The US Drug Enforcement Administration has been using phone spyware developed by an Israeli company as part of its investigative work, The New York Times reported Thursday in an exposé that said the global spyware industry was spiraling “out of control.”
Citing five unnamed individuals with knowledge of the matter, the report said the DEA is using software known as Graphite made by Paragon, a cyber technology startup backed by former prime minister Ehud Barak.
The spyware allows users to collect data backed up from an individual’s phone to the cloud.
The report cited a DEA official as saying the agency has only used it outside the US in its efforts to stop drug cartels. The DEA didn’t deny using the spyware, saying it was “using every lawful investigative tool available” in its pursuit of foreign-based drug traffickers.
The US blacklisted Israeli spyware firms NSO and Candiru late last year. According to the Times, the FBI had pushed in late 2020 and the first half of 2021 to use NSO’s infamous Pegasus program, considered among the most powerful tools of its kind, before it was banned. The tool has been sold to law enforcement agencies around the world, though critics charge it has also been used by governments and repressive regimes to track journalists, activists, dissidents and others.
Sign up for the Tech Israel Daily and never miss Israel's top tech stories
The Times found that Paragon and other firms — some employing former NSO employees and other Israeli tech workers — are filling the gap left by the blacklisting of NSO, developing software capable of copying the entire contents of an individual’s phone and using it to spy on the user.
A branch office of NSO Group near the southern town of Sapir, August 24, 2021. (AP Photo/Sebastian Scheiner, File)
Paragon was founded three years ago by Ehud Schneorson, a former commander of Israel Defense Forces’ vaunted signal intelligence unit 8200. Some of its employees formerly worked for NSO, according to the report, and ex-premier Barak sits on its board. Among its funders is US-based Battery Ventures and Francisco Partners, which formerly owned NSO Group, according to Start-up Nation Central.
Another company, Intellexa — founded in Greece by former Israeli military officer Tal Dilian, and already embroiled in a series of scandals of its own — has been authorized by Athens to sell its Predator spyware to Madagascar, a country with a history of rights violations.
Citing the Greek government, the report said Intellexa had also made a business proposal to sell products to Ukraine, which rejected the offer. It added that Predator was used in another dozen countries in 2021. Predator has been detected in Egypt, Indonesia, Saudi Arabia, and Germany among other countries, the NY Times reported, citing research by Meta as well as Canadian cybersecurity watchdog Citizen Lab.
The program was also reportedly used in Greece against journalists and opposition figures, though the Greek government denies any involvement and considers the spyware illegal.
Before moving to Greece, Dilian had set up shop in Cyprus but ran afoul of the law in 2019 while demonstrating to Forbes magazine how software he was marketing could hack into nearby phones, as he drove in a van through the city of Larnaca.
Cypriot authorities issued an arrest warrant via global police agency Interpol after a video of the van went viral. Dilian eventually settled the matter through his attorney, paying a $1 million dollar fine, according to the report.
A surveillance van by Israeli firm WiSpear is seen a video released by Forbes on August 5, 2019. (Forbes)
The New York Times said its investigation was based on “thousands of pages of documents — including sealed court documents in Cyprus, classified parliamentary testimonies in Greece and a secret Israeli military police investigation — as well as interviews with more than two dozen government and judicial officials, law enforcement agents, business executives and hacking victims in five countries.”
The White House is preparing an executive order to restrict use of spyware in the US, the report said, quoting an unnamed White House official who said it plans to prevent the use of tools that pose “counterintelligence and security risks” or that have been used “improperly” by governments outside the US.
Israel has tried unsuccessfully to get an answer from Washington on what its red lines are for the use of spyware, Defense Ministry Director General Amir Eshel was quoted as saying.
Israel’s Defense Ministry closely vets sales of defense technology abroad, but Eshel noted that it had no control over companies set up by Israelis abroad, like Intellexa.
“It certainly disturbs me that a veteran of our intelligence and cyber units, who employs other former senior officials, operates around the world without any oversight,” he said.