At a glance.
- Chinese government enables cybercrime.
- Unintended consequences for Beijing's cybersecurity policy.
- Vulnerability reporting in Canada.
- Ottawa's proposed content moderation policies.
A view from Australia on Chinese intelligence services’ new enabling of cybercrime.
Australian Signals Directorate (ASD) Director General Rachel Noble described Beijing’s behavior in the Microsoft Exchange hack as a “reckless” violation of norms, the Guardian reports. The CCP effectively “propped…open” 70 thousand Australian organizations’ cyber doors, she said, for “all sorts of criminals…to pour in.” Canberra expects more restraint from Government actors.
China’s cyber policy reaps unintended consequences?
The Wall Street Journal says Beijing’s regulatory clampdown on technology companies, motivated in part by data security and anti-trust concerns, “could backfire badly.” ZDNet notes that foreign-listed IT stocks have lost around $1 trillion in value, and Reuters outlines US Securities and Exchange Commission actions to protect domestic investors. The Wall Street Journal thinks China’s maneuvers might represent an intentional prioritization of “real technology” such as semiconductors, AI, and batteries.
A call for better vulnerability reporting partnerships in Canada.
The Conversation compares Canada’s public infrastructure vulnerability reporting processes and protections to those of other G20 states, and finds them wanting. White hats are encouraged to disclose only weaponized bugs, and the Canadian Centre for Cyber Security doesn’t guarantee attention to such disclosures. Otherwise, hacking is typically illegal under national laws. Absent a regulatory scheme for well-meant reports, cyber experts are left wondering how to alert Ottawa to security failings.
The US, by way of contrast, manages “a distinct and clear disclosure process” complete with rules of engagement, and “publicly disseminates” disclosed information, crediting the discoverers. The Conversation argues for best practice-informed, researcher-friendly policies to nurture closer ties with cybersecurity experts.
Pending Canadian content moderation legislation.
Ottawa is considering new regulations for unlawful content on online platforms, according to the Toronto Star. Backed by fines of up to $25 million or more, the bill covers “Online Communication Service Providers” like Twitter and TikTok and five distinct categories of criminal content. A “Digital Safety Commissioner” would enact the legislation with the help of a “Digital Recourse Council” where users could file appeals. The law would also give intelligence and law enforcement personnel additional authorities. Critics are raising free speech, jurisdictional, logistical, and “lawful but awful” concerns.