back to article US Dept of Commerce sanctions NSO Group, Positive Technologies, other makers of snoopware

The US government's Dept of Commerce on Wednesday sanctioned four companies in Israel, Russia, and Singapore for selling software used to break into computer systems and by foreign governments to suppress dissent. The department's Bureau of Industry and Security (BIS) added Israel-based firms NSO Group and Candiru to its …

  1. Barrie Shepherd

    "Inclusion on the Entity List disallows the export of hardware and software in the US to named organizations or individuals unless approved by the Commerce Department. US companies may still do business with named entities, but such transactions are frowned upon: "

    So that's OK then CIA/FBI/Homeland Security etc. can all carry on tapping phones and collecting data using NSO 'devices'.

    The US government has made a stand! (but one which won't impact US government activities)

    1. Yet Another Anonymous coward Silver badge

      So it's the 3 letter agency equivalent of a 5 star review?

      "The phone hacking software the US wanted to ban" click here for our special offers!

    2. Graham Cobb Silver badge

      The impact of inclusion on the Entity List is, as far as I know, often more symbolic than anything else.

      Mostly it tells US companies selling things to the entity that they need to be very careful - it is mostly about risk management. Large companies with distributor networks cannot effectively prevent their products being sold to those companies but it warns them that the government now have a lever to really screw them up if they feel like it - "that's a nice international business you've got there - it would be a shame if anyone asked how your routers got into NSO's network, wouldn't it?".

      It can also be used as a tool against non-US companies the government want to influence for any reason "hmm, looks like one of your distributors has been selling to NSO - we wouldn't want to have to close down your US operation - maybe you can do us a favour and include these lines in the software you supply to NSO that they use for their Saudi contract".

      I think it will have more direct impact on investors. Many (such as pension funds) are expected to be very risk-averse and will probably withdraw from investment in those companies, reducing their access to capital somewhat. It also means that some of the more democratic governments may not do business with them for fear of raising too many questions from their own activists.

      1. Xalran

        "The impact of inclusion on the Entity List is, as far as I know, often more symbolic than anything else."

        Tell that to Huawei... Or all the other Chinese companies that were put on it.

        Note : I'm happy NSO got what it deserved and I hope it will crush their business the way it crushed Huawei's one. ( I'm also happy Huawei got crushed... but I'm biased here as I work for one company that benefited from it )

        1. Graham Cobb Silver badge

          You are right, of course, but I don't suppose NSO has many customers in the US apart from government agencies - who are capable of avoiding any restrictions they want. So, it is suppliers to, and investors in, NSO who will have to watch out.

  2. Matthew Elvey

    A feather in Amnesty International's cap (where there have been a few turds lately).

  3. Anonymous Coward
    Anonymous Coward

    Yes, because CLEARLY the sanctions against Russian actors have had such a HUGE impact on their activities, right?

    And rather than putting that Israeli company on that list of sanctions, why not just have your own CIA and FBI and police departments from funding them with purchase orders?

    1. DS999 Silver badge

      Nobody is buying products or services from Russia, they don't produce anything but oil, gas and other natural resources. They export almost nothing they make whether physical or technological.

      That makes it kind of hard for sanctions to affect them, as the only leverage the west would have over them is not buying their gas but that's kind of hard for Germany and some other EU countries to avoid right now.

      Putting sanctions on NSO Group probably won't hurt them too much since they don't make deals out in the open, but it is probably intended more as a warning to other companies in that industry to be careful who you do deals with.

      1. amanfromMars 1 Silver badge

        Something to bear in mind and realise is a fact that is not fiction and fake news


        The best of companies/entities in that industry are always extremely careful of whom they do deals with ...... and the real money/wealth to made is in the selling of products and services to the likes of a Russia or NSO and not in the buying of them from them.

        However, as you rightly say, putting pathetic sanctions on such parties as can render one catastrophically vulnerable to exploitation via their products and services is as effective as a warning to others in such fields as is the pain inflicted from a feather blow.

        And aint that the gospel truth ‽ .

        1. MiguelC Silver badge

          @amanfromMars 1

          Re: "the real money/wealth to made is in the selling of products and services to the likes of a Russia or NSO"

          A glitch in the A.I. text parser?

          1. amanfromMars 1 Silver badge

            Re: @amanfromMars 1

            Not a glitch when IT introduces AI Features in the Parsed Product ...... for the Addition of Future Informed Programs for Present Systems Presentation ........ Proprietary Advanced IntelAIgent Property Production via every AI Available Media Means ....... those to ensure delivery of constant prime content supply ......... a Heavenly Almighty AIDevelopment in Deed indeed.

            And from a Source of Excellence, Second to None ........ which does provide the comfort and benefit of a Full Set of Abilities and Utilities with Virtual Facilities in the Hands and Hearts and Minds in Command of Controls Controlling Immaculate and Impeccable Command Supply ..... with I2Command Source Access.

