The secrets of the Israeli company that is behind the spying on the Catalan independence leaders are one step closer to being public after the decision, this Thursday, of a San Francisco judge.
The giant Facebook, the owner of WhatsApp, filed a complaint with which it tries to make an exemplary sanction end the spyware company NSO Group and serve as a warning to others.
But more important at the political level is that the complaint threatens to expose NSO’s business with the governments that hired it to spy on its citizens.
On Thursday, Judge Phyllis Hamilton rejected NSO’s previous questions about the legality of the process and decided that the complaint can go ahead.
In the case of pro-independence politicians, it will be very difficult to know the person who installed the espionage systems on their phones. Still, it is known that the Spanish information services have this program.
That security flaw is referred to by Facebook as CVE-2019-3568, the name of the security warning it posted on May 13, when it discovered that someone was hacking mobile phones through the WhatsApp app, owned by Mark’s company.
Zuckerberg. For the 1,400 affected, behind that technical name are all their messages, emails, conversations, contacts, photos, recordings, location data, and anything else that they have pointed with their camera. It all finished up in the hands of the spies.
According to the complaint report, the NSO Group created between January 2018 and May 2019 several Facebook and WhatsApp accounts to use them as a vehicle for its mobile phone spy program.
The accounts were created with Mobile numbers from different countries, including Cyprus, Brazil, Israel, Sweden, Indonesia, and the Netherlands. Later, NSO rented servers in several countries, including the United States. The servers were in the companies Choopa, Quadranet, and Amazon Web Services.
Somehow, NSO managed to unmount the application code and created a program that emulated a WhatsApp call. That is what the victims saw. A request that “appeared to originate from WhatsApp.”
A missed call and the NSO spy program was installed on their mobiles. There was no need even to answer.
When Facebook identified the hole, it closed it and posted the security breach on its website on May 13, 2019. An NSO employee not identified by the complaint said: “You just closed our largest remote point for mobile … It’s been in the news around the world.” In the complaint, it is not clear how many days that door was open.
From here, everything is questioned. NSO claims that they do not spy on anyone, that all they do is sell their spyware to governments to fight crime and terrorism, in no case to persecute dissidents.
How many governments did that program sell to, what were they, what were the terms of the contract, how much they paid, who the 1,400 individuals were still unknown more than a year after the fact?
Prestige and exemplary compensation
This is where Facebook and WhatsApp’s complaint comes into play. It was presented on October 29, 2019, in northern California’s federal courts, based in San Francisco.
Mark Zuckerberg’s company asks for a precautionary order that prohibits NSO from accessing all its platforms, which would deprive it of the world’s largest communication network. He also asks the judge to sentence NSO to exemplary compensation for the damage caused.
For companies, it is an essential question of prestige. WhatsApp offers its users one of the most secure privacy systems in the world, with end-to-end encryption (messages come encrypted from the sender and decoded by the receiver; nobody in between can see what they say).
1.5 billion people in 180 countries use it. The spyware did not penetrate WhatsApp strictly; what it did was install itself on mobile phones using WhatsApp and steal information from the device. But the image damage for Zuckerberg’s company is difficult to calculate.
But the importance of the lawsuit is that it will, at the very least, compel NSO to explain. If the Israeli company wants to argue that they are not the hackers of mobiles, it must prove it, which would, in principle, compel it to target its customers.
By prosecuting the matter, Facebook may end up forcing NSO to reveal so much information about its activities that it ends up offside. And by the way, the whole world sees many of your questions answered.
In a recent pre-motion motion, Facebook tells the judge that NSO must disclose who carried out each of the 1,400 attacks (that is, which government) and that it can ask for “all information about NSO’s clients and servers. “This Thursday, after the judge’s decision in favour of WhatsApp,
Since October, the parties have been engaged in a battle of previous issues in which NSO discussed the entire complaint. For starters, it denied the alleged harm to WhatsApp.
He claimed that there was no place to ban the service since, if WhatsApp has plugged the hole, there is no longer any possibility of continuing the alleged harm.
At one point in their argument, the Israelis ironically shoot Californians. “WhatsApp is safe again, and its users can safely send encrypted messages (and plan terrorist attacks and exchange child pornography) without risk of detection by the police or intelligence agencies,” said NSO in one of its motions. Of this preliminary phase.
NSO also discusses the federal and Californian jurisdiction over the case and is fighting to have any complaint against it brought before the Israeli court.
This week, a Tel Aviv court has given her the reason and has rejected a complaint by Amnesty International asking that the license to export its products to foreign governments be suspended.
For its part, Facebook argues that servers in California were attacked, some of the espionage victims are also in the State and, also, when creating Facebook or WhatsApp accounts, the terms of the contract stipulate that conflicts are subject to federal and Californian justice.
According to the complaint, this legal battle depends on repairing the alleged financial and reputational damage of WhatsApp. But more than that, what is in the air is the future of NSO, the spyware market, and, above all, the possible disclosure of all the information that this company has about the governments that use them.