The Commerce Department’s Bureau of Industry and Security recently added the NSO Group — an Israeli cyber intelligence and security firm — to its Entity List, a trade restriction list comprised of companies or items deemed to threaten American national security or foreign policy interests. The decision has put significant strain on the traditionally tight relationship between the United States and Israel, as the Israeli Defense Ministry has stated it would press the Biden administration to remove the firm from the list despite new allegations of foreign governments using software developed by the NSO Group to target journalists, dissidents, and activists.
The NSO Group develops technology for government agencies, and their premiere military-grade spyware is called Pegasus. The NSO Group has fiercely defended its product, claiming it was intended to prevent and investigate crime that has traditionally been invisible to law enforcement due to end-to-end encryption. Yet mounting evidence shows that the company supplied the Pegasus spyware to foreign governments who then used it to conduct what the Commerce Department deemed “transnational repression.”
Government surveillance evokes scenes of old-fashioned bugging and wiretaps, but Pegasus is “extremely sophisticated spying.” When an agency identifies a target, the target will receive a text message with an accompanying link. Once the target clicks on the link, Pegasus software infects their phone and the government agency can access and extract data, contacts, messages, and phone records as well as switch on the microphone and camera to clandestinely record the target.
In late 2020, a Paris-based journalism nonprofit called Forbidden Stories partnered with Amnesty International to release a target list of 50,000 phone numbers. These phone numbers were concentrated in countries that are clients of the NSO Group with a record of citizen surveillance. The Pegasus Project, an investigation released in July 2021 by 17 media outlets in 10 countries coordinated by Forbidden Stories and Amnesty International, connected 37 phone numbers to attempted or successful hacks of journalists, activists, and dissidents and those close to them.
For example, the project found that the spyware had targeted individuals close to Jamal Khashoggi, the Saudi Arabian journalist and Washington Post columnist who was brutally murdered by agents of the Saudi government while at their consulate in Istanbul. Targets included Khashoggi’s son, friends, and the Turkish prosecutor in charge of his murder investigation. Khashoggi’s fiancée was also targeted in the days after his murder.
More recently, the Associated Press reported that Front Line Defenders, an Ireland-based human rights group, found Pegasus spyware on cell phones that belong to six Palestinian activists. Three of those activists are affiliated with groups that the Israeli defense minister controversially designated as terrorist organizations with little evidence. While it is not clear who infected the activists’ phones, the group is certain the spyware belongs to the NSO Group.
This is not the first time the NSO Group has faced scrutiny over its spyware. In 2016 and 2017, Carmen Aristegui, a prominent investigative journalist in Mexico and one of the earliest targets of the Pegasus malware, received dozens of highly personalized messages from numbers pretending to be the U.S. Embassy, colleagues, and her bank and phone company.
In January 2020, the United Nations released a report that concluded Saudi Crown Prince Mohammed bin Salman most likely used Pegasus malware to hack Jeff Bezos’s phone in 2018 “in an effort to influence, if not silence, The Washington Post's reporting on Saudi Arabia.” Last week, the 9th U.S. Circuit Court of Appeals also denied foreign sovereign immunity to the NSO Group, which means WhatsApp, which is owned by Meta, the parent company of Facebook, can sue the company for Pegasus’s alleged role in targeting 1,400 devices belonging to journalists and dissidents through an exploit in the messaging app.
A few weeks before the United Nations released its explosive report, the Q Cyber Technologies, the company name the NSO Group uses in Israel, contracted Mercury Public Affairs, a global strategy firm in Washington, DC to clean up its image. For a mere $120,000 per month, Mercury Public Affairs would consult on the firm’s public, media, and government relations. Mercury Public Affairs also meticulously logged statements attributed to NSO Group spokespeople into the Foreign Agents Registration Act website, a Department of Justice database that tracks the political activities of foreign principals, and their contents are revealing.
From January 2020 through earlier this month when Mercury Public Affairs cut ties with Q Cyber Technologies, the FARA website lists 99 pieces of informational material the firm disseminated on behalf of the NSO Group and its business practices. In July alone, when the Pegasus Project launched, Mercury Public Affairs filed 14 statements attributed to the NSO Group.
The tone of these comments ranged from shocked outrage over the alleged abuses to venomous contempt for the Project, often making a sales pitch in the same breath as its defense. “If and when NSO will receive a credible proof of misuse of its technologies, it will conduct a thorough investigation, as it always had and always will,” one statement from July 2021 insisted, adding, “NSO products are saving lives and helping governments fight crime and terror.” Repeatedly, the informational materials available on the FARA website exhibited this deny-sell-justify pattern: essentially, national security interests trump human rights concerns.
