The secret Uganda deal that has brought the NSO to the brink of collapse

A man walks past the building's entrance to the Israeli cyber company NSO Group in one of its branches in the Arava desert on November 11, 2021 in Sapir, Israel.
Enlarge / A man walks past the building’s entrance to the Israeli cyber company NSO Group in one of its branches in the Arava desert on November 11, 2021 in Sapir, Israel.

Amir Levy | Getty Images

In February 2019, an Israeli woman sat opposite the son of the President of Uganda and made a bold pitch – would he secretly hack any phone in the world?

Lieutenant General Muhoozi Kainerugaba, who is in charge of his father’s safety and a long-whispered successor to Yoweri Museveni, was eager, said two people familiar with the sale argument.

The woman, who had ties to Israeli intelligence, after all, pitched him Pegasus, a piece of spyware so powerful that Middle Eastern dictators and autocratic regimes had paid tens of millions of millions for it for years.

But for NSO, the Israeli company that created Pegasus, this immersion in East Africa would prove to be the moment it crossed a red line, outraged US diplomats and triggered a chain of events that would cause it to be blacklisted by the trade department. , pursued by Apple, and driven to the brink of defaulting on its loans, according to interviews with U.S. and Israeli officials, industry insiders and NSO employees.

A few months after the initial approach, NSO’s CEO, Shalev Hulio, landed in Uganda to seal the deal, according to two people familiar with NSO’s East African business. Hulio, who flew around the world with the Israeli government’s permission to sell Pegasus, liked to demonstrate in real time how it could hack a brand new iPhone into a box.

The final business was small for NSO. A person familiar with the transaction said it brought in between $ 10 million and $ 20 million, a fraction of the $ 243 million that Moody’s estimated the privately owned NSO had in revenue in 2020.

But about two years after the sale argument, someone deployed Pegasus to try to hack the phones of 11 U.S. diplomats and employees at the U.S. Embassy in Uganda, according to two U.S. officials who spoke after notifications were sent out by Apple when the iPhone maker discovered and closed a bug in its operating system in November.

It is not clear who tried to hack the American citizens. Uganda’s neighbor, Rwanda, had also used Pegasus to hack phones inside Uganda, but the revelation shocked the United States. NSO has always told its customers that US phone numbers are off-limits. In this case, all 11 targets used Ugandan numbers but had Apple login using their emails from the State Department, according to the two U.S. officials.

The NSO said it was shutting down hacking systems for “customers relevant to this case” and is investigating the issue. A person familiar with the company said it no longer has any business in Africa.

The president’s press secretary for Museveni and the information minister for the Ugandan government did not respond to a request for comment. A person close to Museveni said they “were not authorized to speak on the subject.”

Israeli and US officials declined to confirm that the Ugandan hack directly triggered a decision to blacklist the NSO. But a US official who discussed the issue with the Israeli Ministry of Defense said: “Look at the whole course of events here – it is careful, not accidental.” He added that putting the NSO, one of the jewels of Israel’s technology community, on a US blacklist was designed to “punish and isolate” the company.

The blacklist, which came in November, means that NSO cannot buy any equipment, service or intellectual property from US-based companies without approval, which paralyzes a company whose terminals ran on servers from Dell and Intel, routers from Cisco, and if Desktops run on Windows operating systems, according to a spec sheet from a sale to Ghana, in West Africa.

In recent weeks, for example, Intel has asked all its employees to cease ongoing business relations with NSO, said a person familiar with the matter. Intel said in a statement that it “complies with all applicable US laws, including US export control regulations.”

A new CEO, Itzik Benbenisti, employed by Partner Communications, one of Israel’s largest telecommunications providers, resigned two weeks into his new job following the blacklist. And while the company was trying to cheer up its employees with a Hanukkah party in the seaside resort of Eilat, Hulio – who took over the reins after Benbenisti resigned – was less sensuous in a recent phone call with an old business associate.

“We always knew this thing had an expiration date,” he told the friend, complaining that some customers had asked to move their contracts to lesser-known rivals, according to a person familiar with the conversation.

After spending a decade in favor of the Israeli government, the NSO now finds itself an annoyance in the relationship between Israel and the United States and uses the vital foreign policy bandwidth we have to talk about Iran, said a Foreign Ministry official who asked about anonymity.

It is a turnaround for the NSO, which former Prime Minister Benjamin Netanyahu used as a diplomatic business card with several countries, including the UAE, Morocco, Bahrain and Saudi Arabia, which had no official relations with Israel.

The damage to reputation has also made it difficult to keep hiring the most promising candidates from Israel’s elite signal intelligence units, who have the ability to repeatedly outwit the defense of both Android phones and iPhones.

For example, when Google reverse-manipulated the hack used against U.S. diplomats in Uganda, it found an elegant, tiny piece of code that adapted software from 1990s Xerox machines to fit a so-called Turing machine – essentially a complete computer – in a single GIF file.

“Pretty incredible, and at the same time pretty scary,” Google engineers said. “Wow. Just wow,” tweeted Yaniv Erlich, an Israeli professor of computer science at Columbia University.

“You can count on one hand the number of teams in the world that could create something like this,” said John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, who found the malware and alerted Apple.

NSO said it had hired 30 new employees in recent weeks. “There is an understanding among our employees that there is a wide gap between media reports and reality,” a spokesman said.

Meanwhile, NSO has also fallen into the threads of Silicon Valley after twisting Apple and Meta by hacking into iPhones and WhatsApp.

Apple’s two-pronged approach – it has announced many of the targets for NSO hacks while suing the company in US courts – sent a “shock wave” through the industry, said a person familiar with the case.

Apple and Citizen Lab have also shared NSO’s technical secrets and worried rival companies enough to ask their customers to turn down the use of other spyware, afraid of being caught in Apple’s dragnet, said a former top executive of an Israeli technology group.

“There is a sense that this is a complete war against the entire industry,” he said, adding that senior Israeli employees of the NSO and other similar firms “remain seated” in Israel to avoid being drawn in for questioning in the United States. and its allies.

For now, U.S. pressure had left NSO with few options, company insiders said. Moody’s has downgraded NSO’s debt as the company’s free cash flow became negative in 2020 and is expected to remain negative this year. “There is a high risk that the NSO may not be in line” with an agreement on the $ 500 million in loans it took in 2019 to become private at a valuation of $ 1 billion, Moody’s said.

It has hired Moelis & Co, a New York-based investment bank, to see if it can sell parts of the company to raise cash, and even offer to turn Pegasus into a “defensive” product if it makes it more tasty for US investors.

Last Wednesday, that window was also narrowed – 18 U.S. senators wrote to Secretary of State Antony Blinken and Treasury Secretary Janet Yellen to sanction the NSO under the Magnitsky Act along with a handful of other cyber-surveillance firms.

If the United States responds to this request, the NSO would be cut off from the US banking system and its employees would be barred from traveling to the United States.

© 2021 The Financial Times Ltd. All rights reserved. Do not redistribute, copy or alter in any way.

Give a Comment