Apple has become the latest tech giant to sue Israeli spyware developer NSO Group, in a bid to hold it accountable for targeted attacks which compromised users’ devices.
The Cupertino-based firm said it was taking legal action “to prevent further abuse and harm” to users of its products and would be seeking a permanent injunction banning NSO Group from using its products and services.
Apple said that NSO Group used the ForcedEntry exploit for a now-patched iOS bug to install its Pegasus spyware on the devices of targeted journalists, activists, dissidents, academics and government officials.
“NSO Group and its clients devote the immense resources and capabilities of nation states to conduct highly targeted cyber-attacks, allowing them to access the microphone, camera, and other sensitive data on Apple and Android devices,” Apple claimed.
“To deliver ForcedEntry to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device – allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim’s knowledge. Though misused to deliver ForcedEntry, Apple servers were not hacked or compromised in the attacks.”
Interestingly, the Apple notice lays the blame for such attacks squarely at the feet of NSO Group itself and describes it as a “state-sponsored” actor.
The Herzliya-headquartered firm would, on the other hand, describe itself as a private enterprise which only sells software and services to government clients for legitimate law enforcement and intelligence purposes.
Apple follows Facebook in taking NSO Group to court. It started legal proceedings in 2019 after it emerged that malware developed by the Israeli firm was used to target over 1000 WhatsApp users. Facebook said that “attackers used servers and internet-hosting services that were previously associated with NSO.”
Apple’s legal action comes just weeks after NSO Group was added to a US export blacklist designed to prevent it from buying and using components from American companies.
In a brief statement, NSO Group said it was “dismayed” by that decision.
“We look forward to presenting the full information regarding how we have the world’s most rigorous compliance and human rights programs that are based the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products,” it claimed.
Apple said it will donate $10m and any damages it may win from the case to cyber-surveillance researchers like those at Citizen Lab and Amnesty Tech.
“The steps we’re taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Ivan Krstić, head of Apple security engineering and architecture.
Phil Muncaster UK / EMEA News Reporter, Infosecurity Magazine