At a glance.
- European Court of Justice invalidates Privacy Shield.
- Congress considers establishing a US national cyber director.
- TikTok's charm offensive seeks to head off problems in Australia and the US.
- Britain accuses Russia of seeking to influence the UK's 2019 elections.
- UK, Canada, and the US accuse Russia's Fancy Bear of biomedical espionage.
- China begins to crack down on another religious minority in cyberspace.
EU court limits data sharing with the US.
The European Court of Justice today ruled that Privacy Shield, the US-EU agreement that had enabled relatively easy transatlantic data transfer, was inadequate to protect European citizens' privacy rights. The Court did leave in place "Commission Decision 2010/87 on standard contractual clauses for the transfer of personal data to processors established in third countries." The Wall Street Journal sees the initial effect of the ruling as introduction of substantial uncertainty over data storage and transfer.
US Commerce Secretary Wilbur Ross expressed his disappointment at the ruling, but also his hope that the EU and US will "be able to limit the negative consequences to the $7.1 trillion transatlantic economic relationship that is so vital to our respective citizens, companies, and governments." EU officials indicated a similar interest in facilitating useful data transfer.
Perceived advantages of a proposed US national cyber director.
Congressional supporters of the Cyberspace Solarium recommendation to create a single national cyber director see two gains from the post, Nextgov reports: better stewardship of cybersecurity budgets, and a place where different agencies' operations in cyberspace could be deconflicted. Less enthusiastic members of Congress don't necessarily oppose creation of the new post, but do wonder whether a single director would receive superseding authority over the existing White House CIO, CTO, CISO, and Office of Science and Technology adviser.
TikTok goes on charm offensive in Australia (and preps for one in the US).
As TikTok receives increasingly skeptical scrutiny in India and the Five Eyes, the company has undertaken a campaign to reassure lawmakers in Australia that it's safe, that it's not too close to the Chinese government, and that in short it represents no threat, the Wall Street Journal reports. (MP Stephen Jones posted the letter to his Twitter feed, expressing pleasure at the company's having "reached out," and then suitably decorating the text with snarky comment about dance moves, etc. Who knew that the Four Tops were so big in Canberra?)
In the US, TikTok has hired what the New York Times calls "an army of lobbyists" to help it forestall running afoul of impending hostile law and policy.
Russian influence operations and Britain's 2019 election.
The UK's Foreign Secretary informed Parliament today that Russian operators targeted the 2019 elections, seeking to influence voters through illicitly obtained "sensitive Government documents relating to the UK-US Free Trade Agreement." The campaign staged the material through Reddit. It was a leak-and-dump campaign, with amplification through multiple channels. UK officials did not see a comprehensive, intensive influence effort, but they did observe what they take to be nonetheless a clear attempt by Russian actors to shape voting.
Three of the Five Eyes report a Cozy Bear sighting.
Cozy Bear, that is, APT29, Fancy Bear’s quieter and more refined cousin, is back. Britain's National Cyber Security Centre (NCSC, a unit of the Government Communications Headquarters, GCHQ) warns in an alert that the unit of Russia's SVR foreign intelligence service has been actively targeting British COVID-19 vaccine developers. The goal appears to be theft of intellectual property and other information relevant to biomedical research conducted in response to the pandemic. The espionage campaign is using, the NCSC's report says, WellMess and WellMail malware.
NSCS isn’t alone in reaching these conclusions. Its formal report was jointly issued with Canada’s Communications Security Establishment and both the US National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA).
British Foreign Secretary Dominic Raab condemned the Russian activity. “It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic,” he said, adding, “While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health. The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account.”
Such condemnation is obligatory and to be expected, but no one really expects it to induce Russia's Organs to mend their ways. The Three Eyes who signed on to the report conclude with the assessment that “APT29 is likely to continue to target organisations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic.”
Chinese government spearphishing campaign spotted in Hong Kong.
Researcher “Arkbird” has exposed a Chinese government spearphishing operation designed to conduct DLL-sideloading attacks against devices used by members of the Roman Catholic Church in the Diocese of Hong Kong. The phishbait includes both Vatican communications, modified to carry malware, and reports from Catholic news services in Asia, also altered to deliver the security services’ payloads. The threat actor involved may be Mustang Panda.
ZDNet notes that the campaign is effectively a twofer, targeting both Hong Kong and a religious minority Beijing has long regarded as unreliable and undesirable. Over the last two decades Chinese anti-Catholic repression hasn’t reached the genocidal levels currently being suffered by the country’s Muslim Uyghur minority, but the cyber operation in Hong Kong may be an indication that it’s hardening.