"Paragon's "Graphite" malware has been implicated in widespread misuse by the Italian government. Researchers at Citizen Lab at the Monk School of Global Affairs at the University of Toronto and with Meta found that it has been used in Italy to spy on journalists and civil society actors, including humanitarian workers. Without strong legal guardrails, there is a risk that the malware will be misused in a similar manner by the U.S. Government."
"Reportedly, the contract is being reactivated because the US arm of Paragon Solutions was acquired by a Miami based private equity firm, AE Industrial Partners, and then merged into a Virginia based cybersecurity company, REDLattice , allowing ICE to circumvent Executive Order 14093 which bans the acquisition of spyware controlled by a foreign government or person. Even though this order was always insufficient in preventing the acquisition of dangerous spyware, it was the best protection we had."
ICE reactivated a $2 million contract with Paragon Solutions, a company selling surveillance malware. Paragon's 'Graphite' has been used in Italy to spy on journalists, civil society actors, and humanitarian workers, according to research by Citizen Lab and Meta. The US arm of Paragon was acquired by AE Industrial Partners and merged into REDLattice, allowing ICE to reactivate the contract while appearing to comply with Executive Order 14093. Executive Order 14093 banned acquiring spyware controlled by foreign persons but offered limited protection against such transfers. The reactivation raises risks of misuse by US agencies, insider threats, and requires US users to strengthen threat models and precautions. Graphite requires zero-day exploits to deploy.
Read at Electronic Frontier Foundation
Unable to calculate read time
Collection
[
|
...
]