Bibi Netanyahu at a cybertech conference in 2019 freely boasted that Israel’s “NSA, called unit 8200, is the second largest in the world and is the Second Eye of the Five Eyes.” That’s a rather astonishing claim for a nation with only 8.7 million people.
Netanyahu went on explain that all the major I.T. companies have major research centers in Israel. This includes virtually all of the heavy-handed social media censorship venues.
At minute 00:04:53 in the following video, Bibi describes why this is happening — namely, because they have a defense industry; and, specifically, military intelligence [at 00:12:12] used to leverage these I.T. industries. Accordingly, Israel is now No. 2 in the “cyber security industry,” which is a defacto intel operation that’s publicly funded and privately operated.
One answer to the question of “why” is because the development of cyber skills is a state priority for Israel. Most Israeli cybersecurity firms recruit former intelligence officers, mainly from a military unit called 8200 — considered the largest unit in the Israeli Defense Forces.
Many founders of these cyber security companies — like Argus, Check Point and Cyber Ark — spent their compulsory three-year military service in the elite Unit 8200. This secret intelligence body that operates hacker groups is rumored, among other things, to have been behind the Stuxnet attack on Iran’s nuclear research infrastructure in June 2010.
“It’s important to understand that soldiers serving in intelligence units are gaining extremely practical training,” says Amitai Ziv, senior high-tech editor at the Israeli newspaper The Marker. “Starting from day one after their training, they are tasked with real systems to break into across the globe.”
Abuse of Technology Meshed with Intelligence
One of these larger outfits is NSO Group, founded in 2010. It claims it only supplies industry-leading surveillance software to governments. NSO says its software is for tackling terrorism and serious crime. What it’s actually used for could be anybody’s guess. The software has been licensed to dozens of countries, including Saudi Arabia, Mexico, Bahrain and the UAE.
Facebook-owned tech firm WhatsApp announced that it had to patch a security hole in its messaging service, which it believed had been exploited by Israel-based NSO Group. The security flaw would have allowed spyware to be placed on a person’s mobile phone simply via a missed WhatsApp call.
Hackers accessed data from 29 million Facebook accounts as part of the security breach, which included the names, email addresses and phone numbers of 29 million accounts. From 14 million of those hacked accounted, additional data was obtained, such as hometown, date of birth, the last 10 places they checked into and the last 15 searches.
The link was part of “a network of digital infrastructure comprising more than 600 suspicious domains used to lure targeted individuals to click on links that trigger infection with Pegasus spyware.”
The program can now run on a targeted device without requiring any interaction by the user. This means the operator of the spyware can send it directly to a phone through SMS, email, social media and certain types of apps.
A huge leak in July 2021 revealed 50,000 phone numbers that had been targeted by Pegasus malware, including French President Emmanual Macron and friends of family of Saudi journalist Jamal Kashoggi in the lead up to his murder in 2018.
NSO has not denied the reports. Instead, it blamed others, stating that it “would not or could not use its technology in its own right to target any person or organization.”
But here on the first entry in a Google search is a site called Pegasus Hacker that advertises its services as trusted by 40,000 users.
In 2017, Mexican journalists were targeted by NSO intrusion software.
The abuse of WhatsApp’s loophole is just the latest of many that are being blamed on Israeli cyber spying companies. Keep in mind that Pegasus says they want to prevent crime. Instead, it appears to be facilitating large-scale hacking and snooping attacks.
In August, a threat actor began emailing recipients, telling them that their iPhone device was hacked with a “zero-click” vulnerability to install the Pegasus spyware software.
The scammer says that they have been using Pegasus to monitor the recipient’s activities and have created videos of them during “the most private moments” of their lives. The email warns that if a 0.035 bitcoin (approximately $1,600) payment is not paid, the threat actors will send the videos to the recipient’s family, friends and business associates.
You can read the full text of this email below.
Hello, I’m going to share important information with you.
Have you heard about Pegasus? You have become a collateral victim. It’s very important that you read the information below.
Your phone was penetrated with a “zero-click” attack, meaning you didn’t even need to click on a malicious link for your phone to be infected.
Pegasus is a malware that infects iPhones and Android devices and enables operators of the tool to extract messages, photos and emails, record calls and secretly activate cameras or microphones, and read the contents of encrypted messaging apps such as WhatsApp, Facebook, Telegram and Signal.
Basically, it can spy on every aspect of your life. That’s precisely what it did I am a blackhat hacker and do this for a living. Unfortunately you are my victim. Please read on.
As you understand, I have used the malware capabilities to spy on you and harvested datas of your private life.
My only goal is to make money and I have perfect leverage for this. As you can imagine in your worst dream, I have videos of you exposed during the most private moments of your life, when you are not expecting it.
I personally have no interest in them, but there are public websites that have perverts loving that content.
As I said, I only do this to make money and not trying to destroy your life. But if necessary, I will publish the videos.
If this is not enough for you, I will make sure your contacts, friends, business associates and everybody you know see those videos as well.
Here is the deal. I will delete the files after I receive 0.035 Bitcoin (about 1600 US Dollars). You need to send that amount here bc1q7g8ny0p95pkuag0gay2lyl3m0emk65v5ug9uy7
I will also clear your device from malware, and you keep living your life. Otherwise, shit will happen.
The fee is non negotiable, to be transferred within 2 business days.
Obviously do not try to ask for any help from anybody unless you want your privacy to be violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you won’t hear from me ever again.
An investigation by Ziv put in the spotlight Israeli cyber company Candiru. The secretive firm has changed its name three times since 2014. It has no website. None of its estimated 120 employees have a LinkedIn profile, and its phone number cannot be found in directories.
Candiru offers its clients — strictly international, mainly from Europe — a thorough and complete cyber system that customers can use to see exactly how many targets have been penetrated by their hacks and what information has been exploited.
Another company named Logic, owned by Israeli businessman Mati Kochavi, signed a deal with an unknown Gulf state to implement border protection technologies and turn its capital into a “smart city.” Among other things, the system could trace the real-time movement of people throughout the capitol.
Vice News put up a clip of a report that looked into the Israeli cyber intrusion industry. It’s still up on YouTube — for now.