At a glance.
- Indian intelligence services list fifty-two apps they say are dangerously close to China's government.
- China is developing a national DNA database.
- Greece and Israel undertake to promote cybersecurity cooperation.
- US Justice Department seeks clarification of Section 230.
- Redacted WikiLeaks Task Force report published.
Indian intelligence services warn against apps linked to China.
Border skirmishes with China have moved India's government to higher states of alert, both kinetic and cyber, the Economic Times reports. The Hindustan Times outlines one aspect of that alert: publication of the National Security Council Secretariat's list of fifty-two apps it finds too close to the Chinese government for comfort. Some of the apps are well-known and widely used: Zoom and TikTok, to name two, are both on the list. India’s intelligence services would ideally like to see the fifty-two suspect apps blocked.
China is developing a national DNA database.
It's said to be under development in the service of criminal investigations, but a New York Times article draws attention to the database's utility in pervasive surveillance. Beijing is starting with the country's male population, which amounts to some seven-hundred-million, give or take a few baker's dozen.
Greece and Israel sign cyber cooperation agreement.
Senior Greek and Israeli officials this week signed a joint statement on cooperation in cyberspace. The two governments intend to "promote cooperation" in the following areas:
- "Engage in a mutual operational dialogue.
- "Joint projects for enhancing national cyber platforms (i.e. CERT/SOC).
- "Cooperate on workforce training initiatives.
- "Increasing cyber resilience, by sharing government cybersecurity know-how, best practices, legal and regulatory frameworks, methodologies and strategic insights."
US Department of Justice soon to announce plans for revision of online platforms' immunities?
The Wall Street Journal reports that the US Department of Justice will soon announce a proposed limitation of the immunities online platforms currently enjoy under Section 230 of the Communications Decency Act of 1996. The recommendations are expected to include a requirement that the platforms develop and consistently enforce clear guidelines concerning the content they host, which would end the current practice of platforms' ability to remove content the platforms deem "objectionable." Justice would seek, the Journal writes, to "give some teeth to an existing 'good faith' standard that platforms are supposed to use in their content-moderation decisions."
Redacted WikiLeaks Task Force report published.
The Washington Post has shared the full (albeit understandably redacted) text of the CIA's WikiLeaks Task Force report. With respect to Langley's mission systems, at least, the report bluntly states, "CIA has moved too slowly to put in place the safeguards that we knew were necessary given successive breaches to other US Government agencies." It adds later, "We have been slow—due to resource choices and cultural resistance—to extend state-of-the-art audit and user activity monitoring technology to mission systems not connected to the main enterprise network." And it assesses that WikiLeaks should be assumed to have everything the affected CIA unit kept in Stash or Confluence.
Chris Roberts, Hacker in Residence at Semperis, offered some perspective on the whole Vault 7 incident:
"Let's start with the caveat that NOTHING is infallible— nothing will protect you, the only things you can do is to reduce the risks, reduce the exposure, AND monitor/manage the heck out of what's left. Saying that, there are some basic things AND some basic attack vectors that we all know understand and recognize in our industry, and when those basics are not followed, or red tape gets in the way of sensible decisions, that's when mistakes happen, and adversaries or bad actors/internal threats can take advantage of a situation. So, if authentication and Active Directory were well monitored, managed, and controlled, you'd certainly slow down someone trying to get to the data. You put correct access controls, oversight, and reporting on that sensitive data. You've got another layer for someone to deliberately break through (and you NOT to notice the alerts) and then exfiltration you can only walk out with something IF someone lets you. So, working to close those holes down too, again, all basic, but if you're not focusing on them you can pretty much drive the dump truck up to the datacenter and walk off with everything."