Multiple news outlets revealed Friday that Apple notified at least 11 U.S. State Department officials that their iPhones were recently hacked by an unknown party or parties with spyware developed by the private Israeli firm NSO Group.\r\n\r\n\u0022A multi-agency investigation is immediately needed.\u0022\r\n\r\nThe \u0022bombshell,\u0022 first reported by Reuters, comes after Apple sued NSO Group last month in an effort to protect iPhone users from its Pegasus spyware, which the Israeli company claims to only sell to government law enforcement and intelligence agencies and was the focus of a major reporting project earlier this year.\r\n\r\nCiting multiple unnamed sources,\u0026nbsp;The Washington Post and Reuters explained that State Department employees based in Uganda or elsewhere in East Africa were targeted over several months, and the intrusions \u0022represent the widest known hacks of U.S. officials through NSO technology.\u0022\r\n\r\nAccording to the Reuters:\r\n\r\n\r\nA senior Biden administration official, speaking on condition he not be identified, said the threat to U.S. personnel abroad was one of the reasons the administration was cracking down on companies such as NSO and pursuing new global discussion about spying limits.\r\n\r\nThe official added that they have seen \u0022systemic abuse\u0022 in multiple countries involving NSO\u0026#039;s Pegasus spyware.\r\n\r\n\r\nThe National Security Council said in a statement reported by the Post that \u0022we have been acutely concerned that commercial spyware like NSO Group\u0026#039;s software poses a serious counterintelligence and security risk to U.S. personnel, which is one of the reasons why the Biden-Harris administration has placed several companies involved in the development and proliferation of these tools on the Department of Commerce\u0026#039;s Entity List.\u0022\r\n\r\nSpokespeople for Apple and the State Department declined to comment to Reuters, though the latter also noted that the Commerce Department recently added NSO Group to the Entity List \u0022based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.\u0022\r\n\r\n\u0022This reporting shows—again—why we need to hold NSO accountable for their actions, and why governments need to support increased security online.\u0022\r\n\r\nWhile officials at the Ugandan Embassy in Washington, D.C. also did not comment, the Israeli Embassy in the U.S. capital gave a statement to Reuters addressing the fact that Israel\u0026#039;s Ministry of Defense approves export licenses for the spyware company.\r\n\r\n\u0022Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes,\u0022 an Israeli spokesperson said. \u0022The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions.\u0022\r\n\r\nAn NSO Group spokesperson told the news agency that the relevant accounts were canceled and if an internal investigation finds that \u0022these actions indeed happened with NSO\u0026#039;s tools,\u0022 the involved customers \u0022will be terminated permanently and legal actions will take place.\u0022 The representative added that the company will \u0022cooperate with any relevant government authority and present the full information we will have.\u0022\r\n\r\nFacebook sued NSO in 2019, claiming the Israeli firm\u0026#039;s spyware was used on its messaging service WhatsApp.\r\n\r\n\u0022We\u0026#039;ve been calling NSO a national security threat for years,\u0022 Will Cathcart, head of WhatsApp, tweeted Friday. \u0022This reporting shows—again—why we need to hold NSO accountable for their actions, and why governments need to support increased security online.\u0022\r\n\r\n\r\n\r\nJohn Scott-Railton, a senior researcher at the Citizen Lab at the University of Toronto, also responded to the revelations on Twitter, saying that NSO Group has been an \u0022in-plain-sight national security threat for years\u0022 and it is \u0022embarrassing that it took a private company to warn them.\u0022\r\n\r\n\u0022Are there victims not notified by Apple?\u0022 he asked. \u0022How about the overseas-posted personnel using Androids? Does [the State Department] know now? A multi-agency investigation is immediately needed.\u0022\r\n\r\nSen. Ron Wyden (D-Ore.) similarly told the Post that \u0022companies that enable their customers to hack U.S. government employees are a threat to America\u0026#039;s national security and should be treated as such by the government.\u0022\r\n\r\n\u0022I want to be sure the State Department and the rest of the federal government has the tools to detect hacks and respond to them quickly,\u0022 added Wyden, a member of the Senate Intelligence Committee. \u0022Federal agencies shouldn\u0026#039;t have to rely on the generosity of private companies to know when their phones and devices are hacked.\u0022\r\n\r\n\r\n\r\nLast month, Apple filed a lawsuit in a California-based U.S. district court accusing NSO Group of violating its terms and conditions as well as state and federal laws. Apple is seeking a permanent injunction to ban the firm from using its devices, services, or software.\r\n\r\nThat suit came after the Pegasus Project—an investigation into NSO\u0026#039;s spyware published in July by more than 80 journalists from 17 media organizations in 10 countries. Coordinated by Forbidden Stories with the technical support of Amnesty International, the project focused on the leak of 50,000 phone numbers of potential surveillance targets, including activists, heads of state, and journalists around the world.\r\n\r\nThe Pegasus Project spurred worldwide calls for an immediate moratorium on the export, sale, transfer, and use of such spyware. Exiled American whistleblower Edward Snowden—whose leaked documents revealed that in 2007, Israel was flagged as a top espionage threat against the U.S. government—went further, saying in July that NSO Group\u0026#039;s industry \u0022should not exist.\u0022\r\n\r\n\r\n\r\nScott-Railton, in his series of tweets Friday, highlighted that some progress is being made, pointing to reporting that the White House plans to announce a new initiative related to the abuse of surveillance technology during President Joe Biden\u0026#039;s democracy summit next week.\r\n\r\nAccording to Bloomberg, an unknown group of countries \u0022with shared concerns about foreign governments and private-sector actors—in China and elsewhere around the world—using digital surveillance and other technologies to enable human rights abuses and target members of ethnic and religious minority groups, journalists, and political dissidents\u0022 will commit to a nonbinding code of conduct.