No More Visas for Spyware Makers and Operators, Says US Dept of State

Under a new policy, the United States government will deny visas to people involved with commercial spyware.

As described on our blog, spyware is one the most dangerous types of malware in existence, not just because it can pilfer sensitive data, but also because it can infect devices without any input from the user. It’s designed to observe and collect information about a user's activities, as well as download files stored on the device, listen to conversations, take video recordings, and more - all without the victim’s knowledge.

In 2023, the Biden Administration issued an Executive Order prohibiting the US government’s use of commercial spyware that poses risks to national security or foreign policy interests.

In a similar move, members of the European Parliament last October adopted a new law designed to strengthen defenses of the EU media, including a ban on the use of spyware against journalists.

In fact, governments and technology leaders worldwide have been teaming up to fight the mercenary spyware threat for a number of years now.

Protecting national security

“This new policy is the most recent action in the United States’ comprehensive approach to countering the misuse of commercial spyware,” the State Department said in the press release.

“The United States remains concerned with the growing misuse of commercial spyware around the world to facilitate repression, restrict the free flow of information, and enable human rights abuses. The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association.”

Threat actors, including adversary nations, have been using commercial spyware in cases of arbitrary detentions, forced disappearances, and even extrajudicial killings “in the most egregious of cases,” according to the statement.

“Additionally, the misuse of these tools presents a security and counterintelligence threat to U.S. personnel,” it adds. “The United States stands on the side of human rights and fundamental freedoms and will continue to promote accountability for individuals involved in commercial spyware misuse.”

Technology giants’ war against spyware

Perhaps the first notable retaliation against commercial spyware was Apple’s decision in November 2021 to sue notorious Israeli spyware maker NSO Group for enabling extensive state-sponsored hacking of its products – mainly the iPhone.

NSO had already been on the US’s radar with a track record of placing highly effective surveillance tools in the wrong hands, allegedly letting oppressive regimes spy on their people.

According to the suit, filed in the US District Court for the Northern District of California, “NSO Group and its clients devote the immense resources and capabilities of nation-states to conduct highly targeted cyberattacks, allowing them to access the microphone, camera, and other sensitive data on Apple and Android devices.”

Extensive research by the Citizen Lab at the University of Toronto found on more than one occasion that NSO’s Pegasus spyware has been extensively used to infect the phones of journalists, activists, dissidents, academics and government officials.

However, NSO is just one of several spyware vendors that fall under these accusations. Companies like Cytrox, Candiru and Intellexa are also responsible for developing and selling surveillance tools used by threat actors to infect the phones of undesirable figures, political adversaries, journalists, and pretty much every other kind of high-profile target.

Apple for the past few years has been increasingly hands-on with the iOS patching cycle, issuing periodic security updates to plug weaknesses exploited in spyware attacks like the ones described above. This included developing patches even for iOS versions no longer officially supported by the tech giant.

Google, for its part, has been fighting mercenary spyware more directly, periodically finding active exploits by spyware operators.

How to defend against spyware

Bitdefender recommends you always keep your devices up to date with the latest security patches issued by the vendor as the first important step against targeted spyware attacks – especially if you’re a high-profile target. For peace of mind, consider running a dedicated security solution on all your devices.

On iOS and macOS, keep the trusty Lockdown Mode toggle handy whenever you believe you might be targeted.

Check out our guide How Spyware Infects Smartphones and How to Defend Against It to learn more about the spyware threat and how to stay protected.