NSO Group selling spyware to 'elevated-risk' clients
3 Min Read
NSO's strategy to recover from financial damage is to resell the spyware to the very governments that lured it into a public fiasco.
-
Why NSO Group is going broke
The CEO of NSO Group appears to have devised a new strategy to recover from the company's ongoing legal and financial woes: begin reselling its harmful software to the exact governments that put it into problems in the first place.
NSO Group has entered a financial spiral, being unable to pay its own staff due to protracted lawsuits, declining revenues, fled investors, and unending unfavorable news coverage.
According to the Financial Times, CEO Shalev Hulio's shift involves selling products to countries that have been designated as "elevated-risk" clients. Such clients were supposedly labeled as dangerous during a due diligence evaluation conducted by a now-defunct internal committee.
NSO Group has been embroiled in a seemingly never-ending spate of extremely prominent controversies. Revelations that it sells its powerful Pegasus spyware to authoritarian regimes, that its products have been used to spy on journalists, activists, politicians, and even potentially world leaders, and accusations that it played a role in Jamal Khashoggi's death have put it at the center of international criticism.
Read more: NSO asked US cell networks for access in exchange for "bags of cash"
According to the FT, Hulio recently offered this notion to a room full of suits representing the company's top financial investors, including consulting company Berkeley Research Group.
During those meetings, Hulio began to try to sell them on this "risky" client strategy. Hulio allegedly saw it as a profitable tactic. The concept was quickly dismissed by BRG personnel.
BRG attorneys wrote in December that "in no circumstance is BRG prepared to... blindly sanctions the sale of . . . Pegasus . . . to elevated risk customers without a thorough governance review."
Read more: Manager says NSO keeping owners 'in the dark'
However, it is not simply litigation and controversy that are generating problems for NSO. Since the malware provider was essentially blacklisted by the US government last autumn, it has encountered growing financial difficulties.
The US Commerce Department included NSO on its Export Administration Regulation "Entity List" in November.
The EAR list is essentially a long list of foreign firms whose actions have been determined to be “contrary to U.S. national security and/or foreign policy interests.”
Being placed on this list implies that any US-based firm that wants to offer products or services to a blacklisted corporation must first obtain special authorization from the US government. For obvious reasons, this can severely impede a corporation that relies on American technology companies, such as NSO.
According to the FT, the blacklisting occurred shortly after the November meeting between the BRG and the NSO.
Ironically, NSO's blacklisting occurred after the US government apparently spent several years contemplating whether to become a client of the spyware shop. The New York Times Magazine revealed in January that the FBI had spent the greater part of two years considering the purchase of a monitoring technology named "Phantom", which could allegedly hack any mobile phone in the United States. The transaction was ultimately rejected by the agency.
