Malicious activities: US blacklists Israel’s NSO Group and Candiru spyware firms

Commerce Department says Israeli companies suspected of link to ‘activities contrary to the national security or foreign policy interests of the United States’

A logo on a branch of the Israeli NSO Group company, near the southern Israeli town of Sapir, on August 24, 2021. (AP/Sebastian Scheiner)
A logo on a branch of the Israeli NSO Group company, near the southern Israeli town of Sapir, on August 24, 2021. (AP/Sebastian Scheiner)

The US Department of Commerce on Wednesday blacklisted two Israeli phone spyware companies, NSO Group and Candiru, adding them to the list of foreign companies that engage in malicious cyber activities.

NSO Group and the lesser-known Candiru, considered its competitor in the cyber-surveillance market, were accused of providing spyware software to governments that was ultimately turned on journalists and activists.

The Israeli companies “were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” according to a Commerce Department statement.

In a subsequent statement, the US State Department clarified that the Biden administration would not be “taking action against countries or governments where these entities are located.”

The decision came several months after a group of Democratic lawmakers called on Biden to take a series of punitive measures against NSO Group in light of reports in June that the firm had leased military-grade spyware to authoritarian regimes. Among the steps proposed was adding the Israeli firm to the Entity List.

The Commerce Department also added two other companies, in Russia and Singapore, to the Entity List for selling cyber products that were allegedly misused.

“These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” US Secretary of Commerce Gina M. Raimondo said in a statement. “Such practices threaten the rules-based international order.”

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad.”

In this photo from September 28, 2021, US Commerce Secretary Gina Raimondo speaks at The Economic Club of Washington. (AP Photo/Alex Brandon)

Entities included on the Commerce Department’s list face licensing requirements, restricting their access to US technology. American citizens and companies are not barred from buying the services and goods of entities included on the list, however.

The list is made of entities “reasonably believed to be involved, have been involved, or pose a significant risk of being or becoming involved, in activities contrary to the national security or foreign policy interests of the United States.”

While there was no immediate response from Candiru to the announcement, NSO group said in a statement that it “is dismayed by the decision given that our technologies support US national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed.”

“We look forward to presenting the full information regarding how we have the world’s most rigorous compliance and human rights programs that are based the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products,” the group added.

There was no immediate response from Candiru to the Commerce Department’s announcement.

According to Hebrew media reports, the Biden administration only notified Israel of the move an hour before the announcement.

NSO developed Pegasus, a tool that can switch on a phone’s camera or microphone and harvest its data. There have been repeated allegations that the software is being used to abuse human rights.

The company was at the center of a storm in July after a list of about 50,000 potential surveillance targets worldwide was leaked to the media.

NSO has been accused of selling the spyware to the governments of Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates, which used it to hack into the phones of dissidents, journalists, and human rights activists.

NSO has insisted that its software was intended for use only in fighting terrorism and other crimes, and the reported targeting list was not related to the company.

In July, Microsoft blocked tools developed by Candiru that were allegedly used to spy on more than 100 people around the world, including politicians, human rights activists, journalists, academics and political dissidents.

AFP contributed to this report.

read more:
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed