Friday, September 12, 2025
Latest:

Threatshub.org sponsored-Post

The Register

We’re number 1! America now leads the world in surveillanceware investment

TH Author

After years of being dominated by outsiders, the computer surveillance software industry is booming in the United States as investors rush into the ethically dodgy but highly lucrative field.

The Atlantic Council think tank reported that US investment in surveillanceware rocketed in the last year and identified 20 new US investors, and noted the number of resellers is also rapidly increasing.

“The quantity of US-based entities investing in the spyware market is three times greater than in the next three highest countries with the most investors,” the annual report, entitled Mythical Beasts, found.

“Rapidly increasing investment into this technology is concerning, as it effectively undermines recent, concerted US government efforts to constrain the spyware market.”

Surveillanceware is essentially the same as spyware in that it spies on people’s computer usage and sometimes steals data. But while spyware may be installed surreptitiously through a malware infection, surveillanceware is generally sold to law enforcement agencies. Companies like the UK’s Gamma Group and Israel’s NSO Group pioneered the field, but now America’s investors are betting big on the technology, the report found.

Which is somewhat awkward, since the US and other governments around the world are trying to rein in the industry. While surveillanceware is useful for some national agencies, civilian governments are trying to exercise control via agreements like the Pall Mall Process, a voluntary pact the US and nearly 30 other nations and international organisations have joined to rein in the spread of commercial surveillance tools.

The Council’s report identified two holding companies, 55 individuals, 34 investors, 18 partners, seven subsidiaries, 10 suppliers, and four vendors that established themselves in the last year to exploit the technology. Of these, the number of US investors in surveillanceware increased from 11 to 31.

The report cites private equity biz AE Industrial Partners which invested in Paragon Solutions last year. Paragon’s spyware contract with Immigration and Customs Enforcement (ICE) was paused in 2024 under a Biden-era executive order restricting government use of foreign spyware.

Earlier this month, after Paragon was acquired by a US firm and ownership adjusted, the stop‑work order was lifted, allowing ICE to resume its contract with the now domestically owned vendor.

Another Israeli company, Saito Tech Ltd, which develops the Candiru surveillanceware tool, has been on the US Commerce Department’s Entity List since 2021 “based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

That didn’t stop US biz Integrity Partners from buying the company behind it for $30 million in April, after the company reorganized its intellectual property rights, making the sale technically legal under American law.

“This new investment demonstrates both a contradiction and a critical enforcement gap: an American company is able to invest in an organization on the US Entity List, undermining the very measures that the US government has put in place to constrain spyware vendors in the first place,” the report notes.

“This contradiction between US industry investment and US policymaking must be addressed – or it will continue to uphold the very market that the US government is trying to combat, eroding US leadership on this issue.”

The increasing use of resellers to market such technology also hampers regulation, the Atlantic Council notes. Such organizations operate under the radar and are difficult to track, and the report’s authors say they may be underestimating the number of players selling this attack code on. ®

READ MORE HERE