According to multiple reports, U.S. technology company and defense contractor L3Harris Technologies Inc. is in talks to acquire some or all of the controversial Israeli spyware maker NSO Group Ltd.
The Guardian reported today that the negotiations involve L3Harris acquiring only NSO’s surveillance technology and possibly transferring some NSO personnel to L3Harris. Other reports, such as one from Intelligence Online, suggest that the talks are to acquire the entirety of NSO. The only clear part is that discussions for some type of acquisition are taking place.
A deal for all or part of NSO would not be as simple as the two companies agreeing to an acquisition. The deal would require the permission of both the U.S. and Israeli governments, and already concerns have been raised. “Such a transaction, if it were to take place, raises serious counterintelligence and security concerns for the U.S. government,” a White House official is quoted as saying.
NSO Group, with its Pegasus spyware, has been one of if not the most controversial cybersecurity companies of recent times. Pegasus is a form of software that uses zero-day or unpatched exploits to infect mobile devices. The software can breach mobile devices without requiring a user to perform any action and can infect most versions of iOS and Android.
Although NSO itself is a legitimate cybersecurity company, the problem is that NSO sells Pegasus and those acquiring the software use it for nefarious purposes.
Pegasus was allegedly used to hack about 1,400 WhatsApp users using U.S. servers, according to a lawsuit filed in 2019. WhatsApp claimed NSO Group was behind a hack in May 2019 in which accounts were compromised and involved injecting malware by simply ringing a target without needing a user to accept the call.
The alleged WhatsApp hacks targeted human rights defenders, journalists, lawyers, diplomats and senior foreign government officials. NSO Group denied the allegation, saying that its products are used to stop terrorism, curb violent crime and save lives.
A report in July found that Pegasus was again being used to target journalists and activists. Some journalists targeted included those working for CNN, The Associated Press, Voice of America, The New York Times, The Wall Street Journal, Bloomberg News, Le Monde, the Financial Times and Al Jazeera. Another report in April found that Pegasus was used to target a device connected to 10 Downing Street, the office and residence of the U.K. prime minister.
The ongoing reports of NSO’s Pegasus being used for dubious hacking campaigns prompted the Commerce Department to sanction the company in November. The ban prohibited U.S.-based organizations from buying, exporting or transferring any cybersecurity tools developed by NSO unless they receive a special license.
In response to the sanction, Israel cut the number of countries to which local companies could export cybersecurity tools later the same month.