There are a number of economic systems in the world today. There are market economies in capitalist countries and the state-owned means of production in socialist countries. In each of these systems, the state intervenes to a greater or lesser extent. Israel is nominally a capitalist economy (with a socialist past). But I prefer to call it an economy shaped by the needs and interests of the national security state.
Pres. Eisenhower in one of the final speeches of his presidency warned Americans to beware the military-industrial complex:
“…We must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists, and will persist.”
In hindsight, Eisenhower’s words seem almost quaint. At least he posited a separation between the state and the defense industries. Today, especially in countries like Israel, there is hardly a difference between the two.
While it is true that all nations promote exports of their own products to the world for the benefit of their workers, Israel goes to absurd lengths on behalf of its national security-related industries, and their export of weapons systems and cyber-warfare products. The latter are becoming an increasingly large proportion of Israel’s military-intelligence export economy.
A recent Haaretz article bears this out. As a backdrop to the normalization deal between UAE and Israel, Haaretz released a trove of documents recounting the extent to which the Israeli state has put its thumb of the scale to promote sales of these products to Arab states. It did so in particular on behalf of the world’s largest producer of electronic surveillance systems, NSO Group:
Israel put NSO in touch with Arab states in the region, and Israeli representatives even took part in marketing meetings between intelligence officials in the Arab states and NSO executives. Some of the meetings were held in Israel.
Further, NSO defends its business model by claiming that the defense ministry examines its application for export licenses, and gives them the Good Housekeeping seal of approval. Thus the Israeli state offers its blessing for the sale of its malware to scores of states. This approval process presumes that if NSO was doing anything wrong the state would not permit it. But nothing could be farther from the truth. In fact, as the above passage shows, NSO and the state are virtually indistinguishable.
NSO Group as Step-Child of National Security State
The company is a shining star of the national security state, exporting not only its products, but the surveillance state mentality necessary to justify their use in foreign countries. The proof is in the dealmaking: Haaretz recounts NSO sales to just a single Gulf state of $250-million. The network of customers among the Gulf state is impressive, a laundry list of the most repressive, corrupt and sectarian states in the region:
According to intelligence obtained by Haaretz, in the past few years NSO has signed contracts with Bahrain, Oman, Saudi Arabia and the emirates of Abu Dhabi and Ras Al-Khaimah.
NSO is successful not only in selling its products, it’s also successful in the reams of data it produces for intelligence agents. In fact, Pegasus extracts so much information from its targets’ electronic devices, that clients have trouble keeping track of it all, sifting through it and determining what’s most useful:
Recently NSO hired Israeli military veterans to provide intelligence analyses in light of the Gulf states’ difficulties in producing high-quality information out of the flood of files and messages on the target devices.
Just as NSO serves the interests of the state, so the state serves NSO’s interests in the ways outlined above. The defense ministry has never rejected an NSO export license and never will. In fact, human rights attorney Eitay Mack routinely appeals to the Supreme Court to nullify its licenses to export its powerful Pegasus malware to genocidal regimes who’ve use it to surveil political dissidents and strip away their privacy and rights.
NSO’s “brand” facilitates dictators, executioners and genocidaires, often leading to prison sentences and even death. The Court has never once, despite receiving reams of evidence of the harm NSO has inflicted, ordered the defense ministry to review or cancel any license it has granted. Nor will it. Israel’s Supreme Court is part and parcel of the security state. It does its duty to offer a veneer of legitimacy to this system.
NSO operates behind a fog of lies and delusions it offers its critics. One of the more ludicrous ones is that it has no physical capacity to monitor the uses its clients make of its products. It says that if its customers “misuse” Pegasus in ways not intended or outside the parameters under which it is supposed to be used, it is out of NSO’s control. This passage shows how problematic and contradictory that defense is:
NSO can fully control its software remotely: Employees can shut it down at any time or look at the information being collected in real time. They shut down activity in Mexico after journalists investigating the disappearance of students were put under surveillance. In the Gulf states, no such action has been taken. The company claims to verify that its product is used only to follow criminals, but NSO employees say that supervision is nonexistent and that the company cannot fully track the intelligence targets of various authorities due to legal and linguistic limitations, as well as a lack of interest.
In other words, the company does track the use of its products. In fact, it maintains servers on which its clients upload the victim’s device data. If the servers are under the control of NSO, then the data on them is as well. That makes the company an accessory to any crimes clients commit against these victims.
