At a glance.
- Russia cracks down on Google, Twitter, Facebook, and TikTok.
- President Biden's EO on cyber reaches its first milestone.
- Cyber conflict and international law.
- Observations from Hack the Capitol.
Russia’s crackdown on Big Tech.
The New York Times has an account of Russia’s clampdown on tech giants like Google, Facebook, Twitter, and TikTok. Mirroring recent moves in India, Myanmar, Turkey, and Belarus, Moscow is requiring platforms to remove ‘illegal’ material and preserve content favorable to the Government, or face service interruptions and fines of up to ten percent of annual revenue. “All of these policies will have the effect of creating a fractured internet, where people have different access to different content,” commented Electronic Frontier Foundation Director Jillian York.
The Kremlin’s crackdown has intensified since January’s pro-Navalny protests. Just this week, the country’s internet controller fined Google roughly $80 thousand, ordered the company to block thousands of additional items, and warned Twitter and Facebook that they have until July to relocate domestic user data in-country.
US Executive Order reaches its first milestone.
The first deadline from the Biden Administration’s cyber Executive Order passed this Wednesday, as FCW reports. The Department of Homeland Security was to deliver recommendations on logging best practices to the Office of Management and Budget, which will in turn consult with the Justice Department, Pentagon, and Director of National Intelligence en route to making the guidelines public.
Some estimates place the cost of updating logging standards in the “millions upon millions of dollars,” but it’s possible funding could be scraped together from current areas of waste. While industry onlookers note that guidelines won’t immediately effect change, cybersecurity experts say standardized logging procedures are critical to prevention, detection, and forensics efforts. Practices currently vary widely across the Federal Government.
Observations on cyberwar, geopolitics, and international law.
An opinion in the Tennessean outlines the steps for analyzing cyberattacks under international laws of armed conflict. The following questions must be addressed:
- Did a state power direct, support, or enable the attack?
- If so, did the attack cause something in the realm of injury, damage, or disruption meeting the definition of use or threat of force and producing a right of self-defense?
- If so, what response makes sense from a political and tactical standpoint?
The author concludes that the Colonial Pipeline attack met the criteria for use of force, given its economic and security impact, but determining the degree to which we should hold foreign powers responsible for providing safe haven is a question for another day.
Turning to the Mid-East, ODA Loop argues that Washington’s tepid support of Israel and interest in wooing Tehran has emboldened Iranian threat actor Agrius to ramp up its cyber assaults on Jerusalem. The author concludes that Governments should recognize “the non-cyber factors” that “preempt cyber strikes.”
A Defense News opinion cautions against the “habit of overreacting” to cyber incidents. Overreactions and “tit-for-tat games” can give away too much about tolerance levels and capabilities, revealing techniques, upskilling enemies, and deflating strategic uncertainty and the element of surprise.
Observations from Hack the Capitol.
With much going on in US cyber policy this week, it's worth taking a look at how some in both Government and the private sector view the threat and regulatory landscape. Here's what we heard during the panel sessions of Hack the Capitol.