At Least 50 U.S. Government Employees Hit With Spyware, Prompting New Rules

At least 50 U.S. government staffers stationed in 10 countries were targeted with commercial hacking tools, commonly known as spyware, according to a senior administration official, highlighting the growing threat caused by offensive cyber vendors and prompting the White House to introduce rules to hinder the spying.

U.S. President Joseph Biden will sign an executive order on Monday intended to curb the malicious use of digital spy tools around the globe, which target U.S. personnel and civil society.

While it has not been previously reported that so many U.S. government staff were targeted in this way, in 2021 Reuters reported that Apple Inc. iPhones of at least nine U.S. State Department employees were targeted by an unknown assailant using sophisticated spyware developed by an Israeli company.

At the time, it represented the widest known hack of U.S. officials through such tools.

The senior administration official cited Reuters’ prior reporting as a reason for the broader internal government review.

The new executive order is designed to apply pressure on the secretive industry by placing new restrictions on U.S. government defense, law enforcement and intelligence agencies’ purchasing decisions, a senior administration official said.

By more heavily regulating which organizations can do business with the U.S. government, the idea is that it will shift how the shadowy market operates and limit sales to certain actors, the official said.

“We have clearly identified the proliferation and misuse of spyware as a threat to national security,” the official said, based on an extensive U.S. government review that began in 2021. “The threat of misuse around the world also implicates our core foreign policy interests.”