Uncategorized

U.S. sanctions maker of Predator spyware

The Biden administration sanctions individuals and entities behind the commercial surveillance tool implicated in human rights abuses.

By Elias Groll

March 5, 2024

A 12-year-old boy looks at an iPhone screen on December 19, 2023 in Bath, England. (Photo by Matt Cardy/Getty Images)

The U.S. Treasury Department on Tuesday sanctioned the makers of the notorious Predator spyware, a move that marks an escalation in the Biden administration’s attempts to counter the proliferation and misuse of commercial spyware.

The entities sanctioned by the U.S. government include two executives and five corporate entities in what is known as the Intellexa Consortium — a business vehicle responsible for developing and marketing the Predator spyware.

Brian E. Nelson, the Treasury Department’s top sanctions official, said in a statement that the sanctions aim to discourage the misuse of commercial surveillance tools that “increasingly present a security risk to the United States and our citizens.”

Researchers have identified Predator being used in a range of human rights abuses, including the targeting of dissidents, journalists and political officials, but the tool is only one of a growing number in a rapidly expanding spyware industry selling highly intrusive surveillance capabilities. According to the Treasury Department, Predator has been implicated in the targeting of American government officials, journalists and policy experts.

Industry officials argue their tools are essential to combat criminal and terrorist groups relying on encrypted communications tools, but the failure to limit their use to such contexts has led officials in Washington to seek ways to force the industry to adopt better guardrails.

A senior administration official speaking to reporters on condition of anonymity ahead of the sanctions’ announcement said companies in the spyware industry face two paths, one in which they “implement safeguards to ensure responsible use of their tools” and another in which “there are consequences for those vendors that flout safeguards and seek to profit on continued misuse of their tools.”

According to the senior administration official, the move against Intellexa represents an escalation of U.S. efforts to combat spyware misuse. The Biden administration has previously added spyware companies, including Israel’s notorious NSO Group, to the Commerce Department’s Entity List, which bans U.S. firms from certain transactions with listed firms. But Tuesday’s sanctions marks the first time the Treasury Department has levied financial sanctions against firms and individuals in the spyware industry, the official said.

The sanctions target Tal Jonathan Dilian, a retired Israeli military officer who is the founder of the Intellexa Consortium, and Sara Aleksandra Fayssal Hamou, whom the Treasury Department describes as a “a corporate off-shoring specialist who has provided managerial services to the Intellexa Consortium.”

Efforts to reach Dilian and Hamou for comment on Tuesday were unsuccessful.

The five corporate entities sanctioned Tuesday include firms operating in Greece, Hungary, Ireland and North Macedonia under the names Intellexa, Cytrox and Thalestris Limited. The official noted that these firms’ corporate registrations in Europe highlight the role played by firms on the continent in enabling human rights abuses. Cytrox and Intellexa were added to the Commerce Department’s Entity List last year.

Human rights researchers and technology firms have called on officials in Europe to take a stronger line against European commercial spyware firms implicated in human rights abuses.

John Scott-Railton, a researcher at the University of Toronto’s Citizen Lab who has written extensively about the spyware industry, applauded the move, describing the sanctions as a “thunder clap” that will have a “rolling and chilling effect throughout the industry.”

According to Scott-Railton, Tuesday’s sanctions also illustrate the divide between how Europe and the United States have sought to curb abuses in the spyware industry. European corporate entities have been deeply implicated in abuses linked to Predator, and despite having sanctions power, European officials have declined to move against these firms. “Europe’s inaction is deeply puzzling,” Scott-Railton said.

Tuesday’s sanctions come on the heels of a report last week that detailed the technical infrastructure used by Predator. After a pair of reports revealed how Intellexa had rebuilt its technical infrastructure after an earlier exposure last year, the firm dismantled its infrastructure over the weekend.

AJ Vicens contributed reporting to this article.

U.S. sanctions maker of Predator spyware

More Like This

US must establish independent military cyber service to fix ‘alarming’ problems — report

ALPHV website goes down amid growing fallout from Change Healthcare attack

Iranian nationals charged with hacking U.S. companies, Treasury and State departments

Top Stories

FCC wants rules for ‘most important part of the internet you’ve probably never heard of’

Campaigns and political parties are in the crosshairs of election meddlers

Cyberattack hits Georgia county at center of voting software breach

More Scoops

US and UK accuse China of cyber operations targeting domestic politics

Predator spyware infrastructure taken down after exposure

Predator spyware endures even after widespread exposure, analysis shows

Google: Governments need to do more to combat commercial spyware

State Department will not issue visas to individuals linked to spyware abuse

U.S. government sanctions Iranian officials over Pennsylvania water facility hack

U.S. government sanctions prolific North Korean cyber espionage unit

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics