
I have a feeling we are starting to see a lot of misreporting on the Pegasus Project stories as they are getting aggregated and (poorly) re-reported by publications with no experience reporting and writing about government malware.
— Lorenzo Franceschi-Bicchierai (@lorenzofb) July 22, 2021
The initial reporting on the targeting of, say, the Indians whose phones were not analysed by Amnesty was written in such a hedgy 'potential' fashion, it was as if the outlets' lawyers themselves deserved the byline.
— Ravi Nayyar (@ravirockks) July 22, 2021
In this blog post -- "The NSO “Surveillance List”: What It Is and Isn’t" -- @KimZetter has provided better context than most of the media organizations that have collaborated on this important story. https://t.co/B2f4Wn5nV6
— Dan Gillmor (@dangillmor) July 23, 2021
NSO is easily one of the most hated companies with information security folks I know for how its tech ended up targeting civil society. Not sure that trying to shift blame without a shred of evidence is going to do the trick.https://t.co/F4KAmzesOk pic.twitter.com/Ta6ENeeoDs
— hakan (@hatr) July 24, 2021
NEW - I spoke with Shalev Hulio, NSO’s CEO. Some highlights:
— Thomas Brewster (@iblametom) July 22, 2021
- If you’re not a ‘bin Laden of the world,’ NSO tools won’t hit you.
- NSO won’t know who customers target unless allegations of misuse are made and it investigates. Can then check targets.https://t.co/uMFnEnKbDx
Clearest piece I've read yet on the recent NSO revelations & what the stories do & don't reveal, from the indefatigable @KimZetter https://t.co/fLDVrjHInR
— Ryan Gallagher (@rj_gallagher) July 23, 2021
NSO Group is now blaming Palestinian activists—and Qatar—for the series of stories published this week detailing alleged abuses of its technology all over the world.https://t.co/fZp1wa7eZa
— Lorenzo Franceschi-Bicchierai (@lorenzofb) July 23, 2021
More than a decade later, the cybersecurity company that arose out of that fateful conversation is at the center of a global debate over the weaponization of powerful and largely unregulated surveillance technology. https://t.co/G1kbjfgmec
— The Washington Post (@washingtonpost) July 22, 2021
“There are three jurisdictions you don’t fuck with: the US, Israel and the Russians.”https://t.co/CWJDMifiHF
— Tejas Harad (@h_tejas) July 24, 2021
“In an exchange of public letters in 2019, they told Amnesty International and others they would do “whatever is necessary” to ensure NSO’s weapons-grade software would only be used to fight crime and terrorism. But the claim, it now appears, was hollow.” https://t.co/7ZzIHfpN2Z
— Aakar Patel (@Aakar__Patel) July 24, 2021
NSO told human rights groups in 2019 it would do "whatever is necessary" to prevent abuse of its tools. Soon after, it hatched a deal to allow Dubai to use Pegasus to spy on UK citizens https://t.co/5NffBJ7DIn the story of NSO by the reporter who knows it best @skirchy
— michael safi (@safimichael) July 23, 2021
NSO Group tries to pin the blame on investigations uncovering their complicity in human rights abuses on BDS. Recall that this was the gist of what they paid Black Cube to trick Citizen Lab's @jsrailton into saying. https://t.co/lTxG2k62Kc
— Eva (@evacide) July 23, 2021
Great analysis as always from @KimZetter. “[NSO's CEO] has said that NSO does not know who the targets of its customers are and does not have access to that information. He also asserts confidently that Khashoggi was never targeted with Pegasus.”https://t.co/O5TbL5I8lN
— Kenn White (@kennwhite) July 23, 2021
the most common and most misleading analogy in the surveillance industry https://t.co/zOTynbz0BI
