Amazon Web Services banned NSO Group a day after the release of the Washington Post report.
Vice reported the banning of NSO Group infrastructure from Amazon Web Services. NSO Group’s spyware Pegasus was used to target the phones of journalists and activities.
According to the investigation, Pegasus compromised the targets’ phones and sent their data through AWS, Amazon CloudFront, and other commercial services.
By sending the data to those services, it protects the firm from Internet scanning techniques.
Amazon Confirmed the Ban
After learning the activity of NSO-related accounts, Amazon acted swiftly and shut down the said infrastructure and related accounts.
Over the weekend, the Washington Post, Amnesty International, and other news and research media start publishing stories about the Pegasus Project. The report reveals how Pegasus is being used to target phones in dozens of countries.
CloudFront, an Amazon service, is said to be instrumental in the recent attacks that utilized the malware.
It’s a content delivery network that lets NSO reliably deliver content to its users. CloudFront is a popular service because of its low latency and high transfer speeds.
By using CloudFront, it protects NSO from third parties wanting to unveil the infrastructure.
In the past, Amazon was silent on how NSO was using its services. Motherboard unearthed evidence that the spyware firm used Amazon infrastructure to disseminate malware. Unfortunately, at that time, Amazon didn’t comment on the matter.
NSO stated that it doesn’t operate the systems that it sells to government customers.
“NSO does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets. NSO does not operate its technology, does not collect, nor possesses, nor has any access to any kind of data of its customers. Due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as identity of customers of which we have shut down systems.” – The Guardian
NSO added that its technology wasn’t associated with the murder of Jamal Khashoggi. The firm confirmed that its technology wasn’t utilized to spy or collect information about Jamal’s family members.
The firm also said that even if the reports were correct, it doesn’t necessarily mean that the NSO Group client or the data collected by the NSO Group software were connected to the murder.
The company stated that its products can’t be used to carry out cyber-surveillance in the US. It also doesn’t grant a foreign customer to use its technology to access phones with US numbers.
However, yesterday’s report stated that governments used it indiscriminately against journalists and dissidents. Once it has compromised a phone, it could start collecting data from the phone. It could even activate the camera and mic for better surveillance.
One of the countries that responded to the inquiry was Rwanda. It stated that its government doesn’t use the system. It also doesn’t possess this capacity in any form. The accusations were just a part of the campaign to trigger tensions between Rwanda and other nations.