Nearly a decade ago, a young Israeli entrepreneur made a pair of bets — one on a company that claims it can hack any smartphone in the world and the other on a company that went on to develop a smartphone that is nearly unhackable.
Today, those two companies, whose offices are less than hour’s drive apart in Israel’s northern tech corridor, are leading forces in the shadowy battle between surveillance and privacy.
NSO Group, which is still run by the entrepreneur Shalev Hulio, is now valued at $1bn and its flagship product Pegasus is used by governments and intelligence agencies around the world to remotely and secretly hack smartphones.
Often the very same governments and intelligence agencies also turn to Communitake Technologies, the designers of the chunky custom-built IntactPhone, to keep their own secrets out of reach of NSO’s technology.
“If this is an arms race, think of this technology like the Force in Star Wars,” said a cyber technology dealer, who has sold both offensive and defensive cybertechnology to governments. “If companies like NSO are the Dark Side of the Force, then people like Communitake are the Jedis.”
When Mr Hulio first invested in Communitake, it had developed code that could remotely access a phone and root through its inner workings.
With some 50 or so employees, Communitake chose a high-minded path: it licensed the technology to the likes of BlackBerry and Nokia so they could help users fix their phones remotely, and only after the phone’s owners permitted access.
But Mr Hulio foresaw that a second market, for mining smartphone data surreptitiously, was going to become very lucrative, and made a parallel investment in NSO, whose software worked similarly, but without asking for any consent. “Tech savvy terrorists and criminals [were concealing their communications and] going dark,” said Mr Hulio in a statement, adding that NSO was quickly approached by the intelligence community. “Our technology could be key to preventing a terrorist attack.”
By 2012, Communitake and Mr Hulio went their separate ways — his work at NSO was going to be “a shadow on our company,” said Ronen Sasson, Communitake’s chief executive.
“While it was hard to leave behind a very successful company, it was an easy decision knowing we could help create a technology that would go on to save an untold number of lives,” said Mr Hulio.
Communitake also changed course, setting off to build a phone that no one, even NSO, could hack.
Communitake does not market itself as the anti-NSO, but at least one country that has bought NSO’s software has equipped its senior officials with IntactPhones after testing the two technologies against each other, said one person familiar with the contract.
The Intactphone is used by senior UN officials, heads of states and, in one country the company will not name, by a national prosecutor whose predecessor was hacked.
Its cost ranges anywhere from a few thousand dollars to the millions. The most expensive set-up includes privately hosted servers that generate the ephemeral encryption keys that lock each individual communication into a sealed vault, and dozens of phones distributed among government officials.
The company saw a boost after the Israel Innovation Authority took a stake and helped market the technology abroad, especially in the US and in Mexico. Now it is developing a commercial version that will run on a custom-built phone designed to mimic the look of a normal smartphone. That would allow people to carry a secure phone without drawing attention.
“In the first few years we have had the product battle-test by some very high-tech customers — intelligence agencies, governments,” said Mr Sasson. “Now we are going wider.”
The battle lines are oddly concentrated in Israel, where NSO and Communitake are part of an industry that includes companies such as Cellebrite, recently valued at $600m, which unlocks encrypted smartphones for governments, and Verint Systems, the $3.7bn cyber surveillance company that has hundreds of engineers in Israel working on software used by the FBI and European law enforcement.
They thrive on graduates of the Israeli army’s surveillance units, including Unit 8200, the signals intelligence and decryption division from which Eran Karpen, Communitake’s chief operating officer, hails. And they also benefit from Israel’s reputation for world-beating cyber surveillance, and the mystique of its intelligence agencies, especially in the Middle East.
For smaller companies such as Communitake, that is a key asset. Gartner, the consulting firm, pitched the IntactPhone against the established players — the government-grade offerings from IBM and BlackBerry, and other less known companies such as Palo Alto-based VMware — and ranked it in the top five for government use.
But Israeli security companies also have to get past the suspicion that they are fronts for Israeli intelligence agencies. Both NSO and Communitake, for instance, are regulated by the ministry of defence, and can only sell to governments or agencies approved by Israeli authorities.
The close ties with the Israeli government and in recruitment raises the question of backdoors — official or not — in the technologies, and why the Israeli government would allow the commercial sale of a phone it itself cannot hack.
Senior UN officials in Israel, for instance, use the IntactPhone to speak to colleagues inside the Gaza Strip and abroad without the Israeli government listening. Benny Gantz, the leader of the Israeli opposition, is reported to use one after his smartphone was said to have been infiltrated by Iranian hackers. Communitake said that to allay those concerns, it allows buyers to examine the phone’s source code and its physical architecture.
The company is careful not to claim that its phone is entirely secure. But building a sophisticated phone from scratch, and running a highly secure operating system on it allows the device to “minimise the attack surface,” said Mr Sasson, describing the three ways phones are normally hacked — either by malware inserted remotely, by physical extraction of its encrypted data, or by the interception of communications when in transit.
The phone, for instance, can block attempts to extract its data via a cable, and the bespoke version of WhatsApp that it installs would have repelled NSO’s most recent hack, when it’s clients used a vulnerability in the supposedly secure messaging to infiltrate phones remotely, he said.
But if anybody is out there selling a phone that they guarantee is unhackable, they are probably lying, said Mr Sasson. “With something like this, you can make yourself 95 per cent safe. Nothing is 100 per cent safe.”
