Jamal Khashoggi was murdered when he visited the Saudi consulate in Istanbul on October 2. Photo: AFP
Saudi hackers using Pegasus software targeted friends and family of Jamal Khashoggi, who was murdered when he visited the Saudi consulate in Istanbul. Photo: AFP

This article was first published by ProPublica, a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox.

Israeli cybersecurity company NSO Group, the company behind the notorious Pegasus spyware, has been conducting a broad campaign in the United States to get off the US government’s blacklist.

Pegasus is a hacking tool that could be used to vacuum up a phone’s contents remotely without the target having to fall into a phishing trap by clicking on a deceptive link. The spyware can even use the phone to remotely track and record its user.

The Biden administration added NSO to a Commerce Department list of restricted companies last November after a series of investigations revealed that Pegasus had been used by foreign governments against journalists and human rights activists. A forensic analysis from last July, for example, revealed that two people close to journalist Jamal Khashoggi were targeted by the spyware before and after his assassination in October 2018.

Khashoggi, an exiled Saudi Arabian journalist and American resident, was murdered in Turkey by Saudi authorities. The NSO Group has said its technology “was not associated in any way with the heinous murder of Jamal Khashoggi.”

NSO has invested hundreds of thousands of dollars in the past year in payments to lobbyists, public relations companies and law firms in the United States, in the hope of reversing the Biden administration’s November decision, according to public records filed under the Foreign Agent Registration Act and conversations with people familiar with the effort. These firms have approached members of the US House and Senate, as well as various media outlets and think tanks across the US, on NSO’s behalf.

Companies on the Commerce Department’s blacklist, officially called the “Entity List,” are not completely prohibited from doing business in the US. However, they are subject to licensing and other trade restrictions, making it more difficult to conduct business in the country or with Americans. NSO’s business has reportedly suffered since the designation.

NSO is trying to get the matter raised during a meeting between US President Joe Biden and Israeli Prime Minister Yair Lapid when the former visits Israel this week. In addition, NSO lobbyists unsuccessfully tried to set up a meeting between representatives of the company and US National Security Adviser Jake Sullivan, but it did not take place.

Asked for comment, an NSO spokesperson declined to comment on the campaign but “thanked” Shomrim for publishing an article on its efforts, which he described as “supportive.”

The American military contractor L3Harris also held talks to try to purchase NSO, with backing from the Defense Department, according to The New York Times. L3Harris has abandoned the effort, the paper said.

Placement on the Entity List is a serious sanction but less significant than being placed on the Specially Designated Nationals list. In the past, companies have won removal from the Entity List after settling charges with the US government and promising reforms.

NSO said at the time of the US administration’s decision to add it to the list that it would work to have the move reversed. Public records show that the firm started recruiting various North American consultants even before it was blacklisted.

In July last year, it hired the Pillsbury Winthrop Shaw Pittman law firm to advise it on tenders and various compliance requirements in the United States. The firm was initially hired for six months at a cost of about $75,000 per month. NSO continued to retain its services at least into the first half of 2022.

Pillsbury then hired strategic advisory group Chartwell for six months at a cost of $50,000 to $75,000 per month, according to public records. Chartwell met with representatives of the House Intelligence Committee, whose members called last year for more serious sanctions of NSO under the Magnitsky Act.

The lobbying firm also approached, among others, Senators Mitt Romney, R-Utah, and Mike Rounds, R-S.D., as well as Representatives Tom Malinowski, D-N.J. and Mike Turner, R-Ohio. Romney, Rounds, Malinowsky and Turner did not respond to a request for comment.

Chartwell has also reached out to various media outlets on behalf of NSO, and distributed material in which the company reiterated its assurances that it would investigate any misuse of its products.

In January 2022, the company hired the services of the Paul Hastings law firm for $10,000 a month. Hastings then had a call with Senator Ron Wyden, D-Ore., on behalf of NSO. Moreover, less than four months ago, NSO signed an agreement with Washington, D.C.-based public relations and media consulting firm Bluelight Strategies, which has strong ties with the Democratic Party.

The firm’s managing director, Aaron Keyak, went on unpaid leave to join Biden’s campaign staff in July 2020 and currently serves as the State Department’s deputy special envoy to combat and monitor antisemitism. NSO paid Bluelight $100,000 in February for two months of work, with an option to extend the contract for $50,000 a month.

The contract between the parties, signed by NSO founder Shalev Hulio and Bluelight President Steve Rabinowitz, also allows Bluelight to hire a subconsultant at a cost of up to $20,000 a month.

“NSO’s tools provide limited and specifically targeted intelligence capabilities that have been repeatedly used for instance to help rescue scores of children from human trafficking as well as stopping numerous terrorist attacks,” wrote Brian E Finch, a partner at Pillsbury, to Representative Malinowsky earlier this year. “NSO’s Pegasus customers are solely law enforcement and intelligence agencies, and by far are mainly democratic allies of the US and Israel in Western Europe,” he added.

NSO Group “worries about improper or otherwise abusive use of its tools against journalists, human rights advocates, and others,” wrote Finch. “NSO has strict protocols in place to avoid misuse of its products and to terminate access to such products in cases where misuse has been alleged.”

The attorney wrote that “NSO stands ready and willing to work with the US government to identify and develop global standards that reflect shared values — protecting citizens of the United States and safeguarding human rights and privacy concerns.”

In a different letter distributed by the firm this year, NSO states it has “developed a human rights governance compliance program,” saying it would conduct a review of all users to see whether they might use the technology to “violate human rights.”

Pillsbury, Chartwell, Paul Hastings and Bluelight did not respond to a request for comment. The Department of Commerce did not respond to a request for comment.

NSO representatives have approached various people within the administration in order to get a clear understanding of what steps the company could and should take to be taken off the blacklist. They presented NSO’s “kill switch,” which allows the company to terminate contracts when their product is misused, and have warned that if NSO shuts down, Chinese and Russian companies will take its place.

So far, the lobbying campaign has generated little response. NSO has not been told what it needs to do to remove itself from the list, according to the people familiar with the campaign.