Skip links

Sandvine put on America’s export no-fly list after Egypt used network tech for spying

The US Commerce Department has blacklisted Sandvine for selling its networking monitoring technology to Egypt, where the Feds say the gear was used to spy on political and human-rights activists.

The Canadian IT appliance and software maker, along with China’s Chengdu Beizhan Electronics, was added to America’s Entity List, which places export restrictions on those organizations and essentially bans US companies from doing business with them without special permission from Uncle Sam. The Dept of Commerce adds outfits to the list that are deemed a threat to American national security or foreign policy interests.

Chengdu made the naughty list for apparently acquiring and attempting to acquire US goods on behalf of China’s University of Electronic Science and Technology, which was already on the Entity List. Chengdu could not be reached for comment.

We take allegations of misuse very seriously

Sandvine earned its spot for supplying “deep packet inspection technology to the Government of Egypt, where it is used in mass web-monitoring and censorship to block news as well as target political actors and human rights activists,” according to the Americans [PDF] in a notice published in the Federal Register on Tuesday. The listing applies to Sandvine’s Canadian head office as well as its branches in India, Japan, Malaysia, Sweden, and the United Arab Emirates.

When asked about these allegations, and the export restrictions, a Sandvine spokesperson told The Register the biz hopes to clear up the situation: “Sandvine is aware of the action announced by the US Commerce Department. We are committed to working closely with government officials to understand, address and resolve their concerns. Sandvine solutions help provide a reliable and safe internet, and we take allegations of misuse very seriously.”

The networking business has, for years, been accused of helping authoritarian regimes censor and spy on dissidents.

In 2018, Citizen Lab claimed Sandvine PacketLogic devices were used to deliver nation-state malware to “hundreds” of internet users in Turkey and Egypt. The deep-packet inspection boxes, placed on the networks of Türk Telecom and Telecom Egypt, allegedly redirected users to malicious websites where they inadvertently downloaded spyware, cryptocurrency mining scripts, and other software nasties.

More recently, in September last year, Citizen Lab claimed the Canadian biz sold technology to help install Predator spyware on the phone of Ahmed Altantawy, an Egyptian politician running for president.  

Altantawy was the victim of a similar cyberattack in 2021 that also used Sandvine’s technology, according to Citizen Lab.

Predator’s developer Cytrox, which is now called Intellexa, was added to the Entity List in July 2023. ®