Late last week, Israel's state attorney's office indicted a former employee of cybersecurity company NSO Group for reportedly stealing source code tied to a software product that's sold as a surveillance tool for government clients.
The NSO ex-employee, who hasn't been identified because of privacy laws in Israel, tried to sell the stolen code to competitors for $50 million in cryptocurrency, but a prospective buyer alerted the company, the indictment said.
CNBC has learned from people familiar with the matter that NSO previously became aware of a possible theft via an internal data loss prevention system. Authorities received the code to NSO's Pegasus software before it could be sold, said the people, who asked not to be named because the investigation is ongoing.
NSO, which has connections to the Israeli military, is best known for its proprietary software that can be used to break encryption on smartphones. The incident illustrates how difficult it can be, even for companies that specialize in security, to adequately deal with employees who become insider threats.