“Meta Removes 7 Surveillance-for-Hire Operations From Its Platforms”
WIRED, December 16, 2021
By Lily Hay Newman
“While NSO Group gets most of the attention, the takedowns underscore how insidious the industry has become.”
For years, surveillance-for-hire companies have quietly used Facebook, Instagram, and WhatsApp as springboards to target people in more than 100 countries. Today, Meta removed seven of them from its platforms, and is notifying more than 50,000 people that they may have been impacted by the activity. Meta says that many are journalists, human rights activists, dissidents, political opposition figures, and clergy, but that others are simply everyday people, like someone who is party to a lawsuit.
Meta conducted extensive account takedowns and dismantled other infrastructure on its platforms as part of the action, banned the organizations, and sent them cease and desist warnings. The company says it is also sharing its research and indicators of compromise publicly so other platforms and security organizations can better identify similar activity. The findings underscore the breadth of the targeted surveillance industry and the massive scope of targeting it enables worldwide.
“Cyber mercenaries often claim that their services and their surveillance-ware are meant to focus on tracking criminals and terrorists, but our investigations and similar investigations by independent researchers, our industry peers, and governments have demonstrated that the targeting is in fact indiscriminate,” Nathaniel Gleicher, Meta’s head of security policy, said on a Thursday call with reporters. “These companies … are building tools to manage fake accounts, to target and surveil people, to enable to the delivery of malware, and then they’re providing them to any clients who are most interested—the clients who are willing to pay. Which means that there are far more threat actors able to use these tools than there would be without this industry.”
The seven surveillance companies Meta is taking action against are Cobwebs Technologies, an Israeli web intelligence firm with offices in the US, Cognyte, an Israeli firm formerly known as WebintPro, Black Cube, an Israeli firm with a presence in the United Kingdom and Spain, Bluehawk CI, which is based in Israel and has offices in the US and UK, BellTroX, based in India, Cytrox, a North Macedonian firm, and an unknown group based in China.
Meta emphasizes that the surveillance-for-hire industry overall conducts its work in three categories. You can think of it as phases of a surveillance chain; different firms have different specialities within that superstructure.
About the Author:
Lily Hay Newman is a senior writer at WIRED focused on information security, digital privacy, and hacking. She previously worked as a technology reporter at Slate magazine and was the staff writer for Future Tense, a publication and project of Slate, the New America Foundation, and Arizona State University. Additionally her work has appeared in Gizmodo, Fast Company, IEEE Spectrum, and Popular Mechanics. She lives in New York City.
- “Pegasus vs. Predator: Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware” – The Citizen Lab, Munk School of Global Affairs and Public Policy, University of Toronto, December 16, 2021.
- “Taking Action Against the Surveillance-For-Hire Industry” – Meta Newsroom, December 16, 2021.