The State Department is trying to determine who had access to the pirated documents on these phones and how the hack happened, the U.S. official said. It is possible that this situation is the result of US employees getting new iPhones and Pegasus spyware remaining on devices even after wiping them, the official added.
The State Department’s investigation is a sign that the burgeoning market for hacking tools sold by private companies is increasingly a threat not only to human rights, but also to the national security of States- United.
Last month, the Commerce Department blacklisted NSO Group and another Israeli spyware firm, Candiru, accusing the companies of providing spyware to foreign governments that “used these tools to maliciously target” journalists, embassy workers and activists.
NSO Group’s leading spyware, known as Pegasus, is capable of remotely infecting cell phones and listening to calls or text messages, security researchers say.
Reuters first reported on the investigation.
The State Department did not confirm that the phones were hacked.
“While we are unable to confirm, generally speaking, the department takes seriously its responsibility to protect its information and continually takes steps to ensure that information is protected,” said a spokesperson for the department. ‘State. “Like any large organization in the world, we closely monitor cybersecurity conditions and continually update our security posture to adapt to changing adversaries’ tactics. “
The Biden administration is “extremely concerned that commercial spyware like NSO Group software poses a serious counterintelligence and security risk to US personnel,” a spokesperson for the National Security Council said , highlighting recent additions to the Treasury Department’s list of entities. There is also a government-wide effort to tackle commercial hacking tools, the spokesperson said.
A spokesperson for NSO Group said that after the company informed of the incident, it “decided to immediately terminate access of affected customers to the system, due to the seriousness of the allegations.”
“At this stage, we have not received any information or phone numbers, or any indication that NSO tools were used in this case,” the statement from the NSO group continued. “In addition to the independent investigation, NSO will cooperate with any relevant government authority and present any information we have. “
It is not known who used the spyware to target the phones of State Department employees.
An Apple spokesperson declined to comment.
Apple and other U.S. tech companies have stepped up pressure on NSO Group over allegations of human rights and privacy violations – allegations the company denies.
Apple sued NSO Group last month for allegedly breaking federal anti-piracy law by selling Pegasus to customers, who allegedly used the software to spy on Apple customers. In a statement at the time, NSO Group did not address the lawsuit directly but said the company was providing “legal tools” to fight terrorists and criminals.
John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab who investigated NSO spyware, said the latest revelation about the alleged targeting of State Department phones shows the Office of the diplomatic security department needs to do more to secure these devices.
“NSO has been an obvious threat to national security for years, and the fact that these violations have occurred and that Apple is required to make the notification, shows that the threat was not taken seriously enough,” said Scott-Railton to CNN.
Earlier this week, Uganda Democratic Party Chairman Norbert Mao said he had received an Apple notification that his phone was targeted.