White House issues warning to US firms interested in acquiring Israeli surveillance tech – The Guardian

The Biden administration has warned that any attempted takeover by an American company of Israel’s NSO Group, the maker of one of the world’s most sophisticated cyber-weapons, could prompt a review of whether the acquisition posed a counterintelligence threat to the US government.

The statement by the National Security Council comes after the Guardian reported that Robert Simonds, a Hollywood financier best known for producing several Adam Sandler films, is exploring a possible bid to take control of NSO’s assets, including Pegasus, the company’s spyware.

Simonds was recently appointed to serve as a director of the Luxembourg-based holding company that controls NSO and people familiar with the situation say he is mulling ways to possibly take over some of NSO’s assets. He has privately discussed trying to put NSO’s sought-after technology exclusively in the hands of “Five Eyes”, the intelligence alliance that includes the US, the UK, Canada, Australia and New Zealand, the sources said.

Any takeover of the company’s assets would face significant hurdles in Israel, where NSO is closely regulated by the ministry of defence. But it would also face scrutiny in the US.

NSO was placed on a US blacklist in 2021 – formally known as the entity list – after the Biden administration said it found evidence that NSO was selling tools that “enabled foreign governments to conduct transnational repression”, including the malicious targeting of government officials, journalists, businesspeople, activists, academics and embassy workers.

The Guardian contacted the National Security Council to ask how the administration would respond to the takeover of NSO assets by a US citizen. An NSC spokesperson said in a statement that the Biden-Harris administration remained concerned that the proliferation of tools like those produced by NSO Group posed a “serious counterintelligence and security risk to US personnel and systems”.

“Any US company should be aware that a transaction with a foreign entity on the entity list will not automatically remove the designated entity from the entity list. It may also prompt a review of whether the acquisition gives rise to a counterintelligence threat to the US government and its systems and information, whether other US equities may be at risk, and to what extent a foreign entity or government retains a degree of access or control,” the spokesperson said.

Despite the cloud hanging over the company, Pegasus remains a valuable asset. NSO’s spyware can hack into and remotely control any phone without a user’s knowledge, giving the company’s government clients access to a target’s phone conversations, photographs, location and e-mail, including over encrypted applications. It can also turn any phone into a listening device by remotely controlling its microphone.

Simonds is not a known figure in the cyber industry. The US executive founded and previously served as the chairman of STX Entertainment and is known to have historically courted investors from China and India, as well as having business dealings in Saudi Arabia.

Simonds did not respond to a request for comment.

NSO has said it sells its spyware to government clients for the purpose of combatting serious crime, like terrorism. The company has said it investigates credible allegations of abuse and that it has no control over how a government client uses the surveillance tool once it is sold. The company has also said it investigates serious allegations of abuse by government clients and has said it has cut off clients in the past.

Asked for a response to the NSC’s statement, an NSO spokesperson said: “NSO cyber technologies have enabled governments to save countless lives by preventing serious crimes and terror attacks across the world, including the lives of American citizens. Today, scores of democratic countries, mainly in western Europe, rely on NSO cyber technologies to keep the public safe.”