Cyber Scene #40 - Nations (Not Totally) United On Cybersecurity
Cyber Scene #40 -
Nations (Not Totally) United on Cybersecurity
The United Nations--Not Cyber Scene's Usual Suspect
The United Nations (UN) has spoken loudly, twice in the last few weeks, on cybersecurity. Both the UN Secretary-General (UNSG) himself as well as the UN Human Rights Council representing the voice of world authority have addressed the future impact of cybersecurity as well as monumental past transgressions just confirmed by the UNCHR.
Cyberspace: The Not-So-Cold War
UN Secretary-General Antonio Gutteres spoke at great length and detail on US-China's tech divisiveness related to cyberspace and its worse-than-cold-war status in a discussion with Wired's Editor in Chief Nicholas Thompson recently, with the full interview and video published on 15 January. The UNSG covered a wide swath of global issues, including the high-level panel the UN created for digital cooperation. The panel’s objective is to bring nations at loggerheads together under UN auspices. The UNSG believes that technology can promote democracy but also addresses dangerous aspects--unintended or sometimes intended consequences. He believes that access to the internet should be a right, but that technologies should not be used as instruments of political control.
WhatsApp if Money Can't Buy You...Privacy?
Crown Prince versus Google King
Business Insider's Isobel Asher Hamilton reported on 22 January that US human rights investigators "...just backed bombshell claims that Saudi Crown Prince Mohammed bin Salman (MBS) most likely hacked Jeff Bezos' phone." The UN Council on Human Rights (UNCHR) Office of the Commissioner formally stated that UNCHR was gravely concerned about the hack. In the words of the UN itself: "The two experts – who were appointed by the Human Rights Council - recently became aware of a 2019 forensic analysis of Mr. Bezos' iPhone that assessed with "medium to high confidence" that his phone was infiltrated on 1 May 2018 via an MP4 video file sent from a WhatsApp account utilized personally by Mohammed bin Salman, the Crown Prince of the Kingdom of Saudi Arabia. "The UN statement goes on to argue for increased and immediate investigation and control by the US and other "relevant authorities" regarding MBS's efforts to target perceived opponents.
California is setting off its own state-wide privacy scramble while awaiting national or international support. Fortune's Jeff John Roberts reports that a new 2020 law, California Consumer Privacy Act (CCPA) requires businesses to reveal to consumers what they have collected on them, and to delete it all upon the request of the consumer. Mr. Roberts notes that advertisements by behemoths such as Walmart would no longer be able to be tailored for a particular consumer. Google also would lose income from advertisers who are charged more for ads specific to individual consumers. A nonpartisan report projected upfront costs of $55 billion to the advertisers with this law taking hold; nearly two dozen other states are considering implementing similar laws. Meanwhile, Mr. Roberts notes that "unusual bipartisan agreement to pass such a law" at the national level may not be stalled until after the November 2020 elections because, as Brookings Institution expert Cameron Kerry notes, the lack of privacy for the children and grandchildren of US legislators is making this issue personal.
Blame Game, Revisited
The issue of Russia generously ascribing to Ukraine credit for the Burisma hack continues to play front and center. The New York Times reported on 13 January new evidence of a Kremlin hand in the attack of a Burisma subsidiary in Ukraine which keeps the issue linked not only to cybersecurity concerns generally but to major political ones, particularly the one before the Senate this week and through November elections.
Getting a Grip/Grid: Iran and Your Daily Life
As many Americans worry about retaliatory moves by Iran, two learned voices, General (Ret.) Keith B. Alexander, former CyberCommand and NSA Director, and Jamil N. Jaffer, Esq., the former chief counsel of the Senate Foreign Relations Committee, co-authored a threat warning and call to action published in Barron's on 10 January. It specifically pertains to Iran's build up; use of disruptive and destructive cyberattacks on US banks, a US dam, and a Las Vegas casino; and the US "sotto voce" response. This has changed since the strike on Iranian commander Suleimani. Now the expectation should be, per the authors, cyberattacks on the U.S. government, U.S. companies in key sectors, allies in the region, or all three. General Alexander and Mr. Jaffer point out that, in this war, Walmart and Target won't "...have surface-to-air missiles" as a defense. The speed of cyber attacks does not allow the US Government sufficient warning time to alert intended victims, as one would in a missile attack. They point out that in order to "provide for the common defense" as the US Founding Fathers demanded, a collective defense capability across multiple sectors, at increased speed and scale, needs to be developed now.
