At a glance.
- Facebook's approach to Section 230 reform.
- Deescalating cyber conflict.
- Nation-state cyber operations on the upswing.
- Holiday Bear and Hafnium distracted the US Government from information sharing?
How Facebook would reform Section 230.
SeekingAlpha summarizes Facebook CEO Zuckerberg’s prepared testimony for today’s House hearing on Section 230 reform. Zuckerberg will argue for conditionalizing unlawful content liability shields on “companies’ ability to meet best practices to combat the spread of this content.” Axios adds that the proposed “best practices” would be “defined by a third party,” and wouldn’t cover cybersecurity concerns like encryption. Zuckerberg also asked for more guidance on managing lawful but “harmful” content.
The hearing will cover platforms’ commercial interests in promoting false and fringe viewpoints. Axios noted that smaller firms would be hit hardest by 230 reforms.
Deescalating cyber conflict.
In a break from recent calls for muscular replies to Chinese and Russian mischief, Atlantic Council proposes a step back from defend forward, “unless the [Defense Department] can provide criteria that define success…and an estimated timeline for when the president can expect results,” and a step towards defensive security upgrades.
Cyber conflict, the piece argues, hasn’t yet escalated to kinetic conflict, but the odds are looking grim as incidents and capacities intensify. While defend forward could “someday spark a larger conflict,” the authors think security innovations like E2E encryption, automated patching, and cloud technology—which are cheap to use and expensive to circumvent—represent the future of cyber defense.
Former NSA Director says nation-state cyber offensives are trending up.
Former National Security Agency Director and CyberCom Commander Admiral (retired) Rogers told NetDiligence Cyber War Webinar Series attendees that APT cyberattacks are worsening again after the breather following 2017’s NotPetya debacle, according to CyberCube. Rogers also observed that the distinction between state and criminal activity is dwindling.
Holiday Bear and Hafnium hacks diverted attention from information sharing.
The Wall Street Journal reports Acting Cybersecurity and Infrastructure Security Agency (CISA) Director Wales’ comments that Hafnium and Holiday Bear sidetracked public-private intelligence-sharing efforts. CISA has been working to advance its ability to digest and disseminate actionable threat intelligence, and the hacks have heightened calls for better cross-sector communications.
With capacities redirected to remediation efforts, Wales said, “I don’t think we’ve figured it out just yet.” He did note that nearly all intelligence relating to recent incidents has been shared with the business community.