| Welcome to The Cybersecurity 202! RIP to actor William Hurt. My favorite of his roles was in the 1981 neo-noir film "Body Heat." Aaron's a big fan of "Broadcast News" from 1987. Below: A notorious Russian troll farm may be responsible for a pro-Putin disinformation campaign, and the NSA is investigating whether the Kremlin is behind a satellite Internet outage during the Ukraine invasion. | The digital iron curtain spells cyber vulnerabilities for the Russian people |  Russian office workers watch an annual live call-in show with Russian President Vladimir Putin. (Musa Sadulayev/AP) | | | Russia is growing increasingly isolated from the global Internet in ways that spell trouble for its citizens' cybersecurity. A slew of Western tech and cybersecurity companies have stopped selling in Russia since it invaded Ukraine. That could make it far easier to hack Russian citizens — and far tougher for them to maintain privacy online. | - It will also leave Russian citizens and companies reliant mostly on Russian tech and cyber companies, such as the anti-virus provider Kaspersky, which U.S. intelligence officials say can't be trusted.
| | The effects could be felt far outside of Russia. The moves come in the context of efforts by China and other repressive governments to limit the role of Western tech firms. They could speed up the transition to a fractured Internet where online security and privacy is the sole province of democracies. Russia is also making moves to suppress free expression online, kicking out and clamping down on a slew of Western Web companies. Researchers have dubbed the effort a "digital iron curtain" — a play on a term commonly used to describe Beijing's immense Web censorship apparatus, "the Great Firewall of China." | | One major concern is the departure of DigiCert, the world's largest provider of Web certificates that verify people are visiting the site they intend to rather than an imitation site built by hackers. | - Without those certificates, it would be far easier for cybercriminals to redirect people to phony versions of websites for banks and other companies. Then they could steal any personal information victims share with those sites or trick them into downloading malicious software. Here's more on the threat from Forbes's Thomas Brewster.
- Most Web browsers also block sites with expired versions of the certificates, which could shut down a large number of Russian sites.
- In response, Russia has launched a program to create its own version of the certificates. While that could help protect against hacking by cybercriminals, it could make Russian citizens even more vulnerable to hacking and snooping by the Kremlin.
| | Ukraine has been pushing to further isolate Russia online. The Internet governance body ICANN previously declined a request from Ukrainian officials to suspend the main Russian Internet domain, .ru, which would have made Russian websites unreachable outside the country. A coalition of Internet freedom and civil society groups, including the Wikimedia Foundation and Access Now, has urged doing everything possible to maintain Internet access in Russia and Belarus. Busting through the digital iron curtain: A website designed by Polish programmers aims to break through the Russian censorship efforts, the Wall Street Journal's Bojan Pancevski reports. The site allows people around the world to send a message to a random Russian recipient from among roughly 20 million cellphone numbers and close to 140 million email addresses obtained by the programmers. Users can draft their own message or send a prewritten one in Russian that urges the recipient to bypass Russian President Vladimir Putin's media censorship. The conflict has also divided ethical hackers. Such hackers, known as "white hats," frequently collaborate across borders to root out hackable vulnerabilities before cybercriminals can find and exploit them. That work is often done in exchange for cash payouts known as "bug bounties." As a result of Western sanctions, however, companies that organize such hacking have had to cut ties with ethical hackers that reside in Russia and its ally Belarus, which has joined the conflict on Russia's side. | | Here's more from ethical hacker Dmitrity Shagov, a Russian citizen who previously did work for the bug bounty firm Synack. |  | | | | | Synack CEO Jay Kaplan confirmed to me that the company had disabled accounts for hackers who reside in Russia and Belarus. The restrictions do not apply to Russian and Belarusian citizens living elsewhere, he said, and the company paid out everything that was owed to the hackers before suspending them, he said. | | "Like many U.S. technology and cybersecurity companies, we have valuable team members around the world, including in Ukraine and Russia. … We're doing everything we can to support our Ukrainian team members and their families," he said. | | Another top bug bounty company, HackerOne, is withholding payments to hackers in Russia and Belarus until it becomes legal to pay them again, per the company's CEO, Mårten Mickos: |  | | | | | Mickos earlier tweeted the company was rerouting awards to hackers residing in Russia and Belarus to UNICEF, but later said that was happening only at the hackers' request. |  | | | | | |  | The keys | | NSA is investigating whether Russia hacked a U.S. satellite Internet operator in Ukraine |  The NSA is investigating along with Ukrainian intelligence and a French cybersecurity agency. (Patrick Semansky/AP) | | | The hack affected availability of Viasat's broadband Internet services in Europe as Russia was invading Ukraine last month, Reuters's James Pearson, Raphael Satter, Christopher Bing and Joel Schectman report. Viasat works as a defense contractor for the U.S. and Ukrainian military, though it said its government clients who contract directly with the firm weren't affected. Context: If Russia did hack the Internet operator, it would mark