State Dept. Expands NSO Group-Targeting Ban To Include Anyone Who Misuses Commercial Malware
from the NSO-inadvertently-making-the-world-a-better-place dept
Well, NSO Group really made a mess of this for everyone. Ever since the devastating leak showing its customers routinely targeted journalists, government critics, dissidents, and human rights activists (you know, rather than the violent criminals and terrorists they said they’d use the spyware to track), things have gone from bad to worse to career-ending for the Israeli malware purveyor.
NSO had always been controversial, given its predilection for selling powerful phone exploits to some of the worst governments in the world. But it had managed to remain profitable and un-sanctioned for years, despite its willingness to get in bed with whatever autocrat would have it.
That all changed following the leak… which was then followed by a never-ending stream of negative press. Investigations into the company were initiated by several world governments, including NSO’s own, which also took the unprecedented step of limiting who the company could sell to.
NSO and one of its Israeli-based competitors, Candiru, also found themselves on the receiving end of a US State Department blacklisting late in 2021. The stated reason for this ban? NSO and Candiru were considered a threat to US national security.
The ERC determined that NSO Group and Candiru be added to the Entity List based on § 744.11(b) of the EAR: Entities for which there is reasonable cause to believe, based on specific and articulated facts, that the entity has been involved, is involved, or poses a significant risk of being or becoming involved in activities that are contrary to the national security or foreign policy interests of the United States and those acting on behalf of such entities. Specifically, investigative information has shown that the Israeli companies NSO Group and Candiru developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.
Being Candiru or NSO Group is its own problem. With the latest move by the US State Department (prompted by two years of reports of abusive targeting), certain users of these companies’ spyware are no longer welcome in the United States.
This visa restriction policy is pursuant to Section 212 (a)(3)(C) of the Immigration and National Act, and allows the Department of State to implement visa restrictions for (1) individuals believed to have been involved in the misuse of commercial spyware, to target, arbitrarily or unlawfully surveil, harass, suppress, or intimidate individuals including journalists, activists, other persons perceived to be dissidents for their work, members of marginalized communities or vulnerable populations, or the family members of these targeted individuals; (2) individuals believed to facilitate or derive financial benefit from the misuse of commercial spyware described in prong (1) above, including but not limited to developing, directing, or operationally controlling companies that furnish technologies such as commercial spyware to governments, or those acting on behalf of governments, that engage in activities as described in prong (1) above; and (3) the immediate family members of individuals subject to the restrictions in prongs (1) and (2) above. For purposes of this policy, “immediate family members” include spouses and children of any age.
Malware abusers and their families: that’s potentially a whole lot of people who will have a bit more trouble traveling to or staying in the Land of the Free. And it’s all due to NSO Group and its unwillingness to keep its products out of the hands of serial human rights abusers. The company may state otherwise when approached for comment, but none of this would have happened if it hadn’t decided it was somehow OK to cash checks from autocrats.
Of course, while the policy is certainly tough enough, it’s difficult to see it being a particularly effective deterrent. People who like abusing human rights (and targeting dissidents, activists, journalists, etc.) aren’t going to stop doing it just because of some visa complications. On top of that, it’s extremely difficult to identify who exactly is behind malicious spyware deployments. In most cases, an educated guess will only point in a government’s direction. It’s almost impossible to pinpoint the origin of malware attacks because that’s pretty much the point of these products: to be undetectable and un-attributable if discovered.
Still, it’s the thought that counts, especially when the thought is now part of US foreign policy. And while it’s unlikely to make the worst governments in the world behave better, it might make malware purveyors think twice before handing out spyware to governments likely to abuse it. No company wants to be the one forced to answer uncomfortable questions poised by angry governments, especially when it knows the answers involve governments that aren’t above murdering and dismembering people who’ve displeased them.
Filed Under: entity list, malware, restricted visas, spyware, state departnment, surveillance
Companies: candiru, nso group
Comments on “State Dept. Expands NSO Group-Targeting Ban To Include Anyone Who Misuses Commercial Malware”
shame!
Israel should shut these down altogether. It shouldnt be legal to sell malware to anyone. Shame!
Re: Israel
Are you kidding? Israel cannot be bothered to stop slaughtering innocent civilians.
This comment has been flagged by the community. Click here to show it.
Re: Re:
From the river, to the sea,
Israel will be Arab-free.
There are no Muslim innocent civilians. They are living in a fantasy world where they think they will one day be able to kill all the Jews and take Israel for themselves. They will die trying. The wokies encouraging them through protests will result only in more of them dying faster.
Re: Re: Re:
You really are a piece of shit, aren’t you?
