NSO Group, Positive Technologies and other firms sanctioned by the US government

The U.S. sanctioned four companies for the development of surveillance malware or the sale of hacking tools used by nation-state actors, including NSO Group.

The Commerce Department’s Bureau of Industry and Security (BIS) has sanctioned four companies for the development of spyware or the sale of hacking tools used by nation-state actors.

The firms are NSO Group and Candiru from Israel, Computer Security Initiative Consultancy PTE. LTD from Singapore, and Positive Technologies from Russia.

“The Commerce Department’s Bureau of Industry and Security (BIS) has released a final rule adding four foreign companies to the Entity List for engaging in activities that are contrary to the national security or foreign policy interests of the United States. The four entities are located in Israel, Russia, and Singapore.” reads the announcement published by the U.S. Department of Commerce.

NSO Group and Candiru are being sanctioned for the development and sale of surveillance software used to spy on journalists and activists. Positive Technologies and Computer Security Initiative Consultancy PTE. LTD. are being sanctioned because both entities traffic in cyber exploits used by threat actors to compromise computer networks of organizations worldwide. The US authorities have added the companies to the Entity List based on their engagement in activities counter to U.S. national security.

“Pursuant to § 744.11(b) of the EAR, the ERC determined that the conduct of the abovedescribed four entities raises sufficient concerns that prior review, via the imposition of a license requirement for exports, reexports, or transfers (in-country) of all items subject to the EAR involving these four entities and the possible issuance of license denials or the possible imposition of license conditions on shipments to these entities, will enhance BIS’s ability to prevent violations of the EAR or otherwise protect U.S. national security or foreign policy interests.” reads the PUBLIC INSPECTION DOCUMENT published by the Federal Register. “In addition, the ERC also determined that no license exceptions should be available for exports, reexports, or transfers (in-country) to the persons being added to the Entity List in this rule. The ERC imposed a license review policy of a presumption of denial for these four entities.”

The measure aims at preventing the export, reexport, or transfer of the products or the services of the sanctioned firms.

In April, US Government accused the Russian cybersecurity firm Positive Technologies of providing support to the cyber operations carried out by Russian Intelligence Services.

“The United States is committed to aggressively using export controls to hold companies accountable that develop, traffic, or use technologies to conduct malicious activities that threaten the cybersecurity of members of civil society, dissidents, government officials, and organizations here and abroad,” said U.S. Secretary of Commerce Gina M. Raimondo regarding these new sanctions.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, NSO Group)

[adrotate banner=”5″]

[adrotate banner=”13″]