Wired's Andy Greenberg picks up on the issue, citing a RAND think tank expert on Iran, Ariane Tabatabai, who notes that Iranian military strength cannot match that of the west, but a cyber match up will give Iran a more equal shot. Another think tank expert, Chris Meserole at Brookings Institution, expects that cyberattacks will allow for immediate attacks, but that Iran would not necessarily exclude bombs and bullets.
Microsoft: One Big Step for Public-Private Partnership
The National Security Agency (NSA) and Microsoft are recent exemplars of the defense capacity of which General Alexander and Mr. Jaffer wrote. In a discussion with NSA's Director of Cybersecurity Anne Neuberger on 14 January, Wired reported that in a call with reporters she spoke about the public release of a Microsoft vulnerability which NSA shared with Microsoft. She notes, "When we identified a broad cryptographic vulnerability like this we quickly turned to work with the company to ensure that they could mitigate it." This is consistent with Ms. Neuberger's face-to-face video discussion with Wired's Garrett Graff of a new approach to public-private partnership. The video, published in Cyber Scene in the November R&O, was aired on the heels of Ms. Neuberger's October 2019 appointment to her new role as Directorate Chief.
East by South East
"Headwinds for Huawei"
The Economist's annual projection of technology in "The World of 2020" holds that, over and above the global tousling over Huawei's 5G, many additional Chinese tech firms, which are multiplying due to easy start-up access to the world market, will collide with geopolitics abroad. Asia technology correspondent Hal Hodson in The Economist's "The World in 2020" Science and Technology goes on to note that startups can quickly scale up due to China's wealth and support from the Chinese state itself which loops back to the US issues with Huawei's 5G.
Mr. Hodson followed up in The Economist's Technology Quarterly (4 Jan 2020) in a special issue entitled "Poles apart: China, America and the planet's biggest break-up." He explores the "new revolution" from "the people who brought you fireworks..." regarding big data, reactors, microproccessors and countless other technologies. He concludes with the fact that these developments could rekindle fireworks on at least the tech, economic and diplomatic levels, if not the military.
Back in Europe's 5G battlespace, the UK's new Prime Minister Boris Johnson continues to push back on US insistence that the UK ban Huawei. With considerable insight into the UK's national security decision-making, The (London) Times reports on 15 January that some of the UK's internal discussion centers on whether intelligence sharing would be at risk among the Five Eyes (UK, US, Canada, Australia and New Zealand) communities. Certain members of the UK's inner circle say "no problem," but former Australian Prime Minister Malcolm Turnbull felt the UK would be "very vulnerable." One of the UK National Security Council members has left the "opposed to Huawei" side to support Huawei's 5G in the UK, and the head of MI5 is not convinced that UK-US intelligence sharing would be at risk; a US delegation said accepting Huawei would be "nothing short of madness."
"Trying Times" for Huawei Get P
The Economist notes on 23 January marked that day as the beginning of a likely lengthy extradition hearing and legal case in Canada of Meng Wanzhou, Huawei's Chief Financial Officer and daughter of its founder. Her lawyers in Vancouver argue that "... the alleged crime for which the United States wants to extradite her, i.e., violating American sanctions on Iran, was not a crime in Canada at the time of her arrest in December 2018." The prosecutors contend that misrepresenting banking connections, however, is illegal in both the US and Canada.
Africa Dishing it Up
Wired's Laura Mallonee reports that 8.8 terabytes will be heading to Africa where the first of up to 3,000 dishes across 9 African countries and eventually Australia are to be erected. They will connect with a telescope--"...a Square Kilometre Array (SKA)—at 1,800 miles wide the largest scientific structure on the planet with 50 times the detail of the Hubble Space Craft and the ability to gather 10.8 million square feet of radio waves." Germany and China have both had a hand in the design. The timeline for completion is expected to be "next generation" in the human, vice technical, sense.