US welcomes new governments to fight against spyware as it finds more American personnel have been targeted

Mar 17, 2024, 4:14 PM

The Biden administration is welcoming six new countries to a US-led pact to crack down on phone-hac...

The Biden administration is welcoming six new countries to a US-led pact to crack down on phone-hacking spyware. (Ignatiev/iStockphoto/Getty Images via CNN Newsource)

(Ignatiev/iStockphoto/Getty Images via CNN Newsource)

Originally Published: 17 MAR 24 17:01 ET
Updated: 17 MAR 24 17:22 ET

(CNN) — The Biden administration is welcoming six new countries to a US-led pact to crack down on phone-hacking spyware as US officials tell CNN that the administration continues to find new cases of American government personnel being targeted by a technology that is deemed a national security and counterintelligence threat.

“We are aggressively and intensively trying to identity and confirm more” cases of US government personnel whose phones have been targeted with commercially available spyware, a US National Security Council official told CNN.

A year ago, the Biden administration put the tally of US government personnel either suspected of or confirmed to have been targeted by spyware at 50. It has since grown, the NSC official said, declining to quantify the growth in cases while saying that the counterintelligence and national security risks from the technology remain high.

Spyware is malicious software that is used to break into mobile phones, turning them into a listening device and scooping up their contacts. The market for commercial spyware has exploded over the last decade as companies from Israel to North Macedonia have hawked their services and many governments have been willing buyers.

A key prong of the US strategy to combat spyware has been trying to convince its allies not to do business with spyware companies whose tools might be used against US diplomats or to surveil dissidents and journalists on US soil.

Poland and Ireland — two countries that have allegedly had a role in spyware abuse in the past — are among the new signatories of the anti-spyware pact, a move that US officials are touting as a sign of growing global momentum to curb what has been rampant abuse of the surveillance technology. Poland’s prime minister has claimed the previous government used spyware on a long list of victims. The US Treasury Department this month sanctioned an Ireland-based company for allegedly being involved in the spyware business.

The other countries joining the pledge to combat spyware are Finland, Germany, Japan, and South Korea, according to the White House. The announcement will come this week in Seoul at the Summit for Democracy, an annual gathering of democratic governments around the world.

Eleven countries, including the US and its “Five Eyes” allies, signed onto the pledge last year, which vows that “any commercial spyware use by our governments is consistent with respect for universal human rights, the rule of law, and civil rights and civil liberties.”

State department personnel targeted

Alarm bells went off among senior counterintelligence and national security officials more than two years ago when they began to discover that dozens of US government personnel were targeted by invasive commercial spyware. That included a dozen State Department employees serving in Africa, whose iPhones were hacked with spyware developed by Israeli firm NSO Group, CNN has reported.

Governments using the spyware on US personnel may be trying to collect intelligence on the targeted phones or surveil people from their own countries that are meeting with US diplomats, the NSC official said. The official declined to name any governments involved.

The risk is acute: Some spyware vendors either have “very close relationships” with a foreign government or are “under the clear control” of a foreign government, the NSC official said, declining to elaborate.

At least 74 countries have contracted with private firms to obtain commercial spyware, the US intelligence agencies said this month in their annual threat assessment.

A US government-wide study of the risk of spyware to US interests was launched, including a probe of whether US intelligence and law enforcement agencies were contracting with the very spyware firms whose tools other governments were using to surveil US diplomats.

The Biden administration’s review “did not identify widespread use” in the federal government of commercial spyware, the official said in a rare interview on the subject. But US officials were alarmed by a “very aggressive effort” by spyware vendors to market their hacking tools to various US agencies, the official told CNN.

The FBI, for example, confirmed in 2022 that the bureau bought a testing license for NSO Group’s Pegasus software. The FBI has not used Pegasus in investigations, according to the bureau.

Alarmed by a lack of visibility into whether US government agencies were using commercial spyware, the White House last year issued an executive order barring agencies from using spyware that is deemed a national security threat or that is implicated in human rights abuses.

“If you think that your use of some of these tools is going to stay quiet in your own system, think twice,” the NSC official said, paraphrasing US advice to its allies. “And we are an example of that,” the official added, referring to the fact that the FBI has bought a test license for Pegasus, and that the tool has reportedly been used by other governments on US diplomats.

