At least 50 government employees hit with spyware attack
A spyware attack on at least 50 U.S. government employees in at least 10 countries prompted The White House to issue a new executive order designed to hinder the use of spyware for malicious purposes.
The staffers were targeted with commercial hacking tools generally referred to as spyware, which highlights an increasing threat by offensive cyber vendors, a senior administration official said, according to Reuters.
The focus of the executive order
The executive order is aimed at restricting spyware tools that target the surveillance of human rights activists, journalists, U.S. personnel, civil society and dissidents internationally, according to VOA.
The order was issued on Monday, and is a response to increasing concerns surrounding programs with the capability to capture text messages and other mobile phone information.
Some hacking programs referred to as "zero-click" exploits have the capability to infect a phone even though the recipient of a malicious link doesn't click on the link.
All governments globally, including the United States, typically collect significant amounts of information for the purposes of benefiting law enforcement and for intelligence reasons.
This includes information communicated between their own citizens, according to VOA.
Commercial spyware growing at exponential rate
Commercial spyware is growing at a rapid rate, and new tools with powerful capabilities are even being made available to smaller countries. This also opens the door for an increase in abuse and repression, according to VOA.
A statement from the White House said the executive order, "demonstrates the United States' leadership in, and commitment to, advancing technology for democracy, including by countering the misuse of commercial spyware and other surveillance technology."
Any U.S. government agency desiring to use commercial spyware must demonstrate for The White House that there isn't a counterintelligence or other security risk, according to VOA
The new executive order is intended to pressure spyware developers through the implementation of new restrictions intended to influence the purchasing decisions of those involved with the U.S. government of defense, law enforcement, and intelligence agencies, a senior administration official told Reuters.
The increased regulations in connection to the organizations that are allowed to do business with the U.S. are intended to impact how the surveillance industry functions, as well as the sales of those with nefarious intensions, a senior administration official told Reuters.
U.S. to monitor both current spyware and any new spyware platforms
"We have clearly identified the proliferation and misuse of spyware as a threat to national security. The threat of misuse around the world also implicates our core foreign policy interests," The official said, adding that an extensive U.S. government review that began in 2021 was a part of that identification process.
The U.S. intelligence community will continue to be vigilant in its observation of spyware platforms, and if new ones arise that are used to target U.S. government staff in the future, then those platforms will also be included in the new restrictions, according to Investing.com.
There have been a series of media and cybersecurity reports over the course of recent years highlighting spyware sales to governments globally.
Several governments in particular, those in Middle Eastern and in African countries, were especially active in reportedly using spyware against human rights defenders, journalists, and dissidents, according to Investing.com.
"We needed to have a standard where if we know that a company is selling to a country that is engaged in these outlined activities, that in and of itself is a red flag," a senior administration official told Investing.com.