Ignatieff/iStockphoto/Getty Images
CNN
—
The Biden administration is welcoming six new countries to a U.S.-led agreement to crack down on phone hacking and spyware. The government continues to find new cases of U.S. government employees being targeted with technology deemed national security and counterintelligence threats, U.S. officials told CNN.
“We are actively and intensively working to identify and further confirm the case of a U.S. government employee whose cell phone was targeted by commercially available spyware,” a National Security Council official told CNN. he said.
A year ago, the Biden administration announced the number of U.S. government employees suspected or confirmed to have been targeted by spyware at 50. NSC officials declined to quantify the increase in cases, saying it has increased since then, but said counterintelligence efforts are important. And the national security risks posed by technology remain high.
Spyware is malicious software that is used to invade your mobile phone, turn it into a listening device, and steal your contacts. The commercial spyware market has exploded over the past decade as companies from Israel to North Macedonia advertise their services and many governments are willing buyers.
A key pillar of the U.S. strategy to combat spyware is discouraging allies from doing business with spyware companies whose tools could be used against U.S. diplomats or to surveil dissidents and journalists in the United States. trying to persuade.
Poland and Ireland (two countries that have been implicated in spyware abuse in the past) have become new signatories to the anti-spyware agreement, a move that U.S. authorities see as part of a growing global momentum to curb spyware abuse. It is advertised as a sign of growth. Rampant abuse of surveillance technology. Poland's prime minister has claimed that the previous government used spyware on a long list of victims. This month, the U.S. Treasury Department sanctioned an Ireland-based company for its alleged role in the spyware business.
Other countries joining the pledge to fight spyware are Finland, Germany, Japan and South Korea, according to the White House. The announcement will be made this week in Seoul at the Democracy Summit, an annual gathering of democratic governments from around the world.
Eleven countries signed the pledge last year, including the United States and its Five Eyes allies. The pledge states that “our government's use of commercial spyware is consistent with respect for universal human rights, the rule of law, and civil rights.” civil liberties. ”
More than two years ago, alarm bells rang among senior counterintelligence and national security officials when dozens of U.S. government employees began to be found targeted by invasive commercial spyware. . Among them were more than a dozen State Department employees working in Africa, whose iPhones were hacked with spyware developed by the Israeli company NSO Group, CNN reported.
Governments using spyware against U.S. personnel may be trying to collect information from targeted cell phones or monitor their own people meeting with U.S. diplomats, the NSC says. the official said. The official did not name the governments involved.
The risks are serious. Some spyware vendors have “very close ties” to or are “under clear control” of foreign governments, NSC officials said, without providing further details.
At least 74 countries contract with private companies to obtain commercial spyware, the U.S. intelligence community said this month in its annual threat assessment.
A U.S. government-wide investigation has been launched into the risks of spyware to U.S. interests, including how U.S. intelligence and law enforcement agencies are using tools used by other governments to monitor U.S. diplomats. It also includes an investigation to see if they have contracts with spyware companies.
The Biden administration's investigation “did not identify widespread use” of commercial spyware in the federal government, officials said in a rare interview on the matter. However, U.S. authorities are alarmed by “very aggressive efforts” by spyware vendors to sell hacking tools to various U.S. government agencies, the official told CNN.
For example, in 2022, the FBI acknowledged that the FBI had purchased a test license for NSO Group's Pegasus software. The FBI has never used Pegasus in any investigation, the bureau said.
Alarmed by a lack of visibility into whether U.S. government agencies are using commercial spyware, the White House last year announced that it was deemed a national security threat and involved in human rights abuses. Issued an executive order banning government agencies from using spyware.
“If you think the use of some of these tools will be quieted within your own systems, think twice,” the NSC official said, paraphrasing U.S. advice to allies. “And we are an example of that,” the official said, citing the fact that the FBI purchased a license to test Pegasus and that the tool is reportedly being used by other governments against U.S. diplomats. added.
The Biden administration has imposed sanctions and restrictions on visa issuance for spyware vendors and prohibited US companies from doing business with other companies. But there is only so much it can do on its own to disrupt the lucrative spyware market.
Spyware companies often hide behind opaque corporate structures and corporations to stay in business, according to U.S. officials and researchers who track them. White House officials met with U.S. venture capital firms this month to warn them of the risk that their investments could inadvertently fuel the growth of spyware.
“We're concerned about the influx of capital, and that capital that people may not be aware of is actually being used to fuel the risks to the American people,” the NSC official said.
