Cyber Scene #42 - Cyber Surge

Cyber Scene #42 -

Cyber Surge

Regardless of what corner of the world you may be sheltering in, COVID-19 has touched you. "Ubiquitous" understates the reaches of a pandemic. But cyber is by your side, for better or worse, per the New York Times/Reuters as you are working at home. Your internet may slow down as much of the world's billions of residents are driven (figuratively, of course) to "face time" options--WhatsApp, Skype, Instagram and the like--in the absence of tactile human contact. Rather than a run on the bank for cash to stash under the mattress, touching bank notes is abhorrent to many of you and telebanking seems to work very well, thank you very much. Touching snail mail, like touching groceries, calls for caution. A sanitized keyboard does not.

Briefly, COVID-19 has, if anything, accelerated our reliance on cyber connectivity as most of the world locks down.

The pandemic generates reactions, such as the $2 trillion stimulus signed into law on 27 March. An analysis of the most salient tectonic changes is articulated by Anne-Marie Slaughter, CEO of "New America," former head of State Department's Policy Planning, and former professor at Princeton, Harvard and University of Chicago. She believes that America is capable of saving itself. She examines how governors and city leaders across the US are taking charge and how Facebook, Cisco, Amazon Google and Twitter were among the first to establish cyber work-at-home policies in early March. Education--from PhD programs to pre-K classes is all online now.

Ms. Slaughter goes on to say that COVID-19, "...with its economic and social fallout...is a time machine to the future." It has not only led to online education, imposing this move to the future on foot-draggers, but has also resulted in unimagined progress, as cited in her description of the founding by Governor Newsom (D-CA) in 2019 of a Future of Work Commission. The Commission has brought together, in early March 2020, 300 engineers, doctors, nurses, and designers to launch a Facebook-based Open Source Ventilator project.

Barron's Eric J. Savitz notes on 20 March that Big Tech is well positioned to support this future: the combined "in the black" profit of Alphabet, Amazon, Apple, Microsoft and Facebook is $380 billion. Their cyber lifelines are indeed saving lives…..and perhaps mental health as well via Facebook, YouTube, Netflix, etc.

In the world of cybersecurity, however, the flip side is dark. Since mid March 2020, life and death pandemic concerns have inadvertently given rise to a resurgence of cyber attacks. The earliest 2020 case reported by Reuters and published by the New York Times of a suspected Chinese hacking group "APT41" was believed to have started up in late January when the pandemic was just beginning to ramp up outside China. According to FireEye, Chinese hacking groups have reportedly been active in "one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years" in the last few weeks. Three additional companies--Cisco, Citrix, and Secureworks/Dell Technologies--also believe that this represents a new thrust, with Dell indicating a new digital attack infrastructure related to government contractors.

Over the 13-15 March weekend, the Wall Street Journal reported that US Health and Human Services (HHS) suffered an unidentified "cyber incident" that, a White House spokesperson noted, did not penetrate HHS networks nor remote work. US officials and cybersecurity experts expected cyber disruptions to increase during crises, with several hackers reportedly trying to "leverage the coronavirus to spread malware." This threat has been exacerbated by the increase in the US workforce working from home. Moreover, hospitals were noted as being a historically attractive target for ransomware attacks.

In the wake of the cyberattack on HHS, the New York Times/Associate Press reported that Attorney General (AG) William Barr threatened "swift and severe action if a foreign government is behind misinformation campaigns" related to the pandemic or denial of service at HHS. He also directed attorneys across the US to place any criminality connected to the pandemic at the top of their prosecution list. Some fraudulent pandemic activity has reportedly included fake cures, phishing (fake CDC and WHO notices) and malware inserted into virus tracking apps.

WHO Chief Information Security Officer Flavio Aggio stated that earlier in March, elite hackers attempted to break into WHO's systems by impersonating WHO users. He said attacks have more than doubled. According to a New York-based Blackstone Law Group cybersecurity expert Alexander Urbelis, the hackers were caught around 13 March mimicking the WHO's internal email system. Although Mr. Urbelis didn't know who the perpetrators were, two other sources suspected an advanced group of hackers known as DarkHotel, which has been involved since at least 2007 in cyber-espionage.

The Wall Street Journal's Dustin Volz first reported on 10 March that the bicameral-led Cyberspace Solarium Commission was about to release its report the following day after many months of work indicating that the US lacked key abilities to avert cyberattacks. Among other recommendations from the report in its entirety, Chairmen Senator Angus King (I-ME) and Congressman Mike Gallagher (R-WI) called for speed and agility, the addition of a Senate-confirmed National Cyber Director, the creation of an Assistant Secretary of State and a new Bureau of Cyberspace Security and Emerging Technologies at State Department as well as nearly 75 additional recommendations, some requiring Congressional approval and funding. The White House had had a National Security Council (NSC) cybersecurity coordinator position, but it was not a Senate confirmation post, and was eliminated by White House National Security Advisor John Bolton in May 2018 with a view to "streamlining the NSC."

At the time, cybersecurity experts and Members did not agree with NSA Bolton's decision. Ranking Member of the Senate Select Committee on Intelligence Mark Warner (D-VA) said he couldn't understand how cutting the top cyber official would make the country safer. The Senate and House apparently still agree on this. The White House's last incumbent, cyber expert Rob Joyce, who also held a senior Homeland Security position, remains active and spoke on 28 February 2020 at CyberTalks in Washington D.C. on disrupting and deterring foreign hacking with a view to the future as well as the present.

March 25, Reuters/New York Times reports that nearly 400 cybersecurity volunteers digitally gathered together across more than 40 countries to counter coronavirus-related hacking. The organization, christened the "COVID-19 CTI League"--CTI for Cyber Threat Intelligence--is run by three group coordinators from the UK, US, and Israel. Private sector companies like Microsoft and Amazon are in the mix. One of the initial managers, Marc Rogers, who is head of security for the established hacking conference DEFCON, said that their top priority is deterring pandemic hacks against medical facilities and frontline responders. Law enforcement, per Mr. Rogers, has been very collaborative. This might be linked to AG Barr's directive to prosecute vigorously.

Not to be outdone by the other two branches of government, SCOTUS has been attacking its brimming docket with an agreement to hear the appeal related to Oracle v Google litigation. While the Court continues its aggressive schedule during the pandemic, it has banned visitors in the courthouse and amended its methodology for discussions as well. However, "Tech's Trial of the Century," according to Fortune's March 2020 edition, may either "safeguard innovation" or "deal a deserved comeuppance to a lawless tech giant." In either event, no decision is expected prior to 27 March, and if SCOTUS upholds Google's case that software has thrived over the decades precisely because a "mother-may-I" approach to asking permission or paying "every time they use a high-tech equivalent of a nut or a bolt" has not been the practice. Either way, it is a big deal and SCOTUS agrees that the case is of sufficient import to hear.