abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb

這頁面沒有繁體中文版本,現以English顯示

文章

2023年4月2日

作者:
Mark Mazzetti and Ronen Bergman, The New York Times

US government may already be violating its own executive order

"A Front Company and a Fake Identity: How the U.S. Came to Use Spyware It Was Trying to Kill" 2 April 2023

The secret contract — which The New York Times is disclosing for the first time — violates the Biden administration’s public policy, and still appears to be active. The contract, reviewed by The Times, stated that the “United States government” would be the ultimate user of the [NSO group] tool, although it is unclear which government agency authorized the deal and might be using the spyware. It specifically allowed the government to test, evaluate, and even deploy the spyware against targets of its choice in Mexico...

...Even as the Biden administration has showcased its efforts to drive NSO out of business, it was clear even before the revelation of the latest contract that some agencies have been drawn to the power of these cyberweapons...

...A subsequent Times investigation has found:

  • The secret November 2021 contract used the same American company — designated as “Cleopatra Holdings” but actually a small New Jersey-based government contractor called Riva Networks — that the F.B.I. used two years earlier to purchase Pegasus. Riva’s chief executive used a fake name in signing the 2021 contract and at least one contract Riva executed on behalf of the F.B.I.
  • The 2021 contract was for the same NSO geolocation tool once used by an adviser to Saudi Arabia’s Crown Prince Mohammed bin Salman as part of a brutal campaign against perceived threats to the kingdom.
  • The deal unfolded as the European private equity fund [Novalpina Capital] that owns NSO pursued a plan to get U.S. government business by establishing a holding company, Gideon Cyber Systems. The private equity fund’s ultimate goal was to find an American buyer for the company.
  • A potential deal last year with L3Harris, the American defense giant, to buy NSO’s hacking tools and take on the bulk of its work force was far more advanced than previously known. Despite NSO being on the Commerce Department blacklist, L3Harris executives had discussions with Commerce Department officials about the potential deal, according to internal department records, and there was a draft agreement in place to finalize it before the White House publicly objected and L3Harris dropped its plans.

...On Nov. 3, 2021, the Biden administration publicly announced its decision to put NSO on the Commerce Department blacklist, in effect trying to put it out of business and putting the United States on record as seeking to rein in the proliferation of commercial spyware.

Days later came a well-disguised step in the other direction: Gideon, the U.S. affiliate of NSO, entered into the contract with “Cleopatra Holdings” — Riva Networks — specifying that the U.S. government would get access to NSO’s premier geolocation tool, what the company calls Landmark.

Landmark turns phones into a kind of homing beacon that allows government operatives to track their targets. In 2017, a senior adviser to Saudi Arabia’s crown prince, the same person accused of orchestrating the killing of Mr. Khashoggi, used Landmark to track Saudi dissidents...

...Under this contract, according to two people, there have been thousands of queries in at least one country, Mexico. The contract also allows for Landmark to be used against mobile numbers in the United States, although there is no evidence that has happened...

...Four people familiar with the situation said L3Harris received cautious indications of support for pursuing an acquisition from officials inside several American and law enforcement agencies. L3 Harris did not respond to messages seeking comment...

...Cleopatra Holdings still makes monthly payments to Gideon Cyber Solutions for continued access to Landmark.

時間線

隱私資訊

本網站使用 cookie 和其他網絡存儲技術。您可以在下方設置您的隱私選項。您所作的更改將立即生效。

有關我們使用網絡儲存技術的更多資訊,請參閱我們的 數據使用和 Cookie 政策

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

分析cookie

ON
OFF

您瀏覽本網頁時我們將以Google Analytics收集信息。接受此cookie將有助我們理解您的瀏覽資訊,並協助我們改善呈現資訊的方法。所有分析資訊都以匿名方式收集,我們並不能用相關資訊得到您的個人信息。谷歌在所有主要瀏覽器中都提供退出Google Analytics的添加應用程式。

市場營銷cookies

ON
OFF

我們從第三方網站獲得企業責任資訊,當中包括社交媒體和搜尋引擎。這些cookie協助我們理解相關瀏覽數據。

您在此網站上的隱私選項

本網站使用 cookie 和其他網絡儲存技術來增強您在必要核心功能之外的體驗。