Months after stepping down as CEO of NSO Group, the embattled cyber espionage firm he co-founded, Shalev Hulio has linked up with the former chancellor of Austria, Sebastian Kurz, to establish a cybersecurity startup that will defend critical infrastructure sites like oil, water, and energy facilities from cyber attacks.
The startup, called Dream Security, will also work with government agencies and entities with a first focus on Europe, Israeli business daily Globes first reported on Wednesday. The new company raised an exceptional pre-seed round of $20 million with a group of investors led by Dovi Frances, an Israeli-American venture capitalist and the founder of the investment firm Group 11.
Gil Dolev, founder and former CEO of Wayout Group, an intelligence-gathering company focused on IoT (Internet of Things) devices, will join the new business as a founding team member. Dolev and Hulio’s ties go back years. Dolev is the brother of NSO Group president Shiri Dolev and the Wayout Group was acquired by a Herzliya-based company registered to Shalev, a former NSO executive chairman, and NorthPole Bidco SARL, a financial entity affiliated with NSO.
Additional investors in Dream Security include entrepreneur Adi Shalev, an early investor in NSO, and a number of entrepreneurs from the Israeli cybersecurity sector, according to the Globes report.
Kurz, who quit Austrian politics late last year after being implicated in a corruption scandal, is joining Dream Security as president and VP business development, company spokespersons told both Globes and Bloomberg. Kurz, 35, led the conservative Austrian People’s Party and became chancellor in 2017, becoming a strong supporter of Israel.
According to Globes, Kurz met Hulio earlier this year during a trip to Israel to scout for investment opportunities in local startups. Instead, he was asked to join the new Israeli startup to open doors among European critical infrastructure companies and related government entities.
Kurz told the publication that as Austrian chancellor, he “witnessed many attacks on governments as well as on manufacturing plants and energy installations, most of which were not published in the media. This has far-reaching implications for supply chains as well as regular energy supplies and public services such as water and hospitals.”
Hulio told Bloomberg he was leaving “the intelligence side, offensive side if you want, and move to the defensive side. We saw that the biggest challenge the cyber world is dealing with is critical infrastructure.” He said the new company would focus on European markets “because I currently think that they have the biggest threats right now because of the geopolitical situation.”
Dream Security will become one of several Israeli cybersecurity companies protecting critical infrastructure sites including Softbank-backed Claroty, which raised $400 million last December.
The company is set to open an office in Tel Aviv later this year, according to the report.
A new page
Hulio previously led NSO for several years, overseeing the development and sale of the company’s flagship spyware, Pegasus, considered one of the most powerful cyber-surveillance tools available on the market, giving operators the ability to effectively take full control of a target’s phone, download all data from the device, or activate its camera or microphone without the user knowing.
The software had been used by many countries with poor human rights records to hack the phones of thousands of human rights activists, journalists, and politicians from Saudi Arabia to Mexico, according to in-depth probes into its activities, most recently last year.
The company NSO has been facing a torrent of international criticism over the allegations. The issue became a diplomatic concern with numerous Israeli allies, like France, who demanded answers after reports revealed the software was being used within their countries.
NSO also faces lawsuits from Apple and WhatsApp (owned by Meta/Facebook) accusing the Israeli firm of breaking into their products and violating their terms.
The company has maintained that Pegasus was sold only to foreign governments, after approval by Israel’s Defense Ministry, as a tool for catching criminals and terrorists. It says it has safeguards in place to prevent abuse, but critics say these safeguards do not go far enough, and NSO has acknowledged it cannot control whom its clients monitor.
Last month, European Parliament members investigating the use of surveillance spyware by European Union governments sharply criticized Israel for a lack of transparency in allowing the sale of powerful Israeli spyware to European governments that have used it against critics. Pegasus use and other spyware have been uncovered in Poland, Hungary, Spain, and Greece.
Last year, the US Commerce Department blacklisted NSO, hurting the company by limiting its access to US components and technology. NSO is challenging the designation.
The company has also been hurt by an Israeli decision late last year to tighten its supervision of cyber exports. That decision, made in the wake of criticism that Israel’s oversight of the digital surveillance industry was too lax, has reduced the number of countries that can purchase Israeli cyber software from more than 100 to 37.