Memos 
Live events & webinars 
Industry Newsletters
Trend Reports
The United States has added Israeli spyware firm NSO Group to its economic blacklist for acting “contrary to the foreign policy and national security interests of the US.”
The US Department of Commerce said Wednesday that NSO Group was placed on the so-called entity list based on evidence that the Israeli firm sold spyware to foreign governments that “used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”
Three other companies — Israel’s Candiru, Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy PTE — were also added Wednesday to the list, which prohibits US companies from exporting certain technologies to the listed entities unless they obtain a government license.
“Today’s action is a part of the Biden-Harris Administration’s efforts to put human rights at the center of US foreign policy,” the Commerce Department said in a statement. “This effort is aimed at improving citizens’ digital security, combating cyber threats, and mitigating unlawful surveillance.”
An investigation by a consortium of international media outlets revealed this summer that NSO Group’s military-grade spyware had been used to successfully hack the smartphones of journalists, politicians, activists and business leaders around the world. Using a leaked list of more than 50,000 phone numbers, journalists at 17 media outlets identified over 1,000 people across more than 50 countries who were selected as potential targets by NSO Group’s clients.
Researchers say NSO Group’s Pegasus software can be used to remotely access a phone’s contents, camera and microphone. The Israeli firm says it licenses Pegasus and other surveillance tools on the condition that governments use them to fight terrorism and other crime.
“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” said US Secretary of Commerce Gina Raimondo.
The State Department said no actions would be taken against governments where the newly sanctioned entities are located.
