Usually, silence and secrecy are two must-have qualities of espionage. For nine years, Hulio never publicly mentioned his billion-dollar hacking company – even when his hacking tools were involved in scandalous incidents, and when he was accused of accomplice. human rights abuses. Recently, Mr. Hulio has spoken out to the public.
“People don’t understand how intelligence works“, Hulio told me during a phone interview while he was still in Tel Aviv, Israel. “The work is not easy. Not pleasant at all. Intelligence is a formidable business activity that is rife with ethical dilemmas“.
The NSO Group, led by Mr. Hulio, is the world’s largest spyware-software company. It is at the heart of a burgeoning tech industry, where well-known companies find weaknesses in software, develop vulnerabilities to exploit information and resell malware to governments. country. The Israel-based company has been involved in many global scandals.
NSO’s CEO, Shalev Hulio.
Ten years after founding the company, Hulio did what no one in the secret industry would think of: he openly talked about NSO Group, about the hacking industry, and about how transparency would affect companies. spyware company. This is the most important thing that the hacking industry can do right now, he said: “We have been accused by many parties, and for some valid reasons, that we were not transparent enough in our activities.“.
A culture that exists in silence
As a former commander in the Israeli military and then becoming an investor focusing on research and development for a company that allows remote access to phones, Hulio says he founded NSO Group in 2010, with support from European intelligence agencies. At that time, NSO declared itself as an enterprise capable of participating in the world’s leading cyber warfare.
NSO’s popularity started in 2016, when the security team at Citizen Lab linked Pegasus – the flagship product of NSO – to a cult spyware installment. NSO kept quiet, partly due to regulating regulations: in 2014, private company Francisco Partners bought NSO for $ 100 million, and they imposed a policy of “no contact with the press”. thoroughly. Hulio says that this creates a culture of tranquility that raises many problems.
The hardware is used by NSO specialists.
“Not being interviewed – we can’t talk to the journalist except that ‘no comments’“, Hulio said. “This created a lot of buzz around us, because every time we were accused of abusing this clause and that, we could not comment.“.
This is a mistake that intelligence companies similar to NSO should avoid in the future, Hulio said. “The hacking industry should be more transparent. Every company should know that it is selling [dữ liệu] for whom, who are the customers, what is the use purpose“.
In fact, the hack that made NSO’s reputation back in 2016 – sending a message with a link to install spyware on the recipient’s computer – gave us in general and security researchers in particular a clearer view of these more and more sophisticated methods of penetration. The other message uses the technique of “zero-click”, which means infecting the receiving machine with malware without the need for the owner to take any action. There are ways to install spyware on the phone to avoid the alarm system, without the victim having to do anything directly without leaving any trace.
“Proposal from hacking companies is this: criminals as well as terrorism can be hidden through encryption technology, so countries need to be able to chase these criminals to their lair.“, Said John Scott-Railton, senior researcher at Citizen Lab. “The companies that sell these hacking techniques are increasingly quiet. It’s not just WhatsApp that has its flaws. We saw weaknesses on iMessage, the SS7 software, with zero-click transmission. Determining the scale of the problem is almost impossible. We only have to guess, and only get to know a few of the participants. The market is getting bigger and bigger, yet there is a serious lack of information about the abuse cases“.
WhatsApp, one of the messaging services that is supposed to be secure.
It has never been easy to understand and appreciate the full scale of the hacking industry. Detection and investigation techniques are becoming rarer and rarer, as hacking techniques are becoming more sophisticated and discreet. So, the harder it is to detect hacks and abuse.
Hulio agrees with the statement that the hacking industry is getting deeper and deeper into the dark. When asked about whether the industry leaders have made an effort to make everything transparent, he shook his head:
“In fact, I see things going in the opposite direction. The hacking industry is increasingly stepping out of regulation. I have noticed that many companies are trying to hide their activities. This hurts the industry as a whole“.
Avoid being transparent
Hulio asserted that NSO is going in the opposite direction, trying to follow a new direction under a new executive board. Despite facing allegations of abuse of Pegasus as well as being involved in a lawsuit related to the messaging app WhatsApp, Hulio insists that his company is slowly changing. The most visible example is the fact that he is frankly talking to the media, in addition to the new self-management policies set by the company. However, the transition has not come so easily as the NSO continues to face new accusations.
Hulio added that its rival companies are avoiding transparency and accountability by relocating operations to countries that are prone to circumvention.
“They are opening companies in countries where there is no strict legal regime. I see many companies trying to hide their activities by changing their identities many times. Or through mechanisms but research and development in one branch, make sales through a second company and then deploy operations in another third company, so it is impossible to track the activity. their“.
NSO Group itself is the same, when they appear under many other names such as Q Cyber Technologies in Israel or OSY Technologies when operating in Luxembourg, NSO has facilities in North America under the name Westbridge. NSO employees are available globally. During many years of operation, NSO created a messy network, making it almost impossible to track contracts and company activities.
So what is “accountability” in particular? When the NSO Group first appeared, the Wassenaar Agreement, an important agreement for the export of weapons and dual-purpose electronics, did not yet have laws on high-end electronics such as computers and information technology equipment. On a global scale, the hacking industry hides itself very carefully, shady so it is difficult to understand, but its ability and strength are growing.
“There are many holes. Not all countries are party to the Wassenaar Agreement. I really think it is very difficult to reach an international agreement. Obviously doing something ‘international’ is always a good idea, but I must say that there are countries that operate like tax havens, others that loosen regulations on exports. Need global regulatory procedures for these countries“.
Who is on the radar of sophisticated hacking methods?
Since NSO’s reputation, there have been a number of abuses involving people using NSO technology. Whenever allegations appear, NSO will conduct an investigation. Whenever a dispute occurs, NSO can issue a record request to indicate the goal. According to Hulio, in many cases, the accused party will admit the facts stated, and that the subject is real – but their actions are legal under the local law and the contract they sign. So NSO and the service user will discuss and figure out whether the target is legitimate or not.
Many criticized the NSO Group that Pegasus was used against many influential people. But Hulio argues that the Pegasus application context could justify the action to be taken. Hulio points to the example of an event that captured the Mexican drug lord Joaquín “El Chapo” Guzmán. There is unofficial information indicating that NSO Group has been involved in this campaign for many years.
After successfully escaping from prison, El Chapo was arrested again after a gunfight took place in Mexico City in 2016.
“Chapo escaped“, Hulio said. “People like Chapo or the ISIS leader don’t have smartphones in them. When Chapo escaped, they thought that he would then call his lawyer, so proceed to monitor the lawyer. The lawyer is not a bad man – and I am not saying that we are involved. Lawyers themselves are not criminals, but El Chapo, a criminal, will call his lawyer, and the only way to arrest him is to follow up with the lawyer.“.
But not always the NSO faces the same allegations as the case involving El Chapo. Then Hulio also said that NSO is often accused of incidents involving other spyware companies.
“Every time we sell a system to a customer, many questions are difficult to ask, but I’m not sure other parties do.“, Hulio said. “I am willing to face a nation’s defense minister or a public security minister, or even a country’s secret service, and hear questions like: What is the purpose of the system? Who is the audience? What is that mission? What are you investigating? What is the investigation process? Analyze data like? Who makes the decision to choose a target? What is the specific law of the country in question – how does it work? Questions that a lot of companies don’t care about. They have a contract – and they want a business. They will continue to do business because the input money is still abundant“.
We are going in a vicious circle, caught in a mess of secrets. Cash flow is still flowing, abuse is still happening, and hacking tools are proliferating: no one can deny these things.
But who is responsible when the great powers have these powerful spyware in their hands to use on their opponents? The night covered more and more, so that the light of the truth became more and more sparse.