Cyberweapon manufacturers plot to stay on the right side of US

In the summer of 2019, as Paragon Solutions was building one the world’s most potent cyberweapons, the company made a prescient decision: before courting a single customer, best get the Americans on side.

The Israeli start-up had watched local rival NSO Group, makers of the controversial Pegasus spyware, fall foul of the Biden administration and be blacklisted in the US. So Paragon sought guidance from top American advisers, secured funding from US venture capital groups and eventually scored a marquee client that eludes its competition: the US government.

Interviews with half a dozen industry figures about the divergent paths of the two companies underline how the shadowy spyware industry is being reshaped around those friendly to American interests.

According to four of those people, the US Drug Enforcement and Administration Agency is among the top customers for Paragon’s signature product nicknamed Graphite.

The malware surreptitiously pierces the protections of modern smartphones and evades the encryption of messaging apps like Signal or WhatsApp, sometimes harvesting the data from cloud backups — much like Pegasus does.

Paragon was set up by Ehud Schneorson, the retired commander of Unit 8200, the Israeli army’s elite signals intelligence arm. According to people familiar with the company, which includes ex-Prime Minister Ehud Barak on its board, has secured investment from two US-based venture capital firms, Battery Ventures and Red Dot.

Paragon, Barak, Battery Ventures and Red Dot declined to comment.

In 2019, even before work on Graphite had been completed, on advice from a retired senior Mossad official, Paragon hired DC-based WestExec Advisors, the influential advisory group staffed by ex-Obama White House officials including Michele Flournoy, Avril Haines and Antony Blinken. Ex-US ambassador to Israel, Dan Shapiro, was also consulted, people with knowledge of the advisory effort said. Shapiro declined to comment.

WestExec said it “advised Paragon on its strategic approach to the US and European markets, as well as the formulation of its industry-leading ethical commitments designed to ensure the appropriate use of its technology,” adding it was “proud of our contributions in these critical areas.”

After the election of Democratic president Joe Biden in 2021, Blinken was appointed secretary of state, while Haines is now director of national intelligence. Both had departed WestExec by the time of the Paragon contract, the lobbying firm said. Flournoy — once considered in the running to lead the defence department — remains an influential US voice on foreign affairs.

American approval, even if indirect, has been at the heart of Paragon’s strategy. The company sought a list of allied nations that the US wouldn’t object to seeing deploy Graphite. People with knowledge of the matter suggested 35 countries are on that list, though the exact nations involved could not be determined. Most were in the EU and some in Asia, the people said.

“Everything they did was with the strategy that at the end of the day, the US should see them as the good guys,” said one person familiar with the decisions.

That contrasts with NSO’s recent troubles. By 2019, assisted by the regional diplomacy of prime minister Benjamin Netanyahu, NSO was a $1bn company selling its wares to Saudi Arabia, Mexico and dozens of other countries.

By the time the Biden administration came into office, NSO’s lucrative customers were proving to be its Achilles heel, as many of those regimes continued to deploy the multimillion-dollar weapon against journalists, dissidents and opposition leaders.

As evidence of abuse spread, such as the targeting of US diplomats in Uganda in 2021, NSO has found itself in the crosshairs both of the American government and the world’s largest tech companies. Apple and WhatsApp owner Meta are suing it.

“There is a growing sense that this particular type of malware is so invasive, so surreptitious that its proliferation poses both a human rights risk and a counter-intelligence risk to the US,” said Stephen Feldstein, who has studied the spread of spyware such as Pegasus and Graphite for the Carnegie Endowment.

For nearly a decade, the only restraint on some of the biggest spyware manufacturers was Israeli export controls, which regulate malware like Pegasus as weapons. Feldstein said that Israeli officials “make decisions on geopolitical solutions, not on human rights abuses.”

Paragon’s founders, however, were more sensitive to the increasingly dim view the US was taking of the proliferation of cyberweapons.

After NSO’s malware was tracked to the phones of associates of murdered Saudi columnist Jamal Khashoggi, Paragon declined Israeli government requests to replace Pegasus with Graphite in the Saudi armoury, according to two people familiar with the issue.

Paragon’s decision to eschew a valuable Saudi contract eventually paid off. Two other Israeli firms, Quadream and Candiru, which sold similar hacking capabilities to the Saudi government, were outed by Microsoft and rights group Citizen Lab after their malware was used on journalists and dissidents. Candiru was blacklisted alongside NSO in Nov 2021. Quadream recently shut down operations, the Israeli paper Calcalist reported.

The US has stepped in further to reshape the spyware market to favour those who sell cyberweapons to the US and its allies, while curbing those who chase lucrative contracts with authoritarian regimes.

President Joe Biden signed an executive order in March barring any US agency from purchasing spyware that “poses risks to national security or has been misused by foreign actors to enable human rights abuses around the world.”

The wording of the executive order is seen by experts as targeting NSO, while carving out a space for companies like Paragon to continue selling similar spyware, but only to the closest of US allies. The American expectation — still unproven — is that friendly nations are less likely to abuse such a weapon on civil society, or to spy on US government officials deployed abroad.

“It’s really making the case that the US believes that many of these kinds of tools are unlawful,” said David Kaye, who as the UN’s Rapporteur for Freedom of Expression spent years trying to hold the NSO Group accountable for its customers’ abuse of its spyware. “And if the proliferation of these tools is a national security problem, then that really changes the conversation from it being a human rights problem.”

NSO said it “does not believe that its placement on the [US Commerce Department blacklist] has ever been warranted,” adding: “ironically, other cyber intelligence companies who are not subject to the list sell to countries without any regulatory structure and that NSO refuses to make sales [to].”

However, the DEA’s purchase of Graphite, reportedly only for use by its partners in Mexico to help fight drug cartels, has begun to draw scrutiny. The DEA said it uses: “every lawful investigative tool available to pursue the foreign-based cartels and individuals operating around the world responsible for the drug poisoning deaths of 107,735 Americans last year.”

Congressman Adam Schiff, the chair of the House Intelligence Committee, wrote to the DEA in December asking for more details on the purchase. Mexico is among the worst abusers of NSO’s Pegasus which it bought nearly a decade ago.

Schiff wrote: “such use [of spyware] could have potential implications for US national security, as well as run contrary to efforts to deter the broad proliferation of powerful surveillance capabilities to autocratic regimes and others who may misuse them.”

Read the full article Here

Leave a Reply

Your email address will not be published. Required fields are marked *

DON’T MISS OUT!
Subscribe To Newsletter
Be the first to get latest updates and exclusive content straight to your email inbox.
Stay Updated
Give it a try, you can unsubscribe anytime.
close-link