The Biden administration has sanctioned and restricted visas for spyware vendors and barred US companies from doing business with others. But it can only do so much on its own to dent a lucrative spyware market.

Spyware companies often hide behind opaque corporate structures and companies to stay in business, according to US officials and researchers who track those companies. White House officials this month met with US venture capital firms to warn them about the risks of their investments inadvertently fueling the growth of spyware.

“We are concerned about capital flowing in — and capital that folks may not realize is actually being used to fuel risks to Americans,” the NSC official said.

™ & © 2024 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.

We want to hear from you.

Have a story idea or tip? Send it to the KSL NewsRadio team here.


Afghan relatives offer prayers during a burial ceremony near the graves of victims who lost their l...

Niamh Kennedy and Radina Gigova, CNN

At least 300 people killed by flash floods in Afghanistan

At least 300 people have died in flash flooding that has ravaged northern Afghanistan in recent days, the Word Food Programme said Sunday.

2 months ago

The Apple Store at Towson Town Center Mall in Maryland is pictured. Apple Store workers in Towson, ...

Jordan Valinsky, CNN

Apple Store workers in Maryland vote to authorize strike

Apple Store workers in Towson, Maryland made history by voting late May 11 in favor of authorizing a strike.

2 months ago

Smoke from wildfires blankets the city as a couple has a picnic in Edmonton, Alberta, Saturday, May...

Paradise Afshar and Sara Smart, CNN

Canadians evacuate due to wildfires as air quality deteriorates

Thousands across Canada were urged to evacuate from blazing wildfires on Saturday, and the smoke emanating from them could be another danger.

2 months ago

Salvage crew members work on the deck of the cargo ship Dali on Friday, May 10....

Nicole Grether and Gloria Pazmino, CNN

Crews could use explosives to demolish part of Baltimore’s Key Bridge

Crews are expected to execute a plan to use small explosives to break apart a massive chunk of the Baltimore bridge that collapsed.

2 months ago

The sun is rising with a flare over Korla, Xinjiang Uygur Autonomous Region, China, on May 10....

Brian Fung, CNN

Why tonight’s massive solar storm could disrupt communications and GPS systems

An unusual amount of solar activity due to a solar storm this week could disrupt some of the most important technologies society relies on.

2 months ago

A customer wipes sweat from their face as they work out on a treadmill inside a Planet Fitness Inc....

Nathaniel Meyersohn, CNN

Planet Fitness will raise its $10 membership plan for the first time in 26 years

Planet Fitness will raise the price of its “classic” membership from $10 a month to $15 for new members beginning in the summer.

2 months ago

Sponsored Articles

A young woman smiles while reading the menu at a lakeside restaurant, enjoying the panoramic view o...

Bear Lake Convention & Visitors Bureau

The best restaurants to try in Bear Lake

Save this guide to the best restaurants in Bear Lake when you need to find a place to dine during your next visit.

Female leg stepping on weigh scales. Healthy lifestyle, food and sport concept....

Health Utah

Sustainable weight loss: the science-backed way to achieve it

Learn more about Debbie's weight loss journey with Health Utah, who have a unique weight loss philosophy for success.

Underwater shot of the fisherman holding the fish...

Bear Lake Convention and Visitors Bureau

Your Bear Lake fishing guide

Bear Lake offers year-round fishing opportunities. By preparing ahead of time, you might go home with a big catch!

A group of people cut a purple ribbon...


Comcast announces major fiber network expansion in Utah

Comcast's commitment to delivering extensive coverage signifies a monumental leap toward a digitally empowered future for Utahns.

a doctor putting her hand on the chest of her patient...

Intermountain Health

Intermountain nurse-midwives launch new gynecology access clinic

An access clinic launched by Intermountain nurse-midwives provides women with comprehensive gynecology care.

Young couple hugging while a realtor in a suit hands them keys in a new home...

Utah Association of Realtors

Buying a home this spring? Avoid these 5 costly pitfalls

By avoiding these pitfalls when buying a home this spring, you can ensure your investment will be long-lasting and secure.

US welcomes new governments to fight against spyware as it finds more American personnel have been targeted