Cyber Scene #56 - Part Deux: Cyber Climate Change with Chinese Characteristics

Image removed.Cyber Scene #56 -

Part Deux: Cyber Climate Change with Chinese Characteristics

 

As referenced in earlier Cyber Scenes, China's White Paper 2050 strategic plan for having an "influence" is muted and grossly understated. In the U.K., the new Government Communications Headquarters (GCHQ) Director Jeremy Fleming said "Russia is affecting the weather, whilst China is shaping the climate." In the Reuters report entitled "China could rule world's technology," U.K. cyber spy chief says he casts the global situation as dominated by China's jumbo-sized technological weight having the ability to potentially "control the global operating system." Chilling, indeed.

The Economist picks up the temperature in an entire edition entitled "The brutal reality of dealing with China." Of particular note is "White heat" which discusses an "integrated review" entitled "Global Britain in a Competitive Age" presented by Prime Minister Boris Johnson, of the U.K.'s "radical" foreign, security, defense and aid policy. Technology including cyberspace, data, and space are woven throughout the 114 pages. The near future includes a new National Cyber Force for the U.K. Moreover, the new strategy has been warmly received by partners in the U.S., Asia (including Japan), and Europe (including France, remarkable given Brexit).

The U.S. as well is moving forward. Despite the thrust of E.J. Dionne's Washington Post op-ed on the illusion of bipartisanship in the U.S. Senate, he notes that Senator Schumer's (D-NY) bill entitled the "Endless Frontiers Act" has been merged with the U.S. Innovation and Competition Act of 2021 which has been cleared by an 86-11 vote to advance the bill for full Senate approval. It will legislate $100 billion toward the creation of 10 technology hubs in the U.S. and scientific education to develop cutting edge technologies.

The rise of China brings up several issues that underpin cyber and other technologies, present and future. As has been addressed widely in public discussion, and here, the prior U.S. administration took a decidedly hawkish view toward Chinese technological development, particularly challenging Huawei's expansion world-wide. According to the 8 May Economist's "Assuming the position" the Biden administration is still sorting out its tech trade approach to China. It inherited a redirected Bureau of Industry and Security (BIS) which falls under the usually soto voce Department of Commerce. The prior administration, per the Economist, made the usually faceless and silent BIS the prime weapon against Chinese technology, cutting off Huawei "from global semiconductor supply chains." As of this writing, the new administration is looking to "outsider" candidates to lead the charge for the U.S. at BIS. The lead contender seems to be James Mulvenon, who last year connected China's chipmaker to its People's Liberation Army. Mulvenon is a defense analyst, neither a lawyer like the Obama administration appointee nor a tech leader like the Bush #43 appointee. The position was largely vacant during the Trump administration. In considering the appointments discussed in the April Cyber Scene, we may see his name rise up in the near future as the current administration develops its approach to China, fills key holes that remain, and names an undersecretary and policy guru for BIS. Meanwhile, the article notes that "Mr. Biden's National Security Council (NSC) contains plenty of expertise on China and technology." Its Director for Technology and National Security, Saif Khan, developed a plan for countering Chinese semiconductor development, but a complete China policy is still in the works. The article believes that the nomination of the undersecretary of Commerce to run BIS will be a strong indicator of whether "Mr. Biden does, indeed, have a plan for redrawing the lines of technological trade with China, and that he intends to use the most experienced people possible to do so."

Internally, China is trying to reign in competition among its own cyber companies. Craig Mellow of Barron's reports in "China's Crackdown on Internet Giants Lingers" that 34 Chinese internet companies were directed by China's State Administration for Market Regulation to fix their anticompetitive practices or "be punished severely." This followed Alibaba's fine of $2.8 billion for "banning merchants from using competing e-commerce platforms, among other infractions." The article discussed investor interests (profits, of course) and went on to address two areas where internet giants are looking for greener pastures: finance and cloud computing. For any investor readers, the article points out that despite the threats from the Chinese government, the internet giants' stock has not folded as investors at least know what to expect.

As these internal Chinese challenges occur, and the U.S. advances its development of a Chinese strategy based largely on technology, Taiwan has successfully moved in as the world's biggest chipmaker "…amid the Sino-American tech war" and is becoming indispensable, per the 1 May Economist in "Living on the edge." Taiwan Semiconductor Manufacturing Company (TSMC) controls 84% of the world's chips from A to Z, rather from Apple to Alibaba. The article is brimming with tech details, investment issues, and how this occurred, for the curious reader.

