At a Glance.
- Spain reopens Israeli spyware probe into Pegasus software.
- Biden signs “TikTok ban bill” into law.
Spain’s High Court has reopened an investigation into Israeli intelligence firm, NSO Group.
The News.
On Tuesday, Spain’s High Court announced that it is reopening an investigation into the NSO Group. This investigation is centered on the use of the spyware software, Pegasus, to allegedly spy on Prime Minister Sanchez and other Spanish politicians. With the investigation being reopened, the investigators have also announced that they will be sharing information with French investigators, where the spyware software has allegedly targeted their politicians and other notable figures. While no formal accusations have been made, the investigation aims to discover who were the actors that initiated the espionage campaign. Judge Jose Luis Calama reopened the case after France sent him details regarding its investigation into the Pegasus software after the spyware was allegedly used to spy on reporters, lawyers, and public figures within the French government.
This investigation originally started in 2022 when the Pegasus spyware was discovered on the Spanish Prime Minister’s phone. While the investigation was eventually paused in 2023, the investigators did note that Israeli authorities did not cooperate with their efforts then.
The Knowledge.
While the Pegasus spyware was created to spy on criminal organizations, its original scope has been greatly expanded to target other notable people. For context, the Pegasus spyware is a worm capable of spreading on its own with the victim who only needs to receive a call or message from the attacker. Once inside, the spyware is then capable of accessing all the phone’s data, like its location, messages, calls, emails, files, and applications. Additionally, the spyware is also capable of disabling a device’s security systems.
The Pegasus spyware software has long been a sensitive topic as nations worldwide have discovered the software on the phones of government officials, reporters, and other notable figures. Aside from the investigations taking place in both France and Spain, India also found evidence that the Pegasus spyware was being repeatedly used to target high-profile journalists. Additionally, the United States (US) Justice Department launched its own criminal investigation after a whistleblower revealed that the NSO Group offered the US government “bags of cash” in exchange for access to a global signaling network to track individuals. Along with the US Justice Department investigating the spyware, the Commerce Department also sanctioned the NSO Group over the Pegasus spyware, which has prohibited the company from receiving American technologies.
The Impact.
While this investigation has only just been reopened, the potential discovery of who was behind spreading the spyware and what their intentions were could have significant geopolitical ramifications. Over recent years, spyware has increasingly become a more contentious subject with both consumers and notable governments expressing concerns and taking actions to reign in the invasive technology. With governments across the globe increasing their efforts to reign in spyware brokers, such as the US government's sanctioning of Greek spyware developers in March, people should expect this attention to continue to grow.
With spyware continuing to become an increasingly important and sensitive topic, people should continue to make efforts to protect themselves from unsolicited tracking. Additionally, as governments take the time to investigate and potentially sanction spyware developers, citizens should also monitor for potential new regulations being developed and the new rights that these potential regulations could give spyware victims. While it is unlikely that the average consumer would be targeted by sophisticated spyware software, like Pegasus, consumers should still make efforts to have antivirus software and routinely update it on their various devices to protect against less advanced spyware software.
President Biden signs bill that could ban TikTok.
The News.
On Wednesday, President Biden signed a new bill that could lead to an eventual ban of TikTok. The bill, also known as the Protecting Americans from Foreign Adversary Controlled Applications Act, was originally introduced in early March where it has since rapidly moved through both chambers and has now been officially signed into law. With this new law, TikTok’s owner, ByteDance, would be forced to divest from the application or face being banned from US app stores and networks. ByteDance will have until the end of this year to find a buyer to sell its application to. However, the President does have the authority to extend the sale deadline by an additional ninety days, which would push the deadline to April 2025. A TikTok spokesperson responded to this latest development stating that “this unconstitutional law is a TikTok ban, and we will challenge it in court.”
The act was signed into law when it was added to the foreign aid package that Congress passed last week, which was created to provide $95 billion in foreign aid that will be divided between Ukraine, Israel, and Taiwan.
The Knowledge.
While this bill has been heavily criticized since its original introduction, the lawmakers who backed the bill stated that they were motivated after they took part in several classified Congressional briefings. These briefings centered on the risks posed by TikTok and the potential connections that its owner, ByteDance, has with the Chinese Communist Party (CCP). While TikTok has countered these claims by stating that it has invested billions into keeping US citizen data safe and “free from outside influence and manipulation,” US lawmakers remained unconvinced.
