TechLetters #15 - Should countries speak out about cyberwarfare capabilities? Hacked France, hacking NK, global digital ID
and unstable world
Welcome to the 15th letter
Éditorial
Do we need more transparency in regards to cyberwarfare capabilities that States are constructing? That largely depends on whether we would like to keep a stable international system. While States are still negotiating the common understanding of the application of international law (i.e. “the rules”) to cyberspace, this ultimately boils down to how much they are willing to say in the public. While today most States do not have any real military offensive cyber capabilities some definitely do, and in this case it matters a lot.
Security
Hacked in France. Malware campaign in France reached a number of targets. Among others, Airbus, Orange, the French Ministry of Justice.
NK hacking operation. USA accuses North Korean cyber operators for engaging in oney theft "more than $1.3 billion in cash and cryptocurrency from banks and businesses around the world". AppleJeus malware - few tools for Windows and macOS. "Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks". The victim list is "impressive" and includes many previously-suspected cyberattacks. Watering hole technique often used (for example, to hack banks).
Estonian report. Estonian intelligence report describes Russian cyberattacks and the 54777 GRU unit responsible for psychological operations. Described are the amplification of some news, the use of bots, fake news sites, and holding conferences. The report mentions the implantation of fake narratives on hacked sites like this (cyber enabled information operation?) in 2020
Apple security. Platform security guide is a very lengthy document. Apple announced that they use a privacy-preserving, cryptographic technique of private set intersection. The use is to see whether the used passwords did not leak anywhere, in privacy-preserving manner - compare user's passwords with the known leaks. Link.
Python vulnerability. “Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input”. This is a problem because many web applications run on Python and may accept untrusted input.
Privacy
Digital ID. The UK continues works on the creation of a digital ID for citizens. Some advertising technologies work on similar schemes. Excerpt from the examples section:
“Carmen needs to travel to Ghana for work. She must prove that she’s had a yellow fever vaccination before she can enter the country.
Carmen will get an International Certificate of Vaccination or Prophylaxis (ICVP) that confirms she’s had the vaccination. Whoever gave Carmen the vaccine can add the information from this certificate as attributes to Carmen’s personal data store app (sometimes known as a ‘digital wallet’).”
DNS privacy. The DNS lookup provider Quad9 published privacy policy. Why is that relevant? Probably the first time someone formally subscribed to the standard policy template.
Technology Policy
Other
What pre-Wold War I events teach us about security. Interesting writeup drawing to the similarities between the current times and the early 1900s times, leading to World War I. “overreliance on satellite and communications technology presents a similar temptation for military planners: the alluring appeal of the first strike, of a sudden and overwhelming surprise attack. Consider, for example, the confusion that would result from an unexpected strike that disabled the early warning military satellites used to detect the launch of nuclear missiles … Unlike previous paradigms of warfare, the absolute emphasis on protecting the secrecy of cyber operations makes it extraordinarily difficult for competing states to develop confidence-building measures or safeguards to protect against inadvertent escalation”. And cyberattacks are ideal of “inadvertent escalations”.
The year of Linux on Mars. The Mars Perseverance rover brought a helicopter to fly a few missions in the Mars atmosphere. It runs Linux operating system, and the source code for the flying module is here.
AU news traffic down. Facebook's recently prohibited the posting of links to Australian news sites (due to local regulations, as they say). The traffic to those news sites decreased by 13% (avg). This "lost traffic" did not reappear from other sites/platforms (users do not post the links elsewhere, at all). But perhaps that's an acceptable loss?
That’s it this time, thanks!
In case you feel it's worth it to forward this letter further, I leave this thingy below: