An ex-employee of Israeli-based cyber-arms dealer and software company has been arrested for theft and attempting to sell a phone hacking tool on the Dark web for $50 million. The NSO Group is a well-known software and cyber security company that specializes in the development of technology that can be utilized in the fight against terror. No stranger to controversy, the company has in the past been accused of selling software that has led to attacks on human rights activists and journalists in politically sensitive regions of the world. Notably, the software was used to target activist Ahmed Mansoor in the United Arab Emirates in 2016.
High-Tech Malware Used to Hack iPhones and Android Phones
The NSO Group provides software to governments around the world that can crack the sophisticated security provided by mobile phones. The software can be used to spy on individuals and organizations, as well as used by law enforcement to stop criminal activity. However, the spy software manufacturer recently fell prey to a breach of security itself when an ex-employee stole proprietary software for the company’s product, Pegasus.
Pegasus, which operates as malware, targets vulnerabilities in iPhones and Android devices. Though both Apple and Google have been quick to patch and fix the supposed vulnerabilities, Pegasus is still considered one of the most powerful spyware software programs available for commercial use.
The employees stole the source code for Pegasus which was NSO Groups most powerful software and spyware. Allegedly, the 38-year-old employee was trying to sell the spy software on the dark web for around $50 million, payable in cryptocurrencies. The company noted that the selling price of $50 million was substantially higher than the regular licensing price of around $1 million per deployment. The indictment was handed down by Israel’s attorney general and detailed the crime by the employee who disabled standard McAfee Security software on his computer and brazenly copied the Pegasus source code onto an external hard drive.
Trying to broker a sale on the dark web proved futile as the potential buyer reported the sale and hack details to NSO Group which led to the arrest of the individual.
What Does This Mean for Cyber Security
Despite selling their own form of hacking software, the NSO Group has always maintained that their source code and software is only sold and used by reputable and approved government agencies, specifically in the fight against terror. The fact that the software could so easily be copied by the simple disabling of an out-of-the-box security program and put up for sale means that even the most secure facilities and systems are vulnerable to attack. Often, security threats stem from within organizations, where ironically, security is habitually the weakest. Making sure that employees and people with access to company software, especially potentially dangerous cyber weapons, is a crucial step in the development of any program. The risk that cyber weapons end up in the hands of people who would use them to perpetrate crimes against humanity is too great to be trusted to an antivirus package.