{"id":42292,"date":"2021-07-20T15:31:56","date_gmt":"2021-07-20T15:31:56","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=522ca652f4e70e3eee902c3c75bd4394"},"modified":"2021-07-20T15:31:56","modified_gmt":"2021-07-20T15:31:56","slug":"aws-shuts-down-nso-group-infrastructure","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/aws-shuts-down-nso-group-infrastructure\/","title":{"rendered":"AWS shuts down NSO Group infrastructure"},"content":{"rendered":"


\n Sabina Weston<\/a><\/span>
\n <\/span><\/p>\n

\n
\n
20 Jul, 2021<\/span><\/div>\n<\/p><\/div>\n<\/div>\n

\n<\/a><\/p>\n

\n

Amazon Web Services (AWS)<\/a> has shut down infrastructure and accounts linked to Israeli firm NSO<\/span> Group.<\/p>\n

The news comes after\u00a0an investigation<\/a> found that the company\u2019s Pegasus spyware<\/a> was used to target at least 50,000 journalists, government and union officials, human rights activists, business executives, religious figures, academics, NGO<\/span> employees, and lawyers.<\/p>\n

Pegasus was used to extract messages, photos, and emails<\/a>, as well as to record calls and activate microphones on iOS<\/a> and Android<\/a> devices.<\/p>\n

NSO<\/span> Group denied the accusations, stating that its tools are used \u201cfor the sole purpose of saving lives through preventing crime and terror acts\u201d.<\/p>\n

\u201cOur technologies are being used every day to break up pedophilia<\/span> rings, sex and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones,\u201d the company announced.<\/p>\n

However, AWS<\/span> has branded NSO<\/span> Group\u2019s actions as \u201chacking activity\u201d.<\/p>\n

A spokesperson for the cloud computing provider told IT Pro<\/em> that it had shut down NSO<\/span> Group\u2019s infrastructure as it \u201cwas confirmed to be supporting the reported hacking activity\u201d.<\/p>\n

This was \u201cin accordance with [AWS\u2019<\/span>] terms of use\u201d, they added.<\/p>\n

Amnesty International, a partner of the Pegasus Project, a collective of 17 media organisations investigating the spyware, found evidence to suggest that NSO<\/span> Group had only been an AWS<\/span> customer for a few months.<\/p>\n

One\u00a0Pegasus-infected phone\u00a0that was dissected by the organisation sent data “to a service fronted by Amazon CloudFront<\/span>, suggesting NSO<\/span> Group has switched to using AWS<\/span> services in recent months\u201d.<\/p>\n

Amazon CloudFront<\/a> is a content delivery network (CDN<\/span>) that provides customers with the ability to deliver content, including data, videos, and APIs<\/a>, securely with low latency and at a high speed.<\/p>\n

\u201cAmnesty International suspects the shutting down of the V4 infrastructure coincided with NSO<\/span> Group\u2019s shift to using cloud services such as Amazon CloudFront<\/span> to deliver the earlier stages of their attacks,\u201d said<\/a> the human rights NGO<\/span>, adding that \u201cthe use of cloud services protects NSO<\/span> Group from some Internet scanning techniques\u201d.<\/p>\n

AWS<\/span> didn\u2019t elaborate on whether the decision to ban NSO<\/span> Group from its services could be reconsidered in the future. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Sabina Weston<\/p>\n

20 Jul, 2021 <\/p>\n

Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli firm NSO Group.
\nThe news comes after\u00a0an investigation found that the company\u2019s Pegasus spyware was used to …<\/p>\n","protected":false},"author":627,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-42292","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42292","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/627"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=42292"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42292\/revisions"}],"predecessor-version":[{"id":42293,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42292\/revisions\/42293"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=42292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=42292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=42292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}