Re: Re: Re:2
That may be. But the salient feature of making war against Israel is that they don’t care what you think or what names you call them. They strike back hard, and they will kill 10, or 20, or 100 of the enemy for every one of theirs that falls.
From the 1920s through today, Palestinians have done nothing to warrant any mercy or consideration from Israel – hijacking planes, murdering athletes at the Olympics, bombing buses, on and on. Encouraged by the left and by nations with no skin in the game, Palestinians keep throwing themselves into the buzzsaw, thinking that this time will finally be different. But it never is.
How they, or anyone, could have thought that launching a massacre from Gaza would have any result but what we’re seeing now is just baffling. Israel isn’t going to reward murderers with a state of their own, or with anything they want. It’s just going to kill them, and anyone they hide behind. And it’s going to impose more security measures afterwards, immiserating the Palestinians further.
Israel is always going to be a Jewish country. Palestinians are never going to be allowed to move into Israel. Jerusalem will never be their capital. Settlers will never move out of the West bank. Palestinians can either learn to accept reality and make the best of it, or they can keep dying in futility.
A tragic part of the whole situation is that Israel is basically a Western democracy. That means that they are not interested in fighting wars they don’t have to. Part of the current Gaza situation is that Israel got careless, lazy, and complacent and thought that the Palestinians in Gaza mostly wanted that too, and were tolerating sporadic rocket attacks as a kind of pro-forma show of resistance from the Palestinians that wouldn’t amount to anything. But Muslims seem to regard that sort of thing as weakness, so Israel has to teach them, over and over again, that restraint and weakness are two different things.
Re: Re: Re:3
Thank you, Hyman, for finally showing yourself as a complete and utter piece of shit.
Perhaps you should move there and help murder the Palestinians as well, if you feel that strongly about it.
Re: Re: Re:4
Seems unlikely given that I’m over 60. However, there is a nascent Tel Aviv bid to host the World Science Fiction Convention in 2027, and should that take off, I will be encouraging everyone I know to join the convention in 2025 and vote in the 2027 site selection election. Aside from giving me the opportunity to visit Israel again and do something other than visit old ruins, the joy I will get from the wokies screeching in frustration will be boundless.
Oh, and by the way, Lebanon appears to be volunteering to be the next place Israel will destroy:
https://www.aljazeera.com/news/2024/2/13/hezbollah-chief-says-only-gaza-ceasefire-will-end-lebanon-border-attacks
The Arabs don’t want a ceasefire. They want to win. They will die instead.
Re: Re: Re:
… and Hamas has entered the chat.
Thank you for playing, but goodbye now.
Re: Re: Re:
Said the baby born into a Muslim family to no one ever.
Re: Re:
You really should learn more about the situation before deciding that Israel is the sole villain worthy of your vitriol.
What Israel should – or can – do in their situation is a topic with a lot of details. … and it isn’t relevant to this blog post.
Please: Focus.
Re: Re: Re:
“It’s different when Israel does it!”
That narrative worked surprisingly well, for a surprisingly long time, but they finally pushed that line well past the breaking-point.
(The Israeli government and supporters shamelessly exploited global guilt over the Holocaust, by policy cynically labeling even protest by Jews and Israelis as mentally-ill, self-hating antisemites, but the weight of actual deeds is finally outweighing the mass of convenient justifications.)
Israel has not only abandoned the moral high ground, it is openly salting it.
Re: Re: Re:2
The left has despised Israel forever. Israel gives the left its middle finger and does what it needs to do for its own security. “You and what army?” has never been more relevant. Go and glue yourself to a highway. See how much that helps.
Re:
Terms like “malware” and “spyware” are very difficult to define in a precise way that does not also encompass legitimate tools—a point famously made by the Cult of the Dead Cow when they released BackOrifice, and reinforced by later tools such as Metasploit. If you find those shady, there’s always OpenSSH and the default Windows file shares (C$ etc.), which can easily be used without the knowledge of whoever’s logged onto the desktop.
State has always been the wokie liberal part of the executive branch. Spyware exists because people are interested in spying. State may think it’s accomplishing something here, but all the spy agencies worldwide, including our own, are laughing at them. Weapon bans of actual physical weapons don’t even work; you really think banning software is going to work?
Re:
Literally no evidence. Also, no time frame given. But also, no evidence.
Re: Re:
Can State departments of any major power even be “woke”? That seems kind of contrary to the State department’s basic function.
Re:
“State has always been the wokie liberal part of the executive branch.”
From where do you get your news .. Hee Haw?
Lol, like the US government eill stop doing business with any of these creatures.