Microsoft joins Google in legal brief to stop spyware vendors, even from overseas
Both tech giants filed an amicus brief in the case Dada v. NSO Group.
2 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Key notes
- Microsoft and Google are fighting cyber mercenaries in court, seeking legal action and victim support.
- Google also exposed NSO Group’s spyware and ongoing threats from commercial vendors.
- Microsoft has recently been boosting security with new initiative, coming in place starting September.
Microsoft, alongside Google and other industry partners, has filed an amicus brief in the case Dada v. NSO Group to combat the threat posed by cyber mercenaries—private entities that develop and sell offensive cyber tools.
They argue that these actors, like NSO Group, damage global security and privacy and should face legal consequences for their actions. The brief also urges stronger legal backing for victims of cyberattacks to seek action even if the attack happens outside US soil under anti-hacking laws.
“Cyber mercenaries like NSO Group have exploited our technology by attacking our users and we believe that those who have been victimized are entitled to legal recourse even if they are located outside the United States,” Microsoft says.
Google also says that it was the first to reveal details about NSO Group’s Pegasus spyware and found that many exploits targeting its products come from commercial spyware vendors, dated all the way back to 2017.
The Dada v. NSO Group lawsuit alleges that NSO Group illegally used its Pegasus spyware to hack El Faro journalists’ phones, monitor their communications, and steal their data. The case seeks to force NSO Group to identify the clients behind the surveillance and delete the stolen information.
Microsoft has had enough of cybersecurity attacks. A few years back, Russian hackers (APT29) broke into US government agencies through a SolarWinds attack, prompting a White House emergency and FBI involvement.
Then, Chinese hackers (Storm-0558) also exploited a Microsoft cloud flaw to access emails from about 25 organizations, including US government agencies, for a month before being caught.
Something needed to be done, so the Redmond tech giant introduced the Secure Future Initiatives to boost security with automation, faster fixes, improved settings, and stronger default protections like Multi-Factor Authentication (MFA).
The initiative will be in place starting in September this year, and as a part of that, Microsoft’s employees in China will be required to switch from Android to iPhones due to security concerns and compatibility with MFA requirements.
User forum
0 messages