Inflection Point: $167M Fine for WhatsApp Hack

A jury just hit the spyware maker NSO Group with a huge fine.

They must pay $167 million for hacking more than 1,000 people through WhatsApp.

This ends six years of court fights and is the biggest blow ever to the “above board” spyware world.

Here’s what went down:

🔥NSO’s Pegasus tool hacked WhatsApp and sent bad code to about 1,400 phones. The targets were people like reporters, civil rights workers, and critics of governments in many lands.

🔥A judge ruled last year that NSO broke U.S. hacking laws. This trial was just to set the price tag.

🔥The jury said: $167 million in fines plus $440,000 for costs.

Know how many people we can feed for $167,000,000? It’s a lot.

Why does this case matter so much?

It forced NSO bosses to speak in court for the first time. The case went all the way to the top court, showing how big the stakes were.

NSO tried to claim they were safe from the law because they only sell to states. The court said no. NSO staff even said in court that they decide how the hacks work based on what phone each target uses.

The proof showed NSO’s power: 140 workers looking for ways to break into phones and apps. Their spy tool can grab photos, emails, and texts - even ones that should be safe.

Some hacks need no clicks and leave no trace.

NSO claims their tool won’t spy in the U.S., but other spy tools don’t have such limits. That’s why experts worry when White House staff use apps like Signal. Any spy tool that takes over a phone can see all those chats.

In court, NSO’s lawyer said the case was just for show: “Facebook wanted news stories about how much they care about user safety.”

Such desperation from NSO. The jury didn’t buy it.

This ruling shows that even strong spy firms with state backing can be held to task for hacking.

What does this mean for you? It shows that no one gets a free pass for breaking into systems. Not even those who say they do it for “state safety”.

Click "comment" and tell me: How will this change how states use spy tools?

I read every comment you post 😉.

-Kip

P.S. Please forward this "Inflection Point" to someone you care about.

🟠🔵🟠🔵 Subscribe here! 🟠🔵🟠🔵

Current Podcast Episode: “NIST CSF: The Missing Manual”

The implementation manual for the NIST Cybersecurity Framework gone missing. Can it be found?

Let’s find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities LLC, and Jake Bernstein, CISSP, CIPP/US, Partner with K&L Gates.

If you need to get up-to-speed with NCSF v2 listen to Episode 141.

Want to know how to make your company a smaller target for cyber-attackers quickly?

By the way…

You can still get our new Udemy course, "Implement v2 of NIST Cybersecurity Framework" at a great price.

Are you ready? Click below and save:

Here's the launch coupon. And it's valid until May 23rd.

Or, navigate to the course on your own and add code NCSF_UPGRADE at checkout.

Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015, after seven years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!

👉 Connect with Kip on LinkedIn

👉 Visit Cyber Risk Opportunities

👉 Download Kip's Book

👉 Don't ever miss the opportunity for cyber resilience! Click subscribe to see our monthly newsletter in your inbox for your competitive business advantage.

Cyber Risk Opportunities LLC

113 Cherry St #92768, Seattle, WA 98104-2205