US says NSO Group & Pegasus hacking tool are national security risks

Posted:
in iOS edited November 2021
The NSO Group, developer of iPhone hacking tool Pegasus, has been added to the U.S. Department of Commerce's Entity List, banning imports as a national security issue.

NSO Group
NSO Group


Four foreign companies have been added to the Entity List by the Commerce Department's Bureau of Industry and Security (BIS). NSO Group, Israel's Candiru, Russia's Positive Technologies and Singapore's Computer Security Initiative Consultancy PTE are all listed for engaging in activities contrary to the national security.

"The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad," said US Secretary of Commerce Gina M. Raimondo in a statement.

The Commerce Department statement says that NSO Group and Candiru have been listed specifically because of evidence that they developed and supplied spyware to foreign governments. These governments then used the tools to target officials, activists, journalists, and more.

Positive Technologies and Computer Security Initiative Consultancy PTE were found to "traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide."

Being placed on the Entity List means that there are now restrictions on the "export, reexport, and in-country transfer of times" subject to the listing.

The Commerce Department says that this action is aimed at "improving citizens' digital security." It's described as part of the Biden-Harris Administration's efforts to "put human rights at the center of US foreign policy."

Previously, the NSO Group's CEO Shalev Hulio has said that the company cannot be held responsible for how its tools are used. Hulio said that private citizens should not be concerned, because the tool was used to target criminals.

However, its Pegasus tool has been shown to have been used to spy on human rights activists, and journalists. It has targeted critics of governments, rather than solely criminals

Read on AppleInsider

Comments

  • Reply 1 of 9
    rob53rob53 Posts: 3,057member
    Does this mean the NSA, CIA, FBI and all the other entities will have to stop using their copies? I would like to know how many copies of these systems have been sold to the US government as well as state and local police forces.
    longpathwilliamlondonOferviclauyycdarkvaderwatto_cobrabyronl
  • Reply 2 of 9
    riverkoriverko Posts: 161member
    rob53 said:
    Does this mean the NSA, CIA, FBI and all the other entities will have to stop using their copies? I would like to know how many copies of these systems have been sold to the US government as well as state and local police forces.
    Or we may read it - we already bought it, no one else should buy it
    longpathcommand_fwilliamlondonviclauyycwatto_cobrabyronl
  • Reply 3 of 9
    Never grant the state any power you would not entrust to your worst enemy. This isn’t a hard concept.
    rob53Oferviclauyycdarkvaderwatto_cobrabyronl
  • Reply 4 of 9
    I don't see the logic here. Since these are foreign entities, doesn't that leave the tools and capabilities available to everyone except the US?

    As a foreigner, I would think the US would want, eg, NSA, to have access even if only to develop counter-measures (and the 'I don't trust NSA argument' doesn't work here because, if they're not trustworthy, they'll acquire the tools anyway).
    williamlondonwatto_cobra
  • Reply 5 of 9
    longpath said:
    Never grant the state any power you would not entrust to your worst enemy. This isn’t a hard concept.
    But your worst enemy already has it...
    williamlondonwatto_cobra
  • Reply 6 of 9
    rob53 said:
    Does this mean the NSA, CIA, FBI and all the other entities will have to stop using their copies? I would like to know how many copies of these systems have been sold to the US government as well as state and local police forces.
    Of course not.  Those restrictions don't apply to the ruling elite's enforcers, only to those treacherous citizens who don't know what's good for them.

    /s 
    viclauyycrob53
  • Reply 7 of 9
    rob53 said:
    Does this mean the NSA, CIA, FBI and all the other entities will have to stop using their copies? I would like to know how many copies of these systems have been sold to the US government as well as state and local police forces.
    No -  This in my view is standard tactics. It means that the government publicly repudiate these entities and disavow the use of these tools to all entities outside the government, but within government its business as usual - including the use of such tools. This is all about control, and outlawing the use of such tools by private citizens/enterprise with the exception of government. The efforts will now continue, but covertly - all while the public at large believe the narrative. This is really a subterfuge tactic.
    byronl
  • Reply 8 of 9
    command_f said:
    As a foreigner, I would think the US would want, eg, NSA, to have access even if only to develop counter-measures (and the 'I don't trust NSA argument' doesn't work here because, if they're not trustworthy, they'll acquire the tools anyway).
    I am pretty sure NSA has more advanced tool in their hands. Given how powerful and resourceful NSA is, they might even have Pegasus source code.
    byronl
  • Reply 9 of 9
    rob53rob53 Posts: 3,057member
    viclauyyc said:
    command_f said:
    As a foreigner, I would think the US would want, eg, NSA, to have access even if only to develop counter-measures (and the 'I don't trust NSA argument' doesn't work here because, if they're not trustworthy, they'll acquire the tools anyway).
    I am pretty sure NSA has more advanced tool in their hands. Given how powerful and resourceful NSA is, they might even have Pegasus source code.
    Might be watching too many movies. NSA is like every other government agency, employees aren't paid as much as hacking companies. NSA could very well have extremely powerful hacking tools but these would have been discovered by whistleblowers. I don't think many US citizens trust the NSA and I would think many "foreigners" think the same way about their own government's secret organizations. 
    darkvaderbyronl
Sign In or Register to comment.