US Cracks Down on Spyware with Visa Restrictions

Written by

The US will impose visa restrictions on individuals involved in the misuse of commercial spyware.

Anthony Blinken, the US Secretary of State, announced the decision on February 5, insisting in a public statement that the misuse of commercial spyware has been linked to “arbitrary detentions, forced disappearances and extrajudicial killings in the most egregious of cases.”

This move could affect some US allies, including Israel, India, and Jordan, all of which have been involved in selling or buying spyware.

This new policy reinforces US President Joe Biden’s stance on curbing the spyware industry.

In 2021, the Biden administration placed Israeli-based NSO Group, developer of the infamous Pegasus spyware, on a commerce department blacklist and issued an executive order prohibiting the US government’s own use of commercial spyware.

Read more: NSO Group's Recent Difficulties Could Shape the Future of the Spyware Industry

Media reports suggest that the controversial Israeli company is plotting a come-back by lobbying US and European politicians to promote its tool’s usefulness in Israel’s fight against Hamas.

On February 1, a joint forensic investigation by NGO Access Now, the University of Toronto’s Citizen Lab and local partners, revealed that at least 35 individuals in Jordan have been targeted with Israeli firm NSO Group’s Pegasus spyware.

Google Provides Technical Deep Dive Into the Spyware Landscape

In a new report published on February 6, Google’s Threat Analysis Group (TAG) provided a comprehensive overview of the commercial spyware vendor landscape.

It also analyzed some of the techniques used by these tools, including compromising Google products.

Its findings include:

  • There are dozens of smaller spyware vendors that have been overlooked or did not get the media coverage that the likes of NSO Group or Intellexa did
  • Other essential parts of the spyware exploitation supply chain also get overlooked, although they play significant roles in the development of spyware
  • The private sector is now responsible for a significant portion of the most sophisticated spyware tools, with 35 out of 72 zero-days found as actively exploited in the wild by Google TAG since 2014 coming from commercial vendors

This latter trend is likely growing, with 20 out of 25 zero-days discovered by Google attributed to the private sector in the year 2023 alone.

Google also found that the private sector is behind half of known zero-day exploits targeting Google products and Android ecosystem devices. Of the 72 known in-the-wild zero-day exploits affecting Google products.

“This is a lower bounds estimate, as it reflects only known zero-day exploits where we have high confidence in attribution. The actual number of zero-days developed by CSVs is almost certainly higher, including zero-days targeting Google products,” Google TAG wrote.

“We hope this report will serve as a call to action. As long as there is a demand from governments to buy commercial surveillance technology, commercial spyware vendors will continue to develop and sell spyware. We believe it is time for government, industry and civil society to come together to change the incentive structure which has allowed these technologies to spread so widely.”

What’s hot on Infosecurity Magazine?