Cyber Week in Review: April 21, 2017
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: April 21, 2017

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. Cyber operations and tensions on the Korean Peninsula. There were two stories this week that encapsulate how states try to use cyber operations to exert influence, and both involve the Korean Peninsula. First, North Korea's most recent missile failure led some to believe that the United States may have played a role given last month's New York Times article detailing a U.S. cyber campaign to sabotage the North's missile program. Jeffrey Lewis, a arms control expert, threw cold water on that idea, reminding everyone that rocket science is hard and that successfully sabotaging missile parts using cyber means is even harder. Second, FireEye asserts that there has been an increase in Chinese state-sponsored cyber activity targeting South Korean firms associated with the deployment of the U.S. anti-missile system known as Terminal High Altitude Area Defense (THAAD). Since February, Chinese patriotic hacker groups have targeted South Korean firms associated with THAAD, but the FireEye report is the first to claim that state actors, namely APT10, have also been involved.

2. No IP addresses for you! A proposal under consideration at the African Network Information Center (AFRINIC)--the group that allocates internet protocol (IP) addresses in Africa--recommends that AFRINIC deny issuance of new IP addresses for one year to any country on the continent that deliberately cuts off internet access to its population. The proposed ban, which is still in its early stages within the AFRINIC policy development process, is likely in response to the government of Cameroon's implementation of a 93-day internet blackout in certain regions of the country to quell protests. The proposal will be up for consideration at AFRINIC's next meeting in June in Kenya.

3. Nyet LinkedIn, Da Twitter. The Moscow Times reports that Twitter and Russia's internet regulator Roskomnadzor have reached a deal to allow Twitter more time to comply with Russia's data localization law. The law came into effect in September 2016 and requires tech companies that collect data about Russian citizens keep it on Russian servers. Google and Apple have complied with the law, whereas LinkedIn has not and therefore has been blocked in the country since December 2016. According to the Russian government, the strict data localization laws are designed to protect citizens’ personal information, but skeptics say it gives authoritarian governments easier access to their citizens' data. Under the reported deal, Twitter will have until mid 2018 to comply with the law.

4. We can't help unless you tell us what's wrong. The UK government released the results a survey of UK businesses and their approach to cybersecurity. The survey found that 46 percent of companies detected cybersecurity breaches within the last year, and that most breaches occurred as a result of a successful phishing attempt. Perhaps unsurprisingly, only a quarter of respondents said they had reported "their most disruptive breach" to an outside party, like a national computer security incident response team or law enforcement agency, though they generally reported it to a cybersecurity provider when they noticed a problem. Authorities in the United States and Europe have struggled to get firms to report cybersecurity incidents to them. In Europe, officials have sought to fix this by implementing a mandatory incident reporting scheme for critical infrastructure and digital service providers such as online marketplaces, search engines, and cloud computing services. In contrast, while the U.S. has notification laws for breaches that involve personally identifiable information, officials have taken a voluntary approach to other incidents by creating incentives, through liability protections, to encourage information sharing between government and the private sector.