Israeli spyware company NSO Group has experienced quite a bit of controversy in the last few years. Its spyware product, Pegasus, has been used by various criminals and nation states to target individuals of interest, such as activists, politicians, and business leaders.
In 2021, NSO was blacklisted by the United States government as it knowingly provided spyware to foreign governments who used the tool maliciously.
Earlier this year, at least four senior European Union officials were targeted with the spyware, though NSO Group denies any involvement. Apple also is in the process of suing the "abusive state-actor" for its ability to hack iPhones using previously undiscovered Zero-Day vulnerabilities.
There are many more instances of the NSO Group being involved in some kind of international scandal, and the company has had to deal with the blowback from that. So, it makes sense that they would try to shake things up a bit in terms of management.
The group's longtime CEO, Shalev Hulio has stepped down amid all the controversy, and it has laid off approximately 100 of its 700 employees. That feels like a major shift for the company, right? But, will it be enough to make people forget about the past? Some experts believe that the nail is already in the coffin.
Claudio Guarnieri, the head of Amnesty International’s Security Lab, had this to say about NSO's recent changes:
"Such changes will not address the ongoing absence of accountability. The piling discoveries of unlawful surveillance of activists, journalists and other members of civil society show a rotten mercenary spyware industry, and a moratorium of their sales is as urgent now as ever."
The organization did speak with The Washington Post after Hulio resigned, saying they are going through a broader reorganization that includes plans to market the firm's technology to NATO countries. It also told The Post that it "will examine all aspects of its business, including streamlining operations to ensure NSO remains one of the world's leading high-tech cyber intelligence companies."
The controversy surrounding the NSO Group has certainly hindered its ability to be profitable. After being blacklisted by the U.S., many acquisitions fell through the cracks, such as with technology firm L3Harris who was pressured by the government to back out of the deal.
John Scott-Railton, a senior researcher for Citizen Lab, which is one of the organizations investigating NSO, discussed its business strategy:
"NSO’s business strategy these days seems to be: hold on and hope for an acquisition miracle, or a change of government. We’ve heard for months that they are running low on cash, and big layoffs and a shakeup seem to speak to that.
NSO’s short corporate history is littered with reorganizations that weren’t, diligence that wasn’t turnarounds that didn’t, and reforms that went nowhere. I don’t see any reason this will be different."
He also added that spyware is a very risky business to be invested in, and that investors will likely look elsewhere.
While it would be great to see the NSO Group crumble because of its own missteps, there will still always be a market for spyware and it will find its way into the hands of the wrong people.
Cut off a snakes head and it will grow two back, or something like that.
See the original story from CyberScoop for additional details.