The Biden Administration declared in 2021 against the abuse of spyware —or spyware— to attack human rights activists, dissidents and journalists: it blacklisted the most notorious manufacturer of hacking tools, the Israeli firm NSO Group .
But the global commercial spyware industry — which allows governments to invade mobile phones and collect data — continues to boom. Even the United States Government uses it.
The DEA is secretly deploying spyware from a different Israeli company, according to five people familiar with the agency’s operations, in the first confirmed use of commercial spyware by the US government.
At the same time, the use of spyware continues to proliferate around the world, with new companies—employing former veterans of Israeli cyberintelligence, some former NSO employees—filling the void caused by the blacklisting. With these new companies, technology once in the hands of a small number of nations is now ubiquitoustransforming the landscape of government espionage.
A company, which sells a hacking tool called Predator and run by a former Israeli general with offices in Greece, is at the center of a political scandal in Athens over the use of spyware against politicians and journalists.
After questions from The New York Times, the Greek government admitted that it granted the company Intellexa licenses to sell Predator to at least one country with a history of repression, Madagascar. The Times also obtained a business proposal from Intellexa to sell its products to Ukraine, which rejected the sales pitch.
Predator was found to have been used in a dozen other countries since 2021, illustrating the continued demand among governments and the lack of strong international efforts to limit the use of such tools.
The most sophisticated spyware tools, like NSO’s Pegasus, have “zero-click” technology; may extract everything remotely and stealthily of a target’s mobile phone, without the user having to click on a malicious link. They can also turn the mobile phone into a secret recording and tracking device. But hack tools without zero-click capabilities, which are considerably cheaper, also have a significant market.
Intelligence services and police forces have used spyware to hack phones used by drug networks and terrorist groups. But it has also been abused by numerous authoritarian regimes and democracies to spy on political opponents and journalists. This has led governments to a sometimes convoluted justification for its use—including an emerging White House position that the justification for using spyware it partly depends on who is using it and against whom.
The Biden Administration is trying to impose some order on global chaos, but the United States has played the role of both arsonist and firefighter. In addition to the DEA’s use of spyware—a tool called Graphite, made by the Israeli firm Paragon—during the Trump Administration the CIA bought Pegasus for the Djiboutian government, which used the spyware for at least a year. And the FBI made an effort in late 2020 and the first half of 2021 to implement Pegasus in its own criminal investigations before abandoning the idea.
In a statement to The Times, the DEA said that “the men and women of the DEA are using every legal investigative tool available to go after foreign-based cartels and individuals operating around the world responsible for the drug poisoning deaths of 107,622 Americans last year.”
Steven Feldstein, an expert at the Carnegie Endowment for International Peace in Washington, has documented the use of spyware in at least 73 countries.
“Sanctions against NSO and its ilk are important,” he said. “But in reality, other providers are coming. And there are no signs that it’s going away.”
For more than a decade, NSO sold Pegasus to spy services and law enforcement agencies around the world. The Israeli government required the company to obtain licenses before exporting its spyware to a particular law enforcement or intelligence agency. This allowed the government to gain diplomatic leverage over countries eager to buy Pegasus, such as Mexico, India, and Saudi Arabia. But the evidence about Pegasus’ abuse grew.
A year ago, the Biden Administration placed NSO and another Israeli company, Candiru, on a US Commerce Department blacklist—barring American companies from doing business with them. In October, the White House warned of the dangers of spyware in its national security strategy outline, which said the Administration would combat the “illegitimate use of technology, including commercial spyware and surveillance technology, and we will oppose the digital authoritarianism.
But the White House is allowing the DEA to continue its use of graphite for its operations against drug cartels.
Meta, the company that owns Facebook, and Citizen Lab at the University of Toronto, a cybersecurity watchdog organization, have detected Predator, the hacking tool created by Intellexa, in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman , Saudi Arabia, Serbia, Colombia, Ivory Coast, Vietnam, the Philippines and Germany.
In Greece, Predator was found to have been used against journalists and Opposition figures. The Greek government has repeatedly described spyware as illegal and said it had nothing to do with it. Despite the allegations, Greece has admitted to backing Intellexa and its spyware by licensing the company to export Predator to Madagascar, whose government has a history of cracking down on dissent.
Alexandros Papaioannou, a spokesman for the Greek foreign ministry, said the ministry’s Inspector General had launched an internal investigation following reports in the local press about Intellexa.
In April, Greek outlet Inside Story reported that Predator had been used to infect the phone of a local investigative reporter. The Citizen Lab at the University of Toronto found the infection forensically. Two Opposition politicians soon confirmed that they too had been targeted, each with forensic evidence to back up the claims.
All three suspect that the Greek state ordered their surveillance and have filed lawsuits.
Conservative Prime Minister Kyriakos Mitsotakis has denied ordering Predator surveillance and maintains that the Greek government does not own the spyware. Intellexa laid off most of its Athens-based staff in August.
In November, Mitsotakis admitted that someone is running covert operations using Predator inside Greece — he just doesn’t know who.
“I have never claimed – and the government has never claimed – that there were no hacks or forces using the Predator software,” he said. “There is illegal spyware all over Europe.”
By: This article was written by Mark Mazzetti, Ronen Bergman and Matina Stevis-Gridneff
BBC-NEWS-SRC: http://www.nytsyn.com/subscribed/stories/6528666, IMPORTING DATE: 2023-01-12 23:00:06
#United #States #fight #spyware