Securing Democracy Dispatch

The United States needs a different deterrent strategy to counter the increasing number of ransomware attacks facing the country, Cybersecurity Fellow Maurice Turner said on CBS News.

Since the Biden administration launched the Wuhan lab leak investigation, China’s state-backed messengers have worked diligently to focus suspicion on Fort Detrick, Maryland instead, Media and Digital Disinformation Fellow Bret Schafer writes in Foreign Policy.

Follow us on Twitter for more quick takes @SecureDemocracy.

Last week, Russian state media and diplomats extensively covered the U.S. withdrawal from Afghanistan, with narratives emphasizing the failure of the U.S. mission and accusing the United States of not learning from history. Some examples suggested that the United States cannot be considered a reliable ally, while others noted Russia’s stated readiness to step in on regional security. Though coverage of the assassination of Haitian President Jovenel Moïse primarily consisted of updates on emerging information, some Russian officials expressed particular concern about the U.S. citizenship of some of those detained in connection with the attack. As usual, Russian diplomats and state media also continued to tout and defend the Sputnik V coronavirus vaccine. Finally, Russian state media weighed in on the row between the EU and Hungary over the country’s anti-LGBTQ law, claiming that the dispute “underpins why European integration will never work.”

For the second consecutive week, Chinese state media and government officials celebrated the Chinese Communist Party’s (CCP) centennial. Aside from this and the usual commentary about Xinjiang and the coronavirus, the World Political Parties Summit, which is a platform for the party to engage in party-to-party diplomacy across the world, dominated Chinese outputs last week. President Xi Jinping used his keynote address to highlight the CCP’s desire to set the tone for global governance and promote its values on the world stage. Chinese officials also took veiled swipes at the United States, contrasting the United States’ supposed “my country first” mentality with China’s vision for a “global community with a shared future.” China also continued its vaccine diplomacy, once again highlighting deliveries of Chinese-produced vaccines to developing countries, while largely ignoring concerns over the efficacy of those vaccines.

Last week, Iranian press and government accounts mocked the ongoing U.S. withdrawal from Afghanistan, calling the mission a failure based on “twenty years of lies.” In its coverage, Press TV published an op-ed from a frequent contributor to Russian state media who called the West’s legacy in Afghanistan “sordid and cruel.” Other posts tried to frame Iran as a responsible actor and regional peacemaker, while Foreign Minister Zarif told an Afghan delegation gathered in Tehran that included Taliban representatives to “seize the day.” Coverage of the Taliban, however, was mixed in Iranian media. In other news, Press TV and IRNA provided substantial coverage of the discovery of mass graves at Canadian residential schools that once housed indigenous children. Stories also circulated of traitors arrested for sabotaging Iranian power plants as scorching heat led to rolling blackouts across Iran last week.

Read the full report here.

European Commission to establish anti-money laundering authority: The European Commission will soon propose a new Anti-Money Laundering Authority (AMLA) that will be tasked with fighting money laundering and enforcing transparency regulations for cryptocurrency, according to documents reviewed by Reuters. The rules would be binding on all EU member states, thus closing doors for illicit fund transfers that currently exist under the patchwork of national laws. The new agency would be established in 2024 and begin operating in 2026, according to the draft proposal. The EU in recent years has struggled to cope with malign finance and has been rocked by scandals, like the one in 2018 which revealed that Danske Bank had moved €200 billion of dirty money over several years. Non-Resident Fellow Josh Kirschenbaum and Nicolas Véron first proposed the creation of an EU anti-money laundering regime in 2018.

Biden pressures Putin to take action against ransomware groups, floats U.S. responses: In a call on July 9, U.S. President Joe Biden once again pushed Russian President Vladimir Putin to crack down on criminal ransomware gangs after an attack by the Russian-based REvil hacking group on a U.S. software company impacted up to 2,000 customers last week. In the call, Biden told Putin that the United States would move against the ransomware threat if the Russian government continued to do nothing. Details about prospective U.S. actions are scarce, but Biden indicated that he was willing to attack and shut down ransomware groups’ servers, and senior administration officials said the U.S. response would likely be “a mix of clandestine and public” actions. On Tuesday morning, REvil’s sites suddenly went offline, though at the time of writing no explanation has been given for the sites’ disappearance. ASD Cybersecurity Fellow Maurice Turner told CBS News on Friday that the United States needs a new approach to combating ransomware attacks, as current deterrence efforts have proven ineffective.

In case you missed it

● Russian intelligence-linked hacking group Cozy Bear reportedly breached one of the Republican National Committee’s IT contractors, though the committee said none of its data had been accessed.

● Chinese state-backed media campaigns are increasingly using a network of foreigners to “fight back” against foreign media reporting on issues like human rights abuses in Xinjiang.

● The Senate unanimously confirmed Jen Easterly as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

● Former President Donald Trump filed lawsuits against Facebook, Twitter, and Youtube over political censorship, but experts say that their weak legal basis likely indicates that the goal is to rally popular support and fundraising.

● U.K. Prime Minister Boris Johnson said that the government would review a Chinese-owned firm’s acquisition of the United Kingdom’s largest silicon wafer manufacturer.

● Democrats from the Texas State House fled to Washington D.C. to prevent the passage of bills introduced by Republican state lawmakers that would limit voting access.

● Security researchers warned the software company Kaseya of its cybersecurity vulnerabilities several months prior to the ransomware attack it suffered earlier this month.

● The U.S. Department of Commerce added 34 entities to its economic blacklist, including 14 Chinese firms associated with human rights abuses in Xinjiang.

The Man Behind China’s Aggressive New Voice, The New York Times Magazine. Comments from Media and Digital Disinformation Fellow Bret Schafer

Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say, The Wall Street Journal. Comments from Cybersecurity Fellow Maurice Turner

Solving the Russia Riddle, War on the Rocks’ Net Assessment. Co-hosted by Co-Director Zack Cooper

如何应对中国对美企的恶意影响？脱钩或是唯一选项 (How to deal with China’s malicious influence on US companies?), VOA Chinese. Comments from China Analyst Bryce Barros

“I made it very clear to [President Putin] that the United States expects when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect him to act, and we give him enough information to act on who that is.”

• President Biden said to reporters on Friday, July 9 after his call with Russian President Vladimir Putin.

The views expressed in GMF publications and commentary are the views of the author alone.