Spyware developed by Israeli surveillance for hire company NSO Group was reportedly used to spy on yet another member of civil society, this time targeting a senior member at rights group Human Rights Watch. That revelation comes despite NSO’s own rules against spying on activists or journalists and comes less than 24 hours after another report detailing the use of its Pegasus software to target a Polish political figure and an author.
In the first case, Human Rights Watch claims Lama Fakih, head of the organization’s Beirut Office and HRW’s crisis and conflict director, was targeted at least five times between April and August last year. Fakih works regularly to investigate human rights abuses, international crimes, and armed conflict around the world, according to HRW—factors they believe may have led security forces or intelligence agencies working on behalf of a state government to target her. HRW did not speculate on which country the attacks may have originated from and did not immediately respond to Gizmodo’s request for comment.
“The news was overwhelming,” Fakih said in an interview. “I felt dread and disbelief. You have a million thoughts going through your head. Why would I be targeted in this way and how? What government did this? What does this mean for my security and for the security of everyone whose data may have been compromised as a result of the attack?”
In a tweet, Fakih showed a screenshot of a notification she revied from Apple informing her she may have been the target of a state-sponsored attacker. Though others versions of Pegasus software uses text messages embedded with malicious links to gain access to a target’s device, Fakih said she was the victim of a “zero-click attack” that is capable of infecting a device without the target ever clicking a link. Once a target is successfully infected, NSO’s Pegasus software allows the end-user to surveil the target’s photos, documents, and even encrypted messages without the target ever knowing.
“It is no accident that governments are using spyware to target activists and journalists, the very people who uncover their abusive practices,” Fakih said in a statement. “They seem to believe that by doing so, they can consolidate power, muzzle dissent, and protect their manipulation of facts.”
Following the Apple alert, HRW says it performed a forensic analysis and determined both Fakih’s current and previous phones had been affected.
NSO Group did not immediately respond to Gizmodo’s request for comment, but in a statement provided to HRW, the Israeli firm said it was unaware of any of its clients using its services to target HRW staff.
“Any such use against such a staff member, or any other individual for that matter, would be a serious misuse of our technology unless there was a reasonable suspicion that such person was involved in a serious crime or terrorist activity,” NSO wrote.
Over its 11-year history, NSO Group’s spyware has repeatedly been used to target journalists, human rights advocates, children, and even some political leaders. While this appears to mark the first case of a foreign non-governmental organization targeted using Pegasus in Lebanon, others, including a New York Times Beirut bureau chief, have previously found themselves targeted with the spyware.
While allegations of questionable spying campaigns are nothing new for the company some have dubbed “amoral 21st-century mercenaries,” the recent volley comes amid a wave of scandal that’s reportedly forced NSO into a battle for survival.
Last week, a report in Calcalist claimed the Israeli government has used NSO’s spyware to spy on domestic protest leaders and anti-government activists dating back to 2013. If true, that would mark a momentous departure for the company, which has managed to steer clear of domestic espionage involvement. Israeli Police Commissioner Kobi Shabtai has since confirmed law enforcement do use third-party cyber-technology but declined to specify the names of any service. Israel’s attorney general subsequently launched an investigation into Israel’s police force over alleged use of the technology.
On Tuesday, following the week of scandal, NSO’s former commissioner, Asher Levy, announced he would resign from his position less than two years after assuming the role. Levy tried to downplay a connection between his resignation and the domestic spying news, telling the Associated Press his departure was planned months ago.
“I can understand why people are making the connection,” Levy told the AP “In reality, it has nothing to do with the breaking news, so to speak, around NSO.”
Another Haaretz report, filed just hours after Levy’s resignation, claimed NSO was in advanced talks with the U.S.-based venture capital firm Integrity Partners for a deal to acquire control of NSO. According to the report, that plan would involve severing ties with the vast majority of NSO’s 37 clients and would leave them working only with New Zealand, the United States, Australia, Great Britain, and Canada—the countries that make up the so-called Five Eyes intelligence alliance. The new company would reportedly focus primarily on defensive cyber capabilities. Under the deal, Integrity would reportedly lobby the U.S. government to remove NSO from a U.S. blacklist it was added to late last year.