NSO Group Blacklisted by US for Trade in Spyware

Written by

A notorious Israeli spyware company has been added to a US export blacklist designed to prevent it from buying components from American companies.

NSO Group develops malware which it insists is used only for legitimate purposes by law enforcement agencies and governments. 

However, it was taken to court by WhatsApp in 2019 after the Facebook company claimed it was responsible for attacks on 1400 of its users which involved the company’s Pegasus spyware.

There have also been reports that the zero-click malware was used to hack Amazon boss Jeff Bezos’s phone.

In its ruling, the US Commerce Department said NSO Group and fellow Israeli spyware-maker Candiru were added to the Entity List because the governments it sold to used the tools to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

Earlier this year, investigative journalists revealed that reporters and activists worldwide had been targeted with Pegasus by repressive governments. Even French President Emmanuel Macron and his cabinet were reportedly selected as targets.

“These tools have enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” the Commerce Department notice continued.

“Such practices threaten the rules-based international order.”

Today, two other companies were also added to the Entity List: Russian firm Positive Technologies and Singapore-based Computer Security Initiative Consultancy PTE. Both were judged to trade in hacking tools that threaten the privacy and security of individuals and organizations worldwide.

The announcements can be seen as part of the Biden administration’s efforts to put human rights at the center of US foreign policy.

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” said commerce secretary, Gina Raimondo.

What’s hot on Infosecurity Magazine?