News

WHEN LAWFUL INTERCEPT ISN’T LAWFUL — Bidens executive order limits governments use of commercial spyware Move comes as “clickless exploits” targets journalists and others accused of no crimes.

Dan Goodin – Mar 27, 2023 9:31 pm UTC EnlargeGetty Images reader comments 34 with Share this story Share on Facebook Share on Twitter Share on Reddit

President Joe Biden on Monday signed an executive order barring many uses by the federal government of commercial spyware, which has been increasingly used by other countries in recent years to surveil dissidents, journalists, and politicians.

The signing of the executive order came as administration officials told journalists that roughly 50 US government personnel in at least 10 countries had been infected or targeted by such spyware, a larger number than previously known. The officials didnt elaborate.

Further ReadingClickless exploits from Israeli firm hacked activists fully updated iPhonesCommercial spyware is sold by a host of companies, with the best known being NSO Group of Israel. The company sells a hacking tool known as Pegasus that can surreptitiously compromise both iPhones and Android devices using clickless exploits, meaning they require no user interaction. By sending a text or ringing the device, Pegasus can install spying software that steals contacts, messages, geo locations, and more, even when the text or call isnt answered. Other companies selling commercial spyware include Cytrox, Candiru, and Paragon.

Further ReadingiPhones of US diplomats hacked using 0-click exploits from embattled NSOWhile NSO describes Pegasus as a lawful intercept tool thats sold only to legitimate law-enforcement agencies to investigate crime and terrorism. Mexico, India, Saudi Arabia, the United Arab Emerates, Morocco, and other countries have been caught deploying it against political dissidents, journalists, and other citizens that aren’t accused of any crimes. In November 2021, the Biden administration restricted the export, re-export, and in-country transfer of products from NSO and three other companies in Israel, Russia, and Singapore.

Mondays executive order goes further by barring federal agencies, including those engaged in law enforcement, defense, or intelligence activities, from operationally using commercial spyware. Advertisement

The proliferation of commercial spyware poses distinct and growing counterintelligence and security risks to the United States, including to the safety and security of US Government personnel and their families, a fact sheet published by the White House said. US Government personnel overseas have been targeted by commercial spyware, and untrustworthy commercial vendors and tools can present significant risks to the security and integrity of US Government information and information systems.

White House officials arent naming the specific spyware thats barred, but using the term commercial spyware strongly implies it includes tools sold by NSO, Cytrox, Candiru, and others. Criteria for tools falling under the order include if: theyre abused by a foreign government in an attempt to access the device of a US citizen a foreign actor deploys them against activists or dissidents in an attempt to intimidate or curb dissent or opposition or squelch expressions of free speech they’re supplied to governments for which there are credible reports that they engage in systematic acts of political repression.

The officials declined to say if US law enforcement and intelligence agencies currently use commercial spyware. Last year, the FBI confirmed a New York Times report that the bureau had bought NSO Groups Pegasus tool for product testing and evaluation but said they werent used for operational purposes or to support any investigation. The US Drug Enforcement Agency, the NYT has also reported, deployed a surveillance tool called Graphite for use in counternarcotics operations. reader comments 34 with Share this story Share on Facebook Share on Twitter Share on Reddit Dan Goodin Dan is the Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications. Find him on Mastodon at: https://infosec.exchange/@dangoodin Email dan.goodin@arstechnica.com Advertisement Channel Ars Technica ← Previous story Next story → Related Stories Today on Ars

Articles You May Like

Trumps Treasury nominee turns tables on Sanders in testy exchange on oligarchy
Biden makes decision on whether to enforce TikTok ban just days before Trump returns to White House
Trump’s win sends small business optimism soaring to 6-year high ahead of inauguration
Musk says entertainment is guaranteed after rocket debris streaks across sky
Popular frozen meal recalled for metal contamination: ‘Discard it immediately’