Cyber Scene #46 - Virus Central: Vulnerabilities of Many Colors
Cyber Scene #46 -
Virus Central: Vulnerabilities of Many Colors
The Big Tech industry retains as one of its most imposing "raisons d'être" the security of our cyber networks. Similarly, the World Health Organization (WHO), the U.S. Center for Disease Control (CDC), the U.K.'s National Health Service (NHS) and like institutions, and particularly their sovereign governments worldwide, strive to protect the physical security of their populations struggling with the pandemic. The era in which we live is indeed extraordinary, particularly because these two threads have converged in the era of COVID-19. This has occurred both globally at the highest foreign affairs level as well as at the very personal level for those concerned about cybersecurity privacy from Alexa or more nefarious intrusions in discussing your personal health issues in your telemedicine session with your physician.
This Cyber Scene will explore the latest developments and the vulnerable cybersecurity aspects that unite them. While the major players on the international stage are Asian, European and American, the fallout necessarily impacts the Third World, dependent on cyber connectivity, as well.
This readership is exceedingly conversant with the history of Huawei and 5G reaching across all oceans. The voices of political protest related to 5G/Chinese cybersecurity have become more strident in recent years. The U.S. administration has recently lashed out at China on the issue of cybersecurity as well as conflated this with the spread of COVID-19. The most recent outbursts have resulted in huge diplomatic movements on both sides. During the week of 19 July, this bilateral divide reached a new apogee: even as China and the U.S. maintain large trade, economic and Big Tech exchange and overlap, the U.S. closed China's consulate in Houston, Texas, and China retaliated by closing the U.S. consulate, opened in 1985 by then Vice-President H.W. Bush, in Chengdu. According to the New York Times (NYT) 24 July, this is clearly a "tit for tat."
This widening fissure is not simply a Sino-American issue. The Economist wrote in late May 2020 in "America is determined to sink Huawei" and the Wall Street Journal (WSJ) by 3 June confirmed in "Huawei Risk Tougher Line From Britain" the U.K.'s progressive cyber change of heart: "New U.S. restrictions imposed on China's Huawei Technologies Co. have prompted British officials to consider steering telecom carriers away from its gear…providing fresh momentum to Washington's anti-Huawei campaign." The Brits, the article continued, were leaning toward possibly dropping Huawei altogether. The U.S., for its part, reportedly threatened to cut off intelligence sharing with any country that subscribed to Huawei technology.
By mid-July, the U.S. and China both escalated. The Economist, following up on 16 July, noted that in Europe (non-UK Europe, per the Brits) there was still some hesitation on the part of U.K's neighbors to join forces in its official 14 July ban on mobile-network operators in Britain buying Huawei 5G equipment. This ban was also covered from the U.S. side by NYT 14 July cyber experts Adam Satariano, Stephen Castle and David E. Sanger who also connected the U.K.'s decision to political issues regarding Hong Kong. However, the NYT article, quoting a former British diplomat who worked on Britain's high tech issues with Silicon Valley, opined that "American sanctions left the U.K. with little choice. There was a bit of checkmate by the U.S." At the same time, they noted that on 14 July the U.S. National Security Advisor Robert O'Brien was in Paris meeting with his counterparts from France, Germany and Italy. Finland and Singapore have, per the Economist, opted for Ericsson (Swedish) and Nokia (Finnish) equipment.
The French cybersecurity agency has advised its tech operators to avoid Huawei in the future. France is separately working on its established offensive cybersecurity strategy. Germany has postponed its Huawei decision until the fall, but its decision is more complicated as Deutsche-Telecom relies on Huawei equipment. Moreover, they see fallout regarding the impact on their automotive industry. However, China has threatened, as reported by WSJ 20 July, to retaliate against Ericsson and Nokia if Europe follows in the footsteps of the U.S. and U.K.. Despite these actions, the U.K. ban does not include smartphones produced by Huawei, or 2G, 3G, and 4G systems in place. As a former U.S. Deputy Director of National Intelligence put it, this still leaves us all "living in a dirty network."
Japan, despite its reputation for "technophilia," per the Economist 18 July in "The other virus: Japan Inc's IT needs a security patch," is struggling with its cybersecurity patches for the now discontinued Windows 7. Microsoft had warned Japan of being "susceptible to cyber-attacks" and it was struck by one against Honda in June 2020. The article points to increased spikes in cyberattacks since the March explosion of COVID-19 and the fact that more companies are victims of cyber criminals. The article goes on to underscore what is largely held belief: that more individuals are teleworking on unsecured devices and networks.
