Apple Seeks to Drop Its Lawsuit Against Spyware Maker NSO
2024-9-16 23:36:18 Author: securityboulevard.com(查看原文) 阅读量:13 收藏

Apple executives want to withdraw their three-year-old lawsuit against notorious spyware maker NSO Group over fears that the information the device company would have to disclose would benefit the surveillance software vendor and a growing list of competitors if it was exposed.

In addition, in a seven-page filing, they also noted that NSO – an Israeli company that makes the Pegasus spyware – is fighting efforts to disclose data as part of the legal process, the Apple executives noted.

“This means that going forward with this case will potentially involve disclosure to third parties of the information Apple uses to defeat spyware while Defendants and others create significant obstacles to obtaining an effective remedy,” they wrote in their request, which was filed in federal court in San Francisco.

They added that they wanted to “avoid compromising its commitment to the security of its users” and that given the challenges Apple is facing in the court case, they’ve decided to “prioritize its expert security resources and advanced threat-intelligence program to continue to stop destructive spyware through technical methods.”

Apple is asking that the case be dismissed without prejudice, which would allow the company to refile it in the future. The company filed its suit against NSO in 2021, becoming one of several companies that include Meta’s WhatsApp business to take legal against the Israeli company. WhatsApp filed its lawsuit in 2019.

Claroty

The Growing Spyware Threat

Spyware is marketed as a software tool for law enforcement agencies in their fight against crime. However, it has also been used by governments to secretly keep tabs on and harass a range of citizens, from journalists and activists to rival politicians and civil rights defenders. The malicious software is installed on a device without the user’s knowledge and can be used to steal sensitive data, monitor internet activity, and track targets’ movements.

The use of spyware is growing, with Google’s Threat Analysis Group (TAG) and its Mandiant subsidiary saying earlier this year that in 2023, 75% of known zero-day exploits against Google products and Android-based systems were caused by commercial surveillance vendors. In addition, of 37 zero-days flaws in browsers and mobile devices exploited last year, more than 60% were attributed to such vendors that sell their spyware to governments.

“If governments ever claimed to have a monopoly on the most advanced cyber capabilities, that era is over,” they wrote. “The private sector is now responsible for a significant portion of the most sophisticated tools we detect.”

A Complex Landscape

Google said it tracks about 40 such commercial companies. In a report in April, The Atlantic Council took a look at the shady operations within the spyware market, pointing to the Intellexa Consortium – “a complex web of holding companies and vendors for spyware and related services” – as an example, adding that focusing on individual players misses the larger picture of how they operate as a whole.

The market is “one in which firms conduct business under multiple names, work with investors across the globe, and where webs of interpersonal relationships underpin a shifting roster of corporate names and titles,” the report’s authors wrote. “These factors have hampered policy efforts to extract transparency from this market and limit the sale and use of spyware.”

The United States government has leveled sanctions against various spyware makers and individuals and European countries also have taken actions. In addition, NSO and its rivals have come under the scrutiny of investigative journalism operations.

Apple noted the evolving spyware landscape in its request to dismiss the lawsuit.

NSO has “been supplanted in part by a growing number of different spyware companies, meaning threats are no longer concentrated in a single, powerful actor,” the iPhone maker wrote. “The result is that even complete victory in this suit will no longer have the same impact as it would have had in 2021; instead of eliminating with one judgment a significant portion of the threat environment, other spyware companies unaffiliated with [NSO] would be unaffected by the suit and able to continue their destructive tactics.”

Recent Articles By Author


文章来源: https://securityboulevard.com/2024/09/apple-seeks-to-drop-its-lawsuit-against-spyware-maker-nso/
如有侵权请联系:admin#unsafe.sh