This pattern jumped off the page into reality again last week. The same day the Associated Press revealed that FLD found Pegasus spyware on activists’ phones, the Israeli Defense Ministry announced its campaign to convince the Biden administration that Pegasus is a vital tool for national security. Israel wants the Commerce Department to remove the NSO Group from the Entity List and stated that the Defense Ministry, which oversees the licensing of the software, would tighten supervision on what government agencies have access to Pegasus. The Defense Ministry said it did not know who used Pegasus to target Palestinian phones, however, and the NSO Group refused to confirm who used the software and insisted they cannot access information on alleged targets.
National security has been used to justify bad behavior in our post-9/11 world, but it is in the true interest of security writ large to stop the proliferation of dangerously invasive spyware to governments with a record of human rights abuses and citizen surveillance. The Commerce Department took a bold, necessary step in adding the NSO Group to its Entity List, and the Biden administration needs to back it up.
Taylor Giorno is a National Security/Foreign Influence research intern at the Quincy Institute. She earned her bachelor’s in foreign affairs from the University of Virginia and her master’s in international affairs from Johns Hopkins School of Advanced International Studies. A Rotary grant recipient, she successfully defended two theses, received multiple prizes for outstanding policy writing, and has published in Responsible Statecraft, The National Interest, and Inkstick Media.
Two years ago on Feb. 24, 2022, the world watched as Russian tanks rolled into the outskirts of Kyiv and missiles struck the capital city.
Contrary to initial predictions, Kyiv never fell, but the country today remains embroiled in conflict. The front line holds in the southeastern region of the country, with contested areas largely focused on the Russian-speaking Donbas and port cities around the Black Sea.
Russian President Vladimir Putin, having recognized the Russian-occupied territories of Donetsk and Luhansk as independent days before the invasion, has from the beginning declared the war a “special military operation” to “demilitarize and denazify” Ukraine. His goals have alternated, however, between existential — bringing all of Ukraine into the influence of Russia — and strategic — laying claim to only those Russian-speaking areas in the east and south of the country.
It is in the latter that Russia has been much more successful. Yet after two winters of brutal fighting and hundreds of thousands of casualties on both sides, as of the end of 2023 Russia only laid claim to 18% of Ukraine’s territory, as compared to 7% on the eve of the war and 27% in the weeks after the invasion.
Meanwhile, the West’s coffers have been opened — and, as some say, drained — to help Ukraine’s government, led by President Volodymyr Zelensky, defend itself against Moscow.
Regardless, Ukraine’s military forces have been wholly depleted as they compete with a much more resourced and populous Russia. While Ukraine’s military campaign was able to take advantage of Russian tactical mistakes in the first year, its much-heralded counteroffensive in 2023 failed to provide the boost needed not only to rid the country of the Russian occupation, but also to put Kyiv in the best position to call for terms.
If anything, as Quincy Institute experts Anatol Lieven and George Beebe point out in their new brief, “there is now little realistic prospect of further Ukrainian territorial gains on the battlefield, and there is a significant risk that Ukraine might exhaust its manpower and munitions and lay itself open to a devastating Russian counterattack.”
The only and best solution, they say, is to drive all sides to the negotiating table before Ukraine is destroyed.
The narrative of the war — how it began, where it is today — is well documented. On the second anniversary of Russia’s full-scale invasion, RS thought it might be instructive to look at the numbers — weapons, aid, polling, population, and more — that illustrate the cost and the contours of the conflict over 24 months, and counting.
The U.S. Congress has allocated a total of $113 billion in funding related to the war. The vast majority of this money went directly to defending Ukraine ($45.2 billion in military aid) and keeping its government and society functioning ($46 billion in economic and humanitarian aid). Other funds went to rearming allies ($4.7 billion) and expanding U.S. military operations in Europe ($15.2 billion).
After two years of war, that funding has dried up. The Biden administration, which once shipped two or three new weapons packages each month, has not sent Ukraine a major arms shipment since Dec. 27, 2023. As Congress struggles to pass an additional $60 billion in Ukraine-related funding, observers increasingly believe that aid package may have been the last.
The Pentagon has sent at least 3,097,000 rounds of artillery to Ukraine since Russia’s invasion. Most of those (2,000,000) have been 155 mm shells, the standard size used by the U.S. and its NATO allies. For perspective, that’s about 95,000 tons of 155 mm ammunition alone.
Despite ramping up military manufacturing, the U.S. still only produces about 340,000 155 mm shells per year, meaning that Ukraine has been firing rounds at three times the rate of American production.
Washington has also given Kyiv 76 tanks, including 31 Abrams tanks and 45 Soviet-era T-72Bs. Ukraine has received 3,631 American armored vehicles of various types, from infantry fighting vehicles to personnel carriers and medical trucks.
Meanwhile, Ukraine has made use of 39 American-made HIMARS, a mobile rocket launcher that has become famous for its utility in the war. As for smaller arms, the U.S. has sent at least 400,000,000 grenades and bullets in the past 24 months.
The war has killed at least 10,378 civilians and injured an additional 19,632, according to the UN. More than three in four non-combatant casualties occurred in areas held by the Ukrainian government, indicating that Moscow is responsible for the lion’s share of civilian harm.
When it comes to military casualties, good data still remains hard to come by and estimates are sometimes wildly different. Neither Russia nor Ukraine have offered detailed, public indications of the war’s impact on their soldiers.
The U.S. estimated in August that 70,000 Ukrainian soldiers had died and an additional 100,000 to 120,000 had been injured, putting the number of total casualties at over 170,000. Russia, for its part, claimed in November that 383,000 Ukrainian soldiers had been killed or wounded.
On the other side, the United Kingdom estimates that Russia has suffered at least 320,000 casualties, with 50,000 deaths among Russian soldiers and 20,000 deaths among Wagner Group mercenaries. Washington said in December that Moscow had suffered 315,000 casualties, though American officials did not provide a breakdown of deaths and injuries.
The United Nations estimates that the Ukrainian population (the entire country within internationally recognized borders), which totaled 43.5 million people in 2021, dropped to 39.7 million in 2022 as war swept through the country’s east. This trend continued into 2023, as the population dropped to 36.7 million — the lowest level since Ukraine became independent in 1990.
As of January, 6.3 million Ukrainians have become refugees abroad, with another 3.7 million displaced internally. As the frontlines have settled, Ukraine’s population has slowly started to grow again, reaching 37.9 million in early 2024. Meanwhile, demographer Elena Libanova estimates that only 28 million of those people live within areas currently under Ukrainian government control (outside of Crimea and the Donbas).
Two new polls that came out within the last week illustrate the complexities of Americans’ feelings toward the war in Ukraine and the U.S. role in it.
First, a Pew poll published February 16 found that a large majority of Americans (74%) see the war between Russia and Ukraine as somewhat (30%) or very important (43%) to U.S. interests. And another survey, from the Harris Poll and the Quincy Institute, which publishes Responsible Statecraft, found that Americans broadly support a U.S.-led negotiated end to the conflict.
But the past few months in Washington have been largely focused on U.S. aid to Ukraine, specifically whether Congress will pass President Biden’s request for roughly $60 billion for Kyiv’s fight against Russia.
According to Pew, in March 2022, 74% of Americans said U.S. aid to Ukraine was “just right” or “not enough.” In December 2023, that same survey found that just 47% said the same. The biggest change came from Republicans: 49% said in March, 2022 that U.S. aid was “not enough,” while just 13% said the same in December.
Meanwhile, Gallup found in August 2022 that 74% of Americans said U.S. aid to Ukraine was “about right” (36%) or “not enough” (38%). Those numbers came down slightly in Gallup’s latest track on this question in October, 2023, with 58% saying U.S. aid was about right (33%) or not enough (25%).
There have been several attempts to bring nations together to outline talks to end the war. Russia and Ukraine engaged in five rounds of talks in Belarus and Turkey shortly after the invasion, but the talks collapsed amid allegations of Russian war crimes and Western pressure on Kyiv to keep fighting.
Since then, the belligerents have spoken directly about secondary issues, like Black Sea shipping and prisoner swaps. Ukraine, meanwhile, laid out a “10-point peace plan” that has formed the basis for five international summits, none of which included Russia. These took place in Copenhagen, Denmark, in June 2023; in Jeddah, Saudi Arabia, in August 2023; in Malta in October, 2023; in Riyadh, Saudi Arabia, in December 2023; and Davos, Switzerland, in January of this year.
Since the start of the war, Congress has passed four aid packages for Ukraine, totaling $113 billion. While none of the four packages were identical and aid for Ukraine was sometimes bundled with other spending, the trends for support for Kyiv in Congress are similar to those we see in polling, particularly among congressional Republicans.
