Tag: Israel

Review: Pegasus by L. Richard and S. Rigaud

Pegasus by Laurent Richard and Sandrine Rigaud 2023

This book is an exposé written by two senior journalists at the long-form news entity Forbidden Stories in Paris, France. Thanks to some serious hacking talent, this outfit was apprised—in about 2021—of a list of fifty thousand telephone numbers from all over the world. The list contained telephone numbers and dates of attempted cyber intrusion attacks for purposes of surveillance.

The outfit that created the software and other parts of the architecture to do this work was an Israeli company called NSO, the initials of the three founders. The software was Pegasus. NSO sold their software to governments who were supposed to use it to help apprehend criminals and terrorists—we’ve all heard that before, right—but besides those uses, most of these governments (almost all autocratic), including Israel, used it to monitor political opposition figures, journalists, and others who just happened not to favor the regime in power. The Moroccan government, for example, was keeping a close eye on virtually the entire French executive, including the president.

Surveillance software had been around before Pegasus, but most of it focused on computers. NSO was the first (roughly 2012) to recognize that everything important was shifting to the smartphone. Like other hacks, surveillance by Pegasus would begin with a user clicking on a link that then downloads software, triggering the rest of the infection chain. This process should be familiar to anyone today. However, NSO added another twist in 2017, known as “zero-click intrusion.” That meant the phone only had to be on to be invaded. The user doesn’t need to click on anything.  

Once onboard the phone, Pegasus could acquire “root authority” and essentially operate every app on the phone. After offloading the phone’s logs, images, emails, texts, and recordings onto client servers, Pegasus deleted itself to avoid detection. Once zero-click intrusion became available, the Pegasus user could re-access the phone and download its latest data at any time they wished. 

Users would not know of the intrusion. The software could also deliver other malware, such as ransomware attacks, or monitor conversations in real-time, among other things. For example, your government might want to imprison you, but you haven’t committed any crime. They could use Pegasus to put some child porn on your phone in a folder they create. They arrest you, confiscate your phone, and voila, discover the criminal evidence.

The book gives few details, but it says enough to understand that zero-click attacks are not trivial. Some app on your phone (we all have dozens) must have an exploitable weakness. It was the job of the NSO programmers to find these exploits and update their customer software when phone manufacturers found and closed any particular loophole. 

The target apps with the greatest potential for attack are those that receive data from the telephone network and then perform an action without requiring user intervention. Every app that notifies you of something (such as texts, emails, or alerts of all kinds, including weather applications) can be an infection vector, but they are not alone. How many apps do we run that do not need access to your microphone, camera, or contact list, yet they default—on installation—to having such access.

To make a successful attack, the attacker must have your phone number. What kind of phone you have (every OS has different vulnerabilities) also makes a difference, but Pegasus could look for all of them. Client updates to Pegasus likely contained an extensive library of the various hacks needed for any given vulnerable app on every kind of phone. If, starting with your phone number, one attack fails, Pegasus tries again. Eventually, it finds an app on that target’s phone that lets it in. 

All of this revelation about the capabilities of Pegasus are scattered throughout the story which focuses on the the people who figured out how to detect prior infection (Pegasus deletes itself when finished culling your data, but as it happens, it leaves a few illegitimate process names in the phone’s logs), the process of proving prior infections on hundreds of phones in the original list of fifty thousand (mostly journalists and a few political opponents of various regimes), the journalists themselves (a multi-continental collaboration that miraculously maintained its secrecy until their stories were simultaneously released), and the NSO company.

So what happened when all of this got out? As one might easily predict, very little. The NSO company was destroyed, but the talent that created the technology merely scattered to other places—some paid obscene salaries—and duplicated the tech for their new employers. There are now numerous Pegasus clones worldwide.

Supposedly, the Israeli government did not permit Pegasus sales to Russia, China, North Korea, or Iran (they allowed sales to Saudi Arabia). However, China has undoubtedly had this ability (developed in China [see NOTE]) for years now (see We Have Been Harmonized by Kai Strittmatter, 2019), and there is no reason to believe that, in 2025, the other three do not also possess it. In the U.S., the NSA surely has this ability. They are building (or is it operational?) the world’s largest data center for a reason after all.

NOTE: Unique among nations of the world, China, and likely also North Korea, have no need for zero-click technology based on vulnerabilities. The Chinese and North Korean States have the power to mandate that all phones sold in their respective countries come with a built-in, non-removable app that allows the government to access the phone at any time.  

Review: Spy Fail by James Bamford

There aren’t any philosophical danglers in this book (that I can see) to discuss, but there is the matter of Israeli apartheid. Several stories Bamford ties together begin with Israel and apartheid South Africa in the 1970s, particularly the man Arnon Milchan, an Israeli agent who became (and still is) a billionaire Hollywood film producer. His story threads its way through half the book.

In the 1970s and 80s, the Israelis and South Africa were allies. In particular, the Israelis were actively helping South Africa maintain and strengthen apartheid. Arnon Milchan (before he was a Hollywood producer) was Israel’s primary asset on the ground in South Africa. But why? It was one thing for Israel to want friends; it had few enough. But why would a State composed of formerly oppressed people actively work to promote racial oppression? Jews are, as far as I can tell from America, no more biased against Black people than anyone else. But Jews in Israel, not all the people, but the government, are biased against Palestinian Arabs and have been since before 1948! When Israel became a State, there were far more Palestinians living in the territory than Jews. Supposedly emerging from the European democratic tradition, Israel immediately created a two-track hierarchy. Jews were citizens who had a vote. Palestinians living in Israeli territory were second-class citizens who did not.

Zionists (the term for militant Jews still in use today) planned an apartheid state from the beginning. There were more Arabs in Palestine than Jews, and no matter how many Jews flocked to the new Israel, the Arab population would always be able to out-reproduce them. There would never be a Jewish government in Palestine if Arabs had an equal vote. Today, the situation has become even more fraught. As Bamford points out, Israeli apartheid is worse than what black populations suffered in the southern tip of Africa! South Africa, after all, is a big country. There were places for the oppressed population to live. The same is not the case in Israel. Even the territory the Palestinians occupied until the 1967 and 1973 wars is now 85% Israeli! Further, the political climate in Israel has shifted far to the right because extreme right-wing Jews (mostly religious fundamentalists whose theologic egotism blocks any compromise, and not coincidentally are the occupants of all the Israeli settlements in what was Arab land on the West Bank) have, for decades, been out reproducing the much more liberal secular population.

Still, why support South Africa? A reading of Bamford’s book explains much. Israeli apartheid was overt from the beginning, but South Africa’s oppression of the black population went back to before the turn of the 20th century and was much more in the focus of the world’s attention than Israel’s. The longer South Africa could maintain apartheid, the longer Israel could avoid the world’s scrutiny. Zionists had an excuse. South Africa was not the world’s only white-dominated nation, but Israel is the world’s only “Jewish State.” When apartheid ended in South Africa (early 1990s), Israel was already decades into its American influence operations, with Milchan orchestrating much of it and American presidents of both parties looking the other way for the sake of the Jewish vote and the largess of big donors. 

Spy Fail by James Bamford 2023

This is, to put it bluntly, a fantastic read. Mr. Bamford is a professional journalist with almost forty years of investigative credentials in the counterespionage world behind him, beginning with the Puzzle Palace in the 1980s. Overall, the story is about the failure of America’s counterintelligence agencies (mostly the FBI, but also the NSA) to catch any spies until long after they have spied, sometimes for decades. But incompetence (and sometimes just bad luck) is one thing. In the book’s last tale, the FBI and Justice Department become positively demonic, persecuting a wholly innocent woman–whom they had themselves determined was innocent–because there was, at the time, a hysteria over Russian election meddling (Russiagate) and the FBI needed a Russian to parade before the media.

