- Apple has filed a lawsuit alleging NSO should be held responsible for the use of their Pegasus spyware
- Pegasus is known for selling advanced spyware tool 'Pegasus' to some authoritarian governments, whom have allegedly used it in human rights' abuses
- Apple demands all proceeds made by hacking iOS devices and a injunction preventing NSO from using Apple devices and services
- Apple has pledged to donate any court proceeds to human rights NGOs
Who is NSO?
NSO is an Israeli company known for developing the Pegasus spyware. This tool is incredibly advanced and is known to exploit zero day vulnerabilities, in some instances these exploits can be utilised without any interaction form the end user, completely unbeknownst to the victim - these are known as 'zero click' exploits.
NSO sells their software to governments so they can "investigate terrorism and crime to save thousands of lives" (their words, directly from their website). However their tools have allegedly been involved in the targeting of journalists, activists and human rights campaigners - which shouldn't come as much of a shock given NSO's customers have included Saudi Arabia and Bahrain.
It has been alleged that Pegasus was used to spy on the close relatives of the Saudi Arabian journalist Jamal Kasoggi, before he was murdered by Saudi secret agents, cut up into little pieces and dissolved in acid - breaking bad style. The allegation is that spying using Pegasus aided in planning his assassination.
NSO is described in the court filing as "notorious hackers—amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.” Apple argues that because NSO “provide[s] consulting and expert services to their clients, assist[s] them with their deployment and use of Pegasus, and participate[s] in their attacks on Apple devices, servers, and users” they are somewhat involved in the use of their tools, and thus should be held responsible for its use.
Apple is demanding some pretty hefty penalties. One of which is described as “A permanent injunction, restraining Defendants from accessing and using any Apple servers, devices, hardware, software, applications, etc”. This would de facto kill NSO’s business model overnight, because you can’t exploit IOS devices if you can’t use IOS devices... Apple is also asking for “Disgorgement of Defendants’ profits resulting from the conduct alleged” - that’s legal speak for give us all the money you made hacking our devices.
Apple's new threat notification system
Along with filing this lawsuit, Apple has simultaneously announced a new notification system for victims of state sponsored hacking. They explain “If Apple discovers activity consistent with a state-sponsored attack, we notify the targeted users in two ways”
Firstly, you’ll get one of these threat notifications when you log in on Apple’s website. Alternatively Apple will also send you an “email and iMessage notification”. Apple makes it clear not to rely on this system though, adding that “It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected.”
Oh and if you wake up one morning to find yourself alerted, don’t bother asking Apple for more information, as Apple says they’re “unable to provide information about what causes [them] to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future.”
Good Guy Apple?
If Apple wins it sets somewhat of a precedent for other companies thinking of supplying awful regimes with advanced hacking tools. Another nugget of praise for Apple comes in the form of them announcing that they will donate any money they make from this lawsuit to citizen lab, amnesty tech, and other non profits organisations that expose spyware.
NSO is on the decline
NSO group is facing a dramatic decline, it looks like Apple’s lawsuit may simply be yet another milestone in their inevitable demise. For example, earlier this month the US sanctioned NSO group for what the US department of commerce describes as enabling “the practice of authoritarian governments targeting dissidents, journalists and activists”. The sanctions mean that US companies simply can’t do any kind of business or have any kind of relationship with NSO without a license.
To add to NSO’s growing list of problems, they were recently denied an appeal to have their ongoing lawsuit instigated by Facebook thrown out - that lawsuit hasn't moved much since it was filed in 2019.
NSO is also in debt to the tune of hundreds of millions of dollars and has recently had their credit rating downgraded by Moody's, lenders are trying to offload their debt at a steep discount in order to distance themselves from NSO.