Middle East

Israeli spyware firm NSO added to US trade blacklist

An Israeli spyware company has been added to the United States trade blacklist. The NSO Group has created software traced to the phones of government officials, journalists and human rights activists around the world.

The US has added NSO Group, the Israeli military spyware company that created software traced to the phones of journalists and human rights activists around the world, to a trade blacklist as it targets the growing surveillance threat posed by hacking-for-hire companies.

NSO and a competitor, Tel Aviv-based Candiru, were among four companies added by the commerce department on Wednesday to its so-called entity list, which would restrict exports of US hardware and software to the companies.

Groups like NSO use developer versions of popular operating software to develop “zero-click exploits”, which do not require the user to open a malicious link to deploy, according to a person familiar with their practices.

NSO said in a statement it was “dismayed by the decision, given that our technologies support US national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed”.

“We look forward to presenting the full information regarding how we have the world’s most rigorous compliance and human rights programmes that are based [on] the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products,” it added.

Being blacklisted from US exports might effectively mean they “are finished”, stated Eitay Mack, an Israeli human rights lawyer who has campaigned for years to get NSO’s export license revoked by the Israeli government, with little success.

“NSO has tried for years tried to be on the ‘good side’, to try to claim that its activities are above reproach,” noted John Scott-Railton, at the University of Toronto’s Citizen Lab, which advocates on behalf of journalists and dissidents.

“This designation by the commerce department gives us the strongest indication of the US view of the NSO Group, which suggests they take a dim view . . . and see the company’s activities as potentially contrary to the national security of the US,” he added.

The US commerce department said the designation of the two companies was “based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics and embassy workers”.

“These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent. Such practices threaten the rules-based international order,” the department added.

In the past NSO has allegedly rented server space from companies such as Amazon Web Services and used it to surreptitiously break into phones and computers, Facebook has announced in a lawsuit filed against the company in the US. Amazon reportedly shut down that access in July, after an Amnesty International report detailed the alleged use of other Amazon services to deliver hacks.

The lawsuit from WhatsApp’s owner, Facebook, alleges that NSO Group exploited a vulnerability in the world’s most popular messaging service to deliver its spyware. NSO has asked for the suit to be dismissed.

While it is unclear what effect this move will have on the technical capabilities of NSO, Candiru and the two other companies blacklisted on Wednesday, the commerce department’s decision supports findings by the University of Toronto’s Citizen Lab and Amnesty International that their tools are regularly abused by repressive regimes.

Danna Ingleton, deputy director of Amnesty Tech at Amnesty International, stated in a statement that in addition to sending a “strong message” to NSO, the commerce department’s move also represented “a day of reckoning for NSO Group’s investors”.

NSO, the largest of the known Israeli largest cyber warfare companies, has said repeatedly that it sells its weapon only to nations in order to fight terrorism and serious crime, and with the approval of the Israeli government.

Candiru could not be reached for comment.

Both companies are part of a growing Israeli cyber industry that often recruits veterans of the army’s elite units and sells software that enables clients to hack computers and mobile phones remotely.

NSO’s licensed military-grade software, Pegasus, was last year revealed to have been used to target smartphones belonging to 37 journalists, human rights activists and other prominent figures.

French media reported that it had been used by Morocco to spy on senior French officials, including the personal mobile phone of President Emmanuel Macron.

Those revelations caused a diplomatic spat between Israel and France, which has demanded that Israel rein in NSO Group’s sales, according to two people briefed on the talks.

According to research by Microsoft and the University of Toronto’s Citizen Lab, Candiru exploited vulnerabilities in Microsoft and Google products, enabling governments to hack the laptops of more than 100 journalists, activists and political dissidents globally.

The commerce department also added a Russian company, Positive Technologies, and Singapore-based Computer Security Initiative Consultancy to its list, alleging that they “traffic in cyber tools” used to gain unauthorised access to computer systems.

Neither company immediately returned a request for comment. Gina Raimondo, commerce secretary, said the US was “committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cyber security of members of civil society, dissidents, government officials, and organisations here and abroad”.

Kevin Wolf, a partner at law firm Akin Gump and a former senior commerce official, noted US companies often “choose to avoid doing business with listed entities completely in order to eliminate the risk of an inadvertent violation and the costs of conducting complex legal analyses”.

IFP Media Wire

Reports and views published in the Media Wire section have been retrieved from other news agencies and websites, and do not necessarily reflect the opinion of the Iran Front Page (IFP) news website. The IFP may change the headlines of the reports in a bid to make them compatible with its own style of covering Iran News, and does not make any changes to the content. The source and URL of all reports and news stories are mentioned at the bottom of each article.

Recent Posts

Taliban says hit ‘several points’ in Pakistan in retaliation for deadly attacks

Taliban fighters have targeted “several points” in neighbouring Pakistan, Afghanistan’s Ministry of Defense has announced,…

2 hours ago

Syrian new rulers says cracking down on ‘remnants’ of former gov’t

Syria’s new administration is carrying out a security crackdown against what it describes as “remnants”…

3 hours ago

Leopard, cub spotted in Gilan’s Hyrcanian forests

A leopard and its cub have been sighted in the Ashkourat Rudsar no-hunting area, in…

14 hours ago

Ukraine running out of ATACMS missiles: NYT

Kiev's stockpiles of Washington-supplied long-range Army Tactical Missile Systems (ATACMS) are running low, the New…

19 hours ago

Ukrainian forces admit low morale: WaPo

Ukrainian troops are exhausted from three years of war and increasingly want to see a…

19 hours ago

Iran, China FMs underline preserving Syria’s territorial integrity

The foreign ministers of Iran and China emphasized the necessity of preserving Syria's national unity…

19 hours ago