Cyber Week in Review: February 5, 2021

SolarWinds Software Breached Again in Separate Chinese Hack

On Tuesday, Reuters reported an additional breach of SolarWinds software—this time by suspected Chinese hackers. According to two anonymous government insiders, the U.S. Department of Agriculture’s (USDA) National Finance Center (NFC), which handles payroll for over 600,000 federal employees and 160 agencies including the FBI and Department of Homeland Security, was among the impacted organizations. In a statement to CRN, SolarWinds claimed that this intrusion is separate from the one attributed to Russian hackers that could have affected roughly 18,000 of their customers. Moreover, according to four individuals familiar with both attacks, different exploits were used by the threat actors involved. An email sent by a USDA spokesperson said that all victims had been notified. However, in a conflicting follow-up statement, a different USDA spokesperson claimed that the NFC was not breached. While the full scale and depth of the Chinese operation remains unknown, it likely adds to the already enormous headache of investigating and remedying the Russian intrusion reported last December.

Internet Temporarily Disabled in Myanmar After Military Coup

Internet connectivity across Myanmar dropped shortly after Aung San Suu Kyi and other members of Myanmar’s ruling government were detained in a military-led coup. According to digital advocacy group NetBlocks, real-time network data revealed that internet connectivity across the country fell to 75 percent of normal levels around 3:00 AM local time on Monday. At 8:00 AM, connectivity dropped to just 50 percent before rising back up to 75 percent by midday. In a tweet, NetBlocks claims that their analysis “indicates [a] centrally issued telecoms blackout order,” which progressed in intensity throughout the day. The outage varied by region, with the second largest administrative division Magway reporting no internet connectivity at one point. On Wednesday, NetBlocks tweeted that Facebook, Instagram, Facebook Messenger, and WhatsApp were blocked. Internet services were partially restored on Monday, the same day Myanmar’s military declared a one-year state of emergency.

Ongoing Protests Around New Delhi Result in Internet and Social Media Crackdown

Following violent clashes between Indian police and protesting farmers, internet access throughout New Delhi’s bordering state of Haryana has been blocked since last Tuesday. On Monday, Twitter suspended nearly 250 accounts under the orders of India’s Ministry of Home Affairs. According to the Guardian, several of these accounts belonged to activists, news organizations, and political commentators—entities the Indian government claim sought to incite violence through their online sponsorship of the protests. The banned accounts have since been restored, a move that India’s government now threatens to reverse through legal action. These recent acts of online censorship have been criticized by the U.S. embassy in India, which released a statement encouraging “any differences between the parties be resolved through dialog.” The demonstrations, which have been ongoing since November, are against new agricultural laws that Indian farmers fear would destroy their businesses through looser market regulations.

Canadian Government Denounces Clearview AI

Following a one-year investigation, Canadian authorities have condemned controversial facial recognition company Clearview AI for allegedly violating domestic privacy laws. The probe, conducted by the offices of Canada’s National Privacy Commissioner and three regional commissioners, found that Clearview collected biometric data of Canadian citizens through public domains without seeking consent, a breach of autonomy that Privacy Commissioner Daniel Therrien equates to mass surveillance. In a statement a lawyer for Clearview AI claims that the company “only collects public information from the Internet which is explicitly permitted,” pointing to an exemption in Canada’s privacy laws. Although the commissioners have no power to issue fines or enact orders, they nonetheless requested that the company cease operations in Canada and delete all biometric information in its possession. Clearview AI officially pulled out of Canada in response to the investigation last July but states it does not intend to delete Canadians from its database. The company, which currently faces a class action lawsuit for breaching biometric privacy laws in Illinois, intends to fight the commissioners’ finding in court.

Biden Addresses Election Interference, SolarWinds Intrusion in Foreign Policy Speech

On Thursday, President Biden used his first visit to the State Department since taking office to announce significant changes to U.S. foreign policy. In particular, the president denounced Russian cyber aggression, stating that he made it clear in a call to Russian President Putin that “the days of the United States rolling over in the face of aggressive actions – interfering with our elections, cyberattacks, poisoning its citizens – are over.” These remarks reaffirm National Security Advisor Jake Sullivan’s comments regarding the Russian-backed SolarWinds breach, stating earlier in the day that the new administration will “hold Russia accountable.” The president also stated that he would take a tougher stance on China regarding human rights abuses, intellectual property, and global governance but would work with Beijing “when it’s in America’s interest to do so.”