U.S. Blacklists Israel's NSO Group, Maker of Pegasus Spyware

03 Nov 2021, 10:52 PM IST

(Bloomberg) -- The U.S. added two Israeli firms including NSO Group, as well as companies based in Russia and Singapore, to a list of entities banned from receiving exports from American companies, citing their roles in developing and supplying spyware and hacking tools.

Israel’s NSO -- the maker of Pegasus spyware -- and Candiru were added to the so-called entity list based on evidence that they developed and supplied spyware to foreign governments, the Commerce Department said in a statement on Wednesday. The governments then used the tools to maliciously target government officials, journalists, businesspeople, activists, academics and embassy workers, Commerce said.

“NSO Group is dismayed by the decision given that our technologies support U.S. national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed,” a NSO Group spokesperson said in a statement.

Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy Pte were added based on a determination that they traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide, the agency said.

Positive Technologies was previously sanctioned by the Biden administration in April, for allegedly assisting Russian intelligence services. Positive Technologies created hacking tools for use by Russian spies, according to a report in MIT Technology Review.

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” Commerce Secretary Gina Raimondo said in the statement.

A representative for Positive Technologies or Computer Security Initiative Consultancy weren’t immediately available for comment. A spokesperson for Candiru couldn’t be located for comment.

NSO Group has been accused of providing its technology to governments that have used it to snoop on journalists, activists and lawyers. NSO has repeatedly said its technology is sold to governments and law enforcement agencies to track terrorists and criminals. In a June report, NSO Group said its products have been used by states to “save lives on a massive scale,” help thwart terrorist attacks and dismantle drug trafficking rings.

The addition to the Commerce entity list will have an “immediate impact on NSO’s business practices and companies that will work with them” and have a “dramatic chilling effect on investors and NSO’s long term future,” said John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, in a tweet.

NSO Group’s Pegasus product features “no click” malware, meaning the victim doesn’t have to click on a link for the malicious software to be installed on their phone. In many instances, Pegasus can infect a phone even if its updated with the latest software.

The move by Commerce comes in the wake of dozens of news stories published by 16 news organizations called the “Pegasus Project” that alleged widespread misuse of NSO’s software.

On Monday, NSO Group announced that it had hired a new chief executive officer, Isaac Benbenisti. Shalev Hulio, the current CEO, will remain involved in leadership, the company said.

“I am impressed with the high moral standards, ethical framework and compliance policies that streamlines throughout everything NSO Group does, and especially the willingness to continue improving at all fronts,” Benbenisti said in a statement on Monday.