Menu Close

Cyber Monitoring #2 (November 2021)

US and EU joined the Paris Call: Three years after its launch, the United States and the European Union announced plans to join the Paris Call for Trust and Security in Cyberspace. Established in November 2018 and supported by 80 international states and more than 700 private enterprises, the Paris Call is an international agreement based around nine common principles—from protecting the internet to defending the electoral process—to secure cyberspace. 

New investments for critical infrastructures’ cybersecurity in the US: President Joe Biden formally signed a massive infrastructure bill that includes $2 billion in new investments in cybersecurity. Local   state governments will now be able to apply for large grants to better secure their critical infrastructure. The bill also includes new rules regarding cryptocurrency transactions in the hopes of slowing down bad actors who use virtual currencies to conduct criminal operations.

Disinformation in Kenya: A disinformation campaign is dampening online outrage about Kenyan President Kenyatta’s alleged corruption detailed in the Pandora Papers, with cheapfakes and astroturfing used to promote pro-Kenyatta narratives and drown out criticism. According to researchers from Mozilla, this illustrates the continued growth of Kenya’s sophisticated disinformation-for-hire industry and Twitter’s inability to counter disinformation in non-Western contexts.

A spyware hidden inside lifestyle apps: A new Android malware infected nearly 1,000 devices, gaining the ability to record their screen and audio in real-time. The campaign dubbed “PhoneSpy”targeted South Korean users through a series of corrupt applications that nestle in compromised devices and quietly exfiltrate data while taking control of the device’s microphone and camera. The apps disguises themselves as a variety of legitimate applications, including apps to learn yoga, stream television or view and upload their pictures.

Secretive Chinese committee on tech: In a readout of their meeting published two weeks ago, China’s Politburo provided for the first time details on the work of a secretive body whose purpose is to focus on what China called the “main economic battlefield” of technology. The committee was established around the time that the U.S. leveled sanctions against Chinese telecoms giant ZTE. Self-sufficiency in core technologies has been a watchword in Beijing ever since.

New joint report released by France and Germany: The French and German Cybersecurity National agencies (ANSSI & BSI) published their 4th joint report on the state of cyber threats. This 2021 edition particularly focuses on ransomware. The report draws up an inventory of ransomware groups and of the attacks they may have carried out, including the REvil group which attacked Kaseya, Avaddon, Netwalker or even Egregor. The report also mentions the need for increased bilateral cooperation between the two agencies ie. in the exchange of information between the CERT-Fr and the CERT-Bund). 

Israel restricts its cyberweapons export: The Israeli government restricted the list of countries to which local security firms are allowed to sell surveillance and offensive hacking tools by almost two-thirds, cutting the official cyber export list from 102 to 37 entries. The new list only includes countries with proven democracies, such as those from Europe and the Five Eyes coalition. Spyware developed by Israeli companies like Candiru and the NSO Group has been linked in recent years to human rights abuses in tens of countries, with the tools being used by the local governments to spy on reporters, activists, dissidents, and political rivals. The list’s update comes just after Israeli and French officials held a secret meeting to discuss allegations that spyware made by the NSO Group might have been used against French president Macron. The update also came around the same time that the US sanctioned four surveillance vendors, including Israel’s Candiru and NSO Group.

US sanctions quantum computing entities: The US Department of Commerce has sanctioned 28 organizations from China, Russia, Pakistan, Japan, and Singapore for helping advance and distribute quantum computing technologies to military and nuclear weapons programs. Quantum computers are considered an evolutional step above supercomputers, using quantum states instead of electrical signals to run mathematical computations millions of times faster than even the world’s most advanced supercomputers. The role of the sanctions list is to forbid US organizations, such as suppliers and customers, from establishing any business connections with the 28 organizations in the hopes of stymying the flow of know-how, financing, and raw materials needed for those companies to continue operating at full capacity.