Cyber Scene #60 - From All Foreign and Domestic Cyber Enemies and Their Minions
Cyber Scene #60 -
From All Foreign and Domestic Cyber Enemies and Their Minions
This Cyber Scene looks domestically as well as internationally at the last four weeks of brisk developments in the cyber world. Following an August recess of Capitol Hill denizens, the return to a jam-packed agenda/docket has Cyber Scene issues overflowing as well. Afghanistan, Haiti, the recall of the French Ambassador to the U.S. and the annual United Nations General Assembly kickoff in New York, ending on 27 September, provide the demanding backdrop to cyber life here and abroad.
Apple makes the Cyber Scene due to issues surfaced by multiple sources. The Wall Street Journal reports that Apple has been procrastinating its scanning for illegal content. Journalists Joanna Stern and Tim Higgins take Apple to task for claiming that the newly minted system for identifying child pornography for removal which was "vigorously defended," was privacy-friendly in its iCloud. But the reporters maintain that privacy experts were concerned that data protection via encryption was "softening." And Apple put off until "the coming months" implementation, for the second time.
Abroad, Apple has been joined by Google in removing a voting app at Russia's request, setting a new precedent, according to Wired's Lily Hay Newman. Cast as anti- Russian establishment, the voting app was the "latest in a series of concessions that Apple in particular has made to the Kremlin." This takedown was fed by threatening fines and accusations of illegal election interference.
Curiously, Germany made the same last claim against Russia. Per the New York Times' (NYT) Melissa Eddy, Germany's federal prosecutor's office accused Russia of attempts to disrupt the 26 Sep national election by hacking lawmakers and members of the federal Parliament through phishing emails and attempts to steal passwords and other personal information. An investigation of this originally nameless "foreign power" ensued. The cyber sleuths now point to the G.R.U. and its Ghostwriter campaign as the perpetrators.
Russia may be disappointed in the German election: Chancellor Angela Merkel, who initiated several sanctions against Russia at least as early as 2014, will be succeeded by two power-sharing leaders who are of like mind as Ms. Merkel regarding Russia. The third possible power-sharer is even tougher.
Russia continues to protect its own cyber soil. According to Ars Technica via Wired's Dan Goddin, Russia has initiated a new way to silence Twitter: slow rolling it to an unusable speed. This mechanism, dubbed "intentional throttling," renders sites basically useless for Russian internet users. A byproduct was consuming memory and CPU resources. Roskomnadzor, the country's body that regulates mass communications, said that throttling Twitter was needed to remove content of child pornography, drugs and suicide.
China has also tightened the grip on its domestic tech world. The 11 September Economist in "Codified crackdown" delves into China's progressive regulation of digital technology. But now that Facebook and Google have been blocked, it is domestic tech giants that are impacted. China has not only silenced its domestic businesses, but also reaches out overseas, such as when Didi, a Chinese "Uber," had its apps removed and was told to stop adding clients two days after it opened in New York City. New laws are in effect to control China's tech leaders to include ones that require code "for their platforms so that they provide content that the government likes, and inhibit what it does not." Four of the new laws to be implemented over the next three months are said to reshape China's internet. Although Europe's General Data Protection Regulation (GDPR) accomplishes this to a very limited amount, China's rules are broader and stricter. Included is a Personal Information Protection Law which starts 1 November. Also new to the streets is, so far, a draft of 27 August, of China's Cyberspace Administration of China (CAC) which will set rules for algorithms. Alibaba and Amazon and Didi are subject to them, as are many other companies with global reach. One advantage of this restriction is fewer spam messages and phone calls. This leads to massive software being rewritten, and, well, time will tell.
Wired's interpretation of "China vs. Big Tech" re-published by Jennifer Conrad in late September looks at this sea change from another angle. She reports that the six-month campaign of China's Ministry of Industry and Information Technology intends to "regulate the country's internet companies, to rein in practices that 'disrupt market order, damage consumer rights or threaten data security.'" They are already aligned, according to Scott Kennedy from the U.S. think tank the Center for Strategic and International Studies (CSIS), as a sort of "whole of government" thrust. But this has not set well with some of the tech giants, including Jack Ma's Alibaba: his financial arm, ANT, had to suspend a planned IPO and is now facing a $2.8 billion antitrust fine. Ms. Conrad summarizes that "the party is over—for the good of the Party."
International economic, diplomatic, and political relations are also subject to fallout. In a phone call in early September, President Biden expressed to President Xi Jinping his concern about cyber activities while also addressing the importance of the two largest economies in the world working together, despite their differences, on common ground issues such as global warming.
Continuing with White House measures, the Washington Post's Ellen Nakashima on 17 September reported on the new U.S. sanctions targeting financial entities that empower ransomware payments. The Department of the Treasury is preparing these sanctions against financial exchanges that facilitate illicit digital payments to hackers. Implementation of these new sanctions is cast as imminent. The overview the Post describes, familiar to most, points out that cybercriminals extract exorbitant fees from victims whose computers are held hostage until these victims pay, generally in cryptocurrency. "…a digital form of money traded through a series of private wallets and public exchanges that can be difficult to track." The pay to hackers in 2020 is estimated at $412 M. Treasury had attempted in October 2020 to identify companies facilitating ransomware payments for being in violation of Treasury's Office of Foreign Assets Control (OFAC) rules but it did not advance to full implementation. Now it has teeth. China, on the other hand, declared all cryptocurrency transactions illegal on 24 September.
Reuters's Alexandra Alper on 21 September expands on the information, identifying an exchange, Suex, whose sanctioning is, per Treasury Deputy Secretary Wally Adeyemo, "a signal of our intention to expose and disrupt the illicit infrastructure using these attacks." She also notes that President Biden spoke with President Putin on this subject in a meeting in July 2021.
The Washington Post's Joseph Marks, who writes under his "Cybersecurity 202" newsletter, adds on 20 September that although progress is swift, "disrupting the current ecosystem" is exceedingly difficult. He points out that the flip side entails making institutions more resilient and urging international cooperation. He also referred to the Biden-Putin meeting in sterner terms: "President Biden demanded that Russian President Vladimir Putin rein in Russian ransomware gangs and threatened retaliation if they hit 16 vital U.S. sectors." He continues, discussing drawbacks and possible implementation challenges.
As for action, the Hill back in business. While much focus has been targeted on getting the House to pass the behemoth National Defense Authorization Act (NDAA)—achieved on 23 September, the House is also working on cyber workforce legislation to further strengthen USG response, or strategizing against, cyber concerns. The Senate has resumed work but was out on 24 Sep.