Cyber Scene #27 - Data Redefined: Heading Toward an Inverted Dutch Disease Calamity?

Image removed.Cyber Scene #27

Data Redefined: Heading Toward an Inverted Dutch Disease Calamity?

Prior to addressing the panoply of earth-shaking cyber events of the past 30 days, let us begin from theory to specificity this round. The Economist calls upon us to move toward a new way of thinking about data in its "Identity" piece, "Les stats, c'est moi." It likens data to new oil: "...all those 1s and 0s are of little use until they are processed into something more valuable. That something is you." The article goes on to discuss how the world's 10 most valuable companies are tech, except for Apple which is nevertheless hugely connected. Although all of us (excluding, of course, most of this readership) have not changed behavior until we are personally targeted, the litany of companies and organizations victimized by breaches -- from Google to Panera (and more personally, OPM and Marriott), grows longer. So what's with Dutch disease? Closet economists (your author included) as well as professionals have examined the downside of too much of an unregulated good thing with the Netherlands discovery of gas fields leading to a demise in its manufacturing sector. The article underscores the importance of "data-protection regulation and new laws surrounding the use of algorithms." As previous Cyber Scenes have discussed, the US Congress is struggling to do so. But the article's thrust is that "...it is not the data that is valuable. It is you."

DIGGING DOWN TO CHINA: THE DIRT

As our tech sleuths struggle to identify all perpetrators, China keeps rising to the surface. While false flags are possible, other issues appear indisputable. Wired's Brian Barrett examines "How China's Elite Hacks Stole the World's Most Valuable Secrets." He sketches out how, since 2014, China has circumvented the locked data doors via its "APT10 advanced persistent threat" hacking group. He notes that given the "no hacking agreement" of 2015 between the US and China, China "can't handle the truce."

--Huawei or the Highway?

The detention of Huawei's CFO in Canada reported in the New York Times and the reciprocal detention of three Canadian citizens (two are still being held as of this writing) in China underscore how this data issue is very personal for them. The immensity of the US national security threat is more ominous. Last month Barron's cover story by Jack Hough, "New Missile Signals a Renewed Arms Race," analyses how the Pentagon is turning to Big Tech (Silicon Valley in particular) to help. Since then, the Wall Street Journal's Brian Spegele and Kate O'Keefe examine how China sought to contravene US regulations prohibiting the export of satellite technology, in this case from Boeing. The 15-16 December Journal went on to write on how Chinese hackers breached US Navy data including satellite data; Gordon Lubold and Dustin Volz continue to address incidents over the past 18 months termed "some of the most debilitating cyber campaigns linked to Beijing." In the same issue, Rob Taylor (Canberra) and Sara Germano (Berlin) cite discussions among Western "spy chiefs" including the Five Eyes (US, UK, Canada, New Zealand and Australia) during a July conference which underscored vocal (unusual) concern about Huawei and generally Chinese-made gear. This follows Wall Street Journal's Dustin Volz article the prior week on the US charges against Chinese hackers. The article includes a chilling quote from cyber expert Rob Joyce: "We view it as the platform the Chinese are using for whatever they need...and that's why you are seeing the government saying, we've got to deal with it, push them out, make sure they don't have that toehold."

--Back to the Satellites

NBC's Lester Holt Nightly News of 28 December features a Richard Engel special on his attempted visit to a remote but gargantuan Chinese satellite station in Patagonia, Argentina. It is unlikely to help Chinese GPS hikers, but rather follows a 40+ year (per your author's knowledge) of Chinese Southern Cone lower tech investments: railroads, hospitals, soccer stadiums, infrastructure projects to include parliamentary buildings and airports, and now upping the collection ante. And, yes, money, creating massive Southern Hemisphere indebtedness. Is "loan shark" in Chinese "dim sum of its parts?"

--George Kennan's Containment, Sino-Style

As the "high tech arms race" heats up, trade tensions run cold, hot and hotter. The impact hits farmers in the mid-west, exporters in the far west, manufacturing everywhere, the White House and Congress. But back to "you." If you have visited Starwood Hotels and Resorts Worldwide back as far as 2013, you might be in the unlucky 1/3 of 500 million impacted by the breach. See David Sanger & Co.'s New York Times account, "Marriott Data Breach Traced to Chinese Hackers." New passports, anyone? Or are those USG officials furloughed?

--and Back to Kennan's Soviet Version: Russia's Window to the West (Vlad, not Peter)

Amid the flurry of a likely Mueller investigation conclusion in the near term, Scott Shane and Sheera Frenkel (familiar names to this readership) examine the targeting of African-Americans in Russia's operation to influence the 2016 election. The New York Times journalists cite two emerging reports tracking "the energy and the imagination of the Russian effort to sway American opinion and divide the country, which the authors said continues to this day." One report was produced by a cybersecurity company, New Knowledge, with contributions from Columbia University researchers and Canfield Research, LLC, and obtained by the New York Times. The other was written by Oxford University's Computational Propaganda Project with support from the company Graphika, specializing in social media, and was released by the Washington Post. The Shane-Frenkel article embeds both of the reports. LAWFARE points out that the Senate Select Committee on Intelligence, which had commissioned the studies, also released them to the public on 17 December.

--And Pre-Furlough House "Interest" in Google

In what seemed a command first performance, Google CEO Sundar Pichai appeared before the House Judiciary Committee chaired by Bob Goodlattee (R-VA) on 11 December. Over three hours of "discussion, Congressional-style," the Google Chief fielded all manner of questions including: "How is personal identifying information safe with you?" (Hank Johnson (D-GA);."How do you differentiate what you do with data?" (Ted Poe, R-TX) ; repeated questions regarding Google's plans for China (CEO says no plans now, but did not say "never"); and the Chairman's request for a delineation of differences between US and EU data use, following discussion earlier (Eric Swalwell D-CA) of EU's new regulations. Several Members cited the need to allow users to "opt in, not out" and the one humorous exchange and noteworthy "soft shoe" response from the CEO occurred when Congressman Poe (R-TX) displayed his cell phone and asked the CEO if locational capabilities could identify his move across the aisle to one of his Democratic colleagues. The latter said he would welcome him warmly were Poe to come over. The CEO, however, dodged answering the question. In comparison with what Facebook has been battling in December (see the next R & O's Cyber Scene), the New York Times condensed reports of "grilling" seemed extreme, but one pointed comment may be interpreted as a warning shot: Ted Deutch (D-FL), who has sponsored privacy legislation, stated:."If the government steps in to regulate, you won't like it."

--Engagement from last Three of Five Eyes

In early December, the UK Parliament released 250 pages of Facebook documents as part of its Parliamentary investigation of how Facebook uses data. As reported by the Wall Street Journal on 29 December, these indicated that the CEO seemed to downplay the risk of developers sharing Facebook data among themselves.

Down under, Australia has passed a bill that allows it to monitor all online communication, per The Economist. The bill is now in effect, albeit difficult to implement. The Aussie Government can now require tech firms to bake backdoors into their systems to allow authorities to access online communications. Non-compliance charges are $7.2 for firms who defy the law and $50k for individuals. Exposing this process (the Economist says "snooping") can land one in prison for five years.

And little New Zealand, per the New York Times, is blocking telecommunications gear from Huawei, despite the request from one of the largest Kiwi telecom carriers, Spark, to need it for its 5G expansion.

Submitted by Anonymous on