XPost: alt.politics, sac.politics, talk.politics.guns
XPost: talk.politics.misc
From: biden@panics.com
AlleyCat wrote in
news:sgbnhv$e56$4@news.dns-netz.com:
> Close the entire agency down. Fire them all.
In November of 2021, after years of ongoing scandals, the Biden
administration formally blacklisted the NSO Group, a notorious spyware
maker from Israel, shutting it off from American businesses and investment
opportunities. But the New York Times now reports that not every part of
the government was on the same page about that decision.
Indeed, just five days after the White House banned unauthorized business
transactions with NSO, an unknown federal agency used a front company to
procure one of firm’s most creepy products—a geolocation tool known as
“Landmark.” We still don’t know which part of the government pushed
through that “secret contract,” but what we do know is this: it was acting
in clear violation of the White House’s policy.
Anybody paying close attention to the surveillance industry over the past
several years knows that NSO is a major source of drama. The seller of
frighteningly powerful surveillance tools, the firm has—for years—been
linked to shady clients (read: despotic regimes), which have frequently
used its products to spy on journalists, political activists, and other
vulnerable groups.
The government’s decision to blacklist NSO in 2021 marked the beginning of
a broader push by the Biden administration to rein in the excesses of the
commercial spyware industry. The blacklist placed NSO on the U.S. Commerce
Department’s “Entities List”—an official tally of foreign firms that have
been deemed as working contrary to U.S. interests. Getting put on that
list means U.S. companies can’t do business with you unless they first
acquire a special license from the government. The move was clearly
designed to crush NSO financially—cutting it off from vital funding and
support supplied by American firms. Since that time, the White House has
only continued to go after the spyware industry writ large—passing a slew
of regulatory reforms, including another executive order last week, all of
which have sought to curb the harmful behavior of the industry’s worst
offenders.
The White House’s very public efforts at reform make the revelation that
an unknown federal agency procured NSO’s tool all the more bizarre.
The “Secret Contract” Was Used to Track Targets in Mexico
While the nitty gritty details of the contract in question haven’t been
spelled out entirely, there’s enough information to paint a broad picture
of highly suspicious behavior on the part of...someone. As the Times
notes, Landmark is a tool that allows NSO clients to quietly track the
physical locations of specific mobile users without their knowledge.
Previous reporting has shown that the tool takes advantage of SS7, a
telecom protocol that is known to have longstanding security deficiencies.
The 2021 agreement involving the tool apparently allowed the U.S.
government to “test, evaluate, and even deploy the spyware against targets
of its choice in Mexico,” and two sources interviewed by the Times also
said that the surveillance product was used to make “thousands” of queries
related to targets in Mexico. Frighteningly, the parameters of the
contract also allowed for the targeting of mobile users within the United
States, though there is no evidence that anything like that has taken
place, the Times writes.
Why, exactly, was Mexico a target? The answers to that question—like a lot
of the details of this arrangement—is unknown.
One thing is for sure: whoever purchased Landmark certainly made a
concerted effort to cover their tracks. The Times report that this unknown
government agency—whatever it was—entered into an agreement with a front
company, dubbed “Cleopatra Holdings,” in order to negotiate a contract
with Gideon Cyber Systems—a holding company owned by the private equity
firm, Novalpina Capital. Novalpina is the primary owner of NSO, having
purchased the spyware vendor back in 2019, in an effort to rehabilitate
its image amidst ongoing scandals. The contract was signed by a person
named “Bill Malone,” who was said to be the CEO of Cleopatra Holdings. In
reality, “Cleopatra” was actually Riva Networks, a secretive government
contractor based in New Jersey that has a long history of procuring
services for federal agencies, the Times reports. “Malone,” meanwhile, was
a pseudonym used by Riva’s CEO, Robin Gamble. The Times states that when
its reporters visited the listed address for “Cleopatra Holdings,” they
found an odd looking office and were greeted at the door by a person who
told them that she’d “never heard of” the company in question.
Riva Networks has sold NSO’s surveillance tools to the U.S. government
before. Prior to the Biden administration’s 2021 blacklisting order, the
FBI purchased a variant of NSO’s infamous “Pegasus” spyware; Riva was
involved with that deal and used the same front identity to help the
bureau procure the malware, the Times reports.
White House Calls the Deal “Highly Concerning”
Somewhat comically, the White House seems to be claiming ignorance about
the contract: “We are not aware of this contract, and any use of this
product would be highly concerning,” an administration official told the
Times.
That response begs the question: uh, what happened here? Did a federal
agency go rogue with this particular purchase?
To be honest, that would be pretty par for the course. The federal
government has consistently proven itself to be of two minds about
powerful cyber tools like Landmark and Pegasus: the executive branch, on
the one hand, has consistently sought to acknowledge the dangers that such
products pose...whereas the national security community has often seemed
to be champing at the bit to deploy them—knowing full well how useful they
can be.
Which of those perspectives is going to win out in the long term? I guess
we’ll have to wait to find out.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
