US, NATO, & EU condemn China's Microsoft hack; Pegasus spyware leak
Marietje Schaake, International Policy Director at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP, discusses trends in big tech, privacy protection and cyberspace:
The US, NATO, and the EU have all condemned China for its hack of Microsoft Exchange servers. What happens next?
Now, the joint statement sends a strong signal, but there are operational steps that need to be clarified. Firstly, why was it possible to hack Microsoft servers at all and how to close the gaps to make software more resilient? Additionally, governments making statements condemning China or others are well-advised to attach consequences to such attributions. Sanctions of the economic, financial or immigration type, as well as restrictions on state-owned enterprises, should all be on the table. Certainly, clear criteria need to be there with regard to responsible behavior and the application of international law in cyberspace.
What do we know about the Pegasus spyware leak?
Now, on the one hand, we have known about the toxic surveillance and spyware market for over a decade. But the Pegasus Project provides new and important insights into the targets of Israeli spyware company NSO Group. It is impossible to consider those targets, journalists, human rights defenders, politicians, even President Macron, to be suspects of terror or crime. But that is how NSO defends the sales of intelligence-grade technology around the world, including to the rulers of Saudi Arabia with their dismal record of human rights violations. So it is now crystal clear that claims stating that these spyware systems are for targeted and controlled purposes are false and that the spyware and surveillance sector is out of control. I can only hope that democratic governments will draw a line and stop this market from running out of control even further once and for all.