This week, the US government made a bold move by announcing sanctions against the founder of a controversial government spyware company, Tal Dilian, and his business associate, Sara Aleksandra Fayssal Hamou.
The US Treasury officials accused Dilian and Hamou of creating and selling spyware that was used to target Americans, including government employees, policy experts, and journalists. These actions enabled human rights abuses around the world.
This is the first time the US government has targeted specific individuals rather than just spyware companies. In the past, they have added companies to blocklists and imposed sanctions that prevent any US entity from working with them. However, it seems that now the gloves are off. The US government will directly go after those responsible for selling spyware to authoritarian regimes and dictators, or those whose products were used against innocent targets.
In response to the news of the sanctions, a former head of a spyware company that sold to governments expressed concern, stating, “Wow. That’s big.” However, this person also wished to remain anonymous and believed that their former company always followed regulations and did things the right way, unlike Dilian, the founder of Intellexa, who was also sanctioned.
“He sold to anyone who was willing to pay,” the former spyware head said about Dilian and his company.
The former spyware head also shared their opinion that Dilian made a mistake by trying to circumvent the restrictions previously imposed on Intellexa by the US government. In 2023, the Biden administration placed Intellexa and Cytrox, another company founded by Dilian, on the “entities list”, which blocks any US businesses or individuals from working with them or having any commercial relationships with them.
“I think this is what pissed off the Americans,” the former spyware head said.
Another former member of the spyware industry described Dilian as “an elephant in a crystal shop,” implying that his activities were not hidden, but rather, brazen and careless.
“In that particular space of spyware sellers, you have to be extremely balanced and attentive…but he didn’t care,” the person said.
However, this same person also expressed relief at having left the industry, as times have changed and the consequences are now catching up with those involved.
A third person working in the spyware industry believes that the sanctions against Dilian and Hamou should make the entire market reflect on their actions.
“If I had to come back to work actively in this industry, and I couldn’t find an exclusive customer that is extremely trustworthy, [sanctions] would be a risk,” the third person said. “A company, however serious, can never be 100% sure about how its customers act, and the political developments that can embroil them.”
Prior to these sanctions, the US government had only taken action against spyware makers by announcing that the State Department could impose travel bans and visa restrictions for individuals involved in facilitating or enabling abuses with spyware.
If you have any information on spyware providers, you can securely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382, or via Telegram, Keybase, and Wire @lorenzofb, or through email. TechCrunch can also be contacted via SecureDrop.
In 2021, the Department of Commerce added NSO Group, an Israel-based spyware company, to its blocklist. NSO Group’s tools have been documented to have been used against journalists, politicians, dissidents, and human rights defenders in several countries such as Hungary, Mexico, Poland, Saudi Arabia, and Spain. Two years later, Cytrox and Intellexa were also added to this list.
Given this pattern, it would not be surprising if the US government were to target the founders and executives of NSO Group and Candiru, another Israeli spyware maker, in the same way they have targeted Dilian and Hamou.
However, it is unclear if the individuals responsible for these companies are concerned about potential sanctions.
Dilian could not be reached for comment, and Hamou did not respond to a request for comment.