"WASHINGTON -- President Biden restricted the use of commercial hacking tools throughout the federal government as officials said they believed high-powered spyware had compromised devices belonging to at least 50 U.S. personnel working overseas.
Mr. Biden signed an executive order that imposes rules limiting the acquisition and deployment of hacking tools from vendors whose products have been linked to human-rights abuses or are deemed to pose counterintelligence or national security risks to the U.S. It also limits the purchasing of tools if they are sold to foreign governments considered to have poor records on human rights.
The move, senior administration officials said, is intended to grapple with the rapidly growing and lucrative international marketplace of cyber-intrusion tools that can break into someone's phone -- often with malware that doesn't require the victim to click on a malicious link or attachment -- and spy on them undetected for months or years.
By not banning such tools outright, the order is also an acknowledgment that the spyware-for-sale industry is potentially important to government intelligence operations even as the technology poses a growing counterintelligence and national security risk to U.S. diplomats, spies and others.
"This is a foundational step to make sure we as a U.S. government have clear guardrails in place" on the use of commercial hacking tools, a senior administration official said.
Independent security researchers and human-rights advocates have said some forms of commercial spyware can be almost impossible to defend against and have been abused by authoritarian and some democratic governments to target journalists, dissidents and political opponents.
The discovery of the extent of infiltration of devices belonging to U.S. officials was particularly alarming, senior administration officials said, adding that it reflected the national security dangers posed by unchecked proliferation of these kinds of hacking tools.
The tally of officials who have had their devices hacked is far larger than what has been reported previously. Officials declined to identify who was targeted other than to say some held senior jobs; they also declined to identify in which countries the victims had worked but said the hacking had occurred in at least 10 countries on multiple continents. The officials said victims had been made aware of the intrusions and that they anticipated more compromises would be identified.
"These are only the devices we have been able to identify," the senior administration official said."" [1]
1. U.S. News: Spyware Reined In As Tool by Agencies
Volz, Dustin. Wall Street Journal, Eastern edition; New York, N.Y. [New York, N.Y]. 28 Mar 2023: A.3.
Komentarų nėra:
Rašyti komentarą