The logo of the Israeli NSO Group company is displayed on a building where they had offices until few months ago in Herzliya, Israel, Thursday, Aug. 25, 2016. A botched attempt to break into the iPhone of an Arab activist using hitherto unknown espionage software has trigged a global upgrade of Apple’s mobile operating system, researchers said Thursday.(Photo: Daniella Cheslow, AP)



SAN FRANCISCO — The spyware firm tied to an iPhone hack that prompted an emergency patch this week by Apple keeps a very low profile. But the NSO Group has strong ties here as well as in Israel, where it’s staffed by specialists from Israel’s military cyber division.


One of its recent owners, U.S. private equity firm Francisco Partners, operates from an office complex in San Francisco’s leafy Presidio district that’s also home to Lucasfilm and Industrial Light & Magic.


In Herzelia, an area of near Tel Aviv with a thriving tech culture, NSO was founded by Shalev Hulio and Omri Lavie in 2009, according to HulioandLavie’s LinkedIn pages. Several of its employees previously worked for United 8200, the Israeli Army’s cyber division, which is known to produce spying software.


The tech company’s background, pieced together from industry reports, reflects the growing boom in cybersecurity firms that operate in a nebulous area: creating software and processes that break into encrypted devices for government entities.


NSO is described itself as “a leader in the field of Cyber warfare,” according to an apparent  company brochure posted online by Privacy International.


Human rights activist Ahmed Mansoor shows Associated Press journalists a screenshot of a spoof text message he received in Ajman, United Arab Emirates, on Thursday, Aug. 25, 2016. Mansoor was recently targeted by spyware that can hack into Apple’s iPhone handset. The company said Thursday it was updated its security. The text message reads: “New secrets on the torture of Emirati citizens in jail.” (Photo: AP Photo/Jon Gambrell)


The company uses “a powerful and unique monitoring tool, called Pegasus, which allows remote and stealth monitoring and full data extraction from remote target devices via untraceable commands,” says the brochure.


While these hacks can be legal under the laws of the country buying the product, they raise severe privacy worries from consumer groups. They also highlight concerns that increasingly rigorous encryption from Apple and other consumer tech companies is vulnerable to attacks funded by deep-pocked entities.


“What most people don’t understand about espionage these days is just how dramatically sophisticated the technologies to conduct this kind of intelligence gathering have become,” said Michael McFaul, director of the Freeman Spogli Institute for International Studies at Stanford University and the former U.S. Ambassador to Russia.


Cybersecurity firms that can thwart encryption shot into the spotlight earlier this year when the FBI hired an unnamed private contractor to help it hack into the contents of the iPhone used by one of the San Bernardino shooters. The successful hack allowed the U.S. government to shelve a contentious fight with Apple, which did not want to provide a software override to its mobile operating system.


The NSO Group is rare “because it’s one company that’s gotten caught,” said Eva Galperin, a global policy analyst with the Electronic Frontier Foundation, a digital rights group in San Francisco. “There’s still a lot of light to be shed on this world,” she said.


Suspicious text


Its involvement, according to researchers who published findings on the spyware and notified Apple, was traced to the software’s coding.


Ahmed Mansoor, a prominent human rights activist in the United Arab Emirates, told University of Toronto’s Citizen Lab he was sent a suspicious SMS link. Working with mobile security firm  Lookout, Citizen Lab said the link carried a powerful, rare form of spyware that could have cost as much as $1 million. If Mansoor had clicked on it, it would have given the sender the ability to  control his phone’s camera and microphone, track his movements and rifle through all his apps, files and contacts, they said.


NSO Group spokesman Zamir Dahbash, reached by email, would not confirm or deny involvement in the Mansoor spyware. He said: “NSO’s mission is to help make the world a safer place, by providing authorized governments with technology that helps them combat terror and crime.”


Apple said it immediately fixed the vulnerability upon learning of it. On Thursday it advised customers to download the latest version of its iOS, version 9.3.5, for security protection.


Citizen Lab’s John Scott-Railton said a likely suspect for the attempted attack was the United Arab Emirates, where Mansoor is seen as a dissident. He has been unable to leave the country since 2011 after his passport was taken. A representative for the UAE did not return a request for comment.


U.S. owned


NSO Group has an extremely low profile. The company does not have a web page.  On its LinkedIn page, it is described as working “in the field of Internet security software solutions and security research.” No contact information is listed.


In 2014, Francisco Partners bought a majority stake. The private equity company, founded by West Coast investment banking pioneer Sanford Robertson and run by former Texas Pacific Group investor Dipanjan Deb, did not respond to requests for comment. Among its 75 portfolio companies, it does not list NSO as an investment. In November, Bloomberg reported NSO was exploring a sale that would value it at close to $1 billion.


According to a Reuters report last year, NSO Group had annual earnings of around $75 million.