- Tweeter
republish
After a recent security incident, WhatsApp has decided to file a complaint against an Israeli start-up specializing in spyware, NSO Group, which is suspected of having - on behalf of governments with questionable track records in terms of copyright rights. man - spied on the mobile phones of a hundred human rights defenders, journalists and other members of civil society around the world.
At the time of the event, last May, Facebook's encrypted e-mail application acknowledged that it had been infected, but had not expressed itself officially, merely correcting the emergency vulnerability. " After months of investigation, we can say who led this attack, " writes Will Cathcart, head of WhatsApp, in an editorial published Wednesday in the Washington Post .
" We discovered that the attackers had used servers and Internet hosts whose links with NSO have already been established in the past (...) And we were able to link some WhatsApp accounts used during this malicious operation to NSO. Their attack was ultra sophisticated , but they did not entirely manage to erase their tracks, "Will Cathcart explains. In total, some 1,400 devices were infected from April 29 to May 10, in various countries including the Kingdom of Bahrain, the United Arab Emirates and Mexico, according to a complaint filed in a federal court in California.
Listen to a phone without the user realizing it
Hackers exploited a security hole in WhatsApp - now plugged - by inserting malicious software into phones, simply by calling users of the application, used by 1.5 billion people around the world. They were able to activate the microphone and camera of Apple or Android devices targeted to listen to or view the environment of the owners, without them realizing it. The US firm is demanding a court injunction against NSO Group to access the computer systems of WhatsApp and its parent company.
NSO Group, a company based in Herzliya, north of Tel Aviv, in the heart of Israel's Silicon Valley, said in May that its technology was " marketed through licenses to governments for the sole purpose of combating terrorism." crime and terrorism . These elements of language in the defense of the company have not moved an iota in front of the charges brought today by WhatsApp: " We dispute in the strongest possible terms the current allegations and we will fight them vigorously ( ...) Our technology is not designed to be used against human rights activists and journalists. It has saved thousands of lives in recent years. The Israeli firm also said in its statement to be " aligned with the UN Guiding Principles on Business and Human Rights, to ensure that our products respect all basic human rights ." "
Edward Snowden accuses NSO Group
But the sulphurous reputation of NSO Group was not born of an unfortunate security breach in WhatsApp. The Pegasus software developed by the firm that provides access to data from a smartphone has already made much ink, and perhaps the blood of Saudi journalist Jamal Khashoggi , according to Edward Snowden. The US whistleblower is formal, Pegasus allegedly being installed on the phone of Omar Abdulaziz, another exiled Saudi dissident who was in close contact with the murdered journalist in the Saudi Arabian Embassy in Turkey. In January 2019, one of NSO's founders, Shalev Hulio, assured the Israeli daily Maariv that none of the company's products had been used against Saudi writer and opponent Jamal Khashoggi before his murder.
Already in 2016, Apple had a disaster update its smartphones marketed since 2011 to protect against Pegasus. The following year, researchers at the University of Toronto revealed that members of an international commission investigating the disappearance of 43 students in Mexico in 2014, but also journalists, human rights defenders or lawyers had been targeted by the spyware sold to the Mexican government.
Amnesty International against the Israeli Ministry of Defense
More recently, Amnesty International has accused NSO Group of selling its products " to governments that are committing gross human rights violations ." " Amnesty International's research has uncovered scary new evidence that once again shows how NSO Group's malware is helping repression of state-sponsored human rights defenders ," said Danna Ingleton, Deputy Director of Amnesty Tech. , the digital branch of the NGO, based in London.
Amnesty expands the case of two Moroccan personalities: Maati Monjib, an intellectual currently involved in court proceedings, and Abdessadak El Bouchattaoui, a human rights lawyer who defended protestors from the Hirak protest movement in the Rif (north) in 2016 -2017. The two men " have been targeted several times since 2017 " using spyware, says Amnesty, who said " fear that the Moroccan security services are the source of this surveillance " in the context of a crackdown " Wider " against human rights defenders in the kingdom. NSO Group said in a response to Amnesty that it would open an investigation, adding " take the accusations " of the NGO " seriously ". In May, Amnesty supported legal action against the Israeli Defense Ministry to cancel the NSO Group export license. An action whose foreseeable failure in advance underlines the essentially symbolic significance.
Facebook redounds its coat of arms
" The tools to spy on our private lives are being misused. When this technology is found in the hands of irresponsible companies and governments, it puts us all in danger, "warns Will Cathcart in his editorial. While commendable and encouraging, WhatsApp's boss's face also allows Facebook to sweep its door closer by pointing to the ugly duckling, NSO Group. The social networking giant is indeed under the influence of several investigations in the United States, including its management of personal data and the protection of privacy. Facebook, which also has Instagram, has been widely criticized since a massive data leak and attempted voter manipulation scandal in 2016, during the presidential election in the United States and the referendum on Brexit in the United Kingdom. United.
The Californian group has since tried to restore trust with its users and authorities, including fighting against fake news, fake accounts, foreign propaganda operations, and better protecting its digital infrastructure. He is also engaged in a standoff with the US government, which has asked him to seek a technical solution to ensure that law enforcement can have access to encrypted data in case of serious crimes - in other words, a backdoor "in Facebook's security system.
" Democracies are based on a strong and independent press and civil society. Fragilizing the safety of the tools they use endangers them. But we want to protect our personal information and our private conversations. That's why we will continue to oppose the government's calls to weaken end-to-end encryption , "Cathcart notes in his editorial. This encryption scrambles messages and ensures that only the sender and the recipient have the "keys" to read them. This is already the case of WhatsApp and Facebook now wants to extend this encryption to its popular Messenger application.