— Charles Rollet (@CharlesRollet1) July 22, 2021
In which @KimZetter details what we know and don't know about the #PegasusProject list with 50,000 phone numbers. Subscribe to her reporting while you're at it. https://t.co/k6ZlGa2Kkl
— Runa Sandvik (@runasand) July 23, 2021
I love that *this* is where NSO draws the line. https://t.co/30ihVtKlhk
— Matthew Green (@matthew_d_green) July 21, 2021
This whole thing is totally messing with my “Privacy and Surveillance” syllabus. https://t.co/cSCA6x9CMe
— DR. SIVA VAIDHYANATHAN??? (@sivavaid) July 23, 2021
ICYMI: Reporters @iblametom and @KimZetter are doggedly pursuing what few if any news outlets reporting the recent NSO investigation did: ascertain the origin and purpose of the 50k list of numbers. These questions are crucial to the story and to attempts to hold NSO accountable. https://t.co/fVfN5MROp1
— Dan Goodin (@dangoodin001) July 22, 2021
Great article by @KimZetter breaking down the facts and detailing how Pegasus could have been usedhttps://t.co/ECIYkeY1VT
— Kate O'Flaherty (@KateOflaherty) July 23, 2021
The United Arab Emirates had already used Israeli NSO Group's spyware to target respected Emirati human rights activist Ahmed Mansoor (imprisoned a year later). NSO then allowed Dubai to use it, which it did to hack activists & dissidents living in exile. https://t.co/pmU59ynKYW pic.twitter.com/hLSGQkEivY
— Kenneth Roth (@KenRoth) July 24, 2021
Something that probably shouldn’t be a business model: competing with NSA and GHCQ as a wholesaler service retailed by re-sellers, all floated by private equity #PegasusProject https://t.co/pfoUeeAe86 by @skirchy
— David Carroll (@profcarroll) July 23, 2021
As I'm working my way through the coverage, I found this @KimZetter explainer on what we know and don't know on the infamous list of 50 000 number really helpful:https://t.co/oNFLr1q147
— Camille François (@camillefrancois) July 23, 2021
Great analysis from @KimZetter on what we know, and don't, about the NSO surveillance list.https://t.co/V8RizlC1lx
— Zach Dorfman (@zachsdorfman) July 23, 2021
If you've found it hard to follow the details around the Pegasus Project, or don't have time to read the articles, I've compiled the salient points and what we know so far and don't - particularly about the list of 50,000 phone numbers. https://t.co/HcAGE5SPBV
— Kim Zetter (@KimZetter) July 23, 2021
That being said, it is possible that the list is exactly what people are assuming it to be.
— Lorenzo Franceschi-Bicchierai (@lorenzofb) July 22, 2021
I don't know what the list is, but if you read this old story from Joe and I you can imagine that, perhaps, NSO does log phone numbers somehow. https://t.co/rLbHZofhSL
NSO Group CEO holds either BDS or Qatar or both responsible for the “attack” in Israeli cyber security companies https://t.co/5NeJqb0dgj
— Mairav Zonszein מרב זונשיין (@MairavZ) July 24, 2021
'Being a client of NSO, said one person who previously served as a broker in the industry, was a bit like gun ownership in the US. “You are supposed to use a gun to protect yourself, but who is to stop you from robbing a bank?” they said.'https://t.co/n3MUxZwoxW
— Poppy McPherson (@poppymcp) July 23, 2021
Two 20-something Israeli entrepreneurs who had been running a small customer service start-up for mobile phones were at a client meeting in Europe in 2009 when they received a visit from law enforcement officials.
— The Washington Post (@washingtonpost) July 22, 2021
Their first instinct was fear.https://t.co/G1kbjfgmec
Maybe they had done something wrong that they weren’t aware of, Shalev Hulio and Omri Lavie recalled in interviews this week with The Washington Post.
