Two Firms Behind Meta, iOS and Android Spyware Blacklisted by U.S.

The Commerce Department Blacklists European Cyber Firms for Building Spyware Software

Two European Cyber Firms Added to Commerce Department Blacklist

The Commerce Department has announced the blacklisting of two European cyber firms known for building spyware software. These firms, Intellexa and Cytrox, have been trafficking in exploits that compromise the privacy and security of individuals and organizations worldwide. They have subsidiaries in Greece, Ireland, Hungary, and North Macedonia. Export-control restrictions have been imposed on these firms, preventing U.S. companies from supplying them with technology, data, or intellectual property.

Intellexa: Exploitation and Data Analysis

Intellexa, one of the blacklisted cyber firms, offers a spyware product called Nebula that specializes in social media data collection and analysis. It is marketed as an essential tool for law enforcement and intelligence agencies. The founder of Intellexa, Tal Dilian, is an intelligence expert with over 25 years of experience in the Israel Defense Forces. His personal website describes Intellexa as a company that develops and integrates technologies for law enforcement and intelligence agencies.

Cytrox: Spyware Used by Dictatorial Regimes

The other blacklisted cyber firm, Cytrox, is known for its spyware product called Predator. This software has been used by dictatorial regimes to infiltrate the cell phones of activists, politicians, and journalists. Citizen Lab, in a 2021 analysis, has exposed the use of Predator by such regimes. The Commerce Department's move to blacklist Cytrox and Intellexa shows an increased willingness by the Biden administration to curb foreign companies' access to U.S. technology.

Increasing Use of Export Controls to Curb Foreign Access to U.S. Technology

The blacklisting of Intellexa and Cytrox is part of a broader trend of using export controls to restrict foreign access to U.S. technology. The Trump administration had previously used export controls against Huawei, and the Biden administration is following suit. Commerce Department officials have added highly advanced semiconductor and networking technology to export control lists to prevent Chinese and Russian entities from obtaining them.

Impact on New Businesses

The blacklisting of European cyber firms, Intellexa and Cytrox, by the Commerce Department for building spyware software has significant implications for new businesses operating in the cybersecurity industry. This move by the Biden administration reflects a growing concern over the misuse of technology and the protection of individuals' privacy and security.

For new businesses entering the cybersecurity market, the blacklisting sends a clear message about the ethical boundaries that must be upheld. It highlights the importance of building and marketing products that prioritize user privacy and data security, rather than exploiting vulnerabilities for surveillance purposes. This can create opportunities for businesses that offer innovative and ethical cybersecurity solutions that align with the values of privacy-conscious customers and regulatory standards.

However, the blacklisting also underscores the need for new businesses to navigate the increasingly complex export controls and compliance landscape. As export-control restrictions prevent U.S. companies from supplying technology, data, or intellectual property to blacklisted firms, it becomes crucial for new businesses to carefully assess their partnerships and customer base to ensure compliance with these regulations. This may require rigorous due diligence and thorough understanding of export control laws, potentially leading to additional costs and resource allocation.

Furthermore, the broader trend of using export controls to limit foreign access to U.S. technology may impact the global cybersecurity market. It could create opportunities for domestic cybersecurity companies to gain a competitive advantage, but it may also lead to increased competition from other countries that seek to fill the void left by restricted firms.

In conclusion, the blacklisting of Intellexa and Cytrox emphasizes the importance of ethical practices and compliance with export controls for new businesses in the cybersecurity industry. By aligning their offerings with privacy and security values, navigating export controls, and capitalizing on market opportunities, new businesses can position themselves for success in a dynamic and evolving cybersecurity landscape.



Article First Published at: https://www.cnbc.com/2023/07/18/us-blacklists-two-firms-that-built-meta-ios-and-android-spyware.html