Part of what makes it hard to put an end to hacking is that there’s just so much of it. There’s a “ware” for everything: malware, ransomware, and even spyware. With this overabundance, the U.S. Congress is finally going to start looking into foreign spyware, specifically Pegasus.
Also read: Android Users Hit with TangleBot Malware Disguised as COVID Messages
House Intelligence Committee’s Interest in NSO Group
We aren’t talking about just any spyware either; this is about spyware that is known to have been eavesdropping on journalists, activists, and most of all U.S. officials.
Specifically, we’re talking about software from NSO Group that is based in Israel. It spies on mobile users via their smartphones. Pegasus is only authorized to be sold to governments with the intention of preventing terrorism and crime. Yet, it hasn’t remained exclusively for that use, according to reporters.
The problem is that the spyware isn’t only affecting governmental officials – it’s also causing trouble for the friends and families of the government officials, journalists, etc.
The University of Toronto’s Citizen Lab reported that the teenage son of a CNN journalist had fallen victim to Pegasus. Another victim of Pegasus, Carine Kanemba, who is the daughter of the activist who inspired the movie “Hotel Rwanda,” will be testifying before the House Intelligence Committee. She has previously remarked that dictators with access to technology make “no Americans safe.”
Rep. Jim Himes, who sits on the House committee, said Congress hasn’t been on top of the foreign spyware, as few lawmakers have insight into the situation. Additionally, Congress is not known for being tech savvy. He thinks the situation may be changing, though.
“I’m not sure that five years ago we ever imagined that a small country in Africa could turn NSA-like capabilities on the U.S. ambassador.”
More Recent Concerns of Foreign Spyware
Congress is finally concerned about foreign spyware and willing to get involved. L3Harris, located in the U.S., tried to buy NSO Group, but the White House became concerned. Executives at the company reportedly said U.S. spy officials gave them the go-ahead for the buyout.
“The moment we know that it’s out there and we don’t like it, the very next moment we need to buy it,” Himes said of the FBI’s interest. “The FBI has not been as forthcoming as we would have liked on the nature of their purchase.”
Last year, Congress passed legislation that requires the State Department to create a list of spyware sellers that they will no longer do business with. More recently, within the past few weeks, the House added provisions in annual defense and intelligence bills that will make it more difficult for U.S. groups to buy companies mentioned on a Department of Commerce trade restriction list. NSO Group happens to be on that list.
Further, National Security Council spokesperson Adrienne Watson is promoting an “unprecedented, government-wide effort to counter the proliferation of foreign commercial hacking tools among actors who misuse them.”
This includes banning the government from buying or using foreign spyware. Hines would like the U.S. to work toward developing methods to find spyware that is hard to detect, then share the information with the country’s allies. Kanemba would like to see the U. S. not be so quick to give foreign aid to countries that utilize spyware.
Citizen Lab Senior Researcher John Scott-Railton believes the U.S. should have lifetime bans to prevent former government officials from being employed by spyware companies. Additionally, those companies should not receive taxpayer money.
With Congress taking a greater interest in foreign spyware, perhaps it will lead to them taking a greater interest in malware and hacking overall so that we can perhaps end the concern. Hopefully Emotet malware started raising Congress’s interest when it was found that it was sending emails disguised as the IRS.
Image credit: Unsplash
