States spy on each other. This fact is neither shocking nor surprising in itself. There are plenty of good reasons why states do it, even if not all states are equal in their relative intelligence power. So, you would think by now that we would have a high bar for being surprised or shocked by revelations about states spying on each other.
Certainly, when states become victims of espionage their responses are shaped by a number of factors, including the strategic context (is the transgressor an adversary or an ally?) and the severity of the case (a one-off or a sustained campaign?). Domestic public opinion might be inflamed by revelations of espionage victimhood, or else barely flicker with quickly-fading attention. Throughout, victim states will recognize that the basic problemthat they are targets of foreign espionage operationsis the mirror image of their own pursuit of intelligence gain against other states. States are not, therefore, shocked or surprised by the existence of foreign espionage: they do their best to counter it and remediate and respond to it where they have to. As indicated by recent comments from FBI director Christopher Wray about the magnitude of the threat posed by Chinese espionage, recognizing the perennial nature of espionage doesnt necessarily imply complacency towards it.
The high bar to surprise or shock holds good even in the case of newer forms of espionage, such as digital or cyber spyingthat is, establishing access to digital data for intelligence gain, whether that data is stored at rest somewhere (on a device like a mobile phone or laptop), or else by intercepting data whilst it is traversing a network. Nearly a decade after Edward Snowdens revelations, few people can be surprised that some states have not only the ambition but also the capabilities to derive significant intelligence gains from information and communications technology.
Another obvious point is that, given much of this global technological infrastructure is built, owned, and operated by the private sector, the practice of states spying on each other inevitably involves relationshipscommercial, collaborative, or competitivebetween governments and companies. These relationships might be transactionalthe procurement by governments of a service or toolor they might be framed by legal requirement, compelling companies to comply with lawful requests for access. Equally, they might involve the non-consensual acquisition of data from companies by government intelligence agencies, or indeed the recognition that these companies are useful vectors of attack, so-called supply chain attacks such as the SolarWinds case.
The private sectors importance also extends to digital spying by the state on its own citizens: sovereign capabilities for domestic surveillance are more likely to be developed by the private sector than the state itself. States with a thriving tech sector undoubtedly have had an advantage in this respect, with a domestic network of trusted companies to develop surveillance tools and systems. But, over decades, the market for commercial spyware has become truly global.
At its best, this global market helps to fill an important gapproviding those states that would otherwise lack the technical capabilities with the ability to counter severe national security threats such as terrorism or serious crime. But at its worst, the capabilities procured from the global marketplace can enable repressive states to target dissidents, either passively or to enable operations against them.
Many companies are active in this marketplace, but one, in particular, has become a focal point for global criticism of commercial spyware: the Israeli company NSO Group and particularly its Pegasus spyware. Pegasus is reportedly so good at what it doesfor example, providing zero-click access to a targeted iPhone, meaning no need for targets to fall for malware-laden messagesthat many states were lining up to procure its services. This customer interest was great for the companyand presumably also for the Israeli government. The government issued export licenses for the spyware and potentially was able to integrate this commercial success into its wider diplomatic strategyessentially, what many states would do in a similar position.
The problem facing the companywhether it was recognized as such or notwas how to contain the potentially negative consequences of this burgeoning customer interest. New contracts were one thing, but would its values, future sales, and potentially its continued existence as a company be compromised if its new customers used Pegasus to spy on innocent subjects, to enable victimization and human rights abuses? To this questionwe can add one other, perhaps more strategically pertinent for the Israeli government, and potentially devastating in repercussions for businesses like NSO Group: what if Pegasus was used, not against a clients domestic targets, but against foreign governments, including governments with which Israel has close diplomatic ties?
This is indeed what recent reporting suggests has happened, with revelations in December 2021 that Pegasus had been used to target U.S. diplomats working overseas, and in more recent reporting that a range of European officials, including someone from the UK government working in the prime ministers office (10 Downing Street), had also been targeted. In the UK case, independent researchers suspected the state client using Pegasus to target the UK was the United Arab Emirates (UAE). In diplomatic terms, the UAE is a relatively close regional partner of the UKone with a controversial and widely-reported broader strategy of harnessing commercial spyware services to enhance its national intelligence power.
The same reports that highlighted the reported breach of communications in 10 Downing Street also indicated that Pegasus customers had also successfully used it in 2020 and 2021 against UK diplomatswith the UAE, India, and Cyprus identified as the potential state actors. All these states are regarded as partnersindeed, just this month the UK prime minister, Boris Johnson, signed agreements with his Indian counterpart, Narendra Modi, including an agreement to improve cybersecurity cooperation.
This juxtaposition suggests that states take a broad view of such revelations, placing them in broader strategic context. This is similar in the U.S. case, where bilateral relations with Pegasus-customer states appear relatively unharmed. In contrast, the United States has pursued more targeted responses against NSO Group and other firms, and might go further to address foreign commercial spyware more generally.
Collectively, this might suggest that we are at some kind of transitional point in the relationship between states and commercial spyware. A global market that has developed quickly and in the shadows is now very much more salient and starting to provoke some pushback from states. And yet, whilst the fates of a single company like NSO Group can rise and fall, it is very difficult to see the wider industry enjoying anything other than continued success.
