Israel secretly authorized Israeli cyber-surveillance firms to work for gov of Saudi Arabia, despite international condemnation of kingdom’s abuse of surveillance tools to crush dissent and even after Saudi killing of journalist Jamal Khashoggi
nytimes.com/2021/07/17/wor…
After murder of Khashoggi, NSO Group canceled its contracts w/ Saudi Arabia amid accusations that its tools were being misused by the kingdom. But Israeli gov encouraged NSO and two other firms to continue working w/ Saudis, and issued new license for a fourth to do similar work
Israel has licensed 4 Israeli firms to sell surveillance software to Saudis - NSO Group, Candiru, Verint, and Quadream. "Cellebrite, which manufactures physical hacking systems for mobile phones, has also sold its services to the Saudi gov, but without ministry approval"
NSO Group's internal investigation into whether its tools were used by Saudis in Khashoggi op concluded they were not, but NSO canceled contract w/ Saudis anyway. But NSO told ppl in 2018 Israeli gov and Trump were strongly encouraging company to continue its work w/ Saudi Arabia
In 2019 after private equity firm Novalpina bought NSO, the company resumed biz w/ Saudis. New contract came w/ restrictions. NSO set up system to block attempt by Saudis to hack European phone #s. [Reminds me of Hacking Team claim that it could control how customers use spytool]
But after recent news that NSO tools were used to spy on Al Jazeera journalists, "NSO recently shut down the system, and at a meeting in early July, the company’s board decided to declare new deals with Saudi Arabia off limits"
"The Israeli government also imposes strict secrecy on the [Israeli] companies that receive the licenses [to sell their spytools abroad], threatening to revoke them if the companies speak publicly about the identity of their clients."

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

14 Jul
DoJ did something remarkable when it sought email records of WaPo journos - not from an email provider but from the security firm Proofpoint. Why do this? I discuss reasons👇. DNS records show Proofpoint filtering Post email since 2015, CNN email since '17 zetter.substack.com/p/justice-depa…
DNS record shows Proofpoint server (pphosted.com) filtering WaPo email, which is why DoJ went after them for email data. Experts told me the move is troubling. It signals DoJ is willing to seek info from any company that touches comms, regardless of how tangential.
"it’s a warning to customers that even if their [email or cloud] provider has strong protections against improper law enforcement requests, the government 'can bypass that by going to a service provider that layers on top of that provider,'" EFF's @kurtopsahl told me.
Read 6 tweets
13 Jul
This feels like someone in Iran studied the Khashoggi murder as a masterclass in how to handle dissidents living on US soil
From the indictment of four Iranian intelligence officials charged with conspiracy to kidnap an Iranian journalist author and human rights activist based in Brooklyn, and take that person back to Iran, "where the victim’s fate would have been uncertain at best"
Note this from the indictment: "Farahani and his network procured the services of private investigators to surveil, photograph and video record Victim-1 and Victim-1’s household members in Brooklyn....
Read 10 tweets
6 Jul
Chair of the Federal Reserve and CEOs of the largest US banks said in recent months that their biggest concern is a cyberattack against the financial sector. I wrote about what could happen if a systemic cyberattack targeted the financial sector. nytimes.com/2021/07/03/bus…
Experts say country is not prepared for a systemic cyberattack on Wall Street if it targets core institutions/infrastructure that provide key services. "[E]everybody believes an institution can be taken out... What we don’t know is how bad it would get and how fast,” experts said
Financial sector could withstand one large institution being knocked ou, but if multiple ones shut down, disruption could last wks. If attackers struck on a “triple witching” Friday when stock options/stock index futures/stock index options all expire, effects would be amplified.
Read 4 tweets
11 Jun
Israeli TV says blasts that damaged the Natanz uranium enrichment plant in Iran in April was a supply-chain attack. Operatives supplied Iran with the marble platforms on which the centrifuges stand, and the marble was embedded with explosives. apnews.com/article/united…
"Media in Israel [have] to clear stories involving security matters through military censors. That Cohen’s remarks apparently cleared the censors suggests Israel wanted to issue a new warning to Iran amid the Vienna nuclear negotiations."
It's confusing which incident Israel TV is referring to. There were explosions at Natanz in July 2020 and April 2021. The 2020 incident involved fire; 2021 incident included explosion but mostly took out electricity. Here's my story about 2021 incident: zetter.substack.com/p/sabotage-at-…
Read 4 tweets
8 Jun
Really thoughtful explanation from @propublica about why they're publishing tax info for the wealthiest Americans, which they received from an anonymous source. They considered that the info might come from "a state actor hostile to American interests." propublica.org/article/why-we…
"Many will ask about the ethics of publishing such private data. We are doing so—quite selectively and carefully—because we believe it serves the public interest in fundamental ways...[to disclose] tax returns of ppl like Jeff Bezos, Michael Bloomberg, Warren Buffett, Elon Musk"
"While the revelations in today’s story are extraordinary, the procedures..used in assessing the data’s value are standard..nearly everyone who provides material to a reporter is doing so in ways that reflect their...agenda....those motives are irrelevant if the info is reliable"
Read 4 tweets
7 Jun
DoJ announces that it has found and recaptured the majority of the ransom that Colonial Pipeline paid.
They seized the money from a bitcoin wallet.
"We identified a virtual currency wallet that the Darkside actors used to collect payment.... Victim funds were seized from that wallet preventing Darkside actors from using it."
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(