The 2022 supplemental, which became law in May 2022 and provided Ukraine with $39.34 billion in aid passed the House 368-57 and the Senate by a vote of 86-11. By September 2023, when the House voted on the Ukraine Security Assistance and Oversight Supplemental Appropriations Act, which provided Kyiv with $300 million in security assistance, it passed by a vote of 311-117, with a majority of Republican members opposing the legislation.
On February 12 of this year, the Senate voted 70-29 to pass a national security supplemental, which would provide approximately $60 billion in aid for Kyiv alongside money for Israel and partners in the Indo-Pacific. The bill has not yet been voted on in the House.
Ben Armbruster, Blaise Malley, Connor Echols and Kelley Vlahos contributed reporting. Graphics by Khody Akhavi.
keep readingShow less
A woman lays flowers at the monument to the victims of political repressions following the death of Russian opposition leader Alexei Navalny, in Moscow, Russia February 16, 2024. REUTERS/Stringer
President Biden was entirely correct in the first part of his judgment on the death of Alexei Navalny: “Putin is responsible, whether he ordered it, or he is responsible for the circumstances he put that man in.” Even if Navalny eventually died of “natural causes,” his previous poisoning, and the circumstances of his imprisonment, must obviously be considered as critical factors in his death.
For his tremendous courage in returning to Russia after his medical treatment in the West — knowing well the dangers that he faced — the memory of Navalny should be held in great honor. He joins the immense list of Russians who have died for their beliefs at the hands of the state. Public expressions of anger and disgust at the manner of his death are justified and correct.
The problem comes with the other part of Biden’s statement, that “[Navalny’s death] is a reflection of who [Putin] is. And it just cannot be tolerated.” If he had said “approved,” “justified,” or “defended,” that would have been absolutely right. But “tolerated”? What can Biden do in response, that he has not done already?
The U.S. president has promised major new sanctions intended to “cut Russia off from the world economy” — but that requires Washington to control the world economy. Economic sanctions against Russia in response to the invasion of Ukraine have failed, and even strengthened the Russian economy and the state’s grip on it. They cannot be significantly extended, because this would damage and infuriate countries that are dependent on Russian energy exports, including India, a key U.S. partner. As to sanctions against Russian individuals part of or linked to the Russian regime, there are already thousands of them, and they have had no effect whatsoever.
Statements like Biden’s are both pointless and dangerous. For the spoken or unspoken implication is that it is impossible to deal with Putin. But like it or not, Putin is the president of Russia. To all appearances, he will remain so for a considerable time to come, and will hand over to a successor of his own choosing. The Biden administration has said that it wants Ukrainian victory (whatever that now means), but it has also said that it believes that the war will end in negotiations, and following the failure of last year’s Ukrainian offensive, is now reported to be moving in this direction.
Who does Biden think that he will negotiate with, if not Putin? Seeking talks on an end to the Ukraine war does not imply approval of Putin’s crimes or his invasion of Ukraine, any more than the Eisenhower administration’s negotiation of an end to the Korean War implied approval of the North Korean regime and its invasion of South Korea.
By its own account, the Biden administration has supposedly made the promotion of democracy around the world a central part of its diplomacy, with the clear implication that only democratic governments that respect human rights are truly legitimate. Actual U.S. diplomacy does not work like this and never has; not because of American imperialist or capitalist wickedness, but because the world does not work like this.
Nobody should be required to like or admire the governments of Abdel Fattah Al-Sisi, Mohammed Bin Salman or Narendra Modi (though we might well wish that U.S. officials had been less effusive in their praise of them). Like Putin, they are however the heads of their countries’ governments, and likely to remain so. You deal with Saudi Arabia and India — and you have to deal with Saudi Arabia and India — you deal with MBS and Modi.
The other thing to be wary of in the outpouring of outrage at the death of Navalny, is that this is already being used to build a strategy of greatly increased Western official support for the Russian opposition. Many (not all) people and groups in the Russian liberal opposition are personally and politically admirable. Some, like Navalny, have shown tremendous courage. To say this is quite different from believing that they are ever likely to form the government of Russia, and that the U.S. should base its policy towards Russia on the hope that this will be so.
The sad truth is that the Ukraine war has placed the Russian liberal opposition in a politically impossible position. Having been largely chased into exile by Putin, they are dependent on Western support. This means however that their principled opposition to the Russian invasion can be portrayed by the Russian government — and is seen by many ordinary Russians — as treason in time of war. As with the Iranian, Chinese, and other oppositions, official support from Washington only allows the ruling regimes to paint the name “traitor” in brighter colors.
A combination (differing from individual to individual) of idealism, dependence on the West and hatred of Putin means that instead of advocating a compromise peace in Ukraine, many Russian oppositionists have — willingly or unwillingly — identified themselves with Ukrainian and Western positions that explicitly demand complete Russian defeat.
