I say grant them their wish. Foreign nation state operatives hacking in plain sight in the US, in active war zones? Treat them as the enemy combatants, terrorists even that they want to be recognized as.
How about we just treat them as criminals - let's move away form the some of the worst abuses of government power in the 21st century. Let's get back to the rule of law.
I'm surprised NSO Group employees and their families and affiliates aren't being treated as, at the very least, potentially-adversarial intelligence assets.
I woudn't count on that. There's a chance they're at least indirectly funded by the US, since the US pays several billions every year to Israel, both in military and economic aid.
Almost all of that is in the form of credit to be used to buy American military equipment and services. It's as much a subsidy for American arms contractors as it's aid to Israel, although yes it is both. Still, it's not cash and they can't just spend it on whatever they like.
Furthermore regarding the linked article, how is a loan guarantee just thrown in to the total. Unless Israel actually defaults on every single loan every year the cost of that is close to zero. Is that really a reasonable assumption to make? So now who's lying.
That's pretty much the point I was making. The CIA and Mossad extensively share intelligence with each other, so it's unlikely that A) The US intelligence agencies didn't know about NSO's activities, and B) They'll punish them in any way.
NSO’s ventures so far have mostly been tied to Arab countries. You can’t assume they work for Mossad anymore than assuming that Google is an extension of the NSA.
Israel is a home for many, many cyber security companies, on defense and offense.
An interesting story I read from HN shows it's not out of the question for 'allied' intelligence to provide technology to 'opposition' nation states just to collect that intelligence. https://news.ycombinator.com/item?id=22297963
I'd say over 50% of Israeli tech founders come from that unit or one of its siblings. That includes Wix, Checkpoint, Palo Alto Networks and hundreds of others. This really is the backbone of the Israeli tech industry.
Not only that but these people are very tightly integrated into global tech giants - Apple's two large acquisitions in Israel (PrimeSense and Anobit), Facebook's Israeli R&D center (Onavo) and a significant part of Microsoft's cloud security division (Adallom) - all of those are ex. 8200.
Israel is small, and military service is required. If you're smart and have talent (versus just muscles), then you'll go through some unit like this during your service. It's a bit like saying Google is an extension of Stanford because that's where the founders came from. It just happens to be a place that people went through.
I know many who have been through that group because of military service. None of them are doing security related stuff (one is a professor, another is VP at a major SV company, etc etc).
NSO seems to be making an argument that arms dealers typically make. Perhaps they could point out real examples of defensive uses. Otherwise, enough. Hafsiku lehitamem.
That was alleged in court but no evidence has been provided publicly. I do not see the relevance here though, FB being gross doesn't make NSO any less gross.
I’m very skeptical that any nation state group is foiled by leaked ip addresses or language identifying strings left in code. Both seem like such obvious red herrings that it makes me question anyone that puts stock in them.
NSO Group isn't like Cozy Bear -- it's not a code name for an unknown probable nation-state APT. It's an Israeli company that sells hacking tools used by the Saudis (among others).
NSO Group was "tied to America" in a legal sense relevant to WhatsApp's lawsuit. There's no implication that it was, like, secretly the NSA or something. Just that this Israeli company rented US-based servers from a US-based company, and this invalidates some legal defenses they're using to fight WhatsApp's lawsuit.
Yes, no, I read it. I just don’t think there is a bill of sale for rented servers anywhere that has the recipient as “Elite Nation State Hacker Group”. If the trail is IP address, I trust that as much a “spasibo” being proof of Russian Hackers.
NSO Group is not an "Elite Nation State Hacker Group". It's a private Israeli company that sells malware (and apparently malware-as-a-service).
If they didn't rent those servers, it would be very easy for them to say to the court "we did not rent those servers, our clients did". Notably, they did not say this. Probably because they did rent the servers, and if subpoenaed the hosting provider would produce receipts showing that. And then NSO's lawyers would get disbarred.
