‘Pegasus maker’ NSO Group sanctioned by US for ‘malicious activities’

The Israeli NSO Group, which rose to notoriety for its much discussed spyware product Pegasus, is among the four cyber organisations that have been sanctioned by the United States Department of Commerce (DoC).  

Alongside NSO, the full list includes fellow Israeli company Candiru, Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy (CSIC).  

The sanctions, as stated by the office of public affairs of the DoC, have been applied to the four companies as a consequence of “engaging in activities that are contrary to the national security or foreign policy interests of the United States.” 

Pegasus, which faced quite the notoriety in India as well, is one of the most prominently mentioned spyware tools that have been used in multiple countries.  

Pegasus was claimed to have been used to target specific individuals, by either governments or by affiliated private bodies, to carry out cyber espionage and track their movements and activities. 

Talking about the sanctioning of NSO Group and Candiru, a statement on the matter by the DoC said, “These entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.” 

The national government of USA uses its ‘entities lists’ to list out ‘entities’ or companies that it deems to be offering services that are detrimental towards its policies – both for the nation and for its international relations. 

The DoC’s statement further added, “These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent. Such practices threaten the rules-based international order.” 

Positive Technologies and CSIC were sanctioned by the DoC for operating malware that targeted corporate institutions in USA to gain access to sensitive, privileged information.  

Interestingly, Positive Technologies was already sanctioned by the US department of treasury for allegedly providing support to Russian state backed hackers for attacking American companies.