Meanwhile, China has another domestic 1,000 flowers to bloom. Their internal cybersecurity work includes "Chinese government's insistence on being able to monitor and control the information that flows through the country's digital networks." The 24 April Economist "Hacking China: Watching them watching you" covers the internal difficulties this global tech power faces. Examples include popular WeChat which is not encrypted, as it must be filtered and censored which also makes these transmissions a vulnerable target writ large of over a billion WeChat accounts. Another aspect is Tencent's challenge, which owns WeChat and must keep inspecting messages while denying this option to attackers. Security is widely weak and means to keep it that way have been developed to make it easier for the Chinese government to monitor its population. As a result, internet users in China have complained about the lack of data protection. The government's response has been to promote programs for companies to protect customer data while enforcing weakness in their devices. The Chinese government has accepted the tradeoff. The populace may think otherwise.

As for hacks, London's 16 May Financial Times broke headlines that French-based "AXA Asian operations hit in ransomware attack." Mainland China was not named, but victims include Thailand, Malaysia, the Philippines, and Hong Kong. The Russian-speaking attackers used a ransomware variant called Avaddon and claim to have stolen 3 terabytes of data including customer IDs and privileged data between customers and doctors/hospitals. AXA is now eliminating coverage of cyber extortion insurance in France as it merely encourages the attacks. France is second worldwide only to the U.S. in ransomware attacks.

Those of you readers who live in the southeastern part of the U.S. may be compassionate, as many have had a short spike in gas prices due to the we-can't-ignore-it Colonial pipeline attack driving the company to shut down operations, as reported on 8 May by New York Times' David Sanger, Clifford Krauss and Nicole Perlroth.

This time it was neither the governments of Russian, China (both guilty as charged in the past), Iran, or terrorist groups. It was the DarkSide—a criminal group eager to hold corporate data for ransom. They succeeded with a reported $4.4 million payout. Sanger and Perlroth returned to report on 14 May regarding lessons learned about U.S. cybersecurity which parsed out how the preparations and simulations to avoid such an attack bore little resemblance to the real thing. The former CEO of cybersecurity firm CrowdStrike notes: "Every fragility was exposed. We learned a lot about what could go wrong. Unfortunately, so did our adversaries." President Biden suggested the U.S. would not give in: "We're also going to pursue a measure to disrupt their ability to operate," Mr. Biden said, a line that seemed to hint that United States Cyber Command, the military's cyberwarfare force, was being authorized to kick DarkSide offline, much as it did to another ransomware group in the fall ahead of the presidential election.

Far from this being the end, Washington Post's Ellen Nakashima and Rachel Lerman opine on 15 May that it may be the beginning. Returning to climate issues, they liken the attack to the tip of the iceberg. Colonial Pipeline's dilemma is faced by thousands of companies, schools, governments, and other entities around the world every year. Most incidents go unreported. Anecdotally, according to companies that help victims hit by ransomware attacks, more than half pay some form of ransom. DarkSide has reportedly collected $46 Million during the first 3 months of 2021. By 15 May, however, the Administration believed that while the criminals were unlikely to be linked to the Russian government, they may however be living in Russia.

And the plot thickens, according to a 24 May report by ProPublica, co-published with MIT Technical Review ("…Ransomware Hackers…Secret Weapon…"), Renee Dudley and Daniel Golden explain how two researchers, five months earlier, had discovered a countermeasure to this sort of DarkSide ransomware. However, a cybersecurity firm made the mistake on 11 January 2021 of publicly exposing this fix which gave DarkSide time to develop a counter to the counter. As a result, gas shot up in price, Colonial Pipeline lost millions of dollars, and the DarkSide won. Additional articles available on this Pro-Publica/MIT link provide more details that make this darkness even darker.

The payment in this case was reportedly made in Bitcoin. The rise of governmental as well as other questionable sourcing leads us to an Economist 8 May Special Report on Banking "GOVCOINS: The digital currencies that will transform finance." Even as money makes the world go 'round, sometimes badly, in this case it loops us back to China. The cover story explains that virtual currencies are before us. They are risky but needed. It touts the transition from an anarchist's obsession to a fund manager portfolio. PayPal is starting to reach China's levels of "govcoins." Technology has had a huge influence on banking and cost-cutting is making such international flows more attractive. The Economist puts the savings of digital currency per year per person at $350. It also allows access to those without bank accounts.

But the other side of the coin is its dangerous appeal in an ungoverned or poorly governed currency. The issue goes on to drill down on organized crime as seen in the Economist's 8 May "A decentralized dark economy makes cyber-crooks more effective and harder to catch." The article continues, sketching out the increase of nefarious cyber-criminal ransomware attacks. Conversely, China's expected digital currency is not expected to be terribly revolutionary as reported in "The new yuan: a lot like the old yuan." But these directions in finance would, in turn, reduce the dominance of the dollar (as noted in "Hege-money").

So the dollar may cool, cybercrime will likely heat up, and China is warming to its cyber future.
 

Submitted by Anonymous on