There is one claim in the Haaretz article that, while true, is misleading for its incompleteness:
To prevent intelligence information from leaking out, Pegasus “commits suicide” if a device with the software enters five countries: Israel, Iran, Russia, China and the United States. So if a Saudi citizen whose cellphone has been infected with the spyware lands in Moscow, his device recognizes that it’s in Russia and the software is wiped from the phone. The purpose is to avoid getting in trouble with states that will not tolerate espionage within their borders, such as China and the United States, or in the case of Iran, to avoid exposing secrets to hostile countries.
While it may be true that any company malware on an individual device may self-destruct if it enters any of these countries, that does NOT mean that NSO does not operate in these countries. In fact, Facebook is suing the Israeli firm in U.S. federal court over a cyber-exploit its hackers discovered in WhatsApp. One of these Gulf clients compiled a list of 1,400 targets it wanted to surveil. In some cases, all they needed was a phone number and they could commandeer the victim’s device. In other cases, intelligence agents devised phishing messages intended to trick the device owner into clicking on a fraudulent which downloaded the malware. One of NSO chief critics, the cyber-security NGO, Citizen Lab, discovered the exploit and reported it to Facebook. This in turn led to the federal suit.
Motherboard reports that not only did NSO discover the WhatsApp vulnerability and exploit it for its clients, the company created fraudulent domains used to send the phishing scam messages to victims. The domains often mimicked those of Facebook security engineers, fooling victims into believing that the social media platform’s security personnel were warning them of danger. In a bit of dark irony, NSO and its brutish intelligence agent clients were lurking behind these purported legitimate communications:
Facebook’s director and associate general counsel of IP litigation, announced in a blog post the company had filed a lawsuit against Namecheap and its proxy service Whoisguard, for registering over 45 domains that impersonated Facebook and its services…
One of NSO’s legal arguments in trying to avoid responsibility for its tawdry behavior is that it does not operate in the U.S. Therefore, it argues, a U.S. court is not the proper venue for the suit. Of course, it would be far preferable for the Israeli company to compel Facebook to sue it in Israeli courts, where the deck would be stacked in its favor. There is very little chance any Israeli court would find against NSO in any legal proceeding.
However, NSO maintained U.S.-based servers for its customers on U.S. soil. In fact, one of the company’s whose servers were used was Amazon. It should have been easy for a few smart engineers to figure out how to upload the stolen data to a foreign-based server. But the technical geniuses seem not to have realized they were hoisting themselves on their own petard in using servers located in California, the very state which is the corporate home of Facebook.
NSO has been successful at recruiting clients among the most repressive regimes in the world. But it has not yet penetrated the U.S. market. That’s not for the lack of trying. In fact, it has aggressively pursued business with many U.S. police departments, some of which were quite enamored with Pegasus’ capabilities. Given the increasing militarization of U.S. police departments and their willingness to flout individual rights, it isn’t surprising that NSO would be viewed as a useful tool for their efforts to track not only criminals, but political dissidents and those viewed by authorities as a thorn in their side.
Will NSO’s Cyber-Attacks on Whatsapp Endanger the Campaign to Clamp Down on Speech Critical of Israel on Facebook?
NSO’s outrageous conduct may be harming Israel’s official relations with Facebook, as some pro-Israel groups pressure the social media platform to clamp down on speech critical of Israel. Ex-felon, Adam Milstein and a loose-knit band of far-right groups he supports have been campaigning to impose the IHRA definition of anti-Semitism on Facebook users. This sham exercise in fighting hate speech would severely limit discourse about Israel and its policies, labeling most criticism as anti-Semitic.
Facebook executives, many of whom are Jewish and pro-Israel, have made statements welcoming these efforts to import the spirit of IHRA into their content deliberations. But they have so far resisted formally implementing the controversial protocol across its platform.
One of the reasons for hesitation is undoubtedly the drumbeat of criticism it would face from free speech advocates like the ACLU and those critical of Israel. Mark Zuckerberg is already in enough hot water with Congressional Democrats for his flirtation with Donald Trump, and the free-hand Facebook offers to white supremacists and neo-Nazis on this site. To allow pro-Israel thugs like Milstein to determine what is kosher on Facebook is like giving the fox the key to the chicken coop. After he’s done there will be no chickens left. He’ll have made quite a meal of them.
Sheryl Sandberg and Mark Zuckerberg could turn around and tell Milstein and his friends in Balfour Street that they don’t look kindly on NSO’s behavior. They could threaten to reject the Israel Lobby’s attempts to restrict content viewed as anti-Israel unless NSO is reined in. That would put quite a damper on the company’s efforts to penetrate the U.S. market. Not to mention that Facebook could pressure the Justice Department to intervene on its behalf since NSO’s predatory behavior damages American social media companies. That might be more heat than Israel is willing to withstand.