Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists

Officials said the visa restriction policy can apply to citizens of any country found to have misused or facilitated the malign use of spyware

The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware.

The administration’s policy will apply to people who’ve been involved in the misuse of commercial spyware to target individuals including journalists, activists, perceived dissidents, members of marginalized communities, or the family members of those who are targeted. The visa restrictions could also apply to people who facilitate or get financial benefit from the misuse of commercial spyware, officials said.

“The United States remains concerned with the growing misuse of commercial spyware around the world to facilitate repression, restrict the free flow of information, and enable human rights abuses,” Secretary of State Antony Blinken said in a statement announcing the new policy. “The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association. Such targeting has been linked to arbitrary detentions, forced disappearances, and extrajudicial killings in the most egregious of cases.”

Biden issued another executive order nearly a year ago restricting the U.S. government’s use of commercial spyware “that poses risks to national security.”

That order required the head of any U.S. agency using commercial programs to certify that they don’t pose a significant counterintelligence or other security risk, a senior administration official said. It was issued as the White House acknowledged a surge in hacks of U.S. government employees, across 10 countries, that had been compromised or targeted by commercial spyware.

A senior administration official who briefed reporters ahead of Monday’s announcement would not say if any particular individuals were in line to immediately be impacted by the visa restrictions. The official spoke on the condition of anonymity under ground rules set by the White House.

Officials said the visa restriction policy can apply to citizens of any country found to have misused or facilitated the malign use of spyware, even if they are from countries whose citizens are allowed entry into the U.S. without first applying for a visa.

Perhaps the best known example of spyware, the Pegasus software from Israel’s NSO Group, was used to target more than 1,000 people across 50 countries, according to security researchers and a July 2021 global media investigation, citing a list of more than 50,000 cellphone numbers.

Advertisement. Scroll to continue reading.

The U.S. has already placed export limits on NSO Group, restricting the company’s access to U.S. components and technology.

Pegasus spyware was used in Jordan to hack the cellphones of at least 30 people, including journalists, lawyers, human rights and political activists, according to the digital rights group Access Now.

The hacking with spyware made by Israel’s NSO Group occurred from 2019 until last September, according to Access Now. It did not accuse Jordan’s government of the hacking.

Amnesty International also reported that its forensic researchers had determined that Pegasus spyware was installed on the phone of Washington Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after he was killed in the Saudi Consulate in Istanbul in 2018. The company had previously been implicated in other spying on Khashoggi.

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

CISO Strategy

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.

Cybercrime

A global cyber espionage campaign has resulted in the networks of many organizations around the world becoming compromised after the attackers managed to breach...

Cybercrime

Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...