Meta has removed seven “surveillance-for-hire” companies from its platform to target blameless victims in over 100 countries around the world.
Facebook’s parent company revealed in a report published yesterday that the seven companies are based in China, Israel, India and North Macedonia. Their services are said to have targeted an estimated 50,000 victims, including journalists, dissidents, critics of authoritarian regimes, families of opposition and human rights activists.
Four entities are based in Israel: Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI. The country has a significant stake in the global surveillance market, notably through the work of controversial firm NSO Group, which WhatsApp launched a legal case against in 2019.
Meta said the organizations operate across the three phases of targeting activity: “reconnaissance” via automated software; “engagement,” in a bid to build trust with the individual; and “exploitation” via phishing emails and messages.
“Although public debate has mainly focused on the exploitation phase, it’s critical to disrupt the entire lifecycle of the attack because the earlier stages enable the later ones,” said Meta. “If we can collectively tackle this threat earlier in the surveillance chain, it would help stop the harm before it gets to its final, most serious stage of compromising people’s devices and accounts.”
The social media giant said the removed entities violated its Community Standards and Terms of Service.
“Given the severity of their violations, we have banned them from our services. To help disrupt these activities, we blocked related internet infrastructure and issued cease and desist letters, putting them on notice that their targeting of people has no place on our platform,” the firm added.
“We also shared our findings with security researchers, other platforms, and policymakers so they can take appropriate action.”
There are signs that the US government is now taking the activities of surveillance companies like these seriously.
Phil Muncaster UK / EMEA News Reporter, Infosecurity Magazine