Over the past few weeks, two revelations have shocked the cyber world. Both involved Israeli companies engaged in dirty ops on behalf of shady client states.

The most prominent was the discovery that NSO Group, which I’ve written about regularly here and at the Nation, devised a hack that permitted it to intercept conversations conducted via WhatsApp. The target/victim was a lawyer who is pursuing a legal case against NSO Group in Israeli courts.

The lawyer turned to Citizens Lab, which has exposed NSO’s hacking of the electronic devices of human rights activists, lawyers, journalists, and teachers around the world. As Citizens Lab began to investigate the victim’s phone, WhatsApp engineers too began noticing abnormalities in their voice-calling feature, then began warning human rights organizations that they were the targets, which likely became clear in the process of their forensic investigation.

The vulnerability has been fixed, and presumably WhatsApp is secure once more. But the incident should concern not only human rights activists, who appear to have been the main targets of the attack, but tens of millions of users for whom secure communication is important.

It’s worthwhile to explore the background of this most recent attack. NSO Group’s Pegasus malware infected the cellphone of Saudi-Canadian activist Omar Abdulaziz, who was a colleague of Jamal Khashoggi, the journalist who was murdered by a Saudi death squad in Istanbul last year. It’s quite possible that since Abdulaziz was in regular communication with Khashoggi, the hack of the former’s phone enabled the Saudi killers to track both men, specifically Khashoggi. Doing so would have been critical to their plans to kill him.

Media reports have confirmed that the Saudi intelligence agency that murdered Khashoggi spent $55 million to purchase Pegasus for use against enemies of the kingdom. It’s beyond reasonable to think that the Saudis deployed Pegasus to hack Abdulaziz’s phone. He is suing NSO in Israeli courts.

Last month, Citizens Lab announced that it had exposed yet another NSO hack of a Saudi dissident. Ghanem Almasarir is a human rights activist and outspoken opponent of the Saudi regime who maintains a popular Twitter account (four hundred thousand followers) and a YouTube channel (230 million views). The Guardian reported the cyber-security organization had discovered that Saudi intelligence had infected his electronic devices with Pegasus:

Almasarir received suspicious text messages in June 2018. These were tracked by independent experts to a Pegasus operator who was “focused on Saudi Arabia” and were linked to a separate attack against another Saudi critic . . . Certain indicators on Almasarir’s two Apple iPhones, coupled with the fact that he had clicked on corrupt weblinks sent to him, as well as Saudi Arabia’s widely reported use of Pegasus, led to the “inevitable conclusion” that the kingdom was responsible for sending Almasarir the texts and for the infection of his devices. “A vast amount of Mr Almasarir’s private information was stored and communicated on his iPhones . . . This included information relating to his personal life, his family, his relationships, his health, his finances, and private matters relating to his work promoting human rights in Saudi Arabia,” the letter of claim [against Saudi Arabia filed by Almasarir’s attorney] said.

The Guardian reports that Almasarir has been under UK police protection since last October, after it determined there were credible threats against his life. The CIA has reportedly notified police authorities in Norway that another Saudi social media activist, Iyad al Bagdhadi, also faces credible threats of harm from Saudi authorities. He too is under police protection there.

Shortly after NSO found out it was being sued by Abdulaziz, mysterious figures began contacting Citizens Lab researchers and others involved in the cases. The callers offered lucrative speaking gigs at international conferences. All they asked in return was to have lunch with the researchers.

At these lunches, the targets discovered that they’d been suckered. The only subject their putative benefactor wanted to talk about was Citizens Lab, and what it knew or thought about the Israeli company. He also tried to elicit prejudicial statements about the target’s views on Israel.

It was obvious that the client involved in this masquerade was NSO. Less clear was who was running the operation on that company’s behalf.

This mystery too soon revealed itself: a journalist noticed that the man who sent the lunch invitations and pumped the researchers for information had also done similar work on behalf of the Israeli black ops company Black Cube, the firm that Harvey Weinstein hired at the recommendation of Ehud Barak to intimidate the women accusing him of serial sexual abuse and rape.

Black Cube and NSO may use different technical methods in conducting their corporate business, but their goals and clients are remarkably similar: powerful, wealthy individuals, companies, and states that need to intimidate their enemies through surreptitious means that would embarrass them if made public.

NSO’s controlling shareholder, Stephen Peel of Novalpina, who just bought the company at a $1 billion valuation, issued this statement , which only adds insult to injury:

Founding partner Stephen Peel said Novalpina was “determined to do whatever is necessary to ensure that NSO technology is used for the purpose for which it is intended — the prevention of harm to fundamental human rights arising from terrorism and serious crime — and not abused in a manner that undermines other equally fundamental human rights”.

It’s a slick bit of sophistry to co-opt the term “human rights,” applying it to the aspects of the company’s business that the world deems legitimate while ignoring the illegitimate and dangerous uses which are the ones that bring in the most revenue from its unsavory clients. Peel further sought to enlist Amnesty in developing guidelines for NSO’s work so that they would promote “enhanced respect for human rights.” The idea that his company would sell malware that endangered the lives of Amnesty’s staff while inviting the NGO to whitewash its business practices is appalling.