Cyber Week in Review: January 8, 2016

Happy New Year! Here is a quick round-up of this week’s technology headlines and related stories you may have missed while you were binging on Netflix, eating turkey or Chinese food, and ringing in 2016.

1. The first publically-known cyberattack to take down a power grid? Ukraine’s energy ministry accused Russia perpetrating a cyberattack that caused a power outage, affecting several hundred households on December 23, 2015. If true, this is the first known instance of hackers disabling a power grid. Some press reports have attributed the attack to malware known as “BlackEnergy,” while others have pointed to a group of Russian hackers called “SandWorm.” However, as Robert Lee has pointed out, there’s not yet enough information about the attack to come to a conclusion. In the meantime, U.S. companies that rely on industrial control systems should review their defenses and keep their ears open for new information on the incident in Ukraine as it becomes available.

2. Chinese regulators suspect Microsoft of antitrust. Chinese regulators have reignited a probe into alleged monopoly practices by Microsoft first started in summer 2014 when officials raided the company’s Chinese offices, seizing documents and hard drives. The State Administration for Industry and Commerce says that “major questions” remain regarding the data seized in the 2014 raids. Microsoft’s China troubles should be a red flag for other foreign firms hoping to do business in China. Despite hosting leaders of Chinese and U.S. tech companies for a meeting with Chinese President Xi Jinping and launching a new partnership with a Chinese government-owned electronics firm in the last few months, Microsoft can’t seem to get a break. Nor is the environment in China for foreign tech companies likely to get better any time soon. Last month, the Chinese legislature passed a counter-terrorism law that authorizes the government to require telecoms to assistance in terrorism investigations, which includes handing over encryption keys.

3. The Netherlands and the United Kingdom disagree over encryption. The Dutch government issued a statement in which it ruled out pursuing legislation that would limit the "development, availability and use of encryption" within the Netherlands. In other words, the Dutch government has decided that it will not legislate the creation of "back doors" that would allow law enforcement from decrypting communications. That approach differs considerably to that of the United Kingdom, where the government is currently seeking comment on a draft law that would, among other things, require communications providers to have the ability to decrypt communications, retain metadata on their customers, and explicitly authorize UK law enforcement to engage in offensive cyber operations against terror suspects. Tech companies have roundly criticized the UK proposals, noting that they would have far-reaching consequences in reducing user security and privacy. Last week, NetPolitics contributor Lincoln Davidson recently took a look at the encryption issue in our top five cyber issues of 2015 series. You can check it out here.

4. More questions than answers over unauthorized code in Juniper software. Last month, Juniper Networks, one of the largest sellers of networking products, announced that it had discovered unauthorized code in some of its NetScreen firewall software that would allow a potential attacker to decrypt VPN traffic. The fact that Juniper called it unauthorized code instead of a software flaw (i.e. an error in the way the code was written) suggests that it was deliberately placed and probably the work of an intelligence agency. That led some to believe that the flaw was the work of the NSA, given that some of the Snowden documents refer to NSA operations against Juniper products. While Juniper has not further commented on what the unauthorized code contained, it would seem that Juniper deliberately undermined the security of NetScreen. According to Kim Zetter at WIRED, the company incorporated an algorithm into NetScreen’s code and configured it in a manner that would make it more vulnerable to compromise. It’s unclear why Juniper would do this--and Zetter does not speculate. The mystery is likely to become the best cyber-related whodunit of 2016.