Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities.

Facebook subsidiary WhatsApp has received new high-caliber support in its case against Israeli intelligence company NSO Group. The court case aims to hold NSO Group accountable for distributing its Pegasus spyware on the popular WhatsApp messaging service with the intent of planting its spyware on phones of journalists and human rights workers.

A group of companies–including tech giants Google, Microsoft and Cisco Systems–have filed a legal brief called an amicus to support WhatsApp against NSO’s alleged illegal cyber-surveillance activities, including selling “cyber-surveillance as a service” to foreign governments and other companies. VMWare and GitHub also signed the brief along with LinkedIn–a Microsoft subsidiary–and the Internet Association, which represents dozens of tech companies, including Amazon, Facebook and Twitter.

Meanwhile, the Electronic Frontier Foundation (EFF) filed an amicus brief of its own to support WhatsApp, asserting that the case is not merely a battle of tech companies, but has a potential outcome that will have “profound implications for millions of Internet users and other citizens of countries around the world.”

2020 Reader Survey: Share Your Feedback to Help Us Improve

Amicus briefs are known as “amicus curiae” in legal terms, which is Latin for “friend of the court.” The briefs are common in appellate cases to make points or provide new information that the principle litigators in the case may not have addressed.

In this case, the briefs are aimed at lending support to WhatsApp in an effort to convince the United States Court of Appeals for the Ninth Circuit to hold NSO accountable for its activities. The current case in front of the court is an appeal for immunity that the NSO filed after a federal judge allowed a suit WhatsApp originally filed in October 2019 to move forward earlier this year.

NSO President Shiri Dolev has defended the company, saying it should be protected against legal action since it sells its tools to governments and law enforcement who use them to go after criminals and find victims of disasters, among other benevolent activities.

Tech companies and the original judge in the case so far haven’t been convinced by this argument. “Even if the tools are sold to governments who use them for narrowly targeted attacks, there are a variety of ways they can still fall into the wrong hands,” Tom Burt, Microsoft corporate vice president of customer security and trust, said in a blog post published Monday supporting the amicus.

“The expansion of sovereign immunity that NSO seeks would further encourage the burgeoning cyber-surveillance industry to develop, sell and use tools to exploit vulnerabilities in violation of U.S. law,” he wrote. “Private companies should remain subject to liability when they use their cyber-surveillance tools to break the law, or knowingly permit their use for such purposes, regardless of who their customers are or what they’re trying to achieve.”

The EFF, which often butts heads against tech companies over privacy issues, in this case is aligned with them against NSO.

“Corporate complicity in human rights abuses is a widespread and ongoing problem, and the Ninth Circuit should not expand the ability of technology companies like NSO Group to avoid accountability for facilitating human rights abuses by foreign governments,” EFF senior staff attorneys Sophia Cope and Andrew Crocker wrote in a blog post also published Monday regarding the EFF’s amicus.

In the original case, WhatsApp sued NSO Group for allegedly creating tools such as Pegasus so its clients can spy on and read the protected WhatsApp messages of journalists and human rights workers. The case stemmed from the discovery in May 2019 of a zero-day vulnerability in WhatsApp’s messaging platform, exploited by attackers who were able to inject the Pegasus spyware onto victims’ phones in targeted campaigns.

The lawsuit alleges that NSO Group developed the surveillance code and used vulnerable WhatsApp servers to send malware to approximately 1,400 mobile devices, including those of more than 100 human-rights defenders, journalists and other members of civil society in at least 20 countries across the globe.

“As we gathered the information that we lay out in our complaint, we learned that the attackers used servers and internet-hosting services that were previously associated with NSO,” said Will Cathcart, head of WhatsApp, in a post when the lawsuit was filed. “In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful.”

WhatsApp has claimed that the attack violates various U.S. state and federal laws, including the U.S. Computer Fraud and Abuse Act, and aims with the suit to bar NSO Group from using Facebook and WhatsApp services, among seeking other unspecified damages.

Download our exclusive FREE Threatpost Insider eBook Healthcare Security Woes Balloon in a Covid-Era World , sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and DOWNLOAD the eBook now – on us!

Suggested articles