At a glance.
- An assessment of the effectiveness of the US response to the Holiday Bear campaign.
- Social media executives "close to" the algorithms set to testify before the US Senate.
- Interpol commits to working against stalkerware.
- The Government of India wants social media platforms to take down posts critical of COVID-19 response.
- Comment on the US Justice Department's anti-ransomware task force.
Neuberger is realistic about the prospects of effective cyber deterrence.
The Washington Post says over sixty percent of the roughly one hundred cyber specialists it surveyed think President Biden’s Holiday Bear response is sufficient, variously calling it “not escalatory” and “proportionate.” Former cyber official Chris Painter remarked, “It’s doubtful that anything will deter pure espionage, but it's appropriate for the United States to demonstrate its displeasure and to reset expectations.”
Some worry that the norm behind the response is unclear, in light of extensive US engagement in cyberespionage, while others argue that stronger measures are needed to change President Putin’s cost-benefit calculus. Deputy National Security Advisor for Cyber Neuberger falls into this camp, according to CNN. What the sanctions alone won’t accomplish, she explained, additional dialogue over time and cybersecurity renovations might. So far Moscow hasn’t altered course.
Several of the experts surveyed agreed that the US needs to focus on revamping its cyber policies and defenses, implementing zero-trust architecture, for example, and bolstering operational security. Neuberger described the Federal cybersecurity shortcomings uncovered in the wake of the SolarWinds hack as an “unpleasant” revelation.
The Biden Administration isn’t finished with Moscow, and we may not know the full extent of the response to Cozy Bear, given its promised “unseen” dimensions. An executive order covering public-private cyber cooperation is also expected in the next few weeks, and the Justice Department is still looking into Russian tech companies.
Social media executives (but not the ones you’re thinking of) head back to the Hill.
SeekingAlpha reports that Twitter, YouTube, and Facebook executives are preparing to participate in a Senate Judiciary hearing on the platforms’ algorithms, titled “How Social Media Platforms’ Design Choices Shape Our Discourse and Our Minds.” The CEOs are off the hook this time, in an effort to avoid another “grievance session”: officials nearer to the problem will testify (“executives closer to policymaking on the issue”). As members of Congress learn more about algorithms’ alleged role in leading users astray, they may decide that additional Federal Trade Commission oversight is necessary.
Interpol to work against stalkerware.
Albawaba has the scoop on the International Criminal Police Organization’s embrace of an anti-stalkerware agenda. Interpol will begin investigating incidents involving abusive covert device surveillance, and promoting Coalition Against Stalkerware trainings. Since Covid-19 hit the streets, domestic violence has been on the rise. Kaspersky reported 54 thousand instances of mobile stalkerware in 2020, with the worst rates occurring in Moscow, Brasilia, and Washington.
India orders the removal of fault-finding Covid posts.
New Delhi has instructed Facebook, Instagram, and Twitter to censor social media content taking the Government to task for the worsening Covid crisis, the New York Times reports. Administrators justified the move on the grounds that the posts “spread fake or misleading information,” used “out of the context images,” and could provoke “panic.” Under threat of local employee arrest, the social media giants have obeyed for the time being.
India’s current government has faced criticism for “stifling dissent,” having jailed journalists, restricted internet access, and policed social posts. The Times notes that India is just “one front” in the messy global reckoning between states and tech giants. Facebook, for example, has repudiated violence in Myanmar, but continues business as usual with Uighur genocide-denying CCP media. In the US, politicians also push to blue-pencil content in the name of both accuracy and peacekeeping.
Comment on the US Justice Department's decision to open an anti-ransomware task force.
The Wall Street Journal's report last week that the US Justice Department is establishing a task force dedicated to the investigation and prosecution of ransomware operators continues to draw comment from security and legal experts. We heard from Behnam Dayanim, who heads the Data Privacy and Cybersecurity practice of law firm Paul Hastings, who sees the task force's establishment as an opportunity for future victims of ransomware to achieve clarity about their options:
“Greater clarity from government on the permissibility of and parameters, if any, for paying ransomware attackers could be very helpful. At present, companies often face an extremely difficult choice of paying and risking potential legal exposure or not paying and suffering the consequences. That is no place for a victim to be, and, if the task force is able to help in that equation, its work will be valuable.”