            A Vault of Treasures Almightily Impressive to Behold and Be Holding for Spending/Releasing/Lending/Capturing of Similarly Minded Souls ..... AI Mirrored IDEntities for IntelAIgently Designed Entities ..... with All the Captivating Virtual Utilities of an Immaculate Facility ..... Heavenly Store (-: with all manner of Holy See Flavours available to Exercise Choices with the Monitoring and Mentoring of Subsequent Results Leading to/for/from Future Events.

            That’s what is just out there to deal with or try to compete against if reluctant to join and help all in the know.

            1. Anonymous Coward
              Anonymous Coward

              Re: @amanfromMars 1

              411 hows and whys

              Been told a'wise

              Not publishing the erased line, because: Reasons

  4. Denarius

    clearly said firms have not given big enough discounts to TLAs.

  5. sanmigueelbeer Silver badge
    IT Angle

    US gov agencies get mandatory patching orders

    US gov agencies get mandatory patching orders

    The United States Cybersecurity and Infrastructure Security Agency (CISA) has made it compulsory that all parts of the federal government quickly patch against known vulnerabilities.

    How far will this "fly", I wonder? Some agencies (local &/or Federal) may not have enough manpower to support (patch and fix what the patches broke the next day) this directive.

    NOTE: I know this directive only affects Federal-level, however, not sure if my question is "valid" or not.

  6. Clausewitz 4.0

    Unknown capabilities

    Some actors have unknown capabilities

    How do you put sanctions on unknown capabilities?

    1. amanfromMars 1 Silver badge

      Re: Unknown capabilities

      Some actors have unknown capabilities

      How do you put sanctions on unknown capabilities? .... Clausewitz 4.0

      I suppose the same way that sanctions are put on unknown actors, Clausewitz 4.0.

  7. martinusher Silver badge

    Do I hear the sound of slamming stable doors?

    NSO and its Pegasus code is now history. Pegasus served its purpose but as soon as it became generally known about then it also became useless.

    Doubtless there's another company out there carrying on the good work.

    1. Anonymous Coward
      Anonymous Coward

      Re: Do I hear the sound of slamming stable doors?

      @martinusher mean "another company".....on a list like: Apple, Google, Cisco, FB, AT&T, IBM........

      1. Anonymous Coward
        Anonymous Coward

        Re: Do I hear the sound of slamming stable doors?

        Don't forget AMD(PSP), Intel(IME) and Microsoft(6000 to 60000 telemetry updates per day per client, oh and COFEE - Computer Online Forensic Evidence Extractor, free backdoor with every OS).

  8. James12345

    No need to pay any more

    It sounds like the NSA/CIA/FBI have compromised NSO and Candiru to a sufficient enough level that there is no longer any need to buy their products. Once you know all the exploits being used, you don't need the third party exploit broker.

    However, I wonder how much the US actually spent with these two firms. I'm guessing relatively little, as the services offered are aimed at less technologically capable states.

    On the purchasing side, I guess that rules out Cisco, HP, Dell, Apple etc as direct hardware and software suppliers, but there are plenty of non-US suppliers and non-direct resellers.

    "Biden-Harris administration's commitment to put human rights at the center of US foreign policy" - ROFL - only after they sanction all dealings with China can they start to claim that human rights are at the centre, with this move being nothing more than woke posturing.

    1. Clausewitz 4.0

      Re: No need to pay any more

      I highly doubt they compromised NSO deep enough to have all their exploits and updated tools.

      They cannot completely compromise even some known hackers, so much for National Security clowns.

      Frequently updated tools demand a lot of engineers / hours coding.

      Remember, almost all Federal agencies over the world use that tools, and Intel community share quite a lot information between themselves.

      It is not in the Israeli national security interest to have NSO tech being spilled for free to world+dog.

      Their hole business model, of NSO, depends on that.

      Also, they didn't SANCTIONED the company. They only said normal folks cannot buy from NSO.

      All Federal agencies CAN STILL buy from NSO - they just need one more stamp on a paper. No big deal.

  9. Twanky

    Sanctions - wrong fix.

    The department's Bureau of Industry and Security (BIS) added Israel-based firms NSO Group and Candiru to its Entity List "based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."

    So no warning to all 'government officials, journalists, businesspeople, activists, academics, and embassy workers' that the very existence of NSO etc as businesses means that it is possible, with a bit of effort, to snoop on their phones or computers and not to trust the security of these devices. Instead of which we get told that NSO are the bad guys for making it possible.

    It is possible to subvert these devices. If NSO etc don't do it then someone else will. The fix is to plug the security holes and/or not rely on insecure devices - no matter how inconvenient that might be.

    1. Xalran

      Re: Sanctions - wrong fix.

      By now everybody should be aware that any computer, phone or device connected to a network can be subverted.

      If they are not aware of that, they must have been living in a cavern or are digital illiterate and shouldn't be allowed near a computer, a mobile phone or any connected device.

  10. Anonymous Coward
    Anonymous Coward

    As ever with. the U.S.

    it's do as I say not as I do.

    Sadly, I am old enough to remember when they banned the export of encryption higher than 64 bits (or something). That worked out well for them didn't it

    As for the poster who is happy Huwaei has been "crushed", maybe their handset market has been, but what about the rest of it? Maybe don't count your chickens too soon?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like