Cyber Week in Review: November 8, 2024

CISA says no evidence of malicious activity around U.S. presidential election

Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), on November 6 that American “election infrastructure has never been more secure and the election community never better prepared to deliver safe, secure, free, and fair elections for the American people.” Perhaps the most notable threat to voting was a series of bomb threats that were sent to polling stations in several key swing states, which American officials said originated from Russian domains. Election officials had been broadly concerned about the potential threat of cyberattacks, misinformation campaigns, and political violence around the election. The fear of violence was considered especially acute in the event of a close election. For months, right-wing influencers and politicians, including Donald Trump himself, had claimed that the election would be rigged, and election denialism had reached a fever pitch in recent weeks when a Super PAC created by Elon Musk launched a 50,000 member group devoted to election denial. With Trump tweeting on election day about “massive cheating” in Pennsylvania, the tide of election denial claims dropped dramatically as it became more clear that Trump would win. An analysis of social media posts on the social media platform X showed that the number of posts mentioning Pennsylvania voting machines, a major focus point for election deniers, declined from six hundred per minute to near zero over the course of Election Day.

Singapore and the UK sign AI safety agreement

The United Kingdom and Singapore signed an agreement on November 6 to collaborate on AI safety. The agreement will support increased cooperation between each country’s AI safety institute by facilitating information sharing, collaboration on research, and AI testing efforts. Singapore’s government has been a leader on operationalizing different AI safety tools, rolling out one of the first sandbox environments for testing generative AI tools in February and creating an AI Safety Institute for the country in May 2024. In a statement released after the agreement was signed, Singapore’s Minister for Digital Development and Information, Josephine Teo said, “through strengthening the capabilities of our AISIs, we seek to enhance AI safety, so that our peoples and businesses can confidently harness AI.” The UK has also been a major player in the expansion of AI safety efforts over the past two years, with the country hosting the first AI Safety Summit in November 2023. Meanwhile, the UK has helped coordinate follow up meetings between respective AI safety institutes, including the inaugural convening of the International Network of AI Safety Institutes in San Francisco this month, which will bring together institutes from eleven countries for meetings on priority AI safety issues. Both the Singaporean and UK governments stated that the bilateral agreement was part of a larger strategy for cooperation.

Meta extends ban on political ads past election day

On Monday, Meta extended its ban on new political ads until further into the election week, later clarifying that the ban would end on the night of Thursday, November 7. The company had initially applied the restriction between Tuesday, October 29 and Tuesday, November 5, U.S. Election Day. Meta announced the policy in September, an extension of a policy it rolled out ahead of the 2020 presidential election that banned social issue, electoral, and political ads during the final week of the election. Meta and its founder, Mark Zuckerberg, have largely tried to eschew politics in the lead up to the 2024 election. Meta announced in February that it would stop proactively recommending political content for users on its Instagram and Threads platforms. While Meta has committed itself to reducing political content on the platform, experts have previously said that defining what actually constitutes political content or advertising, and enforcing policies against such content, remains a challenging task even for the largest and wealthiest companies.

China establishes new space cooperative group

On Wednesday, China established the China Space Information and Satellite Internet Innovation Alliance in Xiong’an, a Chinese government “city of the future.” The alliance is intended to expand linkages between state-owned enterprises, telecommunications operators, universities, researchers, and private firms in the aerospace industry. The Chinese government has launched several such efforts to increase collaboration within its space industry over the last ten years. Its latest initiative follows recent efforts to strengthen the domestic satellite internet industry in China and position the country as a competitor to U.S. government agencies and companies like SpaceX. China has also positioned its space industry within its larger efforts to fuse its system of government with technological systems. Domestically, the Cyberspace Administration of China requires satellite internet users in the country to route traffic through domestic Chinese internet infrastructure, prohibiting the use of foreign commercial satellite internet services. The initiative is a part of a larger ambition for China, as the government has recently called for efforts to establish a research station on the Moon and launch a two meter optical telescope; the plans are part of a twenty five year roadmap released last month to make China “a world power in space science” by 2050.

Sophos report details Chinese cyber ecosystem

Sophos, a cybersecurity software vendor, published a summary of a five-year-long cyber operation it participated in against China-based cyber attackers from 2018 to 2023. The report outlines Sophos’ observations of Chinese activity on various networks over the past five years, gleaned from “hacking-back” at the Chinese groups. In April 2020, the company rolled out a change to several devices it knew were being used as test grounds by Chinese threat actors. The change contained a kernel-level implant that gave Sophos remote file and log collection on the attackers’ systems; the implant allowed Sophos to preemptively gather malware samples before they were deployed in the wild and track the hackers’ communications. Sophos used this access, combined with its broader cybersecurity research, to trace the hacking campaign back to Chengdu, a city in China. Sophos found that academic and freelance cybersecurity researchers in Chengdu have passed exploits to Chinese military and intelligence agencies.

Maya Schmidt is the intern for the Digital and Cyberspace Policy Program.