‘A bleak outlook’ 2022: cyber-surveillance is becoming more and more common globally.

‘A bleak outlook’: cyber-surveillance is becoming more and more common globally.

Synopsis

According to a survey based on 20 years of data gathered from cyber-surveillance trade exhibitions and arms fairs, hacking is the fastest-growing business category, surpassing even more traditional wares such as guns and tanks in terms of growth. Moreover, it contends that many enterprises in this industry operate on a global scale and hence demand greater attention from policymakers.

According to a new report, the growing convergence between the world’s arms trade and the clandestine surveillance sector threatens US national security. It raises the possibility of even greater abuse unless greater accountability is implemented.

The report, conducted by the American think tank the Atlantic Council, provides one of the most comprehensive accounts yet gathered of a thriving, cross-continental monitoring industry that generates billions of dollars while mainly remaining hidden from public view.

Governments worldwide are increasingly attempting to regulate this largely unregulated industry, which has risen in recent years as a result of increased demand for hacker-for-hire products and an increase in documented abuses by companies such as NSO Group.

ISS World, a cyber-surveillance trade show in Las Vegas, and arms fairs in France, such as Milipol, where hacking is the fastest-growing business area alongside more traditional products such as guns and tanks, formed the basis of the analysis, which was compiled from 20 years of data.

Its authors investigated 224 surveillance businesses present at various trade events, evaluated their marketing materials, investigated where they advertised their products and listed the known sales of surveillance and hacking equipment in the industry.

Moreover, they claim that numerous enterprises that market worldwide, mainly to NATO rivals, are guilty of being “irresponsible proliferators” and hence demand greater attention from politicians.

The Israeli company Cellebrite, which designs and sells phone hacking and forensics equipment to various countries throughout the world, including the United States, Russia, and China, is one of these companies.

Several incidents, including its role in China’s crackdown on Hong Kong and the discovery that a Bangladeshi “death squad was using its equipment,” have resulted in significant adverse publicity for the firm.

This, according to the report, should “provoke national security concerns among all customers” when these companies begin selling their wares to both NATO members and foes.

According to the report, the trade is becoming increasingly global, with 75 percent of organizations providing cyber-surveillance and intrusion tools selling them outside their home continent or country.

Winnona DeSombre, a fellow at the Atlantic Council’s Cyber Statecraft Initiative, is the paper’s lead author and contends that such sales indicate possible difficulties with regulatory monitoring.

According to her, it appears that a majority of these companies are unwilling or unable to self-regulate.

DeSombre hopes that by designating such companies as “irresponsible proliferators,” it will urge legislators worldwide to target specific companies for increased regulation.

If these companies start selling their commodities to both NATO members and foes, it should raise national security concerns among all customers.

In recent years, governments have taken steps to exert some level of control. The European Union (EU) imposed stronger laws on surveillance technology last year, intending to enhance transparency in the business.

In addition, the United States has passed tighter new licensing restrictions for the sale of intrusion detection equipment within the previous month. It has been alleged that spyware developed by the notorious Israeli spyware company NSO Group was then used to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.

The company has been placed on a US denylist, along with several other companies, due to the allegations. NSO has continuously denied any wrongdoing and maintained that it rigorously investigates abuse and disconnects users who violate the terms of service.

Despite this, according to one of the report’s authors, it is critical to understand the entire scope.

In Johann Ole Willers’ words, “the most important message from this article is that we are dealing with an industry.” Johann Ole Willers is a fellow at the Norwegian Institute of International Affairs (NUPI) Centre for Cyber Security Studies. “That is a fundamental realization. “. It is not sufficient to target the NSO Group.”

The United Nations has issued a warning

Human rights experts from the United Nations recently expressed concern over what they described as the “increasing use of mercenaries in cyberspace.”

The chair of a United Nations working group on cyber-activities, Jelena Aparac, stated in a statement that “it is evident that cyber-activities have the power to cause violations both in armed conflicts and in peacetime, and that a whole spectrum of rights is involved.

” According to the group, international legislators should more effectively control the business to defend “the right to life, economic and social rights, freedom of expression and privacy, as well as the right to self-determination.”

It is difficult to do business in cyber-surveillance because of the widespread use of obfuscation: shell firms and resellers are ubiquitous, and both vendors and purchasers employ various techniques to conceal their transactions.

“There is not enough understanding about the industry in the general public, so it is difficult to distinguish between the irresponsible and the responsible firms,” adds DeSombre.

According to the research, the recent prosecution of former US intelligence officials who had been working for the United Arab Emirates serves as evidence that capabilities developed by friendly nations can be utilized for other surveillance purposes after being transferred to them. The United Arab Emirates (UAE) exploited US intelligence agencies’ hacking tools and knowledge to spy on hundreds of targets, including Americans.

Utilization and exploitation

In their report, the researchers recommend how governments can better comprehend and oversee this rapidly expanding ecology. They urge that the industry implement stricter “know your customer” criteria so that every seller will be more informed about how potential customers may use—or abuse—a hacking tool.

According to academics, NATO member countries, which host many significant cyber-surveillance trade shows, should ban the entrance of vendors that are not responsible. As well as this, they promote greater international collaboration to close gaps in export rules that allow vendors to circumvent controls and sell to authoritarian countries. The last point is that they advocate for the public identification and reprimanding of unreliable merchants and purchasers.

As the report’s conclusion states, “Our analysis suggests that there is a sizable number of private corporations willing to act irresponsibly: marketing skills that run the risk of becoming tools of oppression for authoritarian regimes or strategic tools for non–NATO partners.”

In the absence of such efforts, the world faces a “gloomy picture,” according to the report, which points to “an increasing number of private firms that see little consequences to supporting the cyber arsenals of major Western foes, other than profit.”