US announces visa ban on those linked to commercial spyware

Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States.

"The State Department is implementing a new policy today that will allow the imposition of visa restrictions on individuals involved in the misuse of commercial spyware," Blinken said.

"Such targeting has been linked to arbitrary detentions, forced disappearances, and extrajudicial killings in the most egregious of cases. Additionally, the misuse of these tools presents a security and counterintelligence threat to U.S. personnel."

As part of this effort, the Biden Administration also issued an Executive Order prohibiting the U.S. government from using mercenary surveillance tools that may pose risks to foreign policy interests or national security.

The Biden administration has released guiding principles for governments to prevent misuse of surveillance tech in a joint effort with 36 other governments (known as the Freedom Online Coalition) to prevent human rights abuses.

The Biden admin also released guiding principles regarding the government's use of surveillance tech as part of a joint effort with 36 other governments (known as the Freedom Online Coalition) to prevent its misuse to enable human rights abuses.

The Commerce Department's Bureau of Industry and Security (BIS) added four European commercial spyware companies to its Entity List in July 2023 due to their involvement in trafficking cyber exploits used to hack the devices of high-risk individuals worldwide.

According to the State Department, the deployment of commercial spyware tools developed by Intellexa S.A. from Greece, Intellexa Limited from Ireland, Cytrox Holdings Zrt from Hungary, and Cytrox AD from North Macedonia on a worldwide scale aimed to intimidate political adversaries, restrict freedom of speech, suppress dissent, and keep track of journalists' activity.

Before the sanctions, Google's Threat Analysis Group (TAG) linked the Cytrox in May 2022 with multiple zero-day vulnerabilities exploited in Predator spyware attacks targeting Android users, while Intellexa was tagged as the maker of the Predator Android spyware and its loader Alien by Cisco Talos and Citizen Lab security researchers.

Intellexa's spyware was also used in various surveillance campaigns targeting high-profile European politicians, journalists, and Meta executives.

​The Commerce Department sanctioned four other companies from Israel, Russia, and Singapore in November 2021 because of their involvement in developing spyware or selling hacking tools deployed by state-sponsored hacking groups.

Positive Technologies in Russia and Computer Security Initiative Consultancy (CSIS) in Singapore were banned for trafficking exploits and hacking tools. Israeli spyware makers Candiru and NSO Group were listed for developing and commercializing spyware used to target activists and journalists worldwide.

"The United States remains concerned with the growing misuse of commercial spyware around the world to facilitate repression, restrict the free flow of information, and enable human rights abuses," Blinken said.

"The United States stands on the side of human rights and fundamental freedoms and will continue to promote accountability for individuals involved in commercial spyware misuse."