States are not going to stop wanting to spy on each other, or on other, non-state targets. The market that has grown to cater to this perennial state practice is too valuable, too globally dispersed, and likely also too covert to be readily amenable to collective, verifiable efforts to curb it. And, in the absence of effective constraints, commercial spyware will continue to level the playing field between state actors in the competition for intelligence gains. This will create both opportunities to be exploited and challenges that must be overcomean ever-present feature of intelligence competition between states throughout history.
Joe Devanny is a Lecturer in the Department of War Studies at Kings College London. He writes here in a personal capacity. He can be contacted on Twitter @josephdevanny.
Image: Reuters.
See the original post:
Pegasus in Downing Street? Commercial Spyware and Espionage Competition - The National Interest Online
- NSA surveillance exposed by Snowden ruled unlawful - BBC - May 25th, 2024
- Can Edward Snowden Become the Next CEO of Twitter? Elon Musk is Ready to Give Up - Analytics Insight - May 15th, 2024
- Edward Snowden Weighs In On Boeing Whistleblower's Death With Cryptic Message: 'If I Die, It Wasn't Suicide' - TradingView - March 21st, 2024
- Edward Snowden Calls Bitcoin 'Most Significant Monetary Advance Since the Creation of Coinage' Featured Bitcoin ... - Bitcoin.com News - February 25th, 2024
- Edward Snowden: Bitcoin 'Most Significant Monetary Advance Since the Creation of Coinage' - Decrypt - February 25th, 2024
- Edward Snowden's Ominous Warning to the World - Newsweek - January 15th, 2024
- Edward Snowden Says Institutions 'Burning The Public's Faith' At Time When AI Can Replace Them: 'A Revolu - Benzinga - January 15th, 2024
- Edward Snowden: Bitcoin Safeguard for Pensions and Retirement - CoinGape - January 15th, 2024
- Edward Snowden and Jack Dorsey Are Both Asking the Same Question: What Happened in 1971? - Foundation for Economic Education - December 11th, 2023
- Edward Snowden - Simple English Wikipedia, the free encyclopedia - October 27th, 2023
- Edward Snowden On The NSA, His Book 'Permanent Record' And Life In ... - April 17th, 2023
- 209-359-17.. located in Merced.. Find Info before it disappears... - April 17th, 2023
- Edward Snowden gets Russian passport after swearing oath of allegiance ... - April 8th, 2023
- Edward Snowden - Education, Movie & Documentary - Biography - March 5th, 2023
- Before sending a voice message, ask if you could say it in writing: How to stop the avalanche of WhatsApp audios - EL PAS USA - February 25th, 2023
- Entertainment News Roundup: Sean Penn film 'Superpower' catches Zelenskiy at moment of Russian invasion; And the winner is... London rolls out red... - February 25th, 2023
- Edward Snowden Reacts To Elon Musk's 'Pardon' Poll: 'That's A Very Big ... - January 6th, 2023
- NSA files decoded: Edward Snowden's surveillance revelations explained ... - December 20th, 2022
- Edward Snowden says he feels itch to scale back in to $16.5K Bitcoin - December 20th, 2022
- Edward Snowden Offers to Take Over as Twitter CEO for Salary in ... - Investing.com - December 20th, 2022
- Where is Edward Snowden? | The Sun - November 25th, 2022
- Edward Snowden, Elon Musk Optimistic About Bitcoin Despite FTX Collapse - Crypto Briefing - November 17th, 2022
- Snowden's newfound Russian citizenship reignites the debate of privacy versus safety in the US - Tufts Daily - October 15th, 2022
- Whistleblower behind Luanda Leaks, Malta Files and Football Leaks on trial - The Shift News - October 15th, 2022
- 'All The Beauty And The Bloodshed' Trailer: Laura Poitras' Golden Lion Winner Hits US Theaters Later This Fall - The Playlist - October 15th, 2022
- NYFF 2022: No Bears, R.M.N., All the Beauty and the Bloodshed | Festivals & Awards - Roger Ebert - October 15th, 2022
- From Bin Laden to Al Zawahiri: The evolution of Americas Targeted Killing Strategy - Indian Defence Review - October 15th, 2022
- Arundhati Roy on Things that Can and Cannot Be Said: The Dismantling of the World as We Know It - LiveWire - October 7th, 2022
- Billion Dollar Harvest: TikTok's Threat to National and Personal Security MARIST CIRCLE - Marist College The Circle - October 7th, 2022
- 'All the Beauty and the Bloodshed' Review: Politics of the Personal - slantmagazine - September 21st, 2022
- Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records - CyberScoop - September 21st, 2022
- The Most Controversial Biopics - IndieWire - September 21st, 2022
- VIDEO: Priyanka Chopra celebrated her husband Nick Jonas' birthday like this at the golf course, wrote - News84Media.com - September 21st, 2022
- From Bin Laden to Al Zawahiri: The evolution of Americas targeted killing strategy - MyVoice - September 21st, 2022
