Cyber Week in Review: September 20, 2019
Australia Concludes China Responsible for Cyberattack: Australia’s cyber intelligence agency determined that China was responsible for the February 2019 cyberattack on parliament and the country's three largest political parties. The sophisticated attack raised concerns of foreign election interference and gave the perpetrators access to policy papers on topics such as tax and foreign policy, and private email correspondence between lawmakers, their staff, and other citizens. In a report viewed by Reuters, Australia determined Chinese state-sponsored hackers were responsible for the attack in May, but kept the findings secret to avoid disrupting trade relations with Beijing. China denied the allegations.
North Korean Hacking Groups Sanctioned: The U.S. Treasury Department placed sanctions on three North Korean hacking groups allegedly run by North Korea’s primary intelligence bureau. The sanctions targeted the Lazarus Group, behind the WannaCry ransomware attack, and two associated units. U.S. officials say the hacking groups are a key source of revenue for Pyongyang, undermining the global sanctions program meant to coerce Kim Jong-un into giving up nuclear weapons. Last month, a group of experts concluded all reported operations by North Korean hacking groups brought in over $2 billion.
More on:
Facebook Heads to Washington: Facebook CEO Mark Zuckerberg was in Washington this week to share his vision for internet regulation and to try to quell lawmakers’ concerns over issues such as data privacy, election security, content regulation, and competition. Zuckerberg met with President Trump and six senators to discuss the role and responsibility of social media platforms in protecting democracy and what steps Congress should take to protect elections, consumer data, and competition in the industry. In a Senate Committee on Commerce, Science, and Transportation hearing this week, a Facebook representative explained the company has proposed a Supreme Court-style board that will rule on the acceptability of content on the site and will include members with "controversial views," attempting to address concerns regarding political biases in content moderation.
U.S. Blacklisting Still Hurting Huawei: The U.S. blacklisting continues to affect Huawei’s business and operations. This week Huawei was suspended from the Forum of Incident Response and Security Teams (“First”), a global trade group where members share information to identify, isolate, and protect against the spread of cyberattacks, due to the lack of clarity on whether the information shared could be considered a restricted technology export.
Huawei is still fighting the blacklisting, arguing that treating the company as an agent of the Chinese government is unconstitutional. Microsoft CEO Brad Smith also came out publicly in support of Huawei, and called on the U.S. government to end the blacklisting so Microsoft can supply Huawei with Windows software. Despite these efforts, the United States and Germany amplified their security concerns with 5G technology this week, with U.S. Defense Secretary Mark Esper warning NATO allies that use of Chinese 5G could jeopardize military interoperability and intelligence sharing, and German officials warning the European Commission of the threat of 5G attacks by nation-state actors.
Though Huawei is trying to get off the blacklist, it is still working towards self-reliance. The Financial Times reporting this week the company is spending $1.5 billion to recruit software engineers.
More on: