Apple has filed a lawsuit against Israeli surveillance-for-hire company NSO Group over its Pegasus spyware that has been used to target Apple devices.
The lawsuit, filed in the Northern District of California on Tuesday, would attempt to ban NSO Group from using Apple software or services and seeks “redress for NSO Group’s flagrant violations of US federal and state law,” Apple said in a blog post. The permanent injunction that Apple is seeking would prohibit NSO Group from using any Apple servers, devices, hardware, software, or other applications.
The company is also seeking an unspecified amount in damages from NSO Group, which Apple said it would give to cybersecurity researchers. A denial of access to Apple products and services would mark a huge, potentially business-shattering blow for NSO Group in the U.S. which has become notorious for surveillance software capable of attacking Apple devices. That software has also increased public concerns over Apple’s famously strong device security.
“Apple devices are the most secure consumer hardware on the market—but private companies developing state-sponsored spyware have become even more dangerous” Apple’s senior vice president of Software Engineering Craig Federighi said in a statement. “While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe.”
The decision to enter a legal battle with NSO Group comes just two months after Apple was forced to issue an emergency patch after a report from cybersecurity watchdog The Citizen Lab found a zero-day exploit affecting an estimated 1.65 billion Apple devices that had been vulnerable to NSA’s malware for several months. While NSO Group advertises itself as a service for tracking terrorists and other criminals, it has come under criticism as its tools were revealed to have been used to track journalists, activists, and even world leaders. Apple also provided more previously unknown details about that exploit, known as ‘FORCEDENTRY, in its lawsuit.
And Apple’s not the only one taking shots at NSO Group. Facebook (now Meta) filed its own lawsuit against the company back in 2019 over malware that affected WhatsApp users. Then just last week, the US Commerce Department officials added the surveillance firm to its U.S. Export Administration Regulation (EAR) “Entity List.” The addition, which puts NSO alongside other companies the government believes works against US interests, subjects it to trade restrictions that would require U.S.-based companies to acquire a special license from the government if they want to provide services or sell products to the sanctioned party.