President Biden bans federal agencies from using some spyware

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

The US government have been banned from using commercially developed spyware, after President Biden signed a new executive order halting the use of such tools.

The order forbids government bodies, including police forces, the military, and intelligence agencies, from using mobile spyware apps designed in the private sector for espionage and data theft. 

This includes Pegasus, a tool developed by the now-infamous Israeli software firm NSO Group, which was observed being used by nation-states to target human rights activists, journalists, politicians, and other high-profile individuals whose work might undermine the position of the ruling party, despite those governments that disclosed owning the license for Pegasus (and similar spyware) saying they would only use it to investigate serious crimes, such as threats of terrorism. 

Setting standards

Before the signing, the Biden administration held a call with reporters, during which the officials said the U.S. wants to “get ahead of the problem” and set standards for its allies, TechCrunch reported.

The executive order doesn’t name specific malware, but the officials did say it covers both homemade and foreign spyware, with NSO Group having been on the US government’s blacklist since November 2021. 

While the media speculate that besides NSO Group’s Pegasus, these most likely address the likes of Cytrox and Candiru, the officials added that the list of banned products and companies might never make it to the public.

In February 2022, the European Data Protection Supervisor (EDPS) called for a blanket ban on the use Pegasus spyware throughout the European Union. Two months later, in April, cybersecurity researchers from Citizen Lab warned UK officials from 10 Downing Street and the Foreign and Commonwealth Office that their endpoints were being targeted with the Pegasus spyware.

Via: TechCrunch

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.