Google Urges US And Its Allies To Tighten Spyware Industry

Illustration of the use of spyware on a computer (photo: dock. pexels)

JAKARTA - Internet giant Google on Tuesday 6 February, condemned a series of surveillance software companies that it said allowed the use of malicious hacking tools. They also urged the United States and its allies to do more to curb the spyware industry.

Spyware companies often say their products are intended for use by the government for national security. However, the technology has been repeatedly found to be used to hack phones of civilians, political opposition, and journalists in the past decade. The industry has faced increased surveillance since the Pegasus spyware belonging to Israeli company NSO, was discovered on mobile phones of various people around the world, including human rights defenders.

In a report on Tuesday, Google researchers said that although NSO is better known, there are dozens of small companies that help the spread of spy technology for malicious use.

The findings made by Google are important because the company has the best visibility in its global hacking campaign, given the breadth of its online offerings.

"The demand from government customers remains strong and our findings highlight the extent to which commercial spyware vendors have disseminated hacking and spying capabilities that undermine Internet security for everyone," researchers from Google's TAG threat hunting team said in the report.

"The private sector is now responsible for most of the most advanced tools we have detected," Google said.

The United States and some of its allies committed last year to working to limit the surveillance software industry, after at least 50 US government employees in 10 countries were found to have been targeted by spyware.

Google researchers named a number of companies offering multiple services for hacking mobile phones, and have grown to bypass the latest security measures by Apple and Google for their phone operating systems, iOS and Android.

They include Italian companies Cy4Gate and RCS Labs, Greek company Intellexa, and a less known Italian company Negg Group and Variston from Spain.

The Negg Group website says the company is focused on cybersecurity, but Google says its software is found to be used to spy on people in Italy, Malaysia and Kazakhstan.

Variston created software that infects user devices via Google Chrome, Mozilla Firefox, or iOS app browsers, Google said, adding that another company, Protected AE - also known as Protect Electronic Systems - uses similar targeting techniques.

Google's report comes a day after the United States announced a new visa restriction policy for those said to have abused commercial spyware, allowing the placement of restrictions on individuals believed to be involved in the misuse of commercial spyware, as well as for those who facilitate the measure and benefit from it.

"Restricting the ability of spyware vendors to operate in the US helps change the structure of incentives that have allowed their growth to continue," Google said in a statement.