Google Exposes Leading Spyware Companies, Advocates for Stricter Regulatory Measures
In a striking disclosure, Google (GOOGL.O) pinpointed key players in the surveillance software market on Tuesday, urging the United States and allied nations to intensify efforts to regulate the sale and abuse of espionage tools. This call for action comes amidst growing concerns over the use of spyware by governments for national security purposes, which has instead been misappropriated to surveil civil society, political adversaries, and journalists over the past ten years.
The alarm over these practices heightened following revelations that NSO’s Pegasus spyware had infiltrated devices worldwide, impacting human rights advocates among others. Google’s latest report emphasizes that NSO, despite its notoriety, is merely one among numerous entities driving the rampant spread of espionage technology.
Given Google’s extensive digital footprint, the insights from Alphabet Inc’s researchers carry significant weight, highlighting the widespread and intricate web of hacking operations. The TAG threat-hunting team at Google stressed the growing contribution of the private sector to the development and dissemination of advanced spyware, posing a substantial threat to global internet security. The report states, “Demand from government customers remains strong, and our findings underscore the extent to which commercial spyware vendors have proliferated hacking and spyware capabilities that weaken the safety of the Internet for all.”
In response to these unsettling trends, the United States, alongside several partner nations, pledged last year to tackle the burgeoning surveillance software market. This commitment followed the targeting of over 50 U.S. government officials in ten countries by spyware.
Google’s investigation revealed a list of companies, including Italy’s Cy4Gate and RCS Labs, Greece’s Intellexa, and the lesser-known Italian firm Negg Group and Spain’s Variston, which specialize in penetrating phone defenses. These entities are continuously innovating to evade the latest security protocols of major mobile operating systems like Apple’s iOS and Google’s Android.
Despite presenting itself as a cybersecurity proponent, Negg Group’s software has been implicated in espionage activities in Italy, Malaysia, and Kazakhstan. Similarly, Variston is accused of crafting software that compromises users’ devices through popular browsers and iOS applications. Another entity, Protected AE (also known as Protect Electronic Systems), reportedly employs comparable tactics for targeting. Attempts to elicit comments from the implicated firms were met with silence or lack of accessibility.
Google’s revelations align with recent U.S. government measures to impose visa restrictions on individuals linked to the misuse of commercial spyware, marking a significant stride in the global fight against the unauthorized use and proliferation of such invasive technology.