At a glance.
- Russian intelligence services conduct intrusions into German infrastructure.
- US-led exclusion of Chinese vendors from 5G infrastructure gains traction.
- Japan considers new anti-cyber bullying laws.
- India releases Aarogya Setu source code.
- Privacy concerns persist about NHSX contact-tracing app.
- Incoming Data61 head advises companies to invest in research.
- US Army seeks "non-traditional" contractors for cyber training system.
Russian intelligence services conduct intrusions into German infrastructure.
CyberScoop reports that German intelligence services have circulated an advisory warning that the Russian government threat group Berserk Bear is actively working against German industrial operations in the energy and water sectors. Berserk Bear was last mentioned in dispatches during 2018, when the US Government warned that Russian actors had been engaged in some preliminary reconnaissance of US infrastructure. Tageschau identifies the German intelligence services as the Federal Intelligence Service (BND), the Federal Office for the Protection of the Constitution (BfV), and the Federal Office for Information Security (BSI). The warning doesn't directly name the Russian government, but it prominently links, as evidence, to US documents that do just that, so the intended attribution isn't seriously in question.
US-led exclusion of Chinese vendors from 5G infrastructure gains traction.
Policy toward Huawei has stiffened in a number of countries lately. A Washington Post summary of this development concludes that US warnings of the security risk posed by Chinese firms are finding an increasingly receptive audience among allied governments. Australia and New Zealand were in early agreement with the US position, and the UK seems to be approaching the same position.
Japan considers new anti-cyber bullying laws.
The apparent suicide of a young professional wrestler and reality TV star, Hana Kimura, has prompted Japanese officials to increase measures to combat cyber bullying, Kyondo News reports. Ms Kimura had been subjected to intensely negative attention online. Communications minister Sanae Takaichi said yesterday that the government intends by the end of the year to revise applicable laws "with a sense of speed" in order to simplify procedures that will enable authorities to identify people who make defamatory posts online.
India releases Aarogya Setu source code.
India's government has announced that it's making the source code of its Aarogya Setu contact-tracing app available for inspection and testing, a decision that Reuters says is generally being well-received by "digital rights activists" as likely to increase the system's security.
Privacy concerns persist about NHSX contact-tracing app.
Privacy concerns continue to surround the contact-tracing technology being trialed by Britain's NHSX. Fears that the app will outlive the pandemic and become permanent part of a national surveillance system are now familiar, and the "war rhetoric" that C4ISRNet sees surrounding national responses to the pandemic have probably helped provoke that sort of backlash in public opinion. ComputerWeekly reports that centralized data collection has also aroused worry that contact-tracing databases will themselves prove to be insecure, and that, if breached, they would provide cybercriminals with resources for identity theft and other crimes.
Incoming Data61 head advises companies to invest in research.
The Commonwealth Scientific and Industrial Research Organisation's Data61 unit, Australia's data science research institution, advises companies not to squeeze R&D budgets in the course of COVID-19 belt-tightening, the Financial Review reports. Jon Whittle, currently dean of the faculty of information technology at Monash University, will assume the directorship of Data61 in July. He urges companies to maintain their commitment to research; that innovation would pay off once the pandemic passes.
US Army seeks "non-traditional" contractors for cyber training system.
According to ExecutiveBiz, the US Army is looking for "non-traditional" contractors, businesses that haven't hitherto been part of the defense sector, to participate in building out its Persistent Cyber Training Environment (PCTE). The Service intends to use other transaction authorities, that is, non-traditional acquisition instruments, "to address PCTE assessment and traffic generation requirements through the Cyber Innovation Challenge."