By Mark Mazetti and Ronen Bergman
Senior lawmakers said they would investigate the government’s purchase and use of powerful spyware made by two Israeli hacking firms, as Congress passed a measure in recent days to try to rein in the proliferation of the hacking tools.
Rep. Adam Schiff, D-Calif., the chair of the House Intelligence Committee, sent a letter before Christmas to the head of the Drug Enforcement Administration asking for detailed information about the agency’s use of Graphite, a spyware tool produced by Israeli company Paragon.
“Such use could have potential implications for U.S. national security, as well as run contrary to efforts to deter the broad proliferation of powerful surveillance capabilities to autocratic regimes and others who may misuse them,” Schiff wrote in the letter.
Graphite, like the better-known Israeli hacking tool Pegasus, can penetrate the mobile phones of its targets and extract messages, videos, photos and other content. The New York Times revealed last month that the DEA was using Graphite in its foreign operations. The agency has said it uses the tool legally and only outside the United States, but has not answered questions about whether American citizens can be targeted with the hacking tool.
Schiff asked DEA Administrator Anne Milgram to respond by Jan. 15 to questions submitted in a classified addendum to the drug agency.
By then, Republicans will have taken power in the House and Schiff will no longer be chair of the committee. But the committee’s efforts to curtail the spread of foreign spyware have been bipartisan, so the changeover is unlikely to affect its agenda on this issue.
Countries around the world have embraced commercial spyware for the new powers of surveillance it gives them. Israeli firm NSO held a near monopoly in the industry for nearly a decade — selling Pegasus to Mexico, Saudi Arabia, India and other nations — but new companies peddling other hacking tools have found success as demand has exploded.
A bill Congress passed last month includes provisions that give the director of national intelligence power to prohibit the intelligence community from purchasing foreign spyware, and requires the director of national intelligence to submit to Congress each year a “watchlist” identifying foreign spyware firms that present a risk to American intelligence agencies.
Separately, Sen. Ron Wyden, D-Ore., a member of the Senate Intelligence Committee, is pressing the FBI for information about the bureau’s purchase and testing of NSO’s Pegasus spyware. The Israeli firm’s hacking tools have been used by autocratic and democratic governments to target journalists, dissidents and human rights workers.
The Times reported in November that internal FBI documents showed that the bureau’s criminal division in 2021 drew up guidelines for using Pegasus in criminal investigations — before the FBI’s senior leadership decided against using the spyware in operations.
In a letter two weeks ago to FBI Director Christopher Wray, Wyden asked the bureau for information about why it chose not to deploy Pegasus, and whether the bureau’s lawyers made a determination that would preclude the FBI from using Pegasus or similar hacking tools.
“The American people have a right to know the scale of the FBI’s hacking activities and the rules that govern the use of this controversial surveillance technique,” Wyden wrote.
A government legal brief related to a Times Freedom of Information Act lawsuit against the FBI stated that “just because the FBI ultimately decided not to deploy the tool in support of criminal investigations does not mean it would not test, evaluate and potentially deploy other similar tools for gaining access to encrypted communications used by criminals.”
The Biden administration late 2021 placed NSO and another Israeli hacking firm on a Commerce Department blacklist — prohibiting American companies from doing business with the two firms.
That move, as well as a decision by Israel’s Ministry of Defense to reduce the number of countries to which companies can potentially sell their hacking tools, has buffeted the Israeli hacking industry, drying up investment in companies amid fears that they, too, could land on the U.S. blacklist. One senior Israeli military official estimates that, soon, only six offensive tech firms will be left standing — down from the 18 firms that had been operating in Israel before the NSO blacklisting.
But now, Israel’s Defense Ministry appears to be considering easing restrictions on companies to try to keep the industry from collapsing, according to two Israeli military officials who spoke on the condition of anonymity to discuss sensitive decision-making.
When asked whether Israel had made a final decision about the easing of restrictions, a spokesperson for the Defense Ministry said that “the objective is to improve the monitoring of controlled cyber exports and to create more precise instructions for controlled cyber exporters, while reducing the risk of improper use of these systems and providing effective tools to ensure compliance with the purchaser’s license terms.”
The Israeli government requires all hacking firms in the country to obtain an export license to sell spyware tools to foreign governments. Some Israelis have tried to avoid these restrictions by moving their businesses outside Israel.
One of them, retired Israeli Gen. Tal Dilian, set up businesses in Greece and Cyprus, and his hacking tool — Predator — is at the center of a widening scandal involving allegations of spying by Greek government officials.
Israeli officials have publicly expressed frustration that they are powerless to regulate the business of Israelis operating outside the country. But after recent reports of Dilian’s growing hacking empire, the Israeli Defense Ministry convened a meeting to explore if any steps could be taken to better regulate the operations of Dilian and others who work outside Israel. Among the options explored was whether an investigation could be opened into Dilian or if other measures could be taken against Israeli hackers who use expertise they gained in the Israeli military to set up foreign companies beyond the government’s reach.