“NSO Group and Candiru (Israel) were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” read a press release by the US Department of Commerce. The announcement was made as part of the Bureau of Industry and Security’s (BIS) final rule which added four foreign companies to the Entity List for ”engaging in activities that are contrary to the national security or foreign policy interests of the United States”. The ruling ensures that BIS will impose a license requirement that applies to all items under EAR (Export Administration Regulations). The commerce department added that there are no license exceptions for entities under the List. Moreover, these entities will be subject to a presumption of denial by the BIS for license review. The move can be considered as a fallout of the investigation conducted by the Pegasus Project. This is a rare indictment by a major country acknowledging the problematic dealings of the NSO Group, the cyber-espionage firm behind the Pegasus spyware which was found to have been deployed against politicians, civil society activists, and others around the world. Why did the US Government spring into action? The department explained the sophisticated tools sold by these companies helped foreign governments to “conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent,” according to…
