wordpress blog stats
Connect with us

Hi, what are you looking for?

Pegasus maker NSO Group and three others blocked from doing business with US firms

The cyber espionage firm is now part of a federal blacklist aimed at restricting exports and transfers of US technology.

“NSO Group and Candiru (Israel) were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” read a press release by the US Department of Commerce. The announcement was made as part of the Bureau of Industry and Security’s (BIS) final rule which added four foreign companies to the Entity List for ”engaging in activities that are contrary to the national security or foreign policy interests of the United States”.

The ruling ensures that BIS will impose a license requirement that applies to all items under EAR (Export Administration Regulations). The commerce department added that there are no license exceptions for entities under the List. Moreover, these entities will be subject to a presumption of denial by the BIS for license review.

The move can be considered as a fallout of the investigation conducted by the Pegasus Project. This is a rare indictment by a major country acknowledging the problematic dealings of the NSO Group, the cyber-espionage firm behind the Pegasus spyware which was found to have been deployed against politicians, civil society activists, and others around the world.

Why did the US Government spring into action?

The department explained the sophisticated tools sold by these companies helped foreign governments to “conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” according to the document.

“Such practices threaten the rules-based international order,” read the statement.

U.S. Secretary of Commerce Gina M. Raimondo said that the US plans to use export controls aggressively to hold companies, which threaten the cybersecurity of members of civil society, dissidents, government officials, and organisations, accountable.

Advertisement. Scroll to continue reading.

Which were the other companies targeted by the ruling?

The two remaining entities hail from Russia and Singapore.

Positive Technologies from Russia and Computer Security Initiative Consultancy from Singapore feature on the list because “they traffic in cyber tools used to gain unauthorised access to information systems, threatening the privacy and security of individuals and organisations worldwide”, as reasoned by the BIS.

A committee chaired by the Department of Commerce and includes the Departments of Defense, State, Energy, and Treasury, found the conduct of these four entities concerning enough to warrant action.

Export controls announced by the US earlier

The addition of companies to the Entity List comes in the wake of the announcement a couple of weeks ago. The United States (US) had announced export controls as an interim measure for products that can be used for “malicious cyber activities”, according to a press release by the US government’s commerce department.

It meant that American exporters required a license to sell cybersecurity products to countries of national security or weapons of mass destruction concern, it added. The license was also made mandatory for countries under a U.S. arms embargo. The new rules will be effective in 90 days (January 2022) as the department’s BIS invited public comments.

Here are some of the details of the proposed measures:

Advertisement. Scroll to continue reading.
  • BIS has explained that end users targeted by this interim rule include a ‘government end user’.
  • The License Exception ACE imposes an end-use restriction in situations where the exporter has reason to believe that the ‘cybersecurity item’ will be used to affect the confidentiality and integrity of information without authorisation from the owner at the time of export.
  • US exporters must consult the US State Department’s guiding principles for transactions involving foreign governments for surveillance products to minimise the risk of misuse by governments to violate or abuse human rights.

Also read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

I cover several beats such as crypto, telecom, and OTT at MediaNama. I will be loitering at my local theatre and consuming movies by the dozen when I am off work.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