The US government has recently purchased spyware from two of Israel’s hacking firms, thus raising the attention of Congress, which has been utilizing its efforts in controlling the usage of hacking tools.
Representative Adam Schiff, the chairman of the House Intelligence Committee, found that the Drug Enforcement Administration had acquired Graphite, which is a spyware tool, and wrote the agency a letter to inform them there could be consequences if regarding the spyware’s usage if the agency uses it outside of its legal limits.
We obtained a copy of the letter for you here.
However, the DEA announced in the past that it was only using Graphite for foreign operations and not for internal use inside the United States.
Graphite and Pegasus are the two primarily known spyware tools that Israeli hacking firms have created. As a measure against allowing firms to give spyware to any foreign governments, the Israeli government made a decree that all firms were required to have an export license.
To bypass this restriction, some firms attempted to move their firms outside of Israel. Tal Dilian was one such Israeli who was able to move his business into Greece and Cyprus and cause those countries to believe that the government was spying on its inhabitants through the usage of Predator, his hacking instrument.
Although Israel has made endeavors to control exports of Israeli spyware, there are still other countries that illegally obtain hacking tools through Israeli agencies like NSO.
The FBI had obtained NSO’s Pegasus, which some governments have used to target those who speak out against the government, potentially to utilize in criminal investigations. However, in a government legal brief, the FBI director decided against using any hacking tools.
Last year, the Biden administration blacklisted NSO so that no American corporation would legally be allowed to do business with it. Additionally, Congress passed a bill that grants the director of national intelligence the ability to forbid the US Intelligence Community from acquiring spyware from foreign countries. However, as a security measure, the director must ascertain and monitor all foreign spyware firms and submit a list of these firms to Congress every year.