U.S. State Department Employee iPhones Reportedly Targeted by Spyware

(Bloomberg) -- Spyware from Israel’s NSO Group was used to hack the mobile phones of a number of U.S. State Department employees, according to two people familiar with the attack.

The hacks targeted officials based in Uganda or focused on issues concerning the East African country and took place in the last several months, according to the people, who requested anonymity because the information hasn’t been released publicly. The people said the victims were notified by Apple Inc.

At least nine State Department employees had their phones hacked, according to unidentified people cited by Reuters, which reported the attacks earlier Friday.

The State Department had no immediate comment, although an official said the department takes seriously its responsibility to safeguard its information and continuously updates its security as does other large organizations that are active globally. 

In a statement, NSO Group said it hasn’t received any information indicating the company’s tools were used in the alleged attacks. Nonetheless, the company said that if there is a suspicion that a customer is misusing its technology, it has vowed to investigate and terminate the contract if found true.

“Last night, following an inquiry we received alleging Ugandan phone numbers used by U.S. government officials were hacked, we immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation,” according to the company’s statement. “This termination took place despite the fact that there is no indication the phones were targeted by NSO’s technology.”

“The claims of all involved parties specifically mentioned there is no indication, let alone proof, that it was NSO’s tools that were used by these customers,” according to NSO Group.

A spokesperson for NSO Group declined to name the customers.

In November, the U.S. added NSO Group to a list of entities banned from receiving exports from American companies, citing its role in developing and supplying spyware and hacking tools. Apple later sued NSO Group, seeking to bar the spyware firm from using its products and services, and said it would start notifying users targeted by state-sponsored hacking. 

Read More: U.S. Blacklists NSO Group, Other Firms Over Cyber Acts

The disclosure of the phone hacking comes as the State Department has made several moves in recent weeks to tighten cybersecurity amid hacking threats. Last month, the department sent an email to all staff requiring them to update their passwords to 16 characters, from 12, a move that caused chaos within the agency because it was so unexpected.

Staff were also told last month to limit their work as much as possible to the classified portion of their internal systems given hacking concerns.

NSO Group has become embattled as allegations of abuse have piled up. Researchers have said that NSO’s spyware has been used to target activists, dissidents and politicians. The company recently named a new chief executive officer, but he resigned two weeks after being named in the wake of being added to the entity list by the U.S. 

“Companies that enable their customers to hack U.S. government employees are a threat to America’s national security and should be treated as such by the government,” Senator Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence Committee, said in a statement. “I want to be sure the State Department and the rest of the federal government has the tools to detect hacks and respond to them quickly. Federal agencies shouldn’t have to rely on the generosity of private companies to know when their phones and devices are hacked.“

NSO Group’s powerful spying tools can harvest virtually all data stored on a mobile phone, and can also use the phone’s cameras and microphones to perform live surveillance. The company has said that its products are used to combat crime and terrorism. 

A National Security Council spokesperson said commercial spyware like NSO Group’s poses a serious counterintelligence and security risk to U.S. personal, one of the reasons the Biden administration has placed several companies involved in the development and proliferation of such tools on the Commerce Department’s entity list.

Matthew Green, an associate professor at Johns Hopkins University, said NSO’s spyware “gives every random authoritarian government access to remote phone surveillance tech that is roughly on par with what the CIA and NSA have.

“This is really bad for democracies everywhere,” he said.

©2021 Bloomberg L.P.