# Foreign Affairs  ## Metadata - Author: - Full Title: Foreign Affairs - Category: #books ## Highlights - # Annotations\ (5/18/2025, 10:33:31 AM) “But the use of spyware is hardly limited to the world’s authoritarians. As researchers have revealed, over the past decade many democracies, including Spain and Mexico, have begun using spyware, as well, in ways that violate well-established norms of human rights and public accountability. U.S. government documents disclosed by The New York Times in November 2022 show that the FBI not only acquired spyware services from NSO, possibly for counterintelligence purposes, but also contemplated deploying them, including on U.S. targets. (An FBI spokesperson told the Times that “there has been no operational use of the NSO product to support any FBI investigation.”)” (Deibert, 2022) “a New York Times investigation found that NSO deals helped Israeli Prime Minister Benjamin Netanyahu seal the Abraham Accords with Bahrain, Morocco, and the UAE. In turn, client states have used Pegasus against not only opposition groups, journalists, and nongovernmental organizations (NGOs) but also geopolitical rivals.” (Deibert, 2022) “In November 2021, the tech giant Apple notified 11 staff members of the U.S. embassy in Uganda that their iPhones had been hacked with Pegasus.” (Deibert, 2022) “The consequences of the spyware revolution are profound. In countries with few resources, security forces can now pursue high-tech operations using off-the-shelf technology that is almost as easy to acquire as headphones from Amazon. Among democracies, the technology has become an irresistible tool that can be deployed with little oversight; in the last year alone, security agencies in at least four European countries—Greece, Hungary, Poland, and Spain—have been implicated in scandals in which state agencies have been accused of deploying spyware against journalists and political opposition figures.” (Deibert, 2022) “But the extraordinary growth of the spyware market has also been driven by several broader trends. First, spyware takes advantage of a global digital culture that is shaped around always-on, always-connected smartphones. By hacking a personal device, spyware can provide its operators with a user’s entire pattern of life in real time. Second, spyware offers security agencies an elegant way to circumvent end-to-end encryption, which has become a growing barrier to government mass surveillance programs that depend on the collection of telecommunications and Internet data. By getting inside a user’s device, spyware allows its operators to read messages or listen to calls before they have been encrypted or after they have been decrypted; if the user can see it on the screen, so can the spyware. A third factor driving the industry’s growth has been the rise of digitally enabled protest movements. Popular upheavals such as the color revolutions in former Soviet states in the first decade of this century and the Arab Spring in 2010–11 took many autocrats by surprise, and the organizers often used phones to mobilize protesters. By offering an almost godlike way to get inside activist networks, spyware has opened up a powerful new method for governments to monitor dissent and take steps to neutralize it before large protests occur. \ \ Finally, the spyware industry has also been fueled by the growing privatization of national security.” (Deibert, 2022) “Like soldiers of fortune, advanced spyware companies tend to put revenues ahead of ethics, selling their products without regard to the politics of their clients—giving rise to the term “mercenary spyware”—and like military contractors, their dealings with government security agencies are often cloaked in secrecy to avoid public scrutiny.” (Deibert, 2022) “Although lack of transparency has made the mercenary spyware industry difficult to measure, journalists have estimated it to be worth about $12 billion per year. Before recent financial setbacks brought on by a growing number of lawsuits, NSO Group was valued at $2 billion, and there are other major players in the market. Many companies now produce sophisticated spyware, including Cytrox (founded in North Macedonia and now with operations in Hungary and Israel), Israel-based Cyberbit and Candiru, Italy-based Hacking Team (now defunct), and the Anglo-German Gamma Group.” (Deibert, 2022) “Using the exploit, which researchers called ForcedEntry, a spyware operator can surreptitiously intercept texts and phone calls, including those encrypted by apps such as Signal or WhatsApp; turn on the user’s microphone and camera; track movements through a device’s GPS; and gather photos, notes, contacts, emails, and documents. The operator can do almost anything a user can do and more, including reconfigure the device’s security settings and acquire the digital tokens that are used to securely access cloud accounts so that surveillance on a target can continue even after the exploit has been removed from a device—all without the target’s awareness.” (Deibert, 2022) “One of the technology’s most frequent uses has been to infiltrate opposition movements, particularly in the run-up to elections.” (Deibert, 2022) “Between 2017 and 2020, the Citizen Lab discovered, Pegasus was used to eavesdrop on a large cross section of Catalan civil society and government. The targets included every Catalan member of the European Parliament who supported independence for Catalonia, every Catalan president since 2010, and many members of Catalan legislative bodies, including multiple presidents of the Catalan parliament. Notably, some of the targeting took place amid sensitive negotiations between the Catalan and Spanish governments over the fate of Catalan independence supporters who were either imprisoned or in exile.” (Deibert, 2022) “In 2021, a Hungarian journalist investigating corruption in President Viktor Orban’s inner circle was hacked with Pegasus. (The Hungarian government subsequently acknowledged that it had purchased the technology.) And that same year, the cellphone of New York Times Middle East correspondent Ben Hubbard was infected with Pegasus while he was working on a book about Saudi Arabia’s de facto leader, Crown Prince Mohammed bin Salman.” (Deibert, 2022) “Even more threatening, however, may be the ways in which the technology has allowed authoritarian regimes to extend their repression far beyond their own borders. In past decades, autocrats faced significant barriers to repressing citizens who had gone into exile. With spyware, however, an operator can get inside a political exile’s entire network without setting foot inside the target’s adopted country, and with very few of the risks and costs associated with conventional international espionage.” (Deibert, 2022) “For example, according to a U.S. federal indictment, a top adviser to Saudi Crown Prince Mohammed bin Salman paid a Twitter employee $300,000 and provided other gifts in 2014 and 2015, apparently in exchange for spying on dissidents on the platform. The employee, who left Twitter in 2015, was convicted in U.S. court in 2022.” (Deibert, 2022) “First, although much scrutiny of mercenary spyware firms has concerned their contracts with national government agencies, many firms market to more than one client in a given country, including local law enforcement. For example, in a fact-finding trip to Israel in the summer of 2022, officials for the European Parliament learned that NSO Group has at least 22 clients in 12 European countries, suggesting that a significant number of these clients are subnational agencies.” (Deibert, 2022) “Second, although some mercenary spyware firms such as NSO Group claim that they deal only with government clients, there is little to prevent them from selling their technology to private firms or corrupt individuals. Evidence suggests that some already do: in July 2022, Microsoft’s Threat Intelligence Center issued a report on an Austria-based spyware and hack-for-hire firm called DSIRF that had targeted individuals in banks, law firms, and consultancies in several countries.” (Deibert, 2022) “Third, spyware has become a central component of a broader menu of surveillance tools, such as location tracking and biometric identification