TechLetters #171 Cyberwarfare against Ukraine, hypothesised against Iran, and propagandised against France and Poland. AI-enhanced propaganda. Quantum encryption and quantum storage.
Security
10 days to detect adversaries in networks. From M-trends report, dwell time down to 10 (median) days. Over 4000 active cyber threat groups.
Russian cyber group claimed that it infiltrated digital systems of a hydroelectric dam in France and water utilities in the United States and Poland. Claims to tamper with industrial control settings. That would be a dangerous escalation. Sabotage attempt? The apparent victims include multiple US water utilities, a Polish wastewater treatment plant, and a French hydroelectric plant. The actual disruption effects are overhyped. The aimed effect was propaganda. The ‘French hydroeletric dam’ turned out to be a village mill control system (no effects). In Poland, the effects were null also.
Russian cyber operators (Sandworm) cyberwarfare operation in Ukraine. Aiming at disrupting the functioning of systems of ~20 energy, water and heat supply industry enterprises in 10 regions of Ukraine. New tools in use.
Potential Israel’s retaliation on Iran via cyber is unlikely. And would have little sense. Unless for deescalation, of course.
AI-enhanced propaganda content more influential than fully AI-generated content. AI audio (deepfake) is more impactful than AI video. Impersonations of lesser-known people work better than impersonations of very well-known people such as world leaders.
Chinese CERT's report trying to refute the 'Volt Typhoon' accusations/attribution. With contributions of 360. "evidence of attribution is so insufficient that the actor has more correlation with ransomware group or other cybercriminals"? I skip other accusations of political nature.
NSA intends to have important U.S. systems using quantum-resistant cryptography by 2035. Unclear if/when powerful quantum computers may arrive. Quantum cryptography should not be used. "Do not use a hybrid solution".
Privacy
Google delaying the end of third-party cookies in its Chrome browser. Reason: regulatory scrutiny. "ongoing challenges related to reconciling divergent feedback from the industry, regulators and developers". This was likely, and expected. My analysis holds.
UK Competition and Markets Authority asked Google to delay the phaseout of third-party cookies to early 2025. The soonest. This new report considers also data protection! Finally! There will be a governance structure for Privacy Sandbox. Just as I argued in 2021.
Technology Policy
U.S. crackdown on developers of spyware systems. "impose visa restrictions on 13 individuals who have been involved in the development and sale of commercial spyware or who are immediate family members of those involved"
US app stores will be banned from carrying TikTok in 270 days unless its Chinese owner sells the video-sharing platform. After Congress passed the new law. So… just serve as Progressive Web Application version to bypass the ban?
Other
Demonstration of storage and transfer of quantum information. The first crucial step toward hybrid quantum light-matter interfaces for scalable quantum networks. "The photons emitted by the QD have an exponentially decaying temporal intensity profile with a 1/e decay time of 0.85 ± 0.01 ns."
In case you feel it's worth it to forward this content further:
Subscribed
If you’d like to share: