A Modest Proposal: Shut Down the Intelware Companies
June 7, 2022
Oy! “As the WEF Meets, Pressure Is on World’s Powerbrokers to Shut Down Spyware Industry” advances an idea which may be tough to implement. The write up asserts:
In 2022, there is no business case for spyware technology. Its abuse is tainting the entire tech sector. If the industry’s big players do not step up and take a bold stand on surveillance now, it’s not only the human rights of millions of people at risk, it’s their own futures.
The business case is that companies engaged in cyber and threat intelligence are generating revenue. But the big news is that the more promising outfits are selling to larger firms. Who owns Terbium Labs? A consulting and accounting outfit. And what happened to Digital Shadows? Snapped up by a bigger cyber threat outfit. Plus there are investors looking for a big win in cyber security.
No business case? Sorry. I don’t agree.
The write up does include a useful item of information. Google’s write up about NSO Group’s methodology has drifted from public view, but some bad actors treasure the Googley analysis. If you have not seen the document, “A Deep Dive into an NSO Zero-Click iMessage Exploit: Remote Code Execution” it is a gem. I heard of some folks in Eastern Europe who found the document — how shall I phrase it — inspirational.
Here’s a suggestion from the write up:
For example, companies can take immediate steps such as terminating any direct contractual relationships with spyware vendors and implement concrete measures to avoid directly or indirectly supporting spyware tools and related technologies — and ensure investors, suppliers, clients and customers do the same — through robust pre-contractual due diligence and monitoring.
Yeah, great idea.
Stephen E Arnold, June 7, 2022