Bamford begins with a couple of hacking stories. One can complain about the shoddy state of security in Military computers and those of the NSA, CIA, and FBI. Still, in the end, it is impossible to prevent all penetration of even [supposedly] secure systems, whether by actors outside the U.S. or employees within it. The most laughable case cited was one of the most serious, the theft of the most sensitive spy tools: software developed by the NSA and stolen by a hacker calling her/himself “Shadow Brokers.” As I said, it is hard to stop a hack until after it happens, but the shameful thing about this case is that Shadow Brokers, who claimed to be working INSIDE the American government, has to this day not been identified! By way of illustration, Bamford next relates the story of the North Korean hack of Sony Pictures as revenge for the Seth Rogan movie “The Interview.” That attack, and a number of others around the world by Russia, perpetrated with the tools stolen by Shadow Brokers!

The next and longest section in the book is about the Israelis, who have spied on and run influence operations in the U.S. for fifty years! In the 1970s and early 80s, it was about stealing nuclear secrets, not only secrets but physical uranium and nuclear bomb triggers. Since then, it has been about managing perceptions of Israel (declared an apartheid state by every human rights organization in the world, including those inside Israel) inside the U.S. Besides the Russians, no State wanted Trump elected president more than Israel; the Russians because Trump would weaken NATO and the European alliance, Israel because Trump would move the U.S. embassy to Jerusalem and look the other way as Israel continues to squeeze the Palestinians! Russian disinformation has been all over the news, but not a whisper about Israel!

But this particular story, as Bamford details it, is not exactly a failure in U.S. counterintelligence. According to the author, the FBI has known all about what the Israelis have been doing in the U.S. since the beginning (the 1970s at least) and has dutifully reported it up the chain to the Justice Department under every president (Democrat and Republican) from Carter to Biden! But every administration, afraid to lose Jewish campaign money, has ignored the reports! The names of the head people involved on both the Israeli and American sides–Israel’s fifth column in the U.S.–are given, and their portfolios are detailed! Readers will be shocked at the revelations, even more so if they are familiar with the Hollywood scene. Israel is after much more than merely electing pro-Israel candidates. Bamford lays out a vast Israeli operation since the mid-2000s to suppress the “Boycott, Divest, and Sanction” movement that seeks to have Israel abandon its apartheid anti-Palestinian policies by applying the same sort of pressure the world applied to South Africa. I will address some of this further in my blog.

Beyond the Israel story, Bamford delves into more traditional sorts of spies, all of which the FBI failed to catch until after much damage had been done. Sometimes not even then. In one case, a beautiful Chinese double agent (ultimately working for China) was sleeping with her two FBI handlers (see the book Tiger Trap: America’s Secret Spy War with China by David Wise for more details on that story)!

Bamford’s last story is that of the brutal treatment of a young graduate student, Maria Butina, who had the misfortune of being Russian, interested in geopolitics, and had started a small organization in Russia hoping to promote gun ownership. The FBI had investigated the girl a year earlier and concluded that she had no connection whatsoever with the Russian government. But when the Russiagate hysteria broke out in 2017, and then just after the release of the movie “Red Sparrow”, the Justice Department decided they had to go after someone to divert media attention from their own bungling of the matter. Ms. Butina was Russian, like the character in the movie. She was young, pretty, and a redhead. She was interested in the NRA and went to some Trump rallies. An entirely fabricated case was put together. Maria was arrested and psychologically brutalized before she pleaded guilty to conspiracy–a bargain to get out of indefinite solitary confinement in a maximum security prison. For three months she was held in solitary having done nothing at all! Still, the poor woman served another twelve months in prison on the trumped-up conspiracy charge before being flown back to Russia!

But the FBI and the military learn little. Despite Chelsea Manning and Edward Snowden, a young man, a twenty-one-year-old air national guardsman has been arrested for putting a trove of top secret documents on a server in a private chat group some six months ago! He wasn’t trying to sell or release the documents for political purposes. It was all about impressing his buddies on the chat group! Of course, the boast went on too long. Somebody in that private group released the documents more widely. The FBI didn’t catch wind of it until the whole world saw them!

Highly recommended reading! I expect America’s counterintelligence has successes (however that is measured), but the depth and extent of the failures are shocking. Enjoy!