This may seem mundane, but it can be quite personal as it was to U.S. presumptive Democratic presidential candidate Joe Biden and Tesla CEO Inventor Elon Musk whose Twitter accounts were breached on 14 July. The supply chain may also be at risk, the Economist article notes. Japan is particularly worried, as only 55% of its firms (all sizes) conducted cybersecurity risk assessments compared to 81% in the U.S. and 66% in Europe. By extension, even oximeters or masks or medications may be at risk as the world fights the pandemic.
Companies that have seen huge growth during the pandemic, like Zoom, are also vulnerable. The Economists' Schumpeter, on 20 June's "Can Zoom be trusted with users' secrets?," notes that despite the company's 19% increase in sales due largely to the pandemic, jumping from 10 million users in December 2019 to 300 million in April, Zoom has suffered from its "open exchange of ideas," having closed down the accounts of three critics of China's regime outside of China. This demonstrated how tech firms struggle between China and the U.S.
Western countries are now fighting viruses on two fronts. This is not exclusively a China-U.S. war. Russia has not missed the opportunity to play a perhaps more subtle role: it was accused in mid-July of targeting organizations working on the creation of COVID-19 vaccines in the U.S., U.K., and Canada. According to the 16 July NYT's Julian E. Barnes, the National Security Agency identified hacking associated with Russian SVR intelligence as coming from APT29 and Cozy Bear, responsible for the 2016 hacks into Democratic Party servers. Now they are attempting, as have reportedly China and Iran earlier, to breach health organizations including universities and companies working on vaccines.
The U.K. National Cyber Security Center Director of Operations, Paul Chichester, spoke for Britain: "We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic." The center's director, Ciaran Martin, said that the cyberattacks date back to February. Oxford University and AstraZeneca, a private pharmaceutical firm, were surprised at how similar their research and that of Russia had been. A former director of GCHQ opined that perhaps Russia simply didn't want to depend on the U.S. or U.K. for a vaccine as Russia has not disrupted the production development.
FBI Director Christopher Wray says that "Russia is not alone. A lot of people are in this game…the whole pandemic is absolutely riddled with spies." Another country specifically called out was China on 16 July, according the 17 July Associate Press's (AP) article in the Herald Tribune entitled "Russia is hacking virus vaccine, US, UK and Canada say." This article underscores that "Russian cyberattacks strike a particular nerve in the U.S. given the Kremlin's sophisticated campaign to influence the 2016 presidential election." But Moscow denies its involvement in the vaccine hack.
As noted above, the linkage between hacking vaccine research and elections is not a big leap when history points to a common source. Recent Twitter hacks as well as 2020 election issues seem personal to at least one person: presumptive presidential candidate Joe Biden. In a 20 July MSNBC interview he considers such intervention a violation of sovereignty issue.
He is also accompanied by lawmakers in an AP Herald Tribune article of 22 July following Mr. Biden's 20 July discussion: "I will not hesitate to respond as president to impose substantial and lasting costs" were any foreign power to interfere in U.S. elections. The article cites the MSNBC discussion but provides more background regarding both the White House and the House of Representatives on election intervention.
U.S. lawmakers and external cybersecurity and legal experts are crafting a prevent-defense plan to counter this imminent threat.
The National Defense Appropriations Act 2021, which is an omnibus bill to fund defense including cybersecurity and intelligence needs, was passed separately during the week of 19 July in the House and Senate as reported by the Pentagon. While the military itself focuses on issues impacting troops or the process of base-renaming, the mainstream press zeros in on the political side of changing base names and, per the 23 July Washington Post, the wide bi-partisan support in both the House and Senate for these bills which would withstand a White House veto.
Although the bills will have to be conjoined in a House-Senate conference into one bill for funding (allocation), the fact that the Senate has passed, 86 to 14, its own version similar to that of the House, 295-125, should ensure a completed joint version. This time, with $740B at stake, there is little light between the two components. More importantly, regarding cybersecurity, in an official Congressional synopsis of the focus addressed in the process, the issues of "…enhanced deterrence against Russia and COVID-19 funding, Pandemic Preparedness, and a Resilience National Security Fund" are highlighted. The last but certainly not least issue is "Strategic programs, cyber, and intelligence matters."
Furthermore, the U.S. Cyberspace Solarium Commission Report is moving forward, as a strategic plan feeding into congressional action. Four legal experts outside Congress who are serving as Chief Legal Counsel and three supporting counsels to the Commission offer a 20 July update in the Lawfareblog:
"To cope with the coronavirus crisis, Americans rely more than ever before on information and communications technology to stay connected, do our jobs, see our families and live fulfilling lives. But this shift has come with a significant increase in cybersecurity and data privacy risk."
We face a two-pronged viral attack-- physically and virtually. While the world struggles to move toward a healthy outcome, we continue to live in a dirty network. Cybersecurity serves as this universal connector.