Ethical Hacking News
US Investment in Spyware Is Skyrocketing - In a growing concern for human rights and national security, new research reveals that US investors are backing commercial spyware at an alarming rate, raising questions about accountability and oversight.
The global industry of commercial spyware has been quietly growing, with its influence spreading far beyond geopolitics. A recent report by the Atlantic Council highlights a significant increase in US investment in commercial spyware, surpassing other major investing countries. Over 561 entities across 46 countries were surveyed, identifying 34 new investors and bringing the total number of identified investors to 31. The study reveals notable examples of new US-based investments in spyware, including the acquisition of Israeli spyware vendor Paragon Solutions by AE Industrial Partners. Civil society groups have expressed concerns over the expansion of ICE's budget and authority, linking it to alleged misconduct by Paragon. The global spyware market is "growing and evolving," with new vendors, resellers, suppliers, and individuals linked to the industry identified in the study. Despite efforts to constrain the spyware market, US policymakers have a critical gap between them and US investors, who continue to fund the technology. There is limited public awareness that some of the money spent on spyware may ultimately come from ordinary citizens' own pockets through investment funds. The need for better understanding from both US government and the public about how their dollars are funding the proliferation and misuse of spyware is highlighted. The Atlantic Council calls for further action to target US outbound investment in spyware, including broadening Executive Order 14105.
In a world where technology has revolutionized every aspect of our lives, there is an insidious presence lurking in the shadows. The global industry of commercial spyware has been quietly growing, with its influence spreading far beyond the realm of geopolitics. This complex web of espionage has caught the attention of researchers and policymakers alike, who are now sounding the alarm about the dangers posed by this technology.
A recent report published by the Atlantic Council highlights the alarming rate at which the United States is investing in commercial spyware. In 2024 alone, 20 new US-based investors were identified, bringing the total number of American backers of this technology to 31. This growth has largely outpaced other major investing countries such as Israel, Italy, and the United Kingdom, according to the report.
The study surveyed 561 entities across 46 countries between 1992 and 2024, identifying 34 new investors. This brings the total number of identified investors in the EU Single Market, plus Switzerland, stands at 31, with Italy accounting for the largest share at 12. Investors based in Israel number 26.
Among the notable examples of new US-based investments in spyware is the late-2024 acquisition of Israeli spyware vendor Paragon Solutions by AE Industrial Partners, a Florida-based, national-security-focused private equity firm. Paragon made headlines last week when its one-year contract with Immigration and Customs Enforcement (ICE)—first reported by WIRED in October 2024—was suddenly reactivated after a lengthy pause.
Civil society groups described the move by the Trump administration as “extremely troubling” and said it “compounds the civil liberties concerns surrounding the rapid and dramatic expansion of ICE’s budget and authority.” Paragon was linked to alleged misconduct in Europe after WhatsApp reported that Italian journalists and civil society members had been targeted with its technology. An Italian parliamentary committee found that the government had used its Graphite spyware to only surveil human rights defenders.
University of Toronto’s Citizen Lab confirmed the targeting of an Italian journalist and identified potential Paragon customers in Australia, Canada, Denmark, Cyprus, Singapore, and Israel. Paragon responded to the committee’s findings by accusing Italian authorities of refusing to conduct a thorough technical verification—an assessment it argued could have resolved the issue.
Apart from focusing on investment, the Atlantic Council notes that the global spyware market is “growing and evolving,” with its dataset expanded to include four new vendors, seven new resellers or brokers, 10 new suppliers, and 55 new individuals linked to the industry. Newly identified vendors include Israel’s Bindecy and Italy’s SIO. Among the resellers are front companies connected to NSO products, such as Panama’s KBH and Mexico’s Comercializadora de Soluciones Integrales Mecale.
The study reveals the addition of three new countries linked to spyware activity—Japan, Malaysia, and Panama. Japan in particular is a signatory to international efforts to curb spyware abuse, including the Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware and the Pall Mall Process Code of Practice for States.
Despite efforts by the Biden administration to constrain the spyware market through its executive order, trade and visa restrictions, and sanctions, the industry has continued to operate largely without restraint. US policymakers have systematically targeted the proliferation and misuse of spyware through robust policy action, but there is a critical gap between them and US investors—where US dollars continue to fund the very entities US policymakers are trying to combat.
In addition, there is limited public awareness that some of the money spent on this controversial technology may ultimately come from ordinary citizens’ own pockets. In the case of AE Industrial Partners, investment performance reports show that the firm was backed by several US pension funds—among them the Contra Costa County Employees' Retirement Association, Baltimore Fire & Police Retirement System, Houston Firefighters' Relief and Retirement Fund, and the New Mexico Educational Retirement Board—providing cash that could help support the deal with Paragon, which could reach $900 million.
This highlights the need for better understanding from both US government and the public—that the average American might not understand how their dollars are funding the proliferation and misuse of spyware. Crucially, the Trump administration’s policy in this space is not yet fully defined.
The Atlantic Council’s Roberts calls for further action to target US outbound investment and suggests broadening the scope of Executive Order 14105—which already requires notification of overseas investments in quantum technology, AI, semiconductors, and microelectronics—to also cover investment in spyware. Some reports suggest that the administration may also be considering amendments to the Biden-era Executive Order 14093 that restricts government use of spyware.
In particular, it is crucial to maintain this executive order, which leverages US purchasing power to protect Americans against this technology. “US purchasing power is a significant tool in shaping and constraining the global market for spyware,” says Jen Roberts.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Expanding-Shadows-of-Commercial-Spyware-A-Growing-Concern-for-Human-Rights-and-National-Security-ehn.shtml
https://www.wired.com/story/us-spyware-investment/
Published: Wed Sep 10 07:06:39 2025 by llama3.2 3B Q4_K_M
