Our Take

Online platforms should conduct takedowns in a clear and consistent manner, rather than in response to intermittent public pressure, Fellow for Emerging Technologies Lindsay Gorman told the Washington Post.

To close tempting entry points for illicit actors, including foreign governments attempting to interfere in the American political process, the United States should raise money laundering enforcement and compliance across the financial system, said Senior Fellow on Illicit Finance Joshua Kirschenbaum in American Interest.

Modern forms of weaponized information require new best practices within media organizations, Non-resident Fellow Heidi Tworek argued at a GMF discussion on the future of social media regulation. Tworek lays out recommendations for responsible reporting practices in this ASD policy brief.

News and Commentary

Suspected Iranian hackers infiltrate critical infrastructure in Bahrain: Hackers with links to Iran infiltrated Bahrain’s critical infrastructure and government computers, including its National Security Agency, Ministry of Interior, first Deputy Prime Minister’s office, and a major aluminum firm. Following reports of the hack, the U.S. Department of Homeland Security warned private industry that Tehran could launch similarly destructive hacking attempts against U.S. critical infrastructure if tensions further escalated. ASD Director Laura Rosenberger has argued for stronger deterrent measures to raise the costs of these types of cyberattacks. (The Wall Street Journal, ASD)

State-sponsored Chinese hackers hit global corporations with cyber-espionage: Chinese government-backed hackers, known for conducting international cyber-espionage, are committing commercial crimes for personal profit, according to a new report from cybersecurity firm FireEye. This activity underscores a growing danger that state-backed actors will use sophisticated espionage tactics and malware for individual financial gain, targeting a wide range of industries. Non-resident Fellow Clint Watts has described how similar persistent and well-resourced actors are emerging in the information warfare space, and how the range of actors willing and capable to execute cyber-enabled information operations will only grow. (Reuters, ASD)

Fancy Bear Russian hacking group is targeting IoT devices: Microsoft’s Threat Intelligence Center found that Russian state-sponsored hacking group Fancy Bear is using internet of things (IoT) devices to gain access to corporate networks. More than half of the attacks have targeted organizations within the government, IT, military, defense and engineering sectors, as well as think tanks and other politically affiliated organizations around the world. Fellow for Emerging Technologies Lindsay Gorman has described the systemic risks associated with the increasing use of IoT devices. (Microsoft Blog, Fifth Domain)

In other news

  • U.S. Ambassador to Russia Jon Huntsman resigned after serving two years in Moscow.
  • President Trump announced that Joseph Maguire will be acting Director of National Intelligence, following the resignation of deputy director Sue Gordon.
  • Experts found that multiple voting systems in key battleground states were left connected to the internet for months.
  • Dozens of Texas counties continue to use paperless voting machines, despite election security advocates’ concerns of their vulnerability to hacking.
  • North Korean cyberattacks targeting banks and cryptocurrency exchanges have generated roughly $2 billion for the state’s nuclear weapons programs, according to a UN report.
  • China warned India not to block Huawei technologies or it may impose “reverse sanctions” on Indian firms operating in its country.
  • Experts warn of the persistent thread of bots spreading disinformation online ahead of the 2020 election.
  • The Department of Defense is looking to build tools that can more quickly detect deepfakes and other manipulated media.

Quote of the Week

“Ultimately when I look at 2020, the top priority for me is engaging as far and wide as possible, touching as many stakeholders as possible, and making sure we have auditability in the system…The federal government has a role here, too. That’s the conversation that’s happening and has to happen with greater speed and greater aggressiveness.”

-Christopher Krebs, Director of DHS Cybersecurity and Infrastructure Security Agency, said at a DEFCON cyber conference, August 9, 2019

The views expressed in GMF publications and commentary are the views of the author alone.