Cyber Week in Review: April 8, 2022

State Department opens new Bureau of Cyberspace and Digital Policy

The State Department launched a new Bureau of Cyberspace and Digital Policy earlier this week. The opening of the bureau aligns with the Biden administration’s focus on cyber diplomacy, and coincides with growing concerns about Russian cyberattacks. It follows the White House’s warnings of heightened risks of Russian cyberattacks in U.S. critical infrastructure and other sectors. The bureau will focus on the distribution of cyber aid to foreign nations, international standard setting as a part of bodies such as the International Telecommunication Union, and the promotion of digital rights and freedoms. Looking forward, the bureau is set to address ransomware, cyberspace regulation, and alternatives to Chinese 5G technology.

Controversy over FBI social media surveillance

The FBI is investing in social media surveillance technology, spending as much as $27 million on a contract with software company Babel Street. The deal has raised concerns among both Democratic and Republican lawmakers over the risk of government surveillance and censorship. The FBI has defended the purchase, claiming the tool will only sift through publicly available information by running about 20,000 keyword searches per month. In November 2021, a similar controversy arose over a U.S. Treasury contract with Babel Street. The deal enabled the sanctions enforcement branch and the Internal Revenue Service to access location data and other information collected on smartphone apps without any due process restrictions. The U.S. Customs and Border Protection, Secret Service, and Immigration and Customs Enforcement have also purchased tools from Babel Street in the past.

Clearview AI branches out beyond government clients

Facial recognition company Clearview AI is expanding beyond its typical public sector clients to market its products to banks and other private sector businesses. CEO Hoan Ton-That revealed that the company has plans to compete with major technology companies such as Amazon and Microsoft to create customer identity verification tools using facial recognition technology. Clearview AI will make its advanced facial recognition algorithms available to private sector clients. However, the company said that its collection of twenty billion images used to match individuals with online profiles will be restricted to law enforcement use. Clearview AI has also recently expanded its services to military operations. The company made headlines after Ukraine started using its facial recognition technology to identify Russian soldiers during the conflict.

The United States and its partners disrupt Russian botnet

The Justice Department announced that it had collaborated with U.S. and U.K security agencies in disrupting a large global botnet created by the Russian threat actor Sandworm. The botnet, known as Cyclops Blink, has been active since at least June 2019, and had infected thousands of devices, but it likely has not been used in any attacks. The Justice Department secured court orders to disconnect many of the worldwide command and control servers used by Sandworm to direct the botnet, and the FBI removed the malware from infected devices, in some cases without approval from the owner of the device. The United States has disrupted Sandworm’s botnets before, including in 2018 when the FBI took down the VPNFilter botnet.

Microsoft claims it disrupted Russian military intelligence cyberattacks

Microsoft announced that it had applied for and received a court order to take down seven domains used by the Russian threat actor APT28, also known as Fancy Bear. The domains seized had previously been used to attack several Ukrainian, European Union (EU), and U.S. government agencies, along with a small number of foreign policy think tanks. Microsoft stated it believed the domains were being used as part of an attempt to establish long-term access to targeted systems and steal sensitive data. APT28 has been blamed for a number of high-profile hacks, but it is perhaps most famous for its role in interfering in the 2016 election.