In April, a report by The New York Times claimed that the U.S. government had purchased and used a spying tool made by the controversial Israeli surveillance firm NSO Group.
However, the White House officials said they were unaware of the contract and handed over the investigation to the Federal Bureau of Investigation (FBI).
Now, the investigation carried out by the FBI has revealed that it was indeed the U.S. intelligence agency who had purchased the spyware tool from NSO Group, reveals a new NYT report. However, this is just a partial answer.
In November 2021, the NSO Group was blacklisted by the Biden administration and placed on a Commerce Department Entity List, which meant that no U.S. firms can do business with them.
Back then, the government officially announced that NSO’s blacklisting was part of “the Biden-Harris administration’s efforts to… stem the proliferation of digital tools used for repression.”
However, five days after the White House announced this policy change, there was a deal finalized between a private contractor, Riva Networks, and the NSO Group for a geolocation tool known as “Landmark.”
This particular geolocation tool was acquired by Riva Networks, based in New Jersey, which was used by government officials to covertly track the mobile phones of people in Mexico without their knowledge or consent.
Apparently, the U.S. officials were using the services of Riva Networks to assist them in tracking suspected drug smugglers and fugitives in Mexico, as the company was able to abuse vulnerabilities in the country’s cellphone networks to covertly track mobile phones, says the NYT report.
According to the FBI, the intelligence bureau was deceived by Riva Networks, who did not reveal they would be using the NSO tool. As a result, the FBI went on to use the spyware unknowingly, as they thought Riva Networks was using an in-house geolocation tool.
As soon as the agency discovered that Riva Networks had used the spying tool on its behalf, the FBI director, Christopher A. Wray, terminated the contract. However, people familiar with the matter said the FBI had used the spyware throughout 2021, 2022, and into recently this year, much longer than claimed by them.
“As part of our mission, the F.B.I. is tasked with locating fugitives around the world who are charged in U.S. courts, including for violent crimes and drug trafficking. To accomplish this, the F.B.I. regularly contracts with companies who can provide technological assistance to locate these fugitives who are hiding abroad,” the agency said in a statement.
“The F.B.I. has not employed foreign commercial spyware in these or any other operational endeavors. This geolocation tool did not provide the F.B.I. access to an actual device, phone or computer. We will continue to lawfully utilize authorized tools to protect Americans and bring criminals to justice.”
What is surprising is that even the FBI wasn’t aware that Riva Networks had obtained the NSO tool until they read it in the New York Times back in April.
This raises many concerns as to why the FBI hired this contractor to collect sensitive information outside the U.S. and why there was insufficient monitoring of the tool.