The threat of Pegasus-style spyware could creep toward the business community
Thursday, July 22, 2021
The latest bombshell investigations into NSO Group’s Pegasus spyware reinforce how widely the tool is being used by governments and clients around the world to conduct surveillance on journalists, human and civil rights activists, politicians and other individuals.
A growing but immature market
Due to restrictions on sales to the private sector, such threats are still most likely to come from government agencies, but If software like Pegasus is ever re-sold on the grey market “it is virtually impossible to control who can eventually buy hacking tools and for what purposes,” said Ilia Kolochenko, founder of ImmuniWeb, a Switzerland-based application security and penetration testing company.
Companies like NSO Group can leverage their connections and relationship with patron governments and a murky regulatory environment to cast a veil that makes it extremely difficult to know who ultimately gets access to these tools and how they’re used.
“It is virtually impossible to regulate this market as vendors and buyers are highly sophisticated entities, while the latter frequently enjoy immunity by the virtue of law,” Kolochenko said.
Others think there are a number of challenges that would likely make it harder for imitators to achieve the same success or use these tools at a broader scale. Read Full Article
teiss: Hacker group threatening to sell 1TB of Saudi Aramco data to the highest bidder
SearchSoftwareQuality: An introductory guide to mobile app security testing