NSO Spyware Is On US Trade Blacklist

Uploaded on 2021-11-06 in TECHNOLOGY--Hackers, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The US Department of Commerce has recently blacklisted two Israeli phone spyware companies, NSO Group and Candiru, adding them to the list of foreign companies that engage in malicious cyber activities. The ban is the biggest step taken by the US so far  to curb abuses in the global market for spyware, which is for all practical purposes, is unregulated. 

The move by the Commerce Department was driven by NSO’s export around the world of a sophisticated surveillance system known as Pegasus, which can be remotely implanted in smartphones.

NSO Group and the lesser-known Candiru, considered its competitor in the cyber-surveillance market, were accused of providing spyware software to governments that was ultimately turned on journalists and activists.
“These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” US Secretary of Commerce Gina M. Raimondo said in a statement.“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organisations here and abroad.”

Pegasus military-grade spyware developed and sold by Israel's NSO Group has emerged as a formidable cyber weapon, used by some of its more autocratic customers in the Middle East to target a wide range of people, not just criminals and terrorists. Pegasus has reportedly been used by nation states including UAE, Morocco and Saudi Arabia to target the phones of rights activists and journalists.

NSO Group said it was "dismayed" by the decision, adding that its technology helped maintain US national security by "preventing terrorism and crime". It has long maintained that its software is sold only to military, law enforcement and intelligence agencies from countries with good human rights records. "We look forward to presenting the full information regarding how we have the world's most rigorous compliance and human rights programs that are based on the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products," the company said in a statement.

US officials said that NSO Group and another Israeli firm, Candiru, had acted "contrary to the national security or foreign policy interests of the United States".

Positive Technologies of Russia, and Computer Security Initiative Consultancy from Singapore, were also listed and the Department of Commerce said they trafficked in cyber tools used to gain unauthorised access to computer networks.

Details about the alleged use of Pegasus by NSO Group clients to target British citizens came to light in July after journalists working with cyber security campaigners, including Amnesty International, obtained a leaked database of 50,000 phone numbers selected by NSO Group clients. 

The numbers were linked to phones used by politicians, human rights defenders and journalists and forensic analysis of some of the devices found evidence that Pegasus software had been installed on them.

Haaretz:    LiveMint:     BBC:     FT:    Times of Israel:     Middle East Eye:     Middle East Eye:     NYT

You Might Also Read: 

Top Secret Israeli Hackers For Hire:

 

« Wanted: Pipeline Hackers - $10m Reward
Artificial Intelligence & The Technology Effects On Accounting »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

Caretower

Caretower

Caretower is one of Europe’s leading value added managed service provider in cyber security.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Ekran System

Ekran System

Ekran System is an advanced insider threat detection solution for companies of any size.

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Forum of Incident Response & Security Teams (FIRST)

Forum of Incident Response & Security Teams (FIRST)

FIRST is the global Forum of Incident Response and Security Teams.

Cyber Tec Security

Cyber Tec Security

Cyber Tec Security is an IASME Certification Body for Cyber Essentials basic/Plus. We also provide ongoing Managed Security Services.

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

BullWall

BullWall

BullWall is a digital innovator dedicated to fight cybercrime in its many forms. Our overarching purpose is to stop new and unknown strings of ransomware attacks in its tracks.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

LetsData

LetsData

LetsData uses AI to provide governments, intergovernmental organizations, civil society, and businesses with data-empowered decisions on communication in the age of online disinformation.

Issue53

Issue53

We empower organizations to thrive in the digital landscape. Strengthen your defenses, enhance resilience – Choose Issue53 for a secure and future-ready IT environment.

Vorlon

Vorlon

Vorlon's agentless patent-pending solution facilitates risk profiling of apps, and provides AI-driven behavioral analytics with response recommendations.