At a glance.
- World Economic Forum gives ISPs principles for cybercrime prevention.
- Mixed results in US efforts to exclude Huawei from allies' 5G networks.
- India drafts cybersecurity regulation for power utilities.
- Washington State experiments with voting by mobile device.
The World Economic Forum issues guidance on cybercrime prevention.
The WEF's document, "Cybercrime Prevention Principles for Internet Service Providers," isn't a binding government policy, but it can be expected to have an influence. The WEF says that a large number of ISPs, organizations, and associations have signed on to the new principles. So far the signatories include:
- Deutsche Telekom,
- Du Telecom,
- the Global Cyber Alliance,
- the Internet Society,
- Korea Telecom,
- Saudi Telcom,
- Telstra, and
- the ITU.
The US continues to warn of the risk posed by Huawei.
France 24 posts an interview with Robert Strayer, US Deputy Assistant Secretary of State for Cyber and International Communications and Information Policy, in which Secretary Strayer warns of the threat of massive, ongoing Chinese theft of intellectual property. The proximate concern, of course, is participation by Huawei in Western 5G infrastructure build-out.
US allies have responded to US concerns in a decidedly mixed way. The UK, for example, appears ready to give Huawei a role in its 5G infrastructure, but hopes, according to Computing, to restrict that role to the infrastructure's non-critical periphery.
Cybersecurity regulations for India's electrical grid proposed.
India is preparing regulations that would require electrical utility operators to install a range of cybersecurity measures--best practices, nothing elaborate or strikingly innovative, Bloomberg reports. A draft revision of the Central Electricity Regulatory Commission's grid regulations added a cybersecurity chapter.
The study and the proposed regulations appear motivated by the September 2019 incident where hackers, probably North Korean operators, breached business systems at the Kudankulam nuclear plant. The breach was detected on September 4th, and was minimized by the industry and its regulators until the Nuclear Power Corporation of India finally acknowledged the attack in a terse October 30th press release. Ars Technica reported that the malware used in September's attack was Dtrack, a strain associated with financial attacks by North Korea's Lazarus Group.
King County, Washington, invites the GRU to count its ballots.
The latest episode in the traditional American range war between convenience, laziness, and novelty on the one hand, and security, diligence, and responsibility on the other, is currently being waged in the Seattle area, which the Wall Street Journal writes is experimenting with voting by mobile phone. So far, then, advantage slacker. So, OK Boomer, we can hear them saying, who are you to say deciding on that school bond issue should be any different from slanging that pizza delivery guy on Yelp. Whatever. Stay filthy, webfooters.