And while not many Russians wanted the war, not many Russians want to see Russia defeated. As I have remarked before, even many Americans who strongly opposed the war in Vietnam were outraged when Jane Fonda went to Hanoi. If she stood a chance of being elected to any office in the U.S. before that trip, she certainly didn’t afterwards.
Any hope of rebuilding liberalism in Russia (and indeed Ukraine, albeit to a much lesser extent) therefore requires an end to the war. For some degree of authoritarianism is a natural accompaniment to every war, and regimes all over the world have exploited this to increase their own power. Equally importantly, mass support for Putin is critically dependent on the general belief that the West intends not just to defeat Russia but to cripple it as a state, and that to prevent this it is essential to support the government.
For the moment at least, this has eclipsed previously widespread resentments —which Navalny channeled — at regime corruption. No amount of Western or Russian opposition propaganda can change this Russian picture. Peace might, if it is given a chance.
For the third year in a row, globally, the number of investors in nuclear weapons producers has fallen but the overall amount invested in these companies has increased, largely thanks to some of the biggest investment banks and funds in the U.S.
“As for the U.S., while there is, like past years, indeed a dominance, and total financing from U.S.-based institutions has increased, the total number of U.S. investors has dropped for the third year in a row (similar to our global findings), and we hope to see this number will continue to fall in the coming years,” Alejandar Munoz, the report’s primary author, told Responsible Statecraft.
In 2023, the top 10 share and bondholders of nuclear weapons producing companies are all American firms. The firms — Vanguard, Capital Group, State Street, BlackRock, Wellington Management, Fidelity Investments, Newport Group, Geode Capital Holdings, Bank of America and Morgan Stanley — held $327 billion in investments in nuclear weapons producing companies in 2023, an $18 billion increase from 2022.
These companies are also profiting from the enormous government contracts they receive for developing and modernizing nuclear weapons.
“All nuclear-armed states are currently modernizing their nuclear weapon systems,” says the annual “Don’t Bank on the Bomb” report from PAX and ICAN. “In 2022, the nine nuclear-armed states together spent $82.9 billion on their nuclear weapons arsenals, an increase of $2.5 billion compared to the previous year, and with the United States spending more than all other nuclear powers combined.”
American weapons companies are some of the biggest recipients of contracts for nuclear weapons. Northrop Grumman and General Dynamics are “the biggest nuclear weapons profiteers,” according to the report. Combined, the two American weapons manufacturers have outstanding nuclear weapons related contracts with a combined potential value of at least $44.9 billion.
Those enormous government contracts for nuclear weapons, alongside contracts for conventional weapons, have helped make nuclear weapons producers an attractive investment for American investment banks and funds.
“Altogether, 287 financial institutions were identified for having substantial financing or investment relations with 24 companies involved in nuclear weapon production,” says the report. “$477 billion was held in bonds and shares, and $343 billion was provided in loans and underwriting.”
The report notes that while the total amount invested in nuclear weapons has increased, the number of investors has fallen and trends toward firms in countries with nuclear weapons.
ICAN and PAX suggest that concentration may be a result of prohibitions on nuclear weapons development for signatories to the Treaty on the Prohibition of Nuclear Weapons (TPNW), a 93 signatory treaty committing to the ultimate goal of the total elimination of nuclear weapons. The report says:
The TPNW comprehensively prohibits the development, manufacturing, testing, possession, use and threat of use of nuclear weapons, as well as assistance with those acts. For companies that build the key components needed to maintain and expand countries’ nuclear arsenals, access to private funding is crucial. As such, the banks, pension funds, asset managers and other financiers that continue to invest in or grant credit to these companies allow for the production of inhumane and indiscriminate weapons to proceed. By divesting from their business relationships with these companies, financial institutions can reduce available capital for nuclear weapon related activities and thereby be instrumental in supporting the fulfilment of the TPNW’s objectives.
Susi Snyder, managing director of the Don’t Bank on the Bomb Project, told Responsible Statecraft that even U.S. banks, like Pittsburgh based PNC Bank, are facing shareholder pressure to divest from nuclear weapons and that the tide may be shifting as shareholders in U.S. companies grow increasingly sensitive to investments in nuclear weapons.
“For three years shareholder resolutions have been put forward at PNC bank raising concerns that their investments in nuclear weapon producers are a violation of the Treaty on the Prohibition of Nuclear Weapons (TPNW), and that they are not in line with the bank's overall human rights policy guidelines,” she said.