— The Washington Post (@washingtonpost) July 22, 2021
Instead, the officials made an unexpected request. https://t.co/G1kbjfgmec
"I don't want to sound cynical now, but there are those who don't want [Israel] to import ice cream or export technologies." --- well, that's a truly impressive argument to deploy. How can no one be unconvinced?https://t.co/5n13iCbAT1
— ᴅʀ ʜ.ᴀ. ʜᴇʟʟʏᴇʀ (@hahellyer) July 24, 2021
Officials who are US allies among targets of NSO malware, says WhatsApp chief https://t.co/KGwNwyY6dY #PegasusProject
— Carola Frediani (@carolafrediani) July 24, 2021
Officials who are US allies among targets of NSO malware, says WhatsApp chiefhttps://t.co/I1oKnDWXZ4
— Etienne - Tek (@tenacioustek) July 24, 2021
Head of WhatsApp @wcathcart tells @skirchy that #PegasusProject revelations are consistent with 2019 WhatsApp breach by NSO Group: "The reporting matches what we saw in the attack we defeated two years ago." https://t.co/V7OGPwXdhE
— Phineas James (@PhineasJFR) July 24, 2021
The United Arab Emirates had already used Israeli NSO Group's spyware to target respected Emirati human rights activist Ahmed Mansoor (imprisoned a year later). NSO then allowed Dubai to use it, which it did to hack activists & dissidents living in exile. https://t.co/pmU59ynKYW pic.twitter.com/hLSGQkEivY
— Kenneth Roth (@KenRoth) July 24, 2021
“In an exchange of public letters in 2019, they told Amnesty International and others they would do “whatever is necessary” to ensure NSO’s weapons-grade software would only be used to fight crime and terrorism. But the claim, it now appears, was hollow.” https://t.co/7ZzIHfpN2Z
— Aakar Patel (@Aakar__Patel) July 24, 2021
How #NSO became the company whose #software can spy on the world!https://t.co/n2drfX50ZI#infosec #security #cybersecurity #databreach #PegasusProject #cyberattack #cybercrime #datatheft #dataprivacy #hacker #malware #DDoS #CISO #ransomware #technology #tech #RT #spyware
— ?? Amitav Bhattacharjee ?? (@bamitav) July 24, 2021
Back in 2019, the new owners of NSO Group were promising to adhere to human rights standards. Then a client with a dubious record asked for a a favor. It wanted to be allowed to spy on British numbers. Here's my latest https://t.co/6rk5PFAUOH
— Stephanie Kirchgaessner (@skirchy) July 23, 2021
Our latest looks at how NSO became the company whose software can spy on the world #pegasusproject https://t.co/6rk5PFAUOH
— Stephanie Kirchgaessner (@skirchy) July 23, 2021
OMG, NSO Group CEO fabricates conspiracy theory that BDS is probably behind the damning investigation which revealed NSO spyware was used to spy on journalists, politicians & human rights activists around the world.
— adri nieuwhof (@steketeh) July 24, 2021
Yeah, but #BDS is no threat right?https://t.co/mbIRFNRKp8
Israel spyware CEO claims Palestinian movement for rights 'probably behind' damning investigation, in bid to distract from NSO's threat to human rights globally ? #MustRead #BDShttps://t.co/o72jiw5GYz
— Artists for Palestine UK ? (@Art4PalestineUK) July 24, 2021
NSO Group CEO holds either BDS or Qatar or both responsible for the “attack” in Israeli cyber security companies https://t.co/5NeJqb0dgj
— Mairav Zonszein מרב זונשיין (@MairavZ) July 24, 2021
Here is the response by the Palestinian activist group blamed by NSO.https://t.co/fZp1wa7eZa pic.twitter.com/zmbHnrVHyJ
— Lorenzo Franceschi-Bicchierai (@lorenzofb) July 23, 2021
"I don't want to sound cynical now, but there are those who don't want [Israel] to import ice cream or export technologies." https://t.co/aQR3I68Oll
— VICE (@VICE) July 23, 2021
At this rate, it would be faster to tell us whose phones Israel's NSO didn't hack #pegasus https://t.co/aLosXb4ZPS
— fatima bhutto (@fbhutto) July 25, 2021
36. BIG DEAL: today @WhatsApp CEO @wcathcart *publicly confirmed* that senior national security officials of US allies?? were targeted with #Pegasus spyware in 2019.
— John Scott-Railton (@jsrailton) July 25, 2021
Clear message: #NSOGroup spyware is a national security threat.
By @skirchy https://t.co/3odDQKBI0E pic.twitter.com/gTvg80bL5z
35. TODAY: @WhatsApp CEO @wcathcart rubbishes #NSOGroup's denials:
— John Scott-Railton (@jsrailton) July 25, 2021
- #PegasusProject reporting consistent w/targeting in #NSOGroup's 2019 attack on WhatsApp users.
- Points out: in *only* 2 weeks 1.4k numbers were confirmed targeted in 2019. Do the math.https://t.co/3odDQKBI0E pic.twitter.com/0vBolNMN7d
NSO: “We are doing our best to help creating a safer world.” ? #pegasus https://t.co/8l1L4MnDiT
— Ian Brown ??? (@1Br0wn) July 24, 2021
“It’s either Qatar or BDS or both” << NSO Group chief on the source behind the Pegasus leaks story https://t.co/9ycFrUb8UQ
— Ahmed Al Omran (@ahmed) July 24, 2021