As part of ongoing effort to beef up cybersecurity, Biden turns gaze to commercial spyware

WASHINGTON – President Joe Biden on Monday limited how the federal government can use commercial spyware that officials say poses a growing threat to government workers and information systems.

Biden signed an executive order prohibiting intelligence agencies and other departments from using commercial spyware considered a national security risk or that has been used improperly abroad, such as to target activists and journalists.

The order  comes ahead of a democracy summit Biden is co-hosting this week. The administration hopes it will spur international collaboration to fight the misuse of spyware.

Related: Here’s how to catch anyone spying on your text messages

More: Your private smartphone conversations are not private. In 2022 we must defeat spyware.

President Joe Biden signs into law S. 2938, the Bipartisan Safer Communities Act gun safety bill, in the Roosevelt Room of the White House on June 25, 2022.
President Joe Biden signs into law S. 2938, the Bipartisan Safer Communities Act gun safety bill, in the Roosevelt Room of the White House on June 25, 2022.

What's the issue?

The Biden administration says commercial spyware has proliferated in recent years with few controls and a high risk of abuse.

Spyware tools have been used to target U.S. personnel. Fifty U.S. workers operating out of at least 10 countries are suspected or confirmed to have been targeted by spyware, according to a senior administration official who talked to reporters on condition of anonymity.

In addition, a growing number of foreign governments – not all of them authoritarian regimes – have used spyware as tools of repression and to enable human rights abuses, the official said.

What is commercial spyware?

Spyware allows remote access to a phone or other electronic devices to extract content and manipulate components without the knowledge of the devices' user.

Why is the administration acting now?

Officials said the administration wants to set guardrails early before there's widespread abuse.

The changes are being rolled out ahead of a virtual gathering of dozens of leaders this week for what the administration is calling a Summit for Democracy.

The Biden administration wants to spur reform in what they said is a largely unregulated industry.

What other steps have been taken?

The U.S. is already using export controls to curb abuses, including placing limits on Israel’s NSO Group, creator of the spyware tool Pegasus.

Other actions include new restrictions and reporting requirements imposed by Congress for former members of the intelligence community who later work with commercial spyware companies.

But more steps were needed, officials said, in part because spyware companies are aggressively trying to make inroads into U.S. agencies which haven't had clear direction about what's allowable.

How can you protect yourself against spyware?

Anti-malware software can help prevent spyware from infiltrating your device. Using two-factor authentication is also recommended by cybersecurity experts. Other tips include not clicking on pop-up ads or downloading files or apps from an untrusted source, making sure software is updated with the latest security protections, and installing an anti-tracking browser.

This article originally appeared on USA TODAY: President Joe Biden targets U.S. government use of commercial spyware