Israel law enforcement has apprehended a former cybersecurity firm developer who allegedly stole security software source code and tried to sell it anonymously through the dark web.
He allegedly posted the surveillance software for sale on the dark web for $50 million.
NSO group technologies is an Israel-based cyber-arms dealer which began back in 2010. The company provides authorized governments with security tools that assist them in mitigating cybercrime.
The firm has also been involved in controversial activities in the past, which have raised questions on its credibility.
Back in 2016, NSO Group drew controversy for selling malicious software that was capable of compromising any iPhone within no time.
According to Israel’s justice minister, it would have been a great loss for the state security if the sale of the source code was successful.
As cybercrime increasingly poses threats to the national security of countries around the world, cases of security breaches will continue to make news headlines.
What Exactly Transpired?
Operations at NSO Group were running as usual until the 38-year-old unnamed suspect decided to do things his way after learning he would be dismissed from his job in April.
He then started planning to steal the source code from the company’s servers.
Before officially leaving his job, he accessed the company’s internal systems, downloaded the source code and stored it on a USB drive.
He then went on the dark web and posed as a hacker selling a valuable security tool.
Within no time, the suspect had a customer who was ready to buy the source code from him.
They were to transact using cryptocurrency, for about $50 million.
However, the potential buyer decided to notify NSO Group regarding the breach of their security software. Immediately, NSO officials contacted law enforcement to do a finer investigation into the case.
The Sting Operation
Investigators immediately swung into action on the case. An immediate manhunt was set on the suspect who tried to sell the surveillance security software through the dark web.
On June 5, a breakthrough in the case, the suspect was finally arrested before he had sold the security software tool.
It did not take the police long as the number of people who had access to the company’s server room was limited.
Vetting all of them for their credibility—especially all those in the software development department—gave the police a clue on the suspect’s whereabouts.
NSO Group has 500 employees working on a daily basis, and the company’s value stands at at least $900 million.
After the investigation into the rouge employee’s dealings, NSO Group officials reported that no material belonging to them was in the hands of a third party—assuring their customers of better services and more protection from any external threats.
The Case at Hand
The suspect is in police custody and has been charged with theft, intent to compromise national security, pursuing an unlicensed defense transaction and disrupting computer systems.
The defendant’s lawyer was quick to respond to the claims by saying that his client never in any way tried to undermine national security.
It will be up to judge mandated to rule on the case to decide on the fate of the former NSO programmer.
Security Within Cybersecurity Firms
With the rising level of cybercrime, a lot of cybersecurity firms are offering their services to meet the market demand.
However, the question of their security amongst other external threats is often ignored.
Reputation is a major issue to consider when one is looking for a cybersecurity firm to hire their services.
It is up to the firm’s employees and managers to uphold good work ethics which will earn them a reputable name.
Due to the high level of competition in the industry, security firms are constantly looking to offer better value to their prospective customers.
However, there are people working extra hard to compromise these efforts and prove security firms incapable of protecting clients’ data.
Malicious black hat hackers are penetrating into security firms’ servers and installing malware which is capable of sending them customers’ information remotely.
This is precisely what happened to Russia-based antivirus firm Kaspersky Lab when its software was used by Russian hackers to compromise vital data belonging to the United States.
It was a heated debate as the U.S. National Security Agency accused the firm of collaborating with the culprits to steal classified files from the NSA’s systems.
Similarly, U.K.-based cybersecurity firm Fox-IT was compromised by a hacker who carried out a Man-in-the-Middle attack.
The unknown hacker reportedly spied on customers and intercepted user credentials throughout the duration of the attack.
With the aim of making extra cash from the compromised data, hackers are looking to darknet markets to sell the stolen data—as was the case with the recent NSO Group breach.
For the case at hand, NSO Group will have to tighten its internal security and do proper vetting to whoever accesses their central servers to avoid similar incidents in the future.
Latest posts by Steve (see all)
- Darknet Buyer Arrested After Posting Selfie & Signature Linked to Weapons Deal - July 25, 2018
- Israeli Security Programmer Arrested for Breach Attempt - July 24, 2018
- Darknet Hacker Who Breached 100+ Companies Is Jailed for 10 Years - June 15, 2018