BIS Blacklists Cyber Firms

Posted

Bureau of Industry and Security (BIS) is adding four Cyber surveillance entities to the Entity List under the destinations of Greece, Hungary, Ireland, and North Macedonia.

The ERC determined to add the firms to the Entity List for "trafficking in cyber exploits used to gain access to information systems, thereby threatening the privacy and security of individuals and organizations worldwide."

BIS Named two firms, Cytrox, a Hungary-based surveillance company and Greek firm Intellexa, another cyber-surveillance firm,  along with two related entities in Ireland and North Macedonia.
 
Predator spyware is developed by Cytrox and sold in Greece by Intellexa.  The software is used to enter and control targets' mobile phones and has been cited in several high profile incidents involving journalists and political figures.

This activity is contrary to U.S. national security and foreign policy interests under § 744.11 of the EAR. For the  four entities, BIS imposes a license requirement for all items subject to the EAR and will review license applications under a presumption of denial.