Is the US crackdown on spyware companies just beginning? | | Cybersecurity issues
Washington, DC – In a growing number of companies, the Israeli company NSO Group came out this year as the undisputed child of digital spy software landing in the wrong hands.
In July, Pegasus Project – Amnesty International’s alliance with the media alliance – revealed that the NSO programs were sold to authoritarian governments that used to spy on political leaders, journalists, officials and human rights activists, including people close to Saudi journalist Jamal Khashoggi who was killed.
It is unknown at this time what he will do after leaving the post. The NSO denied that its software was used to track down Khashoggi or its internal members and promised to track down its clients. It also said that it would be in line with any government inquiries.
But the controversy surrounding Pegasus spy software for years.
One month before the Pegasus Project bombs, the NSO released a “Transparency and Responsibility Report” which said it had taken “concrete steps” to “reduce and prevent future incidents of misuse” of its spy software.
By November, United States President Joe Biden’s officials had taken action. Unsurprisingly against the Israeli company, the US trade department added the NSO to its list of “corporations” – a blacklisting which hinders access to US programs and services. The Biden government has accused the NSO of being “acting in violation of national security or foreign policy”, according to the trade ministry.
The NSO issued a statement at the time saying it was “disturbed” by the Biden regime’s view that its technologies “support the interests and principles of US security in preventing terrorism and crime”.
But in December, the controversy once again disrupted the NSO. Reuters reported that at least nine employees of the US State Department had been kidnapped using Israeli company spy software, when a group of US lawmakers sent a letter to the US Treasury and State Department urging them to approve the NSO and its top executives under the Global Magnitsky Act.
By mid-month, Bloomberg News reports that the NSO is considering closing its Pegasus section, in reference to people familiar with the matter.
And this week, The Washington Post reports that a new legal investigation from Toronto-CitizenLab found the Pegasus program was used to hack a member of Jamal Khashoggi’s internal party several months before his assassination.
While the NSO continues to make headlines, it is not the only company overseeing programs in Washington.
In November, the Department of Commerce added two foreign intelligence companies to its list, while US lawmakers this month also urged Biden officials to compile a list of United Arab Emirates spy companies DarkMatter, and European companies Nexa Technologies and Trovicor .
But as the new year draws to a close, experts say Biden’s management could do more to address the growing number of spy agencies – everywhere through legitimate sales and black market equipment vendors.
Useful to some degree
Winnona DeSombre is a partner in the Atlantic Council’s Cyber Statecraft Initiative and co-author of a report that obtained 20 years of data from 224 online gaming companies that sell software for gaming consoles, such as Milipol in France, where slick weapons were offered side by side. with guns and tanks.
“It’s easier to write a code than to make a tank,” he told Al Jazeera. “And it ‘s easier to create a program that looks after more people, without getting caught than by creating a missile program.”
DeSombre said the November black registration of the NSO and two other spy companies was very helpful because it made it harder for them to do business.
He also said that most of the weapons exhibitions that many of these companies go to are in Europe, which gives the European Union and the US the opportunity to ban their activities.
But he says accepting the NSO and a few other spy companies and their regulators under the Global Magnitsky Act would only look up.
“Legislators need to look at how they can set boundaries for many businesses like NSOs that are still operating in secret,” he said.
Some experts say that government action alone is not enough to solve the problem of spyware and human rights abuses.
The alleged robbery of Pegasus on nine State Department employees’ phones “indicates that we are all at risk,” said Oona A Hathaway, founder and director of the Center for Global Legal Challenges at Yale Law School.
Hathaway told Al Jazeera that governments could do more to eradicate and prevent the misuse of incoming programs. “In the end, it will take a lot of effort on the part of private and government agencies to address this issue,” he said.
Businesses are struggling to cope with the brutality of spyware. Late November, Apple filed a lawsuit against NSO Group and its parent company “to be responsible for monitoring and monitoring Apple users”, according to the company. Apple also said it wants a ban on NSO Group use of any Apple software, services or tools “to prevent harassment and harm to users”.
In the meantime, the White House is seeking international partners to help curb the proliferation of online monitoring technology. At the opening Conference on Democracy In December, Biden’s management announced a new approach to property management and human rights in the US, Australia, Denmark and Norway.
The states have pledged to work together to reduce the deployment of surveillance equipment and other technologies that governments can use to undermine human rights. Canada, France, the Netherlands, and the United Kingdom have expressed support for the project.
The goal, the White House said, was to bring “together policymakers, experts, and expatriates and human rights practitioners to ensure that the necessary and future expertise works, not in opposition, to democracy”.
It was a step towards what DeSombre says is necessary to address that threat.
“I think a lot has started to happen, but I have never seen anything happen,” he said.
