- Blog Post
- Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.
Russian Hackers Compromise IoT Devices: According to a report from Microsoft, earlier this year a Russian state-backed hacking group, known as APT28 or Fancy Bear, compromised popular IoT devices to access corporate networks. The group leveraged weak security in office printers, video decoders, and voice over IP (VOIP) phones. Microsoft did not disclose the affected devices or customers. This attack highlights the security threats associated with the popular adoption of insecure internet-connected devices, opening new avenues for cyberattacks.
8chan Goes Offline Following El Paso Tragedy: Online messaging board 8chan was forced offline earlier this week after it was revealed the perpetrator responsible for the mass shooting in El Paso, Texas posted a racist “manifesto” to the site prior to the tragedy. This marks the third recent tragedy where the shooter posted to 8chan, a safe-haven for anonymous hate speech and incitement of hate crimes under the banner of free speech. Following the revelations, internet infrastructure company Cloudfare stopped providing support for the website, and the site was forced offline. However this decision was not straightforward. Cloufare’s CEO publicly expressed concern about the role of private companies can play in censorship, and there is a growing call for reform, or modification, of Section 230 of the Communications Decency Act of 1996, which allows for companies to remove speech that violates content moderation rules without becoming liable for everything posted by users. Unfortunately, some of the proposed legislation appears to misunderstand what Section 230 actually says.
Korea has Stolen Over $2 Billion From Cyberattacks: A confidential U.N. report claimed that North Korea has stolen over $2 billion from banks and cryptocurrency exchanges in widespread and increasingly sophisticated cyberattacks. Attacks on cryptocurrency exchanges enabled North Korea to steal and launder money in ways “harder to trace and subject to less government oversight and regulation,” according to the report. The cyber actors primarily operated under the direction of the Reconnaissance General Bureau, North Korea’s top military intelligence agency, and the money generated was used to fund the DPRK's weapons of mass destruction program. The U.N. experts are investigating at least 35 reported attacks in 17 countries.
Cyber Espionage Group Steals Files From Venezuelan Military: For the past few months, a group known as “Machete” has siphoned off hordes of sensitive files from the Venezuelan military. The group infiltrated the military’s networks using highly-targeted spearphising emails that used previously-stolen documents and military jargon specific to Venezuela’s military to get users to click on malware. From there, the hackers stole specialized files types used by geographic information systems (GIS) software to gain information on the military’s navigation routes and positioning. It is unclear who is behind the group or where it operates from, though cybersecurity firms have said it is possible the group was hired to launch attacks on behalf of a third-party.
China's UNISOC Accelerates 5G Chip Launch: China’s second-largest mobile chip developer is accelerating its timetable to launch chips for 5G mobile handsets, aiming for 2020, to catch up with global competitors Qualcomm and MediaTek. This move comes as the company aims to end its reliance on U.S. tech companies after its partnership with Intel lapsed earlier this year. Unisoc also hopes to tap demand from other Chinese tech companies reviewing their supplying chains and looking to end their dependence on U.S. suppliers amid continued U.S.-China tech tensions.