Commerce Department blacklists four groups linked to cyber surveillance operations

The Commerce Department on Wednesday added four organizations linked to cyber surveillance operations, including the Israeli company NSO Group, to its “entity list,” effectively blacklisting them. 

Also listed were the Israeli group Candiru, Russian group Positive Technologies and Singapore’s Computer Security Initiative Consultancy, all due to concerns around malicious cyber activity. 

NSO Group and Candiru are alleged by the Commerce Department to have developed spyware programs and sold them to foreign governments to enable surveillance of dissidents, journalists, academics and others.

Positive Technologies and the Computer Security Initiative Consultancy are alleged to have sold cyber tools that enabled systems to be compromised without the victim’s permission, further enabling surveillance. 

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” Commerce Secretary Gina Raimondo said in a statement Wednesday. 

The State Department put out a separate statement stressing that the Biden administration is “not taking action against countries or governments where the entities are located.” The U.S. Embassy in Israel did not immediately respond to The Hill’s request for comment on the move. 

A spokesperson for NSO Group pushed back against the decision, telling The Hill in an emailed statement that “NSO Group is dismayed by the decision given that our technologies support US national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed.”

“We look forward to presenting the full information regarding how we have the world’s most rigorous compliance and human rights programs that are based the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products,” the spokesperson added. 

The addition of the groups to the entity list comes weeks after the Commerce Department issued an interim final rule aimed at cracking down on the sale of hacking products used by foreign governments for surveillance purposes. 

NSO Group has been a key focus of concerns. The company was accused by WhatsApp in 2019 of allowing its spyware to be used to target government officials, and Reuters reported last year that the FBI was investigating the use of the group’s spyware against U.S. companies and officials. 

It gained even more attention in September when Apple issued emergency security updates for many of its products following the discovery of a vulnerability that allowed NSO Group to infect Apple products with spyware.

Candiru, meanwhile, was linked by researchers at Citizen Lab in July to marketing spyware that enabled the targeting of victims in places such as Israel, Palestine, Iran, Lebanon, Yemen, Spain, the United Kingdom, Turkey, Armenia and Singapore. Citizen Lab gave its findings to Microsoft, which took steps to disrupt the use of these spyware products. 

“The weapons disabled were being used in precision attacks targeting more than 100 victims around the world including politicians, human rights activists, journalists, academics, embassy workers and political dissidents,” Cristin Goodwin, general manager of Microsoft’s Digital Security Unit, wrote in a blog post published in July.

–Updated at 12:43 p.m.