U.S. Blacklists Pegasus Spyware Producer

Published: 05 November 2021

Spyware

Apart from NSO Group, Israel’s Candiru, Positive Technologies of Russia, and Computer Security Initiative Consultancy PTE. LTD (COSEINC) of Singapore found themselves on the blacklist, meaning the U.S. will “restrict the export, reexport, and in-country transfer” of all items and technologies deemed a threat to the United States, the Department of Commerce said. (Photo: Tumisu, Pixabay, License)

By Henry Pope

The U.S. blacklisted on Wednesday the Israeli producer of a spyware, which was this summer at the center of a global scandal that unfolded when reporters revealed that the Pegasus software was used for spying on journalists and activists.

By putting NSO Group and three other spyware developers or distributors on its “Entity List,” the U.S. Department of Commerce banned further trade with these companies, saying their activities deemed a threat to U.S. national security and foreign policy interests.

NSO responded by saying that it was “dismayed” by the decision, and argued that its efforts in fact “support U.S. national security interests and policies by preventing terrorism and crime.” The company has thus appealed for its placement on the list to be reversed.

Apart from NSO Group, Israel’s Candiru, Positive Technologies of Russia, and Computer Security Initiative Consultancy PTE. LTD (COSEINC) of Singapore found themselves on the blacklist, meaning the U.S. will “restrict the export, reexport, and in-country transfer” of all items and technologies deemed a threat to the United States, the Department of Commerce said.

Additionally, no license exceptions will be granted for any software deemed a threat.

NSO Group and Candiru were added to the list given recent evidence that they developed and supplied spyware technologies to foreign governments who then used it “to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” according to the U.S. Department of Commerce.

Spyware such as Pegasus has “enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” thereby threatening rules-based international order, the executive department said.

Russia’s Positive Technologies and Singapore’s COSEINC were placed on the list after the U.S. concluded that they used cyber tools “to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide.”

This course of action was taken in order to protect citizens’ digital security, to combat cyber threats, and to mitigate unlawful surveillance, according to the U.S. Department of Commerce.

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” U.S. Secretary of Commerce Gina M. Raimondo commented.

The decision is part of the Biden-Harris Administration’s plan to stop the repressive use of harmful digital tools such as spyware and does not represent a hostile action against the countries the companies are from, according to the U.S. Department of State.