John Scott-Railton Profile picture
Mar 31 5 tweets 7 min read Twitter logo Read on Twitter
I had a candid conversation about commercial #spyware proliferation. And transparency.

With @ODNIgov director Avril Haines, DHS @SecMayorkas & @Youtube CEO @nealmohan

Moderated by @MarietjeSchaake at the #SummitForDemocracy

2/ For a decade civil society sounded the alarm about commercial #spyware.

Great to see @POTUS' Spyware EO & yesterday's joint statement from 11 govs.

I think it's big progress!

But we're also not going to refrain from telling uncomfortable facts & calling for transparency.
3/ DHS @SecMayorkas asks me question of his own: impact putting NSO on the Entity List.

I was surprised by it's outsize impact.

Now that we know new bad players, we wonder: who gets listed next?

I also note Rep @jahimes questions about further actions that can be taken.
4/ My message to #YouTube's CEO @nealmohan and tech companies like @Apple @MsftSecIntel @Meta & @Google.

Keep naming, shaming, attributing & sharing threat intel on mercenary & commercial spyware operations.

It's a critical input for the accountability ecosystem.
5/ One of the other interesting things to come out of the #SummitForDemocracy ? This announcement.

It feels like @CISAgov & the @WhiteHouse have been listening to civil society.

Let's see where this goes!

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with John Scott-Railton

John Scott-Railton Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @jsrailton

Mar 31
Yesterday was busy, but this caught my attention:

@SecMayorkas announced that @CISAgov will be developing a community protection program for orgs in the US that are targeted for digital repression by autocrats overseas.

Happy to see it.

This has been a huge gap. 1/
2/ So many human rights groups & others seek safety in the US from autocratic repression.

Yet tech has helped autocrats extend their reach across borders & export fear in to the US.

Meanwhile, these groups are chronically under resourced.

Defending themselves is hard.
3/ Even well-resourced companies have trouble when targeted with sophisticated hackers.

Think of how much harder it is for orgs that don't even have someone to fix the printer.

However bad you think the problem is... it's worse.

And borders no longer confer digital protection.
Read 5 tweets
Mar 30
NEW: 11 countries ink joint statement on countering commercial #spyware proliferation & abuse.

Cite "fundamental" national security & foreign policy interest 1/

🇦🇺#Australia 🇨🇦#Canada 🇨🇷#CostaRica 🇩🇰#Denmark 🇫🇷#France 🇳🇿#NewZealand 🇳🇴#Norway 🇸🇪#Sweden 🇨🇭#Switzerland 🇬🇧#UK 🇺🇸#US We, the governments of Aust...The misuse of these tools p...To advance these interests,...engaging additional partner...
2/ I'd say the joint statement on commercial #spyware is unprecedented.

A few years ago spyware like #Pegasus was was treated as a human rights issue.

But the dizzying speed of proliferation made big problems for governments, forcing them to prepare positions & action.
3/ The statement's commitment guardrails for accountable domestic #spyware use is important.

But devil will be in the implementations. Civil society will be watching.

(Note: issue wasn't covered in White House Spyware Executive Order on Monday, so nice to see USA commit here) Image
Read 9 tweets
Mar 29
#Exxon's climate opponents were smeared after a private email was handed to the media, including @WSJ.

Was project "Rainbow," a hack-for-hire operation, responsible?

Now, WSJ's own @cmatthews9 asks: who commissioned it?

$XOM denies involvement. 1/… ImageImageImageImage
2/ Yep #Russia does hack & leak operations.

But so does a mercenary industry that gets less attention.

Even as their handiwork shows up in major US policy debates.

By @jc_stubbs @razhael @Bing_Chris…
3/ The WSJ piece shows just how far that presumed-hacked email travelled..

News reports, PR materials, even #Exxon's opening statement in a trial..

But also the complexities of pinning down the ultimately-responsible parties.

Mercenary hack & leak ops are tricky. ImageImage
Read 4 tweets
Mar 27
BREAKING: Biden White House issues executive order on commercial spyware.

Also confirms over 50+ USG personnel suspected targeted w/#Pegasus

Huge deal, let me break the new #SpywareEO down. 1/ ImageImage
2/ Investment fuels spyware proliferation. A lot of that is predicated on the juicy dream of the USG as the ultimate customer.

The new #SpywareEO says to mercenary spyware vendors & backers: decision time.

Either stop contributing to proliferation right now, or lose our number.
3/ Biden's #SpywareEO's closes door for vendors if their spyware has:

❌Been used against USG
❌Has counterintelligence / foreign intel risks

❌ Abused for repression
❌Used on 🇺🇸Americans
❌Sold to govs that systematically do political repression. ImageImage
Read 19 tweets
Mar 20
BREAKING: #Predator spyware used on manager at @Meta's security & trust team.

@ArtemisSeaford is first known 🇺🇸US national hacked w/Predator in the EU.

We @citizenlab found infection.

Mercenary spyware is spiraling out of control. 1/

By @MatinaStevis…
2/ @ArtemisSeaford's #Predator spyware targeting was diabolical.

She got an "appointment confirmation" text after making a COVID vaccine appointment.

It contained her actual appointment details & appeared to come from the #Greek state vaccine agency.

Most would have clicked. In September 2021, Ms. Seaford booked an appointment for a b
3/ #Greek authorities in denial mode over #Predator.

But @ArtemisSeaford's case may hard for them to get distance from: the message used to infect her may have been copied from a legit SMS scooped up by a traditional gov wiretap.
Read 5 tweets
Mar 18
Trump is a panicked man.

And when he's scared for his skin, he tries to incite violence.
2/ The ALLCAPS freakout is classic Trump.

He wants his followers to put their bodies between himself and a consequence he doesn't want to face.

And it also shows us he's living in a madcap information environment.
3/ Trump only started posting on his Facebook yesterday, for the first time since #Jan6th.

So far he's kept this bout of incitement on Truth Social.

Which suggests he may know it's incitement, and want to keep his FB live.

But the timing is very interesting.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!