WASHINGTON: According to a senior administration official, commercial hacking tools, also known as spyware, were used to target at least 50 U.S. government employees stationed in ten different countries.The White House is compelled to pass laws to stop the snooping as a result of this, which emphasises the growing threat faced by offensive cyber vendors.
On Monday, U.S. President Joseph Biden issued an executive order to stop the nefarious use of digital spying tools that target American citizens and civil society worldwide.
The scale of this hacking wasn’t previously known, but in 2021 it was revealed that an unknown attacker used sophisticated malware created by an Israeli company to target the iPhones of at least nine U.S. State Department officials.
It constituted the largest known breach of American officials using such technologies at the time.
According to a senior administration official, the new executive order is intended to put pressure on the secretive industry by imposing new limitations on the purchasing decisions made by U.S. government defense, law enforcement, and intelligence agencies.
The objective is to change how the underground market functions and restrict sales to particular actors by more strictly limiting which organisations are permitted to transact with the U.S. government, the official added.
According to a long U.S. government investigation that started in 2021, “we have clearly identified the proliferation and misuse of spyware as a threat to national security,” the official stated. “The threat of misuse around the world affects our primary interests in foreign policy.”
Based on research by the U.S. State Department and others, manufacturers of these hacking tools may be prohibited from selling to U.S. agencies if it turns out that they are working with foreign governments with a spotty record on respecting human rights.
Additionally, the new limits would apply to a specific commercial spyware platform if the US intelligence agency discovers proof that it was used to target US government employees.
The choice was made in response to several media and cybersecurity stories from the past few years about the sale of spyware to governments all around the world, including those in the Middle East and Africa, where it was allegedly used against journalists, human rights advocates, and dissidents.
“We needed a standard where if we know a company sells to a country that is involved in these specified activities, that in and of itself is a red flag,” said the senior administration official.