WhatsApp sued Israeli surveillance firm NSO Group on Tuesday, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents in a hacking spree whose targets included diplomats, political dissidents, journalists, and senior government officials.
In a lawsuit filed in federal court in San Francisco, messaging service WhatsApp, which is owned by Facebook Inc, accused NSO of facilitating government hacking sprees in 20 countries, targeting over 1,400 users. Mexico, the United Arab Emirates and Bahrain were the only countries identified.
In an article authored by Will Cathcart, head of WhatsApp, in The Washington Post, he says that WhatsApp first found a cyberattack involving a vulnerability in their video-calling feature back in May, wherein users were being attacked with spyware via a malicious video call, that would affect their device even without them answering the call. This, Cathcart says, led to a month-long investigation, which apparently led the company to the source of these malicious attacks – the NSO Group.
WhatsApp head says that their investigation led them to servers and Internet-hosting services that were previously associated with NSO. They also tied certain WhatsApp accounts used during the attacks back to NSO.
The investigation also found that the attacks targeted at least 100 human-rights defenders, journalists and other members of civil society across the world. Cathcart called it “an unmistakable pattern of abuse.”
He said, "This should serve as a wake-up call for technology companies, governments and all Internet users. Tools that enable surveillance into our private lives are being abused, and the proliferation of this technology into the hands of irresponsible companies and governments puts us all at risk."
"We believe people have a fundamental right to privacy and that no one else should have access to your private conversations, not even us. Mobile phones provide us with great utility, but turned against us they can reveal our locations and our private messages, and record sensitive conversations we have with others," he added.
(Also Read: WhatsApp detected with a bug that let hackers steal your information using GIFs)
WhatsApp said that 100 civil society members had been targeted, called it 'an unmistakable pattern of abuse. Image: Reuters
NSO, on the other hand, continues to deny the allegations. "In the strongest possible terms, we dispute today’s allegations and will vigorously fight them," NSO said in a statement. "The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime."
(Also Read: WhatsApp vulnerability allowed Israeli spyware to be injected onto phones: Report)
WhatsApp is used by some 1.5 billion people monthly and has often touted a high level of security, including end-to-end encrypted messages that cannot be deciphered by WhatsApp or other third parties.
Citizen Lab, a cybersecurity research laboratory based at the University of Toronto that worked with WhatsApp to investigate the phone hacking, told Reuters that the targets included well-known television personalities, prominent women who had been subjected to online hate campaigns and people who had faced “assassination attempts and threats of violence.”
Neither Citizen Lab nor WhatsApp identified the targets by name.
(Also read: WhatsApp security breach: Amnesty international files lawsuit against NSO group)
Governments have increasingly turned to sophisticated hacking software as officials seek to push their surveillance power into the furthest corners of their citizens' digital lives.
Companies like NSO say their technology enables officials to circumvent the encryption that increasingly protects the data held on phones and other devices. But governments only rarely talk about their capabilities publicly, meaning that the digital intrusions like the ones that affected WhatsApp typically happen in the shadows.
WhatsApp's said its legal move was unprecedented, saying it was "the first time that an encrypted messaging provider is taking legal action against a private entity that has carried out this type of attack against its users."
The lawsuit seeks to have NSO barred from accessing or attempting to access WhatsApp and Facebook's services and seeks unspecified damages.
NSO’s phone hacking software has already been implicated in a series of human rights abuses across Latin America and the Middle East, including a sprawling espionage scandal in Panama and an attempt to spy on an employee of the London-based rights group Amnesty International.
NSO came under particularly harsh scrutiny over the allegation that its spyware played a role in the death of Washington Post journalist Jamal Khashoggi, who was murdered at the Saudi Consulate in Istanbul a little over a year ago.
(Also read: Ex-employee of cyber surveillance company NSO group, charged with cyber crimes)
Khashoggi’s friend Omar Abdulaziz is one of seven activists and journalists who have taken the spyware firm to court in Israel and Cyprus over allegations that their phones were compromised using NSO technology. Amnesty has also filed a lawsuit, demanding that the Israeli Ministry of Defense revoke NSO’s export license to "stop it profiting from state-sponsored repression."
NSO has recently tried to clean up its image after it was bought by London-based private equity firm Novalpina Capital earlier this year. In August, NSO co-founder Shalev Hulio appeared on "60 Minutes" and boasted his spyware had saved "tens of thousands of people." He provided no details.
NSO has also brought on a series of high-profile advisers, including former Pennsylvania Governor Tom Ridge and Juliette Kayyem, a senior lecturer in international security at Harvard University. Last month, NSO announced it would begin abiding by UN guidelines on human rights abuses.
With inputs from Reuters.
from Firstpost Tech Latest News https://ift.tt/2No9ML3
No comments:
Post a Comment