abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb
Article

3 Nov 2021

Author:
Lorenzo Franceschi-Bicchierai, Motherboard

USA: Sanctions could cut off spyware firms NSO, Candiru from tech they relies on

The U.S. government added NSO Group to a federal denylist that prohibits any American company or individual from selling or providing services to the controversial Israeli spyware seller.

... The list also includes another Israeli spyware seller, Candiru; a Singapore-based company that also sells hacking services, Computer Security Initiative Consultancy, better known as COSEINC; and Positive Technologies, a Russian company that had previously been accused and sanctioned by the Biden administration for helping Russian spies.

“NSO Group is dismayed by the decision given that our technologies support US national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed,” an NSO spokesperson told Motherboard in a text message. “We look forward to presenting the full information regarding how we have the world’s most rigorous compliance and human rights programs that are based the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products.”

... The sanctions effectively prohibit any U.S. company, as well as American citizens working in the U.S. from doing any business with NSO, including selling hardware and software. If anyone wants to do business with NSO Group from now on, they will have to apply for a license and get approval from the US government, according to Douglas Jacobson, an expert in sanctions and export law.

According to documents published in the past, as well as news reports, NSO has in the past relied on products and services from several U.S. companies such as Amazon, Dell, Cisco, Intel, and Microsoft in order to deploy its spyware. This means that these sanctions may seriously hobble NSO’s regular operations...

... Jacobson explained that this applies to all kinds of software and hardware, such as licenses for Microsoft’s cloud service Office 365, or server racks made by U.S. companies.

... This sanction does not prevent NSO from selling its spyware to U.S. law enforcement or intelligence agencies, Jacobson said. But it could be the first step that leads to wider sanctions against the company.

... “I very much welcome this news. For years we have been documenting extensive and serial abuses of mercenary spyware sold by companies like NSO Group and Candiru. For years, many people have debated how to mitigate these harms, with little concrete progress. I am and my colleagues have long argued that it must start with serious government regulation. The US Department of Commerce’s designation is a very positive first step to bringing some public accountability and order to this otherwise poorly regulated marketplace,” Ron Deibert, the founder and director of Citizen Lab, a research group housed at the Munk School of Global Affairs & Public Policy, University of Toronto, told Motherboard in an email...

A Dell spokesperson told Motherboard that the company “received notice this morning of the Commerce Department’s new designations to the list.”

“We’re currently evaluating the impact to our business, and will take all actions necessary to ensure the company meets any applicable regulatory requirements,” the spokesperson said in an email.

An Intel spokesperson denied the company was part of the contract between an NSO reseller and the Ghana government. And he also said: “Intel complies with U.S. export restrictions, including the requirements of the Bureau of Industry and Security’s Entity List.”

Cristin Goodwin, the general manager for Microsoft’s Digital Security Unit said in an email that “This rule is a strong step toward addressing the danger these actors pose, and we encourage other countries to adopt similar policies.”

“We’ve taken both legal and technical steps to disrupt these actors in the past, and we will work hard to look for any instances these groups attempt to use our services and comply with the rule,” he added.

Amazon and Cisco did not immediately respond to a request for comment.

Timeline