Senior European Commission officials were targeted last year with spyware designed by an Israeli surveillance firm, according to two EU officials and documents reviewed by Reuters.
Among them was Didier Reynders, a high-ranking Belgian statesman who has served as EU justice commissioner since 2019, according to one of the documents. At least four other commission staff were also targeted, according to the document and another person familiar with the matter. The two EU officials confirmed that commission staff had been targeted but did not provide details.
The commission learned of the targeting following messages Apple sent to thousands of iPhone owners in November telling them they were “targeted by state-sponsored attackers,” the two officials said. EU. It was the first time Apple had sent a massive alert to users that they were in the crosshairs of government hackers.
The warnings caused immediate concern within the commission, the two officials said. In a November 26 email reviewed by Reuters, a technical manager sent a message to colleagues with knowledge of Israeli hacking tools and a request to be on the lookout for additional warnings from Apple.
“Given the nature of your responsibilities, you are a potential target,” the staffer said in the email, reviewed by Reuters.
Reuters was unable to determine who used the Israeli spyware to target Reynders and his Brussels-based colleagues, whether the attempts were successful, and if so, what the hackers might have obtained as a result.
Reynders and his spokesman David Marechal did not return repeated messages. European Commission spokesman Johannes Bahrke declined to comment. Apple declined to comment.
Security researchers said the recipients of the warnings were targeted between February and September 2021 using ForcedEntry, advanced software used by Israeli cyber-surveillance provider NSO Group to help remote foreign spy agencies and invisibly to take control of iPhones. A small Israeli spyware vendor named QuaDream also sold an almost identical tool to government customers, Reuters previously reported.
NSO said in a statement that it was not responsible for the hacking attempts, saying the targeting described by Reuters “could not have happened with NSO’s tools”.
The company, which faces a number of overlapping lawsuits and was recently blacklisted by US officials for alleged human rights abuses, said it supports an investigation into the targeting and called for the establishment of global rules to govern the spyware industry.
QuaDream, which is keeping a lower profile, did not return repeat messages.
IT experts examined at least some of the officials’ smartphones for signs of compromise, but the results were inconclusive, according to the two EU sources, who spoke on condition of anonymity because they do not were not allowed to speak to the press.
Reuters was unable to determine whether the commission is still investigating the matter.
The news of the targeting comes as the European Union begins to follow the United States in taking a closer look at spyware vendors like NSO.
The European Parliament is set to launch a commission of inquiry to investigate the use of surveillance software in European member states on April 19, according to Sophie in ‘t Veld, the EU lawmaker who championed the creation of the commission. .
In ‘t Veld told Reuters she was unaware European Commission officials were being targeted, calling the news “dynamite”.
“We really have to get to the bottom of it,” she said.
The committee was formed following reports that senior opposition politicians in Poland had their phones hacked with Israeli spyware and that prominent critics and investigative journalists in Hungary had also been hacked. targeted.
Polish officials and a Hungarian ruling party MP have acknowledged that their respective governments purchased the NSO software, although both countries have denied wrongdoing related to domestic spying allegations.
It was important not to jump to conclusions about who might be responsible, said Kenneth Lasoen, a researcher at the Netherlands Institute for International Relations Clingendael.
The EU “is a high-profile target for multiple actors,” Lasoen said. “Brussels is a veritable spy nest.
(Reporting by Raphael Satter in Brussels and Christopher Bing in Washington; editing by Chris Sanders and Edward Tobin)
The most important insurance news, delivered to your inbox every working day.
Receive the trusted insurance industry newsletter