Cyber Week in Review: March 6, 2020
from Digital and Cyberspace Policy Program and Net Politics

Cyber Week in Review: March 6, 2020

DOJ indicts two Chinese nationals for helping launder proceeds of North Korean cryptocurrency hack; Controversial bill on liability for child abuse content to be introduced; Cybersecurity firm claims CIA has hacked Chinese industry for eleven years; No new foreign interference attempts on Super Tuesday, national security officials say; and Taiwan accuses China of spreading misinformation on coronavirus.
A sign advertising the Qihoo 360 Technology Co Ltd is hung with the U.S. and Chinese flags outside of the New York Stock Exchange before the company's Initial Public Offering (IPO).
A sign advertising the Qihoo 360 Technology Co Ltd is hung with the U.S. and Chinese flags outside of the New York Stock Exchange before the company's Initial Public Offering (IPO). REUTERS/Lucas Jackson

DOJ Indicts Two Chinese Nationals for Helping Launder Proceeds of North Korean Cryptocurrency Hack

On Tuesday, the U.S. Departments of Justice and the Treasury charged and sanctioned, respectively, two Chinese nationals for helping the Lazarus Group—a threat actor believed to be associated with North Korean intelligence— launder $100 million in stolen cryptocurrency through the global financial system. To cover their tracks, Tian Yinyin and Li Jiadong are alleged to have made 2,500 separate deposits into nine Chinese banks. U.S. investigators used commercial blockchain analysis to follow the stolen funds and eventually uncovered a bulk transfer from North Korea that had been inadequately masked. This is the first time that the U.S. government has formally sanctioned Chinese nationals with assisting North Korean hacking targeted at cryptocurrencies, which North Korea seems to have identified as a useful way to evade U.S. sanctions. According to the United Nations, around 7 percent of North Korean GDP comes from stealing cryptocurrency.

More on:

Cybersecurity

COVID-19

China

Controversial Bill on Liability for Child Abuse Content to Be Introduced

This week, Senators Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) prepared to introduce the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act. The stated goal of the bill will be to force technology companies to take stronger action to remove child sexual exploitation material from their platforms. To enforce its provisions, EARN IT will strip non-compliant companies of their liability protection under section 230 of the Communications Decency Act, which protects online platforms against a range of laws that might otherwise be used to hold them legally responsible for what others say and do. The bill has garnered significant opposition from some politicians, business leaders, and digital rights advocacy organizations, who claim it will undermine free speech, allow lawmakers to weaken encryption, and won’t accomplish its stated goals. Senator Ron Wyden (D-OR) released a statement on Thursday calling the act a “Trojan horse to give Attorney General Barr and Donald Trump the power to control online speech and require government access to every aspect of Americans’ lives.”

Cybersecurity Firm Claims CIA Has Hacked Chinese Industry for Eleven Years

On Monday, Chinese cybersecurity firm Qihoo 360 released a report allegedly revealing Central Intelligence Agency (CIA) cyber espionage of Chinese targets in the aviation, science, petroleum, and government sectors, among others. Though relatively light on technical details, the report states that Qihoo was able to attribute the activity to the CIA using the 2017 Vault 7 leak of CIA hacking tools. Joshua Schulte, a former CIA employee, is currently on trial for the leak. The report comes at a time of increasingly public attribution of cyber espionage by the United States; Qihoo’s decision to release the publication now could be related to the recent U.S. indictment of four Chinese hackers over the Equifax breach. Chinese state media accused the United States of “astonishing hypocrisy” in accusing China of cyberattacks while performing its own. CFR’s Cyber Operations Tracker provides ample public evidence that both nations have used cyber espionage against other countries.

No New Foreign Interference Attempts on Super Tuesday, National Security Officials Say

More on:

Cybersecurity

COVID-19

China

A group of officials from across the U.S. government who monitored potential foreign interference in Super Tuesday voting announced that while many countries continue to spread election-focused disinformation on social media, there were no specific attempts to disrupt the voting process this week. However, a number of polling places did experience long lines and technical issues, which experts warn could depress voter confidence in election security. Some officials saw Tuesday, the most important day in the primary process thus far, as a dry run for government coordination efforts against foreign interference in the general election in November.

Taiwan Accuses China of Spreading Misinformation on Coronavirus

Amid the worsening coronavirus epidemic, the government of Taiwan on Saturday accused China of seeding fake reports about the virus in an attempt to sow discontent. The reports include false claims that the Taiwanese government is covering up the true number of cases on the island, that President Tsai has become infected, and that members of the ruling Democratic Progressive Party (DPP) have received priority for face masks, which are in short supply. Taiwanese officials complain that the dissemination of fake news by China causes Taiwanese people to distrust official government news releases about the virus, which could harm efforts to control its spread.

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail