Pegasus: The world’s most notorious spyware had its roots in an Israeli cafe

The origins of NSO and its product Pegasus can be traced back to a cafeteria in Israel where the company's founders eavesdropped on a conversation between two Israeli intelligence veterans.

Pegasus: The world's most notorious spyware had its roots in an Israeli cafe
Pegasus (Image source: Kaspersky)

Pegasus, a highly sophisticated spyware developed by Israel’s NSO group has landed several governments and tech giants across the world squirming in embarrassment. The origins of this technology can be traced back to a cafeteria in Israel where NSO founders Shalev Hulio and Omri Lavie eavesdropped on a conversation between two Israeli intelligence veterans.

Subsequently, the NSO Group was founded in 2010 by Israel Defence Force veterans Shalev and Lavie along with a former Mossad intelligence operative named Niv Carmi.

According to reports, the officers that the duo overheard served in the famed Unit 8200 of the Israeli Army.

Unit 8200, an elite military signals intelligence (SIGINT) in the Israeli Army, is often compared with United States National Security Agency in terms of sophistication.

The unit largely recruits professionals between the age of 18-21,, but the hunt for recruiting fresh talent starts even before that. Apart from its other exploits, the Unit has given the world some multibillion-dollar cybersecurity/intelligence entrepreneurs who learn the tricks of the trade while serving at the IDF.

Two main objectives of the unit are – intercepting and decrypting communication between foreign countries or breaking into virtually unhackable networks in the interest of the Jewish state.

Interestingly, this unit has its origins even before the formation of Israel in 1948. Back in 1915, a Jewish intelligence unit NILI was formed in the then Turkish-controlled Palestine and served as a pro-British spy agency during World War 1. After years of interception and phone-bugging, an official group named Shai was established in 1940 – funded by the British Government.

Right after Israel was born in 1948, the IDF set up a separate unit codenamed ‘Rabbit’ to break codes and intercept Arab intelligence using techniques it had mastered over the years. The unit’s contribution proved to be pivotal in the Israel Army warding off Arab forces soon after its birth.

Unit 8200, NSO and a cafe 

Most of the cadets of Unit 8200 have a successful post-military career. But their paths largely diverge in two ways – some choose to develop and work on technologies that protect cybersecurity infrastructure while the rest, like NSO founders, choose to develop technologies that break into other systems.

However, while there is a consensus that the duo served in the IDF, the reports of them being alumni of Unit 8200 remain inconclusive.

Unlike typical intelligence startup entrepreneurs, the duo was neither childhood prodigies nor great at academics. They usually spent all their time at the beach.

Their first startup MediaAnd, found in the early 2000s, focused on covert advertising in videos.

Their second startup, Commuitake, provided a ‘home-delivery’ of tech support. The startup cut down the need for people to travel to service centres and serviced their phones by connecting to them remotely. As the company worked closely with cellular networks who in turn had connections in the IDF, it was only a matter of time before their paths crossed.

They were soon approached by several intelligence agencies who asked them if they could take control of a device remotely without the owner getting a whiff about it. The duo knew it could be done but couldn’t find someone who knew how to do it or help them develop the technology.

Just as they were on the lookout for a tech engineer who could technically undergird their new business idea, they overheard two Unit 8200 veterans discussing a similar technology at a cafeteria. They approached them, collected whatever information they needed and that’s how their next startup was born.

Soon, they roped in Niv Carmi, a former Mossad intelligence operative and founded the NSO in 2010. This coincided with the boom of smartphones and it became the perfect launchpad for NSO. While Hulio and Lavie travelled around the world meeting intelligence unit heads and Prime Ministers of various governments, Carmi handled the tech side of things. However, he quit sometime later.

As per a funny anecdote in an Israeli publication years ago, the duo for a long time had no idea that they had to seek permission from Israel’s Defense Ministry for their third startup. But soon, they started working closely with the Israeli Defense Ministry, awarding contracts to governments (close friends of Israel) to ‘counter criminal suspects and terrorists’.

The company’s business boomed once it started converting top intelligence sources across the world into clients by selling products that could help them spy on criminal suspects and terrorists.

The US was no different. NSO had big ambitions of securing hefty contracts in the US all along and even set up its US sales subsidiary, WestBridge Technologies.

NSO was briefly owned by U.S. private equity firm Francisco Partners before being bought back by the founders. During this period, the company penetrated deeper into the market, expanded its resources which ultimately helped it enhance its products, especially Pegasus.

But while the notorious spyware worth millions of dollars and its parent company is now in the centre of controversy, all it took for the idea to be born were two proactive entrepreneurs who were at the right place at the right time.