Israel authorized cyber-company NSO to sell surveillance software to Saudi Arabia, the Washington Post reported on Friday, citing two former top U.S. security officials.
According to the sources who spoke with Washington Post columnist David Ignatius, Israel gained a secret Sunni Arab ally against Iran and an opportunity to gather cyber information on the kingdom. The analyst, who cited American, European and Saudi sources, reported that Crown Prince Mohammed bin Salman was interested in purchasing Israeli software because he was impressed by Israel's cyber capabilities.
The two American sources told the Post that the Saudis worked through a Luxembourg-based affiliate of NSO called Q Cyber Technologies. Q Cyber promised the Saudis access to targets in six Middle Eastern countries and directly assisted them in solving problems with the cyber-monitoring systems that they provided, the report said.
>> Israeli cyber firm negotiated advanced attack capabilities sale with Saudis, Haaretz reveals ■ Revealed: Israel's cyber-spy industry helps world dictators hunt dissidents and gays ■ The dark side of Israeli technology: Six takes on the sale of cyberattack firm NSO | Analysis
Sources told the Post that the Israeli government authorized the transaction despite certain Israeli officials' hesitations over granting Arab regimes access to such technology. Three sources said that the Saudis were interested in the Pegasus advanced surveillance program.
Ignatius writes that the lawyer representing NSO and the affiliate company Q Cyber refused to confirm any of the companies' clients. "They’re a supplier of a product," the lawyer told the Post. "The customer makes representations that the product will be used in a way that’s lawful in that country. Obviously, there are sometimes abuses," he added.
In response to an Haaretz query, NSO commented that "the company develops products that are sold only to authorized government entities who are trained for the exclusive goal of investigating and preventing crime and terror."
Israel's Defense Ministry stated that "the Defense Export Control Agency (DECA) strictly provides licenses to security exporters in accordance to the law, the standards and the commitments that the State of Israel is committed to, in coordination with the Ministry of Foreign Affairs and other government entities. The Defense Ministry does not provide details about the Israeli government's policy on giving export licenses or about the licenses themselves for defense and strategic reasons. For this reason, we cannot comment on the question whether the aforementioned license exists."
Last week, Montreal-based Saudi activist Omar Abdulaziz launched a lawsuit against Israeli cyber company NSO, claiming that the company's software was used to hack his cellphone in order to track conversations with murdered Saudi journalist Jamal Khashoggi.
"The hacking of my phone played a major role in what happened to Jamal, I am really sorry to say," Abdulaziz told CNN. "The guilt is killing me."
Abdulaziz's lawsuit against NSO comes a month after a Haaretz investigation revealed that the company negotiated the sale of advanced cyber-attack capabilities with Saudi Arabia.
The Israeli company offered Saudi Arabia a system that hacks cellphones, a few months before Crown Prince Mohammed bin Salman began his purge of regime opponents, according to a complaint under investigation by Israel Police.
In November, Amnesty International Israel asked the Defense Ministry to revoke cyber firm NSO's defense export license, saying it had been proven that its software had been used in "a series of egregious human rights violations." "NSO is out of control," Amnesty Israel said.
Sources in the Defense Ministry agency that oversees defense exports said it was strict about granting licenses according to the law and that they could not discuss the existence of NSO's license for security reasons.
Amnesty Israel rejected the response and said it intended to pursue legal action.
In October, the Citizen Lab research group said it had “high confidence” that the Saudi government used NSO’s Pegasus software to eavesdrop on Saudi dissident Abdulaziz. According to the report, " Once the phone is infected, the customer has full access to a victim’s personal files, such as chats, emails and photos. They can even surreptitiously use the phone’s microphones and cameras to view and eavesdrop on their targets."
Want to enjoy 'Zen' reading - with no ads and just the article? Subscribe todaySubscribe now