NSO Group’s Financial Backers Tried To Undermine Citizen Lab’s Investigative Work (original) (raw)

from the beautiful-lab-you-got-here,-shame-if-anything-happened-to-it dept

NSO Group’s reputation continues to decline, tracked inversely by the rise of Citizen Lab, a team of Canadian security researchers working out of the University of Toronto. Citizen Lab has exposed plenty of abuse by NSO’s customers, and saved plenty of malware targets from remaining compromised by NSO-crafted spyware.

This obviously hasn’t made NSO Group happy. And it appears to have perturbed Novalpina Capital, a private equity group that acquired a majority share of NSO in 2019. Thanks to personal data requests enabled by UK data protection laws, Citizen Lab director Ron Deibert and senior researcher John Scott-Railton were able to obtain internal communications from Novalpina that show the equity firm took steps to limit the damage Citizen Lab’s research was doing to its new spyware acquisition.

The released data, combined with information from other sources, sheds light on an apparent attempt by Novalpina partner Stephen Peel to gather information on and undermine Citizen Lab. In one case, he even reached out to George Soros, whose foundation is an important Citizen Lab donor, and complained about the researchers.

That apparently had no effect, other than to have Soros suggest Novalpina divest itself of NSO. Neither did other efforts, which included hiring US lawyer Virek Krishnamurthy as a “specialist external adviser” to allegedly align NSO Group with UN’s guidance on business and human rights.

What Krishnamurthy actually did was something different. Krishnamurthy is a University of Toronto alumnus and had worked as a research assistant for Citizen Lab’s director, Ron Deibert.

A February 2019 proposal by Foley Hoag to provide legal services to NSO said Krishnamurthy’s prior relationship with Deibert meant he was in a “unique position to conduct outreach to Citizen Lab should the NSO Group find it desirable to do so”. The proposal acknowledged that NSO had “reputational challenges” and said: “Our goal is to help the NSO Group become seen as the world’s most ethical company in the surveillance space by establishing systems, policies, and procedures to ensure that it operates in a rights-respecting manner.”

In a 1 March 2019 exchange, Peel emailed Krishnamurthy telling the lawyer it was time to “reach out to Deibert to find out what is going on”. The lawyer promptly replied that he would, adding: “He can be prickly, and he’s clearly worked up about NSO.”

Deibert declined an invitation to meet with Krishnamurthy, citing NSO Group’s lack of good faith when responding to inquiries and investigations by Citizen Lab. Krishnamurthy was rejected again three months later when he attempted to meet with Deibert during a family trip to Toronto.

With this information now out in the open, the denials are rolling in.

Krishnamurthy claims his actions were undertaken in good faith and that he was not trying to persuade Deibert and Citizen Lab to ease up on their criticism of NSO Group. He also claims he now “regrets” his work with Novalpina harmed his relationship with his former colleague.

Mark Stephens, a UK lawyer who’s a mutual friend of both Krishnamurthy and Novalpina’s Stephen Peel (and who encouraged Krishnamurthy to work for Novalpina), offered up this ridiculous (and completely) laughable assessment of Citizen Lab in response to the Guardian article:

Stephens praised Peel and criticised Citizen Lab for disproportionately focusing on NSO.

“The practical result of what they [Citizen Lab] have done is to ignore and effectively divert attention from the other players in this marketplace and they have given them a completely free pass and I think that’s reprehensible,” Stephens said.

Citizen Lab has performed years of research into malware deployment, state-sponsored hacking, and government surveillance activities. If there’s been a spike in recent months in NSO Group-related research, it’s because new information recently surfaced showing how prevalent its malware is and how often it targets people who shouldn’t be targeted by extremely powerful malware.

What’s shown here isn’t particularly surprising. But it is disheartening. The information obtained by Citizen Lab shows little more than Novalpina belatedly realizing it had acquired an extremely toxic asset. But rather than search for a way to unload NSO, it chose to target Citizen Lab’s funding (via the conversation with George Soros) and leverage a lawyer’s personal and professional relationship with Citizen Lab’s director in hopes of gathering information on the Lab’s research or persuading it to shift its focus elsewhere.

Filed Under: citizen lab, malware, ron deibert, surveillance, vivek krishnamurthy
Companies: novalpina, nso group