Cyber Scene #25 - CRAZY (CYBER) RICH...
Cyber Scene #25
CRAZY (CYBER) RICH...
North Koreans: Column A menu
Over 50 fake social media profiles have reportedly bolstered North Korean IT sales to obtain needed hard currency by avoiding sanctions, according to the 14 September Wall Street Journal. The operatives posed as Japanese, while in fact working on the Chinese side of the North Korean border (see combo platter segment below) and duping unsuspecting web designers as well as those sucked into the trap. One of the suspects was linked to the killing in the Kuala Lumpur airport following an apparent high profile assassination. LinkedIn as well as many additional legitimate cyber entities were also duped.
In early September, the US released 176 charges against a North Korean operative linked to a "cyber army", according to Aruna Viswanatha and Dustin Volz of the Wall Street Journal. The US charges focused on the 2014 attack on Sony, but also cited the $81 million theft from Bangladesh's account at the New York Federal Reserve Bank.
Chinese: Column B menu
In addition to Equifax's major and much publicized hack of customer data, the Wall Street Journal reported on 12 September on Equifax's fear of Chinese corporate spying two years before the consumer financial data attack. In 2015, Equifax sought the help of the FBI and CIA, as the company feared that employees who subsequently went to work for Chinese companies had downloaded proprietary corporate data related to how credit scores were obtained, algorithmic applications, and other corporate secrets. It appeared that Chinese firm Ant, an affiliate of Alibaba, had offered to triple salaries to certain Equifax employees to jump ship.
And just as the CEO, Jack Ma, of China's e-commerce tech giant Alibaba announced on 10 September that he will soon retire, changes are occurring in the face of some limited regulation resulting in Ant Financial (the above-mentioned affiliate of Alibaba) and Tencent (known for WeChat) are re-branding their work. Rather than refer to this as "fintech" they are now calling it "techfin" intended to "play up technology offerings instead of financial services."
Russians: Column C menu (part Asian/Tatar too!)
First and foremost, two New York Times seasoned intelligence journalists Scott Shane and Mike Mazzetti launched a 12-page special report on 20 September entitled "The Plot to Subvert an Election: Unraveling the Russia Story So Far" which delves into the overwhelming power of Russia's hacks, leaks, and social media "fakery" to include online trolls reaching an audience of "nearly as many Americans as would vote in the (2016) election." In addition to including some seemingly new material (e.g., the Russian-based fake twitter which drove the pro-Putin "peacemaker" banner in Manhattan), the report includes activity back to 2014 and an 8-page timeline ending, so far, in September 2018. The scope of the report, mirroring the magnitude of the cyber activity it examines, warrants attention. The timeline itself is stunning and aids in digesting Russia's role in the 2016 election, giving one pause about the 2018 midterms in November.
Combo platters:
Chinese-Russian: Back to Alibaba, China's financial services firm has taken a 10% stake in Mail.Ru Group, one of Russia's biggest commercial tech players, as reported by the Wall Street Journal. A Russian head of a state-owned investment fund noted, following the Putin-Xi Jinping meeting in mid-September, that "Russo-Chinese cooperation in tech is one of the most promising avenues for bilateral relations."
Chinese-North Korean: See above regarding the Chinese platform in Shengang near the North Korean border aiding North Korean operatives bilking US IT users.
BIG TECH: Keeping up with the tech-rich catch-up connections
Just as cyber technology seeks to connect the world digitally, users and regulators are now picking up the pace of connecting (the dots) with the connectors. The last four weeks of media discussion have generated a huge data dump. Even Congress, wedged between an August recess for the House (the Senate canceled its recess) and mid-terms looming ahead, ominously for some and excitedly for others in November, has resumed its inquiries.
The Rein/Reign of Congress?
The Senate Select Committee on Intelligence (SSCI, now a probably household acronym) summoned tech leaders Larry Page (Google), Jack Dorsey (Twitter) and Sheryl Sandberg (Facebook) to testify on 5 September. But Larry was a missing Page, and Senators "tore into" the seat where Mr. Page should have been with terms such as "arrogant" (Sen. Rubio) and "outrage" (Sen. Collins) (See www.senate.gov/ssci for the unabridged version). They were not alone: Bloomberg Businessweek published a long article on 13 September entitled "Where's Larry" noting that the 45-year old tech giant has a very small footprint these days, or a very clever early retirement as he maintains control of Google but has passed along much of the tech direction to subordinates. The 7 September New York Times print article entitled "A Tech Dialogue, Minus Apologies and Grandstanding" by Farhad Manjoo also criticized Mr. Page for his absenteeism, noting that it was a big mistake. He notes that Google, unlike other tech giants, did not take a pose as an upstart but rather as the "grown-up in the room." This reputation is now quite tarnished. The relationship between tech and Congress is critical, particularly as regulatory issues are increasing. Time Magazine's Haley Sweetland Edwards on 17 September noted that as Washington takes on the threat of Big Tech, the relationship has moved from "once darlings" to "decidedly cooler." Mr. Manjoo notes that Facebook COO Sheryl Sandberg and Twitter CEO Jack Dorsey also testified before the House Energy and Commerce Committee where the latter testifier "overflowed with candor." Just prior to the testimony, Ms. Sandberg was the subject of a lengthy examination by the Wall Street Journal's Betsy Morris, Deepa Seetharaman and Robert McMillan on how she was put in the PR hot seat to defend Facebook's reputation in the wake of the Cambridge Analytica exposé and opined about how she was now responsible for fixing the mistakes. She seems to have fared better than the absent Mr. Page. Two days before the Senate testimony, Barron's Jon Swartz had described the tension between Congress on the one hand and Facebook and Twitter on the other as "white-hot intensity." Tension is also impacting one-third of the Senate and all of the House, with seats up for re-election or grabs, in a matter of weeks. So open hearings also provide a podium from which those now reigning may have a platform to try to continue to do so. As discussed in earlier Cyber Scenes, tech is moving much faster that the regulators who are playing catch up.
The Cyber Offensive Beyond the Beltway
In addition to the regulatory aspect of dealing with cyber and the tech giants that wield it, the reach of the US Government now includes suing spies, per the 13 September Economist. In addition to discussion of the North Korean leading the "cyber army" attack on Sony and the NY Fed Bank "heist" discussed above, the 2014 White House began indicting cyber attackers in a broader pattern that also included five Chinese army officers indicted for industrial espionage. (Sadly, these were not the ones involved with Equifax's first hit.) Five Russian FSB members and nine Iranian elite Revolutionary Guard operatives were also charged. The move toward the courts comes as a double-edged sword, but American officials are "seeking to draw a line between old-fashioned spying, which is seen as fair game, and piratical deeds, like election sabotage and spying for profit."
Big cities are also bracing as they seek cyber insurance to protect against vulnerabilities in their systems, as seen in the Atlanta hack. The Wall St. Journal’s Jon Kamp and Scott Calvert explore this new business in their discussion of 25 most-populous US cities and how they are bracing even as they stave off attacks. Per Andrew Duehren in the 19 September Wall Street Journal, companies such as Symantec, Microsoft, Cloudfare and Synack are also jumping in with free services to states or campaigns to help candidates and campaigns with issues such as identifying fake webpages.
Dave Weinstein's op-ed (WSJ 29 Aug) looks however at a sea change in the difference between cyber defense and cyber offense, and how the present administration with delegation to US Cyber Command has more authority to attack rather than defend. He notes that "cyber policy is shaped by a trade-off between deterrence on the one hand and intelligence collection and diplomatic standing on the other." His discussion concludes that if US Cyber Command is perceived as having its hands tied, enemies do not see much risk in continuing cyber attacks.