Recently, as part of their investigations into illegal wiretapping, Greek authorities raided an office of an Israeli company behind the Predator spyware, as well as five other companies believed to be connected in some capacity.  The raids were the product of revelations of surveillance activities being conducted against dozens of prominent politicians, journalists, and businessmen, in a scandal dubbed the “Greek Watergate.”  The Predator cyberespionage tool had been identified in at least one journalist’s phone with evidence that another attempt was being made against the political oppositionist leader’s phone.  The Prime Minister acknowledged that the intelligence services had executed the surveillance, but that he did not know that these activities extended to his political rival.  In the aftermath of the backlash the scandal created, the Greek government passed a bill outlawing government use of spyware.

This is not the first time when private sector spyware tools have been thrust into the spotlight over their questionable uses.  Notably, the fallout of the Pegasus Spyware created by the Israeli company NSO Group continues to make headlines due to its abuse by global governments and law enforcement agencies.  The NSO scandal revealed the appetite for the commoditization of these types of tools to support both law enforcement investigations and intelligence operations.  While marketed for implementation against criminal and terrorist targets, reporting from independent sources have shown that these technologies are often misused against other targeted organizations and individuals.  What’s more, regardless of the public backlash that has resulted from these scandals, companies continue to produce these tools for an industry that shows no signs of abatement.

When looking at how big tech has been linked to questionable activities such as content monitoring and the surveillance of private citizens, it is easy to see the slippery slope that can occur from these unchecked practices.  While spyware has been used to effectively address national security concerns (spyware helped the capture of notorious drug cartel kingpin Joaquin Guzman), it hasn’t taken long for these technologies to be corrupted for other purposes such as commercial surveillance, personal surveillance, and industrial espionage. The diversity and prominence of the individuals that have been targeted demonstrate how these tools could be used for nefarious purposes, particularly with respect to human rights abuses, illegal surveillance, and theft of sensitive information to be used for advantage.

According to research from a think tank, spyware has been used by at least 73 countries, suggesting that even though companies like NSO Group may suffer financial and legal penalties, there is always another to fill the void.  And the void is large.  Meta recently published a report in which it stated that the company continued to investigate and take actions against spyware vendors around the world, including in China, India, Israel, Russia, and the United States that were engaged in activities in approximately 200 countries and territories.  The controversial and unregulated industry has been assessed to be worth USD 12 billion, according to Microsoft.  Per one security company’s telemetry data, the first half of 2022 saw an 111% global increase in spyware detections over the same period in 2021.  This is a remarkable figure coming on the heels of legal and financial consequences suffered by the NSO Group, which is being sued by journalists after it was placed on the United States trade blacklist.

What’s more, while authoritarian governments have been naturally linked to the deployment of spyware, they are not the only ones, further showing that other types of governments find value in the tool.  For example, despite trying to reign in the NSO Group, the U.S. government continues to purchase and deploy spyware for use.  Per the New York Times, the U.S. government is allowing its Drug Enforcement Agency to continue to implement Graphite, an Israeli company hacking took, for operations against drug cartels. Per an unnamed Times White House source, such tools would not be used to target civil society; however, given recent allegations of collusion between big tech, social media, and government agencies, this promise may give little comfort absent clear oversight monitoring of  how they are used and who they are used against.

For the present, it appears that spyware will remain an unchecked space as there isn’t any substantive international law addressing its use.  Some countries like Germany and the United Kingdom have laws governing how agencies can extract data from devices, but most do not.  There is some hope that the repeated scandals suffered by these companies will help their activity, though this may be more wishful thinking than a feasible stopgap or a viable solution.   The bottom line is that without a means to regulate the global cyber surveillance industry, and governments willing to comply to such regulations, niche companies will continue to emerge in geographic regions that do not have them or do not adhere to them.  What’s more, this invariably creates an industry ecosystem whereby newer companies adjust their practices in order to minimize their exposure and circumvent the issues and problems that caused their predecessors to fail.  Companies may choose to remain boutiques in order to be flexible to any changes in the regulatory environment, electing to operate out of government-friendly countries, and should they befall a worst-case scenario, rebrand rather than breakup.

One thing is clear. This industry has found a receptive global intelligence and law enforcement clientele and governments eager to bolster their capabilities with technologies they may not be able to replicate themselves.  This means that there will be a demand for these products in the foreseeable future. It also means that it may make finding global common ground on how cyber surveillance technology should be monitored, and how to hold companies and customers accountable difficult.  Unfortunately for this industry, if caught, governments may find it easier to ask for forgiveness from the public under the auspices of clandestine surveillance for security reasons, than ask prior permission to do it.  Because isn’t that the rule of opportunity?  When one door closes, another opens. Or in this case, when one company folds another is ready and willing to take its place.

About the Author

Emilio Iasiello

Emilio Iasiello has nearly 20 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as the private sector. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in such peer-reviewed journals as Parameters, Journal of Strategic Security, the Georgetown Journal of International Affairs, and the Cyber Defense Review, among others. All comments and opinions expressed are solely his own.