Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

U.S. Sanctions Israel’s NSO Group for Cyber-Surveillance Issues

November 4, 2021

The Washington Post (sub.req.) reported on November 3 that the United States has added the Israeli spyware company NSO Group to its “entity list,” a federal blacklist prohibiting the company from receiving some American technologies, after determining the company’s phone-hacking tools had been used by foreign governments to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

This action is a significant sanction against a company highlighted in July by the global Pegasus Project consortium, including The Washington Post and 16 other news organizations worldwide. The consortium published dozens of articles detailing misuse of the Pegasus spyware by customers of NSO.

The Commerce Department said in a statement that the action is part of the Biden administration’s “efforts to put human rights at the center of U.S. foreign policy, including by working to stem the proliferation of digital tools used for repression.”

The company did not immediately respond to requests for comment.

The company has consistently denied the findings of the Pegasus Project, which found that some of NSO’s dozens of law enforcement, military and intelligence customers in more than 40 countries target journalists, politicians and human rights workers on a routine basis with Pegasus, which can hack into a victim’s cellphone. NSO has admitted that there were problems with some customers in the past.

Being added to the entity list prohibits all exports from the U.S. to NSO of any type of hardware or software, cutting the company off from an essential source of technology. It could also interfere with future business arrangements and challenge NSO’s ability to function as an international company.

“The impact is broader than just the legal prohibition,” said Kevin Wolf, an international trade lawyer at the law firm Akin Gump who previously ran the entity list process. “It’s a huge red flag.”

It is rare for the U.S. government to target companies from U.S. allies, including NSO Group’s home country of Israel. NSO’s addition to the list also marked one of the first times that the U.S. government had cited cyber-surveillance issues as the cause for the penalty.

I for one am happy to see the U.S. working to stop the proliferation of technology tools used for repression, no matter what country is involved.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology