President Biden Forbids Spyware From Government Use

US President Joe Biden has approved a new Executive Order (EO) that bans government use of any commercial spyware products that have been used by foreign states. 

Foreign governments have deployed commercial spyware against US institutions, personnel, information, and information systems, presenting significant security risks.

This EO comes into force after as at least 50 US government officials are suspected or confirmed to have been targeted by spyware designed to hack mobile phones - far more than previously known.

The misuse of spyware includes surveillance and communications interception on citizens, political dissidents, politicians, activists, and other individuals. The ruling applies to all tools that are used for spying purposes to suppress civil liberties or human rights. 

The EO notably includes commercial spyware tools produced by Israel's NSO Group, which has been identified in several campaigns against human rights activists and dissidents. “Technology is central to the future of our national security, economy, and democracy.  The EO refers to the US fundamental national security and foreign policy interests in: 

  • "Ensuring that technology is developed, deployed, and governed in accordance with universal human rights; the rule of law; and appropriate legal authorisation, safeguards, and oversight, such that it supports, and does not undermine, democracy, civil rights and civil liberties, and public safety."
  • "Mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems,” says the EO.  “To advance these interests, the United States supports the development of an international technology ecosystem that protects the integrity of international standards development; enables and promotes the free flow of data and ideas .."

Governments around the world are known to collect large amounts of data for intelligence and law enforcement purposes, including communications from their own citizens. The proliferation of commercial spyware has made powerful tools newly available to smaller countries, but also created what researchers and human-rights activists warn are opportunities for abuse and repression. 

Commercial spyware of the sort produced by NSO and others is increasingly controversial. NSO and other commercial spyware firms claim their products are only sold to governments for legitimate law enforcement and other purposes, but reports suggest otherwise.

NSO Group is currently being sued by Apple and WhatsApp for deploying its spyware on hundreds of  customers’ devices without their knowledge. The firm has also been blacklisted by the Commerce Department.

WhiteHouse:     CNN:      Infosecurity Magazine:     Oodaloop:    CBS:     PBS:  

You Might Also Read: 

Pegasus Spyware Used To Target British Prime Minister:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« TikTok Fined £12.7m For Breaching Child Protection Law
The Skills Gap Is Increasing Risk & Exposure To Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

Discover how you can implement endpoint detection and response (EDR) tools into your security strategy.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

Cyber Command

Cyber Command

Our Managed IT service allows clients to offload the management of day-to-day computer, server, and networking support to our team of professionals.

Adroit Technologies

Adroit Technologies

Adroit Technologies has been developing award winning real-time software for the industrial automation markets for over 25 years.

CynergisTek

CynergisTek

CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

DataStealth

DataStealth

DataStealth is a data protection platform that allows organizations to discover, classify, and protect their most sensitive data and documents.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

HEAL Security

HEAL Security

HEAL Security is the global authority for cybersecurity data, research and insights across the healthcare sector.