AWS shuts down NSO Group infrastructure

The Israeli company’s Pegasus spyware was used to target at least 50,000 mobile phones

Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli firm NSO Group.

The news comes after an investigation found that the company’s Pegasus spyware was used to target at least 50,000 journalists, government and union officials, human rights activists, business executives, religious figures, academics, NGO employees, and lawyers.

Pegasus was used to extract messages, photos, and emails, as well as to record calls and activate microphones on iOS and Android devices.

NSO Group denied the accusations, stating that its tools are used “for the sole purpose of saving lives through preventing crime and terror acts”.

“Our technologies are being used every day to break up pedophilia rings, sex and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones,” the company announced.

However, AWS has branded NSO Group’s actions as “hacking activity”.

A spokesperson for the cloud computing provider told IT Pro that it had shut down NSO Group’s infrastructure as it “was confirmed to be supporting the reported hacking activity”.

This was “in accordance with [AWS’] terms of use”, they added.

Amnesty International, a partner of the Pegasus Project, a collective of 17 media organisations investigating the spyware, found evidence to suggest that NSO Group had only been an AWS customer for a few months.

One Pegasus-infected phone that was dissected by the organisation sent data "to a service fronted by Amazon CloudFront, suggesting NSO Group has switched to using AWS services in recent months”.

Amazon CloudFront is a content delivery network (CDN) that provides customers with the ability to deliver content, including data, videos, and APIs, securely with low latency and at a high speed.

“Amnesty International suspects the shutting down of the V4 infrastructure coincided with NSO Group’s shift to using cloud services such as Amazon CloudFront to deliver the earlier stages of their attacks,” said the human rights NGO, adding that “the use of cloud services protects NSO Group from some Internet scanning techniques”.

AWS didn’t elaborate on whether the decision to ban NSO Group from its services could be reconsidered in the future.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Civil rights groups ask the FTC to stop Amazon surveillance
Policy & legislation

Civil rights groups ask the FTC to stop Amazon surveillance

30 Jul 2021
AWS buys encrypted messaging app Wickr
Acquisition

AWS buys encrypted messaging app Wickr

25 Jun 2021
AWS and Salesforce launch integration partnership
sales & CRM

AWS and Salesforce launch integration partnership

23 Jun 2021
AWS Proton software delivery platform is now available in select regions
Amazon Web Services (AWS)

AWS Proton software delivery platform is now available in select regions

10 Jun 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021