While the act moved rapidly through Congress with overwhelming support, passing the House of Representatives with a 352-65 vote and the Senate with an 80-19 vote, opponents of the bill have expressed concerns with how fast the act moved and the potential for unforeseen consequences. This most recent effort to address the controversial application comes after months of debates surrounding the application, including a previously failed attempt to ban the application in 2023 with the RESTRICT Act, which failed to pass.
The Impact.
With the “TikTok ban bill” officially being passed, the change of ownership is likely to bring about disruptions and confusion with the application. Users of the application should anticipate these disruptions and plan around them, especially for businesses that utilize the social media outlet.
While the sale of the application will be both time-intensive and complicated, users should expect the divestment to occur within the year, unless the President indicates that he will elect to extend the sale deadline. Though TikTok’s case may be overturned if the law is found to be unconstitutional, this case has only just been started and will likely take several months at the minimum to resolve.
Other Noteworthy Stories.
Germany’s spy agency seeks more power to monitor financial flows.
What: Germany’s domestic spy agency has requested the government to give the agency more power to monitor financial flows.
Why: On Monday, Germany’s spy agency requested increased powers amid growing concerns that Russia is financing regional far-right political parties. The head of Germany’s domestic intelligence agency, Thomas Haldenwang stated that these new powers would modernize the agency’s communication methods and enable the agency to act on the same levels as other agencies. These requests for increased powers come after increased tensions with Russia due to the invasion of Ukraine and growing concerns related to Chinese influence. It remains unclear if the agency will be given this additional power.
Gina Raimondo says “we’ve out-innovated China” amid chips war.
What: Commerce Secretary, Gina Raimondo, announced that the US has surpassed China in the nation’s efforts to manufacture semiconductor chips.
Why: On Sunday, Secretary Raimondo took part in a 60-Minute interview where she discussed the current state of the US’s efforts to manufacture chips and develop other emerging technologies. During the interview, Secretary Raimondo discussed how Chinese semiconductor chips are now substantially behind the best American products. Secretary Raimondo stated that “we have the most sophisticated semiconductors in the world” and continued by saying that “we’ve out-innovated China.” This interview comes after the Biden administration announced several multi-billion dollar deals with private companies to bolster domestic chip manufacturing across the nation.
UnitedHealth states that hackers possibly stole large amounts of Americans’ data.
What: UnitedHealth officials announced that hackers stole health and personal data from the February cyber attack.
Why: On Monday, UnitedHealth announced that the hackers behind the February cyberattack were able to potentially steal a “substantial proportion” of both American personal and health data. For context, the UnitedHealth breach occurred in February when the company’s Change Healthcare unit was targeted causing widespread disruptions in payment processing. The breach is estimated to cost UnitedHealth over one billion dollars this year. With this statement, UnitedHealth found that the compromised data showed files with both protected health information and personally identifiable information that would “cover a substantial proportion of people in America.”
While a full analysis of the breach will likely take several months further to complete, the company did state that no evidence suggests that doctors’ charts or full medical histories of individuals were stolen. At this time, no exact number has been given as to how many people have been affected by this attack.
US charges and sanctions Iranians linked to Revolutionary Guard cyber command.
What: The US government has announced new criminal charges and sanctions against four Iranians and two companies over an alleged cyber campaign targetting more than one dozen Americans.
Why: On Tuesday, the US government announced new charges and sanctions against several Iranians and two Iranian companies. With both the US Treasury and State Department announcing these charges and sanctions over an alleged multi-year cyber campaign, federal prosecutors stated that the targets of the campaign were primarily defense contractors that had access to classified information as well as a New York-based accounting firm and a hospitality company. With these announcements, prosecutors also stated that the defendants infected computers with malware using spearfishing which led to over 200,000 employee accounts being compromised at the accounting firm and more than 2,000 being compromised at the hospitality company from 2016 to 2021.
The individual defendants were charged with wire fraud, wire fraud conspiracy, and conspiracy to commit computer intrusions. Additionally, some of the defendants were also charged with aggravated identity theft.