- At German artist Thomas Demands MOCA exhibit, finding the material in the ephemeral - Toronto Star - September 21st, 2022
- This is the jungle: Law enforcement slowly waking up to the threat of DeFi exploits - Fortune - September 13th, 2022
- Icarus: The Aftermath Review: A Tense and Affecting Real-Life Sequel - Hollywood Reporter - September 13th, 2022
- Fourth Amendment: The right to be left alone - Minot Daily News - September 13th, 2022
- Opinion | It Is Time to Throw the Monarchies of the World Into the Dustbin of History - Common Dreams - September 13th, 2022
- Do the FBI monitor peoples social media activity and online posts? Is it legal? - AS USA - September 5th, 2022
- Is Trump the Rosenbergs? - JNS.org - JNS.org - September 5th, 2022
- The Patriot Act: Mass Surveillance Before and After 9/11 - Privacy News Online - September 5th, 2022
- Can code just be 'disappeared' from the internet? - POLITICO - August 28th, 2022
- The Tech Industry Is in Its Whistleblower Era - The Atlantic - August 28th, 2022
- History As It Happens: The Espionage Act's sordid origins - Washington Times - August 28th, 2022
- The inside story of the CIA vs Russia - Asia Times - August 28th, 2022
- 'The rebels were sent to a lunatic asylum': These films end differently in China - Euronews - August 28th, 2022
- Erik Prince wants to sell you a secure smartphone thats too good to be true - MIT Technology Review - August 20th, 2022
- Judge orders DoJ to produce redacted version of affidavit in state secrets investigation of Trump - WSWS - August 20th, 2022
- How to Use the Signal App: Tips & Tricks - Online Tech Tips - August 20th, 2022
- Ruling Class Turns On Conservative Americans - The American Conservative - August 20th, 2022
- Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack - Appuals - August 20th, 2022
- Despite resistance, WikiLeaks continues its fight for the truth - Independent Australia - August 20th, 2022
- The Republican party has reason to fear the midterms - The Guardian - August 20th, 2022
- Government pays arms firm that spied on activists to snoop on all our internet records - The Canary - August 20th, 2022
- Why is Australia risking conflict with China? - Asia Times - August 20th, 2022
- Edward Snowden, Russia's 'Disinformation Campaign' Drive 'Downhill' Narrative, Says 'Black Swan' Author - Benzinga - August 12th, 2022
- What Does All This TV Talk on Big Ten Do for Big 12 and Oklahoma State? - Pokes Report - August 12th, 2022
- From Defending the Open Internet to Confronting the Reality of a Fragmented Cyberspace: Reflecting Upon Two CFR Reports on U.S. Goals in Cyberspace -... - August 12th, 2022
- US Vows To "aggressively Pursue" Cryptocurrency Mixers - Nation World News - August 12th, 2022
- After cryptos crash and NFTs collapse, Web3 idealists race to prove that the dream of decentralization isnt dead - Fortune - August 12th, 2022
- Prescribing a New Paradigm for Cyber Competition - War on the Rocks - August 12th, 2022
- What is Monero (XMR) Crypto? Is Edward Snowden Behind This Project too? - CryptoTicker.io - Bitcoin Price, Ethereum Price & Crypto News - August 4th, 2022
- Russian hackers get the headlines. But China is the bigger threat to many US enterprises. - Protocol - August 4th, 2022
- Why Is July 30th National Whistleblower Day? - Privacy News Online - August 4th, 2022
- I may have to wait until I'm on my deathbed Panama Papers whistleblower - Namibian - August 4th, 2022
- Whatever Happened to the Transhumanists? - Gizmodo Australia - August 4th, 2022
- Julian Assange? Heres why I am not a fan of his - The Citizen - August 4th, 2022
- Who Is Edward Snowden, the Man Who Spilled the NSA's Secrets? - July 26th, 2022
- Why so silent? Edward Snowden has gone underground since Russia's ... - July 26th, 2022
- Kids spend the summer in STEM camp - Marketplace - July 26th, 2022
- Thomas Demand: The Stutter of History - Announcements - E-Flux - July 26th, 2022
- Empire of Hacking: U.S. is the Biggest Threat to Cyber Security - Xinhua - July 26th, 2022
- Edward Snowden Says 'We Are All Going To Be Billionaires' But... - Benzinga - Benzinga - July 18th, 2022
- Joshua Schulte convicted on all counts in second trial over 2017 leak of Vault 7 cyberwarfare trove published by WikiLeaks - WSWS - July 18th, 2022
- SMITHEREENS: Reflections on Bits & Pieces:SMITHERMATAZ. Category: Public Comment from The Berkeley Daily Planet - Berkeley Daily Planet - July 18th, 2022
- Full Text of All Articles The Berkeley Daily Planet - Berkeley Daily Planet - July 18th, 2022
- As Bear Market Turns All Eyes to Utility, Privacy Stands Poised To Lead Next Crypto Breakout - The Daily Hodl - July 18th, 2022
- Yes, data centers use a lot of water. But a Utah company shows it doesn't have to be that way. - Salt Lake Tribune - July 18th, 2022
- Edward Snowden - National Whistleblower Center - July 9th, 2022