NSO Group founders Omri Lavie, left, and Shalev Hulio.ללא קרדיט
Analysis The Dark Side of Israeli Technology: Six Takes on the Sale of Cyberattack Firm NSO
Unlike companies whose technology protects customers against cyber attack, by any measure, NSO in a weapons firm
According to The Wall Street Journal, a (formerly) Israeli offensive cybertechnology firm, NSO Group, is about to be bought by another Israeli company, Verint Systems, for about a billion dollars. The transaction, if completed, would create one of the world’s largest cyber companies, Reuters reported on Monday.
The deal remains pending, but here are some things worth knowing:
1. NSO was founded in 2009 by Niv Carmi, Shalev Hulio and Omri Lavie. Its name comes from their first initials, although Carmi isn’t involved in the company any more. Unlike other cybersecurity companies, such as the Israeli firm Check Point Software Technologies or Palo Alto Networks, NSO doesn’t deal with data security. It sells offensive software and spyware to governments and law enforcement and espionage agencies.
2. In March 2014, the equity fund Francisco Partners acquired NSO at a company value of $170 million. It also bought another offensive (as opposed to defensive) Israeli cybertechnology firm called Circles, reportedly for $130 million. NSO specializes in tapping mobile phones. Circles specializes in surveillance and location – finding people through nothing but their phone numbers.
As an equity fund, Francisco’s business is buying companies, improving them and flipping them, meaning selling them at a profit. Francisco is merging NSO and Circles into one big cyberespionage company, a process that’s still under way. Verint will be buying the merged company, assuming the deal is finalized.
3. In fact, Francisco has been working at flipping NSO since about a year after buying it, for about a billion dollars. A year ago, rumors had it that Blackstone was eyeing 40% of the company for $400 million, but Blackstone took flak, including from human rights organizations that reminded it of its commitment to making ethical investments. It quickly backed off.
4. This is a good point to note that by any measure, NSO is a weapons company. In 2016, Citizen Lab accused it of selling sophisticated systems to oppressive regimes to keep tabs on human rights activists, journalists and others. For example, NSO was suspected of selling spyware to infect iPhones, essentially turning them into mobile spies on their owners.
5. When it comes to Verint, buying digital snooping companies sounds like a risky business. There’s good money in detecting weaknesses. “Vulnerability bounties” can involve serious amounts. In 2016, for instance, Zerodium offered $1.5 million for the Apple iPhone’s vulnerabilities.
One snag is that vulnerabilities age quickly. The affected companies find solutions and release patches. Sometimes a vulnerability gets exposed before even a single black-hat hacker manages to exploit it. For a publicly traded company to put a billion dollars into the offensive cyberware business sounds risky.
6. Verint is worth $2.7 billion on Wall Street and as of year-end 2017 (the last figure on record), it had cash and equivalents worth $338 million. It should be noted that in June 2014, it bought Kana (a customer service software firm) for $514 million. That deal seems to have had no effect on its revenues, which remained about $1.1 billion a year. It remains to be seen how the new deal, if consummated, will be digested.