from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: August 5, 2016

Syria CFR Cyber Net politics
Syria CFR Cyber Net politics

August 5, 2016

Syria CFR Cyber Net politics
Syria CFR Cyber Net politics
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. A new group joins the Syrian Electronic Army, ISIS, and the Syrian government in targeting anti-Assad activists. Researchers at Citizen Lab released evidence this week that a yet another threat actor has been deploying malware targeting Syrian opposition groups. According to their report, the group is highly effective at “borrow[ing] opposition text and slogans” for spear phishing attacks and watering holes. However, the technical capability and operational security of the actor appears to be low, either because they simply lack more sophisticated capabilities or because the groups being targeted have very weak security (eliding the need for sophisticated attacks). While Citizen Lab does not implicate any particular group as being behind the attack, they “suspect the interests of a state are present” and report that “the operators seem comfortable with Iranian Persian dialect tools and Iranian hosting companies.” The Iranian government has been implicated in past attacks on Syrian opposition groups: in 2012, President Obama signed an executive order sanctioning individuals within the Iranian and Syrian governments for using cyber means to spy on the Syrian opposition.

2. Would you spend $135 million to buy a piece of internet real estate? The Internet Corporation for Assigned Names and Numbers (ICANN), the overseer of the internet’s domain names, announced that Nu Dot Co LLC bought the rights to manage the .web domain at auction for $135 million. The auction came about when seven companies petitioned ICANN to manage the .web domain as part of ICANN’s program to expand the amount of domain names available on the internet. The winning amount is roughly three times larger than the last record amount paid for a domain name when .shop was sold for $45 million. Rumor has it that Nu Dot Co LLC is actually owned by Verisign and bought the .web domain to prevent it from competing with the popular .com domain, which Verisign manages. The eye-popping sum is no doubt going to raise some eyebrows among internet governance watchers, who have long questioned the need of ICANN’s domain name expansion program and ICANN’s ability to manage expenses at a time when it is expected to take over the management of critical internet functions from the U.S. government.

3. Russia: all your encryption keys are belong to us. Early in July, Russian President Vladimir Putin ordered the country’s intelligence service, the FSB, to acquire encryption keys to decrypt all internet traffic. The order, with which the FSB had two weeks to comply, was a follow-up on a surveillance law Russia introduced earlier this year requiring internet companies and providers in the country to give the FSB the ability to decrypt electronic messages. Miraculously, the FSB claimed to have met Putin’s two week deadline to do so, announcing in a small notice posted online that they had obtained “information necessary for decoding the electronic messaging received, sent, delivered, and (or) processed by users of the ‘internet’ network.” Unsurprisingly, many are skeptical of this claim, as tech companies have been resistant to handing over encryption keys in the past, and there is no indication that they have done so in this case. Some in the United States have called for the federal government to have a similar ability to break encryption; perhaps cooperation between the Federal Bureau of Investigation and the FSB could help rebuild U.S.-Russia ties.

4. Nigerian-based cybercrime is more than a prince offering you millions for a small fee. Interpol announced that the ringleader of a global cybercrime network had been arrested in Nigeria. According to a press release, the ringleader known as "Mike" allegedly scammed $60 million, $15 million of which was conned from one target. Interpol alleges that Mike ran two scams. The first involved compromising business email accounts and instructing buyers to route payments to a bank Mike’s network controlled. The other was a CEO scam, where a senior executive’s email account is compromised which is then used to contact an employee in that organization to request a wire to an account controlled by the scammers. Mike is expected to stand trial in Nigeria where he faces charges of hacking, conspiracy and obtaining money under false pretenses.