The rental hacker industry is now too big to fail

The rental hacker industry is now too big to fail

The NSO group has been surrounded by criticism and allegations of abuse for years. The United Arab Emirates in 2016 caught targeting human rights activist Ahmed Mansoor using the Pegasus NSO group, a tool that uses software flaws to hack iPhones and shift control to NSO group clients. In that case, the UAE government was seen as the culprit and the NSO went unharmed (Mansour is still in prison accused of criticizing the regime in the country).

The pattern has been repeated for years – over and over again, governments would be accused of using NSO tools to hack against dissidents, but the company denied injustice and avoided punishment. Then, in mid-2021, new reports emerged of alleged abuses by Western governments. The company was sanctioned by the United States in November and December Reuters reported that U.S. State Department officials were hacked using Pegasus.

Now the NSO Group is facing costly public lawsuits from Facebook and Apple. He has to deal with debt, low morale and fundamental threats to his future. Suddenly, a child posters for spyware confrontation existential crisis.

All this is known territory. The mysterious rental hacker industry first flooded international newspapers titles In 2014, when the Italian company Hacking Team was accused of selling its spyware, which cannot be traced to dozens of countries without consideration for violating human rights or privacy.

The Hacking Team has opened the eyes of the world to a global industry that has bought and sold powerful tools to hack into computers anywhere. A storm of scandal seemed to ensue in the end to kill to. The company has lost business and the ability to legally sell its tools internationally. The Hacking Team was sold and, in public, left to die. However, it eventually rebranded and started selling the same products. Only this time, it was a smaller fish in a much larger pond.

“The collapse of the Hacking Team has not led to fundamental changes in the industry at all,” said James Shires, an assistant professor at the Institute for Security and Global Affairs at Leiden University. “The same dynamics and demand still exist.”

The earliest buyers of the industry were a small group of countries eager to project power around the world via the Internet. The situation today is far more complex. Many more countries are now paying for their current ability to hack opponents both internationally and within their borders. Billions of dollars are at stake, but there is very little transparency and even less accountability.

As public oversight of companies that hire hackers has grown, global demand for offensive cyber capabilities has also escalated. In the 21st century, government targets of the greatest value are online more than ever – and hacking is usually the most effective way to reach them.

The result is a growing number of countries willing to spend large sums on the development of sophisticated hacking operations.

For governments, investing in cyber is a relatively cheap and powerful way to compete with rival nations – and develop powerful domestic control tools.

“Especially in the last five years, you have more countries developing cyber capabilities,” said Saher Naumaan, chief intelligence analyst at BAE Systems.

And more and more of these countries are seeking outside help. “If you don’t have a way to harness the skills or talent of the people in your country, but you have the resources to outsource, why not get involved in commercials?” “It’s an option in many different industries. That way, cyber is not that different. You are paying for something you will not build yourself. ”

For example, the oil-rich countries of the Persian Gulf have historically lacked the significant technical skills needed to develop domestic hacking power. So they spend on a shortcut. “They don’t want to be left behind,” Naumaan said.

Military giants around the world are now developing and selling these capabilities. These tools have been used to commit unprecedented abuses of power. They are also increasingly used in legitimate criminal investigations and the fight against terrorism and are key to espionage and military operations.

The demand for what private hacker companies sell is not disappearing. “The industry is both bigger and more visible today than it was ten years ago,” said Winnona DeSombre, a security researcher and contributor to the Atlantic Council. “Demand is growing as the world becomes more technologically connected.”

DeSombre recently mapped the notorious opaque industry by listing hundreds of companies selling digital surveillance tools around the world. She argues that much of the industry’s growth is hidden from public view, including the sale of cyber weapons and surveillance technology by Western companies to geopolitical opponents.

“The biggest problem arises when this space is primarily self-regulated,” she explained. Self-regulation “may result in widespread human rights violations” or even friendly fire, when hacker tools are sold to foreign governments that turn around and use the same opportunities against the country of origin.

Warned of the growing influence of the industry, authorities around the world now aim to shape its future with sanctions, indictments and new export regulations. Despite this, the demand for tools is growing.

Finally, the most significant change can occur when there is an impact on company revenue. Recent reports show that the NSO Group is overburdened debt i fighting to judge a Wall Street investment.

“This is a commercial industry after all,” says Shires. “If venture capital companies and large corporate investors see this as a risky bet, they will decide to withdraw. More than anything else, it can radically change the industry. ”

Source link

Leave a Reply