Ex-cyber czar: Misuse of cyber tech doesn’t disqualify future sales

"All sales are approved by the Defense Ministry."

By YONAH JEREMY BOB
Updated: DECEMBER 10, 2018 06:34
Saudi Arabia's Crown Prince Mohammed bin Salman talks with Saudi Arabia's King Salman bin Abdulaziz Al Saud during the Gulf Cooperation Council's (GCC) Summit in Riyadh, Saudi Arabia December 9, 2018 (photo credit: BANDAR ALGALOUD/COURTESY OF SAUDI ROYAL COURT/HANDOUT VIA REUTERS)
Saudi Arabia's Crown Prince Mohammed bin Salman talks with Saudi Arabia's King Salman bin Abdulaziz Al Saud during the Gulf Cooperation Council's (GCC) Summit in Riyadh, Saudi Arabia December 9, 2018
(photo credit: BANDAR ALGALOUD/COURTESY OF SAUDI ROYAL COURT/HANDOUT VIA REUTERS)
Just because a country has misused cyber-technology sold to it by Israel does not necessarily preclude the future sale of advanced cyber tools to that country, former Israel cyber chief Buky Carmeli told The Jerusalem Post on Sunday.
With the Jamal Khashoggi affair still fresh, Carmeli was adamant that he was not addressing any specific case or country, but was speaking solely about the broader strategic and ethics issue.
Carmeli, one of the two founding chiefs of Israel’s National Cyber Authority, noted as a disclaimer that both in the past and in the present he has advised the NSO Group, which is the Israeli cyber company of ex-intelligence officials whose technology was allegedly used by the Saudis to hack Khashoggi’s communications.
With so much anger in the West directed at the Saudis’ killing of Khashoggi, how would Carmeli even generally defend the idea of selling additional cyber-technology to a state which has previously misused such tools?
Carmeli said that in 2015-2016, when then-FBI director James Comey discussed the use of advanced cyber tools at a joint counterterrorism meeting, Comey advocated that in today’s day and age “if you want the government to fulfill its obligations to defend the public against terror and cartels, there is no choice but to use these [tools].”
He explained that NSO Group has been around for a while and routinely “gives technology to governments” to fight terrorist groups and drug cartels by hacking their communications.
At the same time, he said that adversaries to Israel and to Western countries “are moving forward in the cyber area” and that private-sector allies, like NSO Group, are crucial to stay ahead of them.
Regarding the process for which NSO Group uses to decide whether to sell its cyber technologies to foreign countries, he said that not a single sale goes through without approval from the Defense Ministry.
This obviously means that NSO Group cyber sales only go through if they fit into the Israeli government’s national security concept.
While Carmeli vehemently refused to address diplomatic concerns generally or with regard to Saudi Arabia, it is not hard to imagine that the government viewed selling cyber tools to the Saudis as a way to deepen positive relations between the countries.
On Sunday, there were unconfirmed reports that Prime Minister Benjamin Netanyahu is hoping to press toward normalization with the Saudis. It is not hard to imagine that the NSO Group cyber deal would have been perceived as an important segment in the normalization push.
Do the ends justify the means? Is it morally justified to sell such cyber-technology to the Saudis knowing how far they might go in misusing it?
Again, Carmeli refused to address the Saudis specifically, but taking on the general question, he tossed out two metaphors.
He remarked that a company that produces scissors intends them as a technical solution for building something or art.
Yet, they can and have been misused as a weapon.
The same is true about gloves, which he said can be used for protection, but can also be used by a criminal to cover up their fingerprints to avoid being traced and caught.
He said that NSO Group goes beyond the Defense Ministry’s legal requirements and also has an ethics panel with outside international experts approve all deals.
The panel looks solely at the ethics issues, as opposed to the Defense Ministry, which may consider a variety of geopolitical considerations.
In other words, he was saying that it is impossible to know whether a foreign country will misuse cyber tools and violate promises it made in that regard, but that
NSO Group takes the issue seriously.
Even regarding the future, he was extremely hesitant to disqualify a country that has already misused such cyber technologies in a limited number of instances, if they have overwhelmingly used the tool properly to fight terrorism.
Carmeli asks: Would you rather a country be an ally in the global war against terrorist groups and enemy states, even if it misuses the technology on rare occasions, or that the country do less fighting against terrorism and common enemies, while still getting cyber abilities from others to put down internal dissent?
Carmeli added that some countries are going to violently put down internal dissent no matter what.
Coverage of the Khashoggi affair has suggested that the US, Italy, the UAE and possibly others have also helped the Saudis in the cyber arena.
With that as a given, Carmeli said that you can then benefit from helping them with positive uses of cyber power or lose that opportunity.
Critics might say that they would still rather their country’s technology not be the one being used to purge internal dissent.
So should Israel continue to approve NSO Group or others selling cyber tools to the Saudis after they allegedly used the technology to hack Khashoggi’s communications as part of an eventual plan to kill him?
Whatever the philosophical answer is, Carmeli suggested ideas that could be a basis for continuing to sell and Netanyahu’s silence during the Khashoggi affair suggests that he will not allow it to derail his broader plans for Israeli-Saudi alignment in cyber and other arenas.


Related Tags
Khashoggi