The U.S. government tightened its grip on cyber security, placing commercial spyware producers Intellexa and Cytrox on its Entity List due to perceived threats to national security on Tuesday.
The entities: Intellexa and Cytrox
Named on this list are Greece-based Intellexa SA, Ireland’s Intellexa Limited, Cytrox AD from North Macedonia, and Hungary’s Cytrox Holdings. These interconnected firms are involved in the development and selling of software that can potentially be utilized by clients to infiltrate and surveil electronic devices. Such actions have been deemed detrimental to U.S. national security and foreign policy interests.
By placing these companies on the Entity List, the U.S. imposes stringent export restrictions. The Biden administration’s latest move underscores their ongoing clampdown on commercial surveillance tech. Consequently, U.S. companies now face severe limitations when attempting to do legal business with these flagged companies without obtaining special government authorization.
Spyware allegations: What’s the issue?
Numerous cybersecurity teams, such as Google’s TAG, Cisco Talos, and Citizen Lab from Canada, have highlighted possible misuses related to spyware created by these firms. Investigations into ‘Predator’ and ‘Alien’, software developed by Cytrox, suggest usage against political figures, journalists, and activists, signaling the far-reaching influence of U.S. spyware.
These spyware, similar to the infamous Pegasus from NSO Group, which was added to the Entity List in 2021, have been found to exploit zero-day flaws and other vulnerabilities. The intention? To infect Android phones and Apple iOS devices, spy on users, and extract data.
The broader implications
This recent action reinforces the commitment to human rights protection worldwide as a core U.S. foreign policy interest, said Deputy Secretary of Commerce Don Graves. Digital privacy advocates, including Google and Citizen Lab, are now urging Congress to take a stand against spyware. They are calling for sanctions and increased enforcement against surveillance software producers.
As this tightening of cyber security measures takes effect, we would love to know your thoughts. What is your take on this new initiative against commercial spyware? Please share your views in the comments below!
{{user}} {{datetime}}
{{text}}