Amazon Web Services (AWS) banned Israeli technology firm NSO Group from its services Monday following allegations the firm was involved in surveillance of activists and journalists.
The tech giant cut off NSO from its cloud infrastructure services after an investigation by Amnesty International and other media organizations revealed NSO’s spyware product Pegasus may have been installed on the mobile devices of several journalists and activists, VICE reported. A forensic analysis performed by Amnesty and reviewed by Citizen Lab found that AWS’ service CloudFront was used to deploy Pegasus spyware into mobile devices.
“When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson told the Daily Caller News Foundation in a statement.
BIG impact from the Pegasus project and BAD news for NSO. Vice reporting Amazon has shut down the Israeli spyware firms infrastructure because of the Pegasus project: https://t.co/5xAB7ZROpz
— Drew Sullivan (@DrewOCCRP) July 19, 2021
The investigation alleged NSO’s spyware was deployed against journalists and activists by regimes often characterized as repressive, such as Hungary and Azerbaijan. Those targeted reportedly included women close to Jamal Khashoggi, a Saudi journalist murdered in October 2018, according to an Amnesty statement.
NSO denied the allegations in a statement to several media organizations, claiming it thoroughly reviews the human rights records of its clients, and telling The Washington Post it had already canceled contracts with two customers over human rights abuses.
CloudFront is a “content delivery network” that allows users to securely transfer data, in this case spyware, to other users, according to its website. The product “offers the most advanced security capabilities,” protecting shared content and offering high transfer speeds.
“The use of cloud services protects NSO Group from some Internet scanning techniques,” Amnesty said in the analysis.
VICE had previously reported on NSO using Amazon servers to deploy spyware in May 2020, when the firm allegedly impersonated a Facebook security team to upload its hacking software on mobile devices.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact [email protected]