President Biden Forbids Spyware From Government Use

US President Joe Biden has approved a new Executive Order (EO) that bans government use of any commercial spyware products that have been used by foreign states. 

Foreign governments have deployed commercial spyware against US institutions, personnel, information, and information systems, presenting significant security risks.

This EO comes into force after as at least 50 US government officials are suspected or confirmed to have been targeted by spyware designed to hack mobile phones - far more than previously known.

The misuse of spyware includes surveillance and communications interception on citizens, political dissidents, politicians, activists, and other individuals. The ruling applies to all tools that are used for spying purposes to suppress civil liberties or human rights. 

The EO notably includes commercial spyware tools produced by Israel's NSO Group, which has been identified in several campaigns against human rights activists and dissidents. “Technology is central to the future of our national security, economy, and democracy.  The EO refers to the US fundamental national security and foreign policy interests in: 

  • "Ensuring that technology is developed, deployed, and governed in accordance with universal human rights; the rule of law; and appropriate legal authorisation, safeguards, and oversight, such that it supports, and does not undermine, democracy, civil rights and civil liberties, and public safety."
  • "Mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems,” says the EO.  “To advance these interests, the United States supports the development of an international technology ecosystem that protects the integrity of international standards development; enables and promotes the free flow of data and ideas .."

Governments around the world are known to collect large amounts of data for intelligence and law enforcement purposes, including communications from their own citizens. The proliferation of commercial spyware has made powerful tools newly available to smaller countries, but also created what researchers and human-rights activists warn are opportunities for abuse and repression. 

Commercial spyware of the sort produced by NSO and others is increasingly controversial. NSO and other commercial spyware firms claim their products are only sold to governments for legitimate law enforcement and other purposes, but reports suggest otherwise.

NSO Group is currently being sued by Apple and WhatsApp for deploying its spyware on hundreds of  customers’ devices without their knowledge. The firm has also been blacklisted by the Commerce Department.

WhiteHouse:     CNN:      Infosecurity Magazine:     Oodaloop:    CBS:     PBS:  

You Might Also Read: 

Pegasus Spyware Used To Target British Prime Minister:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« TikTok Fined £12.7m For Breaching Child Protection Law
The Skills Gap Is Increasing Risk & Exposure To Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Lynx Software Technologies

Lynx Software Technologies

Lynx provide secure software and operating systems for use in mission critical applications such as aerospace, medical, transportation and IoT.

KLDiscovery

KLDiscovery

KLDiscovery is a global leader in delivering best-in-class eDiscovery, information governance and data recovery solutions.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

SimSpace

SimSpace

SimSpace is the visionary yet practical platform for measuring how your security system responds under actual, sustained attack.

Spamhaus

Spamhaus

Spamhaus is the world leader in supplying realtime highly accurate threat intelligence to the Internet's major networks.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Accedian

Accedian

Accedian is a leader in performance analytics and end user experience solutions, dedicated to providing our customers with the ability to assure their digital infrastructure.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.