A notorious Israeli spyware firm wants to use the Gaza war to make a comeback | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

In 2021, the Biden administration blacklisted the NSO Group, an Israeli company infamous for selling controversial commercial surveillance technology across the globe. But now pressure is mounting on the White House to reverse course. NSO Group lobbyists and several European governments claim the firm’s spyware — software for covertly collecting mobile phone data — has become indispensable in Israel’s fight against Hamas.

But removing NSO Group’s blacklisted status would be a mistake. Doing so would endorse unconstrained surveillance and undermine broader U.S. efforts to curb other firms enabling undemocratic uses of spyware. Washington must stand firm to preserve the political and moral leadership it needs to combat spyware abuse.

The United States has taken necessary steps to counter the proliferation and abuse of spyware. In addition to banning the NSO Group, the White House also blacklisted Candiru, another Israeli spyware company with links to repression. In July 2022, the Biden administration shot down the potential acquisition of NSO Group by U.S. defense contractor L3 Harris. In March 2023, the administration expanded its efforts with an executive order setting new guidelines on the federal acquisition and use of commercial surveillance software.

U.S. government agencies are a large and profitable market for spyware vendors. The White House seeks to reshape the global surveillance-for-hire market by leveraging federal buying power.

However, American action alone is insufficient to regulate the spyware market. While the American economy might help forge new norms and incentives, Washington cannot control the supply and demand for spyware in other countries. The U.S. is the most important player in combating spyware abuse, but market-wide reform requires coordination with other democracies abroad. Why and how our democratic partners use spyware matters, and the war between Israel and Hamas risks opening the floodgates to greater abuse.

Since Hamas’s Oct. 7 attack, Israel has allegedly partnered with the NSO Group to enhance the military’s surveillance capabilities. Israeli forces are reportedly deploying the firm’s Pegasus spyware — which infects mobile devices without user interaction — to track the phones of Israelis kidnapped, murdered or missing in the wake of the terrorist group’s atrocities. Unsurprisingly, Pegasus is also likely being used to tap the phones of suspected Hamas militants.

However, Israel’s apparent lack of constraints to temper its spyware use in Gaza is raising concerns over broader surveillance of the entire Palestinian population. Such antidemocratic behavior from Israel is not so far-fetched: Pegasus spyware targeted Palestinian human rights activists in the past. Engaging in widespread Palestinian surveillance would set a troubling precedent for large-scale violations of noncombatant privacy, freedom of expression and association, and personal safety during a conflict.

What happens in Gaza is unlikely to stay in Gaza. Israeli spyware practices greatly influence broader market dynamics. Companies based in or connected to Israel have sold surveillance products to 56 of the 74 identified governments active on the spyware market between 2010 and 2023. And NSO Group products alone have accounted for nearly 40 percent of suspected civil rights violations from government spyware use between 2015 and 2021. Pegasus was detected on over 450 unique devices. And Israel has not been shy about sending its tools abroad: the Israeli government has reaped economic and diplomatic benefits by exporting spyware to both democracies and autocracies.

How Israel uses spyware in its war with Hamas — and how the U.S. responds — opens the door for other democracies to deploy surveillance software in future conflicts similarly. Democracies have already shown an unhealthy appetite for spyware. Of the 90 nations classified as democracies by the Varieties of Democracy project in 2022, at least 30 have purchased spyware products for illegal surveillance. This means that democracies have accounted for approximately 40 percent of government customers in the spyware market.

As scandals in Europe show, the taste for spyware is not limited to illiberal electoral democracies like Poland and Hungary. As of 2022, at least 11 European Union members had pursued NSO Group’s Pegasus or other invasive spyware packages. Countries with a record of liberal democracy, like Greece and Spain, have had few qualms about deploying commercial surveillance software without proper oversight and violating civil liberties. Israeli misconduct in Gaza would only serve to accelerate and normalize a dangerous trend.

The U.S. has made diplomatic progress to stem the spyware tide by spurring stricter rules in other democracies. But a failure to rebuke any spyware abuse in Gaza — or worse yet, remove restrictions on the NSO Group and similar firms — implicitly endorses civil rights violations by democracies and cedes the moral and political high ground underpinning American efforts against commercially available spy tools. Wrangling U.S. partners into line requires the consistent rejection of unmitigated spyware use, and the war in Gaza is no exception.

And Washington needs its democratic partner,s because it certainly won’t get help from the world’s autocrats. Authoritarian regimes rely heavily on spyware for repression. For instance, Saudi Arabia used Pegasus in 2018 to monitor communications with Washington Post columnist Jamal Khashoggi before his gruesome murder by Saudi agents in Istanbul. Similarly, the United Arab Emirates used spyware in 2016 to hack and ultimately jail Ahmed Mansoor, a civil rights activist and government critic.

In a world where antidemocratic adversaries are chipping away at democratic values and actively challenging the U.S.-led international order, the White House needs all the help it can get from other democracies.

Jason Blessing, Ph.D., is a research analyst at the Potomac Institute for Policy Studies. All views are his own and do not represent the views of the Institute. Follow him @JasonABlessing.

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.


Click Here For The Original Source.

National Cyber Security