Biden Administration Adds Two Europe-Based Hacking Firms to Blacklist as Effort to Regulate Spyware Industry Intensifies
In a move to control the increasingly rampant spyware industry, the Biden administration has added two Europe-based hacking firms to the Commerce Department blacklist. Intellexa and Cytrox, the two firms in question, are at the center of a political scandal in Greece, where they have been accused of hacking tools abuse against journalists and political opponents by government officials.
The addition of these firms to the blacklist restricts American companies from conducting business with them. This measure is aimed at cutting off the firms’ access to crucial U.S. technology, such as servers and cloud storage, necessary for their operations. Last November, the White House blacklisted NSO Group, a prominent Israeli hacking tools provider.
Both Intellexa and Cytrox are controlled by Tal Dilian, an Israeli former general in military intelligence who faced suspicions of funds mismanagement during his tenure. Following his retirement, Dilian relocated to Cyprus, which has become a favored destination for surveillance firms and cyberintelligence experts.
The Greek government initiated an investigation into Intellexa’s primary hacking tool, Predator, following reports of its use by the country’s spy agency. It was later discovered that Greece had authorized the export of this tool to at least one African country, Madagascar. Predator’s targets primarily consisted of local politicians, journalists, and even a U.S. citizen.
Comparable to NSO’s Pegasus, Predator spyware can infiltrate mobile phones, extracting sensitive data and converting them into surveillance devices. Despite investigations regarding the use of Predator domestically and its exportation to countries like Sudan and Madagascar, Europe has shown limited interest in accountability.
Although the long-term impact of blacklisting Dilian’s companies remains uncertain, he may seek to bypass American restrictions by acquiring critical technology from other countries. Unlike NSO, Dilian’s firms are not subject to Israeli regulations, enabling him to exploit the scandals surrounding NSO’s abuses and cater to countries limited by Israeli government restrictions.
Dilian frequently travels to and from Israel at his own discretion, with his team actively attempting to recruit top hackers from Israel-based firms. The Israeli cyber industry reports a significant number of hacking experts receiving enticing offers from Dilian’s companies.
The Biden administration has taken several steps to combat the abuse of spyware tools. Earlier this year, an executive order was issued to federal agencies, limiting the use of such tools by governments against dissidents, human rights activists, and journalists. International collaboration has also emerged, with a group of nations at the Summit for Democracy signing a joint letter expressing their commitment to curbing hacking tool abuses.
However, it’s worth noting that the restriction on the use of spyware tools is not absolute. For instance, the White House has authorized the Drug Enforcement Administration to employ the Israeli-made spyware product Graphite in operations against drug traffickers.
Despite these efforts, the proliferation of hacking tools continues. A senior administration official stated that one objective of blacklisting the hacking firms is to deter potential investors from engaging in the industry, as Western governments increasingly recognize the dangers associated with commercial spyware.
Reported by Ronen Bergman in Tel Aviv, and Matina Stevis-Gridneff in Brussels and Athens.