one of the most significant cyberattacks in the conflict, which has been otherwise comparatively light on hacking. "The consequences are still being investigated but satellite modems belonging to tens of thousands of customers in Europe were knocked offline," Pearson, Satter, Bing and Schechtman write. "The hackers disabled modems that communicate with Viasat Inc's KA-SAT satellite, which supplies Internet access to some customers in Europe, including Ukraine. More than two weeks later, some remain offline, resellers told Reuters." French cybersecurity agency ANSSI and Ukrainian intelligence officials are investigating the cyberattack along with the NSA. Cybersecurity firm Mandiant is investigating it for Viasat. | An infamous Russian troll farm could be behind pro-Putin propaganda campaign |  The U.S. government has indicted Russians working for the IRA, and the IRA itself has been sanctioned. (Andrey Rudakov/Bloomberg News) | | | A pro-Putin network of accounts on Twitter, TikTok and Instagram share "behavior, content and coordination" with the Internet Research Agency (IRA) troll farm, ProPublica's Craig Silverman and Jeff Kao write. U.S. officials have charged Russians working at the IRA for interfering in the 2016 election and sanctioned the company. "These accounts express every indicator that we have to suggest they originate with the Internet Research Agency," said Clemson University professor Darren Linvill, who has studied the IRA. "And if they aren't the IRA, that's worse, because I don't know who's doing it." Social media companies and the U.S. government haven't yet attributed the campaign to the IRA. The campaign was most visible on TikTok, where around a dozen accounts got 250 million views and over 8 million likes after parroting Russian talking points. The accounts began posting almost exclusively about Ukraine last month. Social media companies are nevertheless kicking many of the accounts offline. | - TikTok has removed all of the active accounts.
- Twitter removed nearly all of the accounts.
- Facebook parent Meta removed just one account for violating its spam policy. It said the other accounts hadn't broken its rules.
| Ukraine's military gets access to facial recognition technology, executives say |  Ukraine's military could use the technology to try to identify Russian saboteurs. (Valentyn Ogirenko/Reuters) | | | Ukraine's Defense Ministry began using facial recognition firm Clearview AI's database of billions of facial images Saturday, Reuters's Paresh Dave and Jeffrey Dastin report. Company executives said other Ukrainian government agencies are expected to use the technology soon. The company says its database has more than 2 billion images from Russian social media site VKontakte, potentially allowing Ukrainian officials to quickly identify dead troops and Russian saboteurs. However, it's not clear how exactly they're using the technology. Critics say the technology could harm civilians. It's known to sometimes misidentify people and could lead to people being falsely accused of being Russian spies, for example. | - They've claimed Clearview AI runs roughshod over privacy. The company takes images from social media sites without the consent of the sites or subjects of the photos. Facebook parent Meta and other sites have demanded that the company remove their images from its database. Clearview says the data collection is protected by the First Amendment.
| | |  | Hill happenings | | CISA got a budget windfall in spending bill |  The funding bill gives CISA more money than last year. (Kevin Dietsch/Getty Images) | | | The bill has already cleared Congress and is on the way to President Biden's desk for his signature. In addition to requirements for companies in critical sectors to report hacks to CISA, the bill gives the agency "a $568 million increase above last year's funding level that surpasses the amount requested by the president," the Hill's Rebecca Beitsch reports. Here's more on the funding from Beitsch: | - An extra $119.5 million increase for threat hunting
- A $64.1 million increase for vulnerability management
- CISA's Integrated Operations Division, which provides services to state and local governments, will get a $17.1 million increase to aid in its regional support
| | CISA Director Jen Easterly also highlighted funding for the Joint Cyber Defense Collaborative, CISA's public-private collaboration program: | | |  | Industry report | | | SocialProof Security chief executive Rachel Tobac hacked former DreamWorks Animation chief executive Jeffrey Katzenberg (with his consent) in this slick video developed for a South by Southwest conference panel. The hacking demo was organized by the online identity protection company Aura. Aura CEO Hari Ravichandran also appeared with Tobac and Katzenberg on the panel. Katzenberg is an Aura investor. Watch the hack here: | | |  | National security watch | | | |  | Global cyberspace | | | |  | Cyber insecurity | | | |  | Daybook | | - Senate Intelligence Committee Chairman Mark R. Warner (D-Va.) and Chris Painter, the Obama administration's top cyber diplomat, discuss cybersecurity and Russia's invasion of Ukraine at an event hosted by the Center for Strategic and International Studies on Monday at 11 a.m.
- Cyberspace Solarium Commission executive director Mark Montgomery speaks at an American Enterprise Institute event on gray-zone warfare that begins on Wednesday at 9:30 a.m.
- The Atlantic Council hosts an event on China's role in setting technology standards on Wednesday at noon.
- The Senate Banking Committee holds a hearing on the use of cryptocurrencies in illicit finance on Thursday at 10 a.m.
- National Institute of Standards and Technology acting director James K. Olthoff testifies at a House Science Committee hearing on technical standards on Thursday at 10 a.m.
| | |  | Secure log off | | | Thanks for reading. See you tomorrow. | | |
No comments:
Post a Comment