TechLetters #72: Cyberwarfare and information warfare in context of Ukraine war. US disrupting GRU cyber ops. Cybersecurity of ABRAMS tanks. "Practical" methods of fingerprinting internet users.
Security
Russian cyberattacks target media and social media accounts. To e.g. to plant information about (false) alleged "surrender of Ukraine". Cyber-enabled information warfare. Classic warfare ruse tactic, in a new tech edition. Could be a war crime IF it lead to perfidious killings. Likely identical attack groups target(ed) other European countries, just not in war mode.
US law enforcement disrupted a global botnet controlled by Russian military intelligence. "Removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control". Affidavit/warrant.
US Army works on cybersecurity improvement of ABRAMS tank. "U.S. Army’s Ground Vehicle Systems Center announced a successful demonstration of a new system designed to defend ground vehicles against cyber attacks" (disclosure). Whatever that means, of course.
AUKUS (US+UK+Australia) will work on quantum technologies, hypersonics weapons (and defence), as well as cyber capabilities. Details?
Information warfare operations in context of Russian war on Ukraine. Special accounts were tasked with disseminating fake propaganda that allegedly (fake!) Poland mistreated migrants. Some big Western media also ended up sharing the narrative, by the way.
Alleged Chinese cyber operations targeting Indian power grid. "enable information gathering surrounding critical infrastructure systems or is pre-positioning for future activity". Here, information gathering would be espionage, but pre-positioning is more tricky to classify.
Privacy
Privacy-invasive fingerprinting spotted in wild against Apple’s iOS/iPhone. Data is collected and server-side system is assigning a fingerprint. This is something new. Failure if enforcing GDPR/ePrivacy? This research also asks a question of competitive advantage of big platform owners like Apple. Competition analysis of technologies and standards is an emerging issue. Similarly, privacy-competition analysis.
European Court of Justice on data retention. 'Precludes the general and indiscriminate retention of traffic and location data relating to electronic communications for the purposes of combating serious crime'. Details here.
Technology Policy
Russian army is confiscating phones in Ukraine. Communication is critical to truth about armed conflict. Evidence must be preserved. But phone and internet access is not the only problem. Its possession or use may be dangerous. Russian army threatens to kill anybody harboring communication infrastructure. ““They told us that if they found out we were hiding a phone, they would shoot me without asking any questions,” … said over and over that she was afraid no one would believe her and the other villagers”.
European Union 'develops strategic reserves for chemical, biological and radio-nuclear emergencies'. No comment, it’s 2022.
European Union's sanctions on Russia cover also crypto-assets. So cryptocurrencies, NFTs, etc., it would seem? Because it is unclear even in this disclosure. "Crypto-assets should not be used to circumvent any EU sanctions."
Other
In case you feel it's worth it to forward this content further:
If you’d like to share: