Today at a glance.
- The other Four Eyes wait for the UK's decision on Huawei.
- Turkey enters the cyber espionage ring.
- A nominally independent news site is unmasked as part of an Iranian influence operation.
- New York State considers legislation barring use of public funds to pay extortionists conducting ransomware attacks.
Huawei enters its British endgame.
The US continues to try to persuade the British Government that Huawei ought not to be permitted into Britain’s 5G buildout, a warning that’s resonated with security hawks in the UK. The Guardian reports that US Secretary of State Pompeo has urged the British Cabinet to recognize Huawei as a threat to sovereignty. In this he quotes British Member of Parliament Tom Tugenhat, who recently said that “Sovereignty means control of data as much as land. We need to decide what we’re willing to invest in and who were willing to share our tech with. The real costs will come later if we get this wrong and allow Huawei to run 5G.” The US advice is being strongly seconded by Australia, as Axios reports.
Turkey’s debut as a cyber espionage power.
A regional power, but a power nonetheless. Reuters, relying on unidentified officials in the British and US governments, reports that a cyber espionage campaign against targets in Europe and the Middle East is in all likelihood the work of “hackers acting in the interests of the Turkish government.” The DNS-hijacking campaign targeted thirty organizations, including government agencies in Albania, Greece, Iraq, and Cyprus. There were also some non-governmental organizations among the targets, and some of these were domestic groups. The targets were, as Reuters puts it, of “geopolitical interest to Turkey.” Reuters’ sources concluded on circumstantial grounds of interest, opportunity, and operational technique, that “the activity bears the hallmarks of a state-backed cyber espionage operation conducted to advance Turkish interests.”
Disinformation, Tehran-style.
The American Herald Tribune, an online media outlet established in 2015 that represents itself as an independent news voice (and whose name recalls one of the storied newspapers in US history--the original Herald Tribune was formed from the merger of James Gordon Bennett Sr.’s Herald and Horace Greeley’s Tribune), is said, by CNN, to be part of an Iranian influence campaign. Facebook told CNN that they have discerned close connections between the American Herald Tribune and Iranian state media, and FireEye has long assessed “with moderate confidence” that the outlet is run from Tehran. They do publish in English, and they do hire Americans to write their content.
New York State may prohibit ransomware payments.
Two bills under consideration in Albany, Naked Security says, would bar the use of public funds for purposes of paying ransomware. This may be, right now at any rate, a harder sell than it would have been a couple of years ago, and the bills' supporters acknowledge that this may well be the case, but that in the long run making ransomware less profitable will tend to make it less common.