The Biden administration took a public stand last year against the abuse of spyware and blacklisted the Israeli firm NSO Group, but it didn’t prevent the U.S. from using other Israeli offensive spyware to hack into mobile phones, The New York Times reported on Thursday.
According to the report, the Biden administration allowed the Drug Enforcement Administration (DEA) to deploy a tool called Graphite, made by the Israeli firm Paragon, according to five people familiar with the agency’s operations.
Very little information has been published about the company, which mostly consists of Israeli military cyberintelligence veterans and even some past NSO workers. Even Ehud Barak, Israel’s former prime minister, is a member of the board of directors at Paragon, which is funded by an American venture capital fund.
Just like NSO’s Pegasus spyware, Graphite can invade mobile phones and harvest data. However, unlike Pegasus, the Paragon spyware vacuums up content mostly from the cloud.
According to cyber experts that spoke with The New York Times, the course of action of Graphite can make it difficult to detect the hack and extract information.
In a statement to The Times, the DEA said that “the men and women of the Drug Enforcement Administration are using every lawful investigative tool available to pursue the foreign-based cartels and individuals operating around the world responsible for the drug-poisoning deaths of 107,622 Americans last year.”
The Biden administration is attempting to impose some degree of order on this spyware chaos, but it ultimately tries to have the cake and eat it at the same time.
Besides the DEA’s use of the Graphite spyware, the Central Intelligence Agency (CIA) purchased Pegasus back in the days of the Trump administration for the government of Djibouti, which used the hacking tool for at least a year. FBI officials made a push in late 2020 and the first half of 2021 to deploy Pegasus in their own criminal investigations before the bureau eventually ditched the idea.