US Spyware Crackdown Imposes Restrictions on Four Foreign Companies

The US added four companies that market cyber exploits to a list of vendors that are restricted in receiving exports from American companies, part of an ongoing effort to address the proliferation and misuse of commercial spyware, according to the Commerce Department.

(Bloomberg) — The US added four companies that market cyber exploits to a list of vendors that are restricted in receiving exports from American companies, part of an ongoing effort to address the proliferation and misuse of commercial spyware, according to the Commerce Department.

The list of companies added to the so-called entity list Tuesday includes Cytrox Holdings Zrt. from Hungary, Cytrox AD from North Macedonia, Intellexa Limited from Ireland and Intellexa SA from Greece. The companies were added for “trafficking in cyber exploits used to gain access to information systems, thereby threatening the privacy and security of individuals and organizations worldwide,” according to a Commerce Department statement.

The companies couldn’t immediately be reached for comment.

The department’s decision “targets these entities’ ability to access commodities, software, and technology that could contribute to the development of surveillance tools that pose a risk of misuse in violations or abuses of human rights,” according to the statement.

The agency’s actions were the first major initiative on commercial spyware since President Joseph Biden issued an executive order in March banning US federal agencies from buying and using commercial spyware from companies deemed to present national security threats or implicated in human rights abuses, according to an administration official who briefed reporters on condition of anonymity.

Spyware is a form of malicious software that intruders use to covertly access victims’ mobile phones, stealing data and recording calls and messages. Companies such as Israel’s NSO Group build and sell such surveillance software to governments, promising to help them track terrorists and other serious criminals. However, human rights experts say some governments have abused the technology to target journalists, activists and political opponents.

The administration official said misuse of spyware tools can facilitate oppression, enable human rights abuses and undermine democratic values. The sanctions would serve as a signal to other spyware vendors and those considering investing in the space, according to the official.

The Biden administration has previously taken steps intended to curb abuses of commercial spyware. In November 2021, the Commerce Department blacklisted Israeli vendors NSO Group and Candiru, accusing them of supplying spyware to foreign governments that used the tools to maliciously target government officials, journalists, businesspeople, activists, academics and embassy workers. 

 

More stories like this are available on bloomberg.com

©2023 Bloomberg L.P.