This summer a coalition of seventeen media organizations published a series of articles indicting the NSO Group, an Israeli cyberespionage company. The consortium of journalists, working in conjunction with civil society organizations like Amnesty International, alleged that thousands of dissidents, human rights workers, and opposition politicians around the world had been targeted by the NSO’s Pegasus spyware. Outrage over what a U.S. White House spokesperson condemned as “extrajudicial surveillance” echoed worldwide. Within Israel’s insular high-tech community, however, few seemed alarmed by the news.
“The whole ethics thing is quite diluted here,” J, an ex-developer at a spyware firm in Tel Aviv, told me over coffee in central Tel Aviv last month. I asked J why he thought few in Israel’s high-tech ecosystem seemed to care about the latest round of criticism leveled at the NSO group. J, who spoke on the condition of anonymity, described it as a cultural issue: most employees at private surveillance firms are “distracted by the conditions: the pay, the vacations, the cool atmosphere and offices.” “It’s not that rare here in Tel Aviv,” he said: “you might be selling software to a company that’s not respecting human rights, but people won’t think too deeply about it because they’re making good money and working in a nice office all day.”
The NSO Group is one of a handful of boutique spyware firms that have arrived on Israel’s high-tech scene in the last decade, marketing spying capabilities once reserved to military superpowers. Most such firms have offices across the globe and are filled with developers and analysts headhunted from the world’s elite intelligence agencies, like the National Security Agency of the United States or Unit 8200 of the Israeli Defense Forces. These firms make millions of dollars selling the ability to breach the privacy of anyone, anywhere in the world, to the highest bidder—whether dictatorial regimes, like Saudi Arabia, or private criminals, like Harvey Weinstein. This summer’s revelations were especially incriminating: investigative reporting found the NSO’s Pegasus software on the phones of some 50,000 unwitting civilians, including journalists and their teenage children, established politicians like Emmanuel Macron, and political dissidents in Bahrain.
While international media, alongside governing bodies like the United Nations, condemned the NSO group for human rights violations, few in Israel’s high-tech ecosystem seemed concerned by the revelations. To many in Israel’s tech community, the NSO is just another high-tech firm putting military-grade espionage to use in an industry where these skills are celebrated. In Tel Aviv, the capabilities of army-trained IT specialists are highly sought after by global tech giants, up-and-coming start-ups, and boutique cyberespionage firms alike. The work done—specialized data analysis, cybersecurity, digital espionage—is more or less the same, transposed from a military to a civilian context. The difference is the impact of this work: critics accuse the cyberespionage industry of facilitating human rights violations around the world at a massive scale by silencing journalists and stifling political dissent.
Like many Israeli cybersecurity firms, the NSO Group was founded by alumni of Unit 8200, the elite intelligence unit responsible for surveillance across Israel and the Palestinian territories. Unit 8200’s operations were shrouded in secrecy for decades until the mid-2000s, when Israel’s private high-tech sectors ascended global markets. It was the dawn of the post–9/11 surveillance state, and Israel’s military establishment was renovating its oft-lauded espionage capabilities to meet the demands of the digital era. Israel’s military poured millions into cybersecurity, its surveillance over the Palestinian territories facilitating experimentation with novel forms of cyberespionage. And in response, Israel produced a workforce of IT experts who could put their army experience to use in a newly booming digital economy.
At the time, Israel was also remaking itself as an innovative “start-up nation,” to borrow the language of Council on Foreign Relations fellow Dan Senor and Jerusalem Post editor Saul Singer. Cybersecurity startups proliferated, the lucky ones quickly bought up for millions by one of the global tech conglomerates opening up branches in Israel. Skyscrapers bloomed across central Tel Aviv, their open floors plans crafted in the image of Silicon Valley: bean bag chairs, beer on tap, and bowls of miniature granola bars. Like the Bay Area, Tel Aviv now attracted high-tech workers who were young, highly educated, and mostly men. But unlike the Bay Area, most of the high-tech workforce came straight from the Israeli Defense Forces. Few could turn down the opportunity to make millions putting espionage firms learned in the army to use in a now booming private sector.
Shoshana Zuboff describes this era as the dawn of “surveillance capitalism.” It was a time when global technology giants garnered economic and social power by expropriating users’ data for advertising and their own analytics and programming. Sometimes tech corporations shared this data with governments, which outsourced certain elements of state surveillance to companies like Google. Over the past few decades, the line between corporate and state surveillance has become almost indiscernible: tech platforms produce unregulated databases of user behaviors that governments regularly mine for national security purposes. In this way, certain programmers at Google are doing the same kind of work as a programmer at a cyberespionage firm: tracking users and sharing their data with the highest bidder.
The overlaps between state surveillance and the digital economy explain why many countries feature a rapidly revolving door between military and high-tech sectors. In places like the United States, internal dissent to such collusions is growing, at least nominally. In Israel, though, veterans of the IDF combat or technical units make up 60 percent of the high-tech workforce. These units provide a distinct culture that permeates Israeli high-tech sectors, a set of shared values, references, and practices that weave through a particular milieu. In the parlance of Israeli politicians and military generals now sitting on the boards of lucrative tech firms, this culture is defined by an ethos of “risk-taking” and “a positive, some would say blind belief, that things will be all right,” as business executive and Unit 8200 alum Inbal Arieli puts it in her book Chutzpah: Why Israel Is a Hub of Innovation and Entrepreneurship (2019). This culture cultivates highly skilled and motivated engineers and developers trained to put in long hours, solve complex problems efficiently, and lead large teams to carry out sensitive tasks.
