Israeli technology firm NSO Group, which grabbed global attention, including in India, amid allegations of misuse of its controversial spyware Pegasus, apparently has a large presence in the Europe Union with at least 22 contracts covering 12 of the 27 member states, a media report said on Wednesday. Pegasus spyware and competing products make it possible to infect the cell phone of the victim of the surveillance, and afterwards enable the operator to eavesdrop on conversations, read apps with encrypted messages, and provide total access to contacts and files on the device.
The Pegasus spyware enables eavesdropping in real time on what is taking place around the cellphone by operating the camera and the microphone.
Representatives of the European Parliament Committee of Inquiry on Pegasus spyware recently visited Israel and learned from NSO personnel that the company has active contracts with 12 European Union members, daily Ha'aretz reported.
The replies of the Israeli cyber warfare company to the committee's questions, which were obtained by the newspaper, reveal that the company is now working with 22 security and enforcement organisations in the EU, it added.
The company's representatives in their conversations and exchanges with PTI have maintained that their spyware is used by "government clients" to target terrorists and other serious crimes.
Members of the European Parliament Committee of Inquiry who came to Israel are said to have been surprised to discover contracts with their countries of origin.
The Committee's representatives visited Israel in recent weeks "to learn in-depth about the local cyber warfare industry", and held discussions with NSO employees, representatives of the Israeli Defence Ministry and local experts.
Among the committee members was a Catalan legislator whose cell phone was hacked by an NSO customer, the report noted.
"The committee was established after the publication of Project Pegasus last year, and its objective is to create pan-European regulations for the acquisition, import and use of cyber warfare software such as Pegasus," the report said.
"But while committee members were in Israel, and particularly since their return to Brussels, it was revealed that Europe also has a well-developed cyber warfare industry – and many of its customers are European countries," it said.
The EU legislators were tasked to know the identity of NSO customers in Europe at present and were surprised to discover that most of the EU countries had contracts with the company: 14 countries have done business with NSO in the past and at least 12 are still using Pegasus for lawful interception of mobile calls, as per NSO's response to the committee's questions.
In response to the legislators' questions, the company explained that at present NSO works with 22 “end users” – security and intelligence organisations and law enforcement authorities – in 12 European countries.
In some of the countries there is more than one client as they are with operating organisations, the report said.
In the past, as per NSO's submission, the company worked with two additional countries with whom the ties have now been severed. NSO did not disclose which countries are active customers and with which two countries the contract was frozen, it said.
NSO reportedly did not respond to Haaretz's request for comment.
Israel, earlier in January this year, distanced itself from the controversy triggered by the blacklisting of the NSO Group after allegations of illegal use of its Pegasus spyware to target government officials, activists and journalists globally, saying that it is a private company and it has nothing to do with the policies of the Israeli government.
"NSO is a private company, it is not a governmental project and therefore even if it is designated, it has nothing to do with the policies of the Israeli government," Israel's then Foreign Minister and now Prime Minister Yair Lapid had said at a press conference days after the company was blacklisted by the US Department of Commerce.
Affiliate links may be automatically generated - see our ethics statement for details.