WASHINGTON — The FBI informed the Israeli government in a 2018 letter that it purchased Pegasus, the infamous hacking tool, to collect cell phone data to support ongoing investigations, the clearest documented evidence to date that the agency identified the spyware as tool used by law enforcement.
The FBI’s description of Pegasus’ intended use came in a letter from a top FBI official to Israel’s Defense Ministry, which was reviewed by The New York Times. Pegasus is produced by an Israeli company, NSO Group, which must obtain approval from the Israeli government before it can sell the hacking tool to a foreign government.
The 2018 letter, written by an officer of the FBI’s Operational Technology Division, stated that the agency intended to use Pegasus “to collect data from mobile devices for the purpose of preventing and investigating crime and terrorism, consistent with privacy policies.” and national security laws.”
The Times revealed in January that the FBI bought Pegasus in 2018 and spent the next two years testing the spyware at a secret facility in New Jersey.
Since the article’s publication, FBI officials have admitted they considered deploying Pegasus, but emphasized that the agency bought the spy tool primarily to test and evaluate it, in part to assess how adversaries might use it. They said the agency never used the spyware in an operation.
At a Congressional hearing in March, FBI Director Christopher A. Wray said the agency had purchased a “restricted license” to test and evaluate “as part of our routine responsibilities to evaluate technologies that exist, not just from a perspective of could they ever be legally used, but also, more importantly, what are the safety issues caused by those products.”
“So very different from using it to research someone,” he said.
The Times revealed that the FBI had also received a demonstration from the NSO of another hacking tool, Phantom, which can do what Pegasus can’t: target and infiltrate US cell numbers. After the demonstration, government lawyers debated the purchase and implementation of Phantom for years. It was only last summer that the FBI and the Department of Justice decided not to use NSO hacking tools in operations.
The FBI has paid about $5 million to NSO since the agency first bought Pegasus.
The Times has sued the FBI under the Freedom of Information Act over desk documents related to the purchase, testing and potential use of NSO spyware tools. In a court hearing last month, a federal judge set an August 31 deadline for the FBI to submit all relevant documents or be held in contempt. Government attorneys said the agency had so far identified more than 400 pages of documents responding to the request.
The FBI’s letter to the NSO, dated December 4, 2018, states that “under any circumstances, the United States Government will not sell, deliver, or otherwise transfer to any other party without the prior approval of the Government of Israel.”
Cathy L. Milhoan, an FBI spokeswoman, said the agency is “working diligently to stay abreast of emerging technologies and craft.”
“The FBI has purchased a license to investigate possible future legal use of the NSO product and possible security vulnerabilities that the product poses,” she continued. “As part of this process, the FBI complied with the requirements of the Israeli Export Control Agency. After testing and evaluation, the FBI has chosen not to use the product operationally in any investigation.”
The January Times article revealed that in 2018 the CIA arranged and paid the government of Djibouti to acquire Pegasus to aid its government in counter-terrorism operations, despite longstanding concerns about human rights violations there.
Pegasus is a so-called zero-click hacking tool — it can remotely extract everything from a target’s mobile phone, including photos, contacts, messages and video recordings, without the user having to click a phishing link to remotely access Pegasus. grant access. It can also turn phones into tracking and secret recording devices, allowing the phone to spy on its owner.
NSO has sold Pegasus to dozens of countries that have used the spyware in the context of investigations into terrorist networks, pedophile circles and drug lords. But it has also been abused by both authoritarian and democratic governments to spy on journalists, human rights activists and political dissidents.
On Tuesday, the head of Spanish intelligence was impeached after recent revelations that Spanish officials had both deployed Pegasus spyware and were the victims.
The official, Paz Esteban, was fired days after the Spanish government said the cell phones of senior Spanish officials, including Prime Minister Pedro Sánchez and Defense Minister Margarita Robles, had been penetrated by Pegasus last year. It was also recently revealed that the Spanish government had used Pegasus to hack into the mobile phones of Catalan separatist politicians.
Israel has used the instrument as a bargaining chip in diplomatic negotiations, most notably in the secret talks that led to the so-called Abraham Accords that normalized relations between Israel and several of its historic Arab adversaries.
In November, the Biden administration placed NSO and another Israeli company on a “blacklist” of companies prohibited from doing business with American companies. The Commerce Department said the companies’ spyware tools had “enabled foreign governments to carry out transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside their sovereign borders to suppress dissent. to silence it.”
Mark Mazettic reported from Washington, and Ronen Bergman from Tel-Aviv.