President Biden Forbids Spyware From Government Use

Uploaded on 2023-04-05 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

US President Joe Biden has approved a new Executive Order (EO) that bans government use of any commercial spyware products that have been used by foreign states. 

Foreign governments have deployed commercial spyware against US institutions, personnel, information, and information systems, presenting significant security risks.

This EO comes into force after as at least 50 US government officials are suspected or confirmed to have been targeted by spyware designed to hack mobile phones - far more than previously known.

The misuse of spyware includes surveillance and communications interception on citizens, political dissidents, politicians, activists, and other individuals. The ruling applies to all tools that are used for spying purposes to suppress civil liberties or human rights. 

The EO notably includes commercial spyware tools produced by Israel's NSO Group, which has been identified in several campaigns against human rights activists and dissidents. “Technology is central to the future of our national security, economy, and democracy.  The EO refers to the US fundamental national security and foreign policy interests in: 

  • "Ensuring that technology is developed, deployed, and governed in accordance with universal human rights; the rule of law; and appropriate legal authorisation, safeguards, and oversight, such that it supports, and does not undermine, democracy, civil rights and civil liberties, and public safety."
  • "Mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems,” says the EO.  “To advance these interests, the United States supports the development of an international technology ecosystem that protects the integrity of international standards development; enables and promotes the free flow of data and ideas .."

Governments around the world are known to collect large amounts of data for intelligence and law enforcement purposes, including communications from their own citizens. The proliferation of commercial spyware has made powerful tools newly available to smaller countries, but also created what researchers and human-rights activists warn are opportunities for abuse and repression. 

Commercial spyware of the sort produced by NSO and others is increasingly controversial. NSO and other commercial spyware firms claim their products are only sold to governments for legitimate law enforcement and other purposes, but reports suggest otherwise.

NSO Group is currently being sued by Apple and WhatsApp for deploying its spyware on hundreds of  customers’ devices without their knowledge. The firm has also been blacklisted by the Commerce Department.

WhiteHouse:     CNN:      Infosecurity Magazine:     Oodaloop:    CBS:     PBS:  

You Might Also Read: 

Pegasus Spyware Used To Target British Prime Minister:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Fined £12.7m For Breaching Child Protection Law
The Skills Gap Is Increasing Risk & Exposure To Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Infineon Technologies

Infineon Technologies

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

R3

R3

R3 is an enterprise blockchain software firm working with a broad ecosystem of more than 300 participants across multiple industries to develop blockchain applications.

Elysium Analytics

Elysium Analytics

Elysium Cognitive Security Analytics delivers the latest and most flexible security system to reduce cost and complexity while providing unmatched scalability.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

Custom Computer Specialist (CCS)

Custom Computer Specialist (CCS)

CCS offers an extensive range of services including cybersecurity solutions, consulting, implementation, and support to help our clients maximize the value derived from IT investments.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.

SecondSight

SecondSight

SecondSight’s Vertical AI embodies a full-spectrum approach to cyber insurance, facilitating accurate digital risk profiling.

SafeAeon

SafeAeon

SafeAeon is a leading Cybersecurity-as-a-Service provider, offering 24x7 premium Managed Security Services with AI-powered and Human-driven 24x7 SOC.