Today, this culture also prevents many from grappling with the moral implications of their work. Veterans from intelligence units are eager to obtain six-figure starting salaries, putting offensive cybersecurity skills learned in the army to use in the private sector. They are less eager to question the ethical ramifications of outsourcing military intelligence capabilities to the highest bidder. “It’s not really expected that we think about the ethics of this work, we’re certainly not used to it,” G, a veteran of 8200 turned cybersecurity CEO, confided to me during an interview in Tel Aviv in early September. “Many veterans are well educated, can even be against the occupation, but still go sell their skills to repressive regimes operating in the Congo or whatever.” People continue to work for firms like the NSO, G says, because “they’ve landed an NFL–style salary at the age of twenty-two.”
Intelligence veterans are also unaccustomed to parsing the messy ethics of cyberespionage. Service in an intelligence unit is largely seen as removed from the moral quandaries of combat service; the technical skills are apprehended as more politically neutral than another kind of military labor. Indeed, many intelligence officers come from affluent and liberal sectors of Israeli society, striving to serve in intelligence in order to avoid doing things like raiding Palestinian homes in the West Bank. According to M, a veteran of 8200 I spoke with over coffee in Jerusalem, intelligence units feel “more like a professional organization, like a start-up, than the military.” Soldiers enjoy a clean, well-furnished base with ample benefits: weekly screenings of Game of Thrones, private courses with leaders of the for-profit industry, regular networking opportunities in Tel Aviv’s skyscrapers. All these benefits, as M put it, “make it easier for people feel like ‘I don’t serve the occupation I just write code for people who serve the occupation’.”
Hiring networks also prime young veterans to view a career in cyberespionage as no different from a career in another high-tech sector. Those who served in Unit 8200, for example, network through an “Alumni” Facebook page. One person I interviewed allowed me to scroll through the site. Advertisements to join boutique surveillance firms come sandwiched between calls for developers to help launch innovative dating apps and financial management start-ups. Both genres of listing are usually accompanied by images of smiling twenty-somethings wearing matching company shirts in rooms full of modular furniture. A “digital identity solutions organization” needs a “research analyst” who is “fluent in English/Arabic” and “possesses deep knowledge of radical Islam.” A bit further down, a spyware firm under investigation for human rights abuses beckons graduates who desire “exotic locations” with salaries that will make you “rub your eyes.” Below that, a mobile game application calls for “creative-minded coders” to join a company with a “great culture and unbelievable benefits.”
Listings for work in cyberespionage are posted so regularly that they appear banal, advertising a model of hip, high-tech affluence that is desirable yet unexceptional. And there isn’t much difference, really, between the lifestyle offered by cyberespionage firms and less sinister high-tech sectors. In Tel Aviv, privatized surveillance firms sit in the same office buildings hosting dating apps, gaming platforms, and biomedical imaging devices. Developers from Microsoft or WAZE go out to drinks with those from Black Cube or NSO. Together they discuss professional pressures, workplace drama, and strategic career moves. They spend their days amassing data on individual users or pinpointing compromises in an operating system to produce a better product for their client. The difference, of course, is the product.
When cyberespionage is normalized as any other high-tech service, even those who want to stay away from the industry find themselves caught up in privatized surveillance. Over drinks at a sidewalk bar in Jerusalem in late September, S, an ex-intelligence analyst, recounted how she joined what was pitched a fintech start-up straight out the army. It was late 2019 and, amidst revelations of Israeli spyware being used by regimes like Saudi Arabia, she was excited to work in a less shady high-tech sector. S joined the firm hoping she would spend her days researching global financial markets. Instead she found herself carrying out research for Israeli weapons conglomerates and editing dossiers on pro-BDS activists. “The surveillance stuff was inescapable,” she emphasized, “but sandwiched in between really normal research on global investment trends. If you wanted to, it was easy to ignore how one task differed from the other.”
Most intelligence veterans familiar with Israel’s cyberespionage industry I have talked to find it unlikely that the culture of Israel’s insular high-tech scene will change anytime soon, especially as international outrage over the NSO Group fades in the media. “The bad companies aren’t going to stop recruiting Israeli talent,” J, the ex-developer, assured me, “and most people I know will keep being drawn to the work because the financial incentive just gets better and better. At this point, the criticism is kind of like background noise.”
The cycle of scandals that plague the NSO Group thus arguably speaks less to one firm’s questionable ethics and more to a fundamental rot in the culture of the digital economy writ large, especially in Israel but also around the world. Viewed in this context, scandals like this are, in a sense, inevitable. Those staffing and managing Israel’s high-tech firms come straight from army intelligence units; veterans have no trouble transferring the surveillance skills carried out in the name of national security to largely unregulated private sectors that have also been surveilling masses without their consent. Change may be coming in the coalitions of journalists, civil society organizations, and politicians demanding that the private surveillance industry comply with international human rights standards. But to truly rein in the industry, we need to ensure cyberespionage stops being perceived as just another office job.
Independent and nonprofit, Boston Review relies on reader funding. To support work like this, please donate here.