DonkeyHotey (cc:by-sa) https://www.flickr.com/photos/donkeyhotey/53033698572/
The U.S. Commerce Department now has “presumption of denial” against two more commercial spyware vendors in the mold of Israel’s NSO Group. That means U.S. organizations basically can’t do business with them—nor with any of the other firms on the Entity List.
The two are purveyors of the nasty Predator spyware. In today’s SB Blogwatch, we talk transatlantic tension.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Punk Queen.
What’s the craic? Dustin Volz reports—“Spyware Companies Are Added To Ban List”:
“Surveillance software called Predator”
The Biden administration added two new foreign technology companies to its export prohibition list, accusing the firms of selling cyber intrusion tools. … The Commerce Department said it was adding Intellexa [and] Cytrox … to its entity list, which generally bars U.S. firms from engaging in trade activity with them.
…
U.S. officials have said the proliferation of such … high-powered digital surveillance tools … can jeopardize U.S. national security and violate human rights. … Western governments and privacy advocates have said the tools are frequently abused by … governments to target journalists, political opponents, human rights advocates and others not suspected of wrongdoing.
…
Citizen Lab … previously linked Cytrox to surveillance software called Predator, which was able to infect iPhones via single-click links sent over WhatsApp. The research group found Predator customers in range of countries, including Armenia, Egypt, Greece, Indonesia and Saudi Arabia, and linked the tool to the hacking against an Egyptian political dissident. Citizen Lab also concluded Cytrox was part of what it called the “Intellexa alliance.”
What does it all mean? Lorenzo Franceschi-Bicchierai—“US government adds two more”:
“Presumption of denial”
The addition of the two companies, based in Greece and Hungary, as well as two related entities in Ireland and North Macedonia, is part of a wider effort from the Biden administration against makers of malware that is sold exclusively to law enforcement and intelligence agencies. [It] means that the Commerce Department’s Bureau of Industry and Security (BIS) will now review any application to export goods or services from the U.S. to these companies, “under a presumption of denial.”
Who are these people? Tim Starks and David DiMolfetta shed some light—“Two more spyware firms”:
“Murky at best”
Tal Dilian, former Israeli intelligence officer who now heads Intellexa, [said] the company was a force for good: … “I really believe this industry is doing more good than bad. … Now is a good time to show that to the world.”
…
Dilian fled Cyprus [in 2019] after an arrest warrant was issued for him, on accusations that he used a surveillance van to illegally intercept communications in the country. Dilian denies the allegations.
…
Cytrox is reportedly a part of Intellexa, but the relationship between the two companies is “murky at best,” according to the University of Toronto’s Citizen Lab.
So what now? This Anonymous Coward has advice for Dilian and friends:
Don’t book a foreign holiday if you work for one of these companies. I’d advise you to take care where you travel—certainly not the USA.
Sauce for the goose? u/SwallowYourDreams dreams of summer:
Meanwhile, US spyware vendors Microsoft, Google and Facebook are still allowed to operate in the European market.
Hey Europe! You up? The rapporteur for the EU Committee investigating mercenary spyware, Sophie in ’t Veld, wrings her hands:
While the Greek and EU authorities are still very busy doing nothing about #spyware, the US have blacklisted #Intellexa. The inertia of Europe is deeply embarrassing.
…
The US considers #Intellexa and #Cytrox spyware threat to its security. Intellexa is based in the EU, doing business with EU governments and exporting to third countries with European export licenses. What action can we expect from EU Commission?
Anyway, are we sure this is a good thing? querulous is anything but querulous:
This is perhaps a step in the right direction: … In the US there are still constitutional issues with the government spying on us, but corporations get a pass, and the government is not prohibited from buying their stuff. … Still, if it does not prevent corporate buyers from purchasing intelligence, it may be less impressive than it sounds.
Meanwhile, t245t celebrates No Such Agency:
Translation: NSA haven’t yet backdoored these systems.
And u/aeroverra agrees:
How dare they take from our playbook?
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi, @richij or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: DonkeyHotey (cc:by-sa; leveled and cropped)
According to research by the Aite Group, financial institutions are facing a 64% uptick in account takeover attacks than before…
Inside the Attacker’s Playbook: Unmasking the most common lateral movement techniques Lateral movement techniques refer to the methods employed by…
[For some reason I posted this several months ago on my Dataholics blog, when this one might have been at…
The growing use of APIs in various business areas exposes organizations to new security risks. An analysis of data breaches…
SINGAPORE, July 25, 2023— LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy…
Let’s say you recently acquired a security information and event Management (SIEM) solution and have a new layer of defense…