A Saudi Arabian women’s rights activist has brought attention to computer programs known as spyware.
These programs record activity on electronic devices and give those records to users of the software.
Activist Loujain al-Hathloul got help from computer experts who studied her iPhone. They reported finding evidence that the software of an Israeli security company, the NSO Group, was on al-Hathloul’s phone.
Now, the U.S. government is investigating how the NSO Group’s software was able to get on the phones of government officials and activists around the world.
How spyware was discovered
The activist discovered a mysterious kind of image file on her phone last year. Researchers believe it was left behind by the spyware. The discovery led to a lot of evidence suggesting the Israeli spyware maker was involved in hacking her phone.
The evidence started a series of legal and government actions against NSO. Reuters news agency was the first to report on how the hack was discovered.
Al-Hathloul is one of Saudi Arabia’s most famous activists. She is known for helping lead a campaign to end the ban on women drivers in the country. She was found guilty of harming national security and jailed in 2020. She was released from jail in February 2021.
Soon after her release, the activist received an email from Google warning her that state-supported hackers had tried to get into her Gmail account. She became fearful that her iPhone had been hacked as well. Al-Hathloul then contacted the Canadian research group Citizen Lab. She asked them to search her device for evidence.
After six months of looking through her iPhone records, Citizen Lab researcher Bill Marczak made a discovery. The software aimed at spying on her phone which was stealing her messages had left a copy. It did not remove itself.
Marczak said the computer code left by the attack provided direct evidence that NSO built the spying tool.
“It was a game changer,” said Marczak. “We caught something that the company thought was uncatchable.”
Citizen Lab and al-Hathloul’s discovery was used in the legal case that Apple Inc., the maker of the phone, brought against NSO in November 2021. Apple says it is seeking to ban NSO Group from using any Apple software, services or devices.
The incident also created anger in Washington as U.S. officials learned that NSO’s software was used to spy on American diplomats.
Over the past year, many reporters and activists have tied the spyware industry to human rights violations. These include the international journalism collaboration Pegasus Project. Al-Hathloul’s case brought more attention to NSO and similar companies.
Security researchers said al-Hathloul’s discovery was the first to show how the software works without any action by the phone user.
In a statement, an NSO spokesperson said the company does not operate the hacking tools it sells: “Government, law enforcement and intelligence agencies do.”
Without going into detail, the company said it had developed ways to investigate misuses of its products. It said it had cut off some users over human rights issues.
NSO also said its tools have helped law enforcement and have saved "thousands of lives." The company said some of the charges about NSO software were not believable, without giving details.
Apple fixes problem and sues NSO
Last September Citizen Lab explained to Apple how the attack took place. That permitted Apple to fix the weakness in its system and led the company to warn thousands of other iPhone users who were targeted by NSO software. Apple said the users had been victims of “state-sponsored attackers.” It was the first time Apple had taken this step.
Reuters reported earlier this month that a second Israeli company, QuaDream used the same iPhone weakness.
Apple’s legal action against NSO claims the company broke U.S. laws by building products designed “to target, attack, and harm Apple users, Apple products, and Apple.”
People who were not identified but knew about the matter spoke to Reuters. They said at least nine U.S. State Department employees in Uganda were among those targeted with NSO software. This caused even more criticism of the company in Washington.
In November, the U.S. Commerce Department placed NSO on a trade blacklist. The department restricted American companies from selling the Israeli company’s software products.
In December, Democratic Senator Ron Wyden and 17 other lawmakers called for the Treasury Department to place restrictions on NSO Group and three other companies. The lawmakers say the spyware helped governments carry out human rights abuses.
Lina al-Hathloul, Loujain’s sister, said the financial damage to NSO might be the only thing that can control the spyware industry. “It hit them where it hurts,” she said.
I’m Jill Robbins.
Joel Schectman and Christopher Bing reported on this story for Reuters. Jill Robbins adapted it for Learning English.
Words in This Story
spyware – n. computer software that secretly records information about the way you use your mobile device or computer
hack – v. to secretly get access to the files on a computer or network in order to get information, cause damage, etc.
code –n. a set of instructions for a computer
game changer –expression something that changes an existing situation in an important way
blacklist – n. a list of banned organizations or people
How often do you worry about spyware on your mobile devices? Do you know how to check for it? We want to hear from you. Write to us in the Comments Section.