A.In the fight against the notorious Pegasus spy software, pple brought up heavy legal artillery: The electronics company filed a lawsuit against the Israeli NSO Group, the controversial manufacturer of the program, in a California court on Tuesday. He is demanding damages and a court order prohibiting NSO permanently from using Apple devices, software and services. If Apple prevails, Pegasus’ entire business foundation would be shaken.
The lawsuit comes a few months after a security hole became known that allowed iPhones and other Apple devices to be infected with Pegasus via the iMessage text message service. This happened in an insidious way via a so-called “zero-click” attack, which means that Pegasus could be smuggled in without the user being aware of it or having to do anything, such as clicking on a link in a text message or an e-mail, as is often the case. If the software is on a device, it can, for example, switch on the camera and transmit information such as location data, short messages or e-mails to those who want to spy on the user. Apple released a software update in September to close the gap.
The vulnerability was named “Forcedentry”. It was discovered by Citizen Lab, a cybersecurity and human rights research group at the University of Toronto. She says she found the loophole while investigating a Saudi activist’s smartphone.
The NSO Group has been criticized for years for its spy software. In 2019, she was sued by the Internet company Facebook, who accused her of having infected smartphones with the program via its WhatsApp text message service. This litigation is still ongoing. NSO itself asserts that its software is only used with good intentions and that it should help governments fight terrorism and other crimes. This is widely doubted, however, and Pegasus has been repeatedly found on the devices of activists, dissidents and journalists. Citizen Lab described the company’s business model as “despotism as a service”.
Apple, too, found very clear words in its lawsuit and called the Israelis “amoral mercenaries of the 21st century”, whose “cyber surveillance machinery” invites “regular and shameless abuse”. NSO does not deliver “ordinary malware” and is not interested in showing “annoying advertisements” or pretending to be a bank in order to steal money from checking accounts. The company’s products are “much more insidious” and enable governments to spy on people in exchange for hundreds of millions of dollars. “NSO or its customers are not interested in average consumers.”
The iPhone maker says in the lawsuit that NSO damaged its business and reputation. In fact, the discovery of any vulnerabilities is particularly tricky for Apple, as the company prides itself on offering its customers more security and privacy than the competition. He does this in detail in the lawsuit and says, for example, devices with Google’s Android operating system are much more likely to be infected with malware than iPhones. Apple also announced Tuesday that it would donate $ 10 million to Citizen Lab and other security researchers.
Apple’s lawsuit comes just weeks after the US government blacklisted the NSO Group and another Israeli software provider. This means that American companies are no longer allowed to do business with them. The Department of Commerce described the move as part of its efforts to “put human rights at the center of US foreign policy,” including by slowing the spread of digital tools for “repression.”
#NSO #espionage #Apple #sues #amoral #mercenaries