Cyber Week in Review: March 19, 2021

U.S. Federal Judge Halts Ban on Xiaomi

Last Friday, a U.S. district judge halted a ban that would have prevented Americans from investing in Chinese electronics company Xiaomi. The company was originally placed on a blacklist by the U.S. Department of Defense (DOD) because of alleged ties to the Chinese military days before former President Donald Trump left the White House. According to U.S. District Judge Rudolph Contreras, the ban, which would have gone into effect on Monday, lacked “substantial evidence” that linked the company to the People’s Liberation Army. “[The court] is somewhat skeptical that weighty national security interests are actually implicated here,” Contreras said in his opinion. Xiaomi, which denies the DOD’s claims and filed a lawsuit [PDF] against the ban, stated that it is “pleased” with the temporary injunction, and hopes that this move will pave the path towards its full removal from the blacklist.

U.S. Report Finds That Russia, Iran Attempted to Meddle in 2020 Election

Russia and Iran orchestrated independent campaigns that sought to influence the 2020 U.S. elections, erode public confidence in the electoral process, and exacerbate sociopolitical tensions within the United States, according to declassified security assessments released on Tuesday by the Office of the Director of National Intelligence (ODNI). In ODNI’s report [PDF], it was revealed that Russia conducted “influence operations aimed at denigrating President Biden’s candidacy,” such as pushing “misleading or unsubstantiated allegations” to prominent U.S. organizations and individuals, including those close to former President Trump. Iran, on the other hand, “carried out a multi-pronged covert influence campaign intended to undercut former President Trump’s reelection prospects.” The assessment further states that there was no indication of foreign attempts at “alter[ing] any technical aspect of the voting process in the 2020 U.S. elections,” and concludes that China did not run any influence campaigns. Following ODNI’s release of their assessment, the Departments of Justice and Homeland Security have released a companion report [PDF] in which they provide recommendations for improving election resiliency.

China Blocks Signal

Encrypted messaging app Signal was blocked in China earlier this week, making it the latest foreign platform to be censored in the country. Chinese users of the service were unable to send messages beginning on Monday evening, and the app has since been inaccessible without the use of a virtual private network (VPN) to circumvent China’s Great Firewall. Signal, which uses end-to-end encryption to secure messages and calls sent on the platform, had been used by journalists, activists, and political dissidents to avoid surveillance by intelligence and law enforcement agencies that is risked on other messaging apps in China. The app had seen spikes in popularity in the past several months among Chinese users, due in part to increased censorship on domestic platforms, such as WeChat and Weibo. Signal’s blocking follows the banning of Clubhouse, a voice messaging app, last month.

Alleged Russian Hackers Compromise Polish Websites to Spread Disinformation

Alleged Russian hackers compromised the websites of Poland’s National Atomic Energy Agency and Health Ministry on Wednesday to spread false information about a fabricated nuclear waste leak. The supposed nuclear threat was said to be coming from neighboring Lithuania and was used to “sow suspicion and division among western allies,” according the Associated Press (AP), which also reported that the Twitter account of a journalist who writes on Eastern European affairs and politics was also hacked and used to support the false claims. The disinformation operation “looked like a typical Russian attempt,” according to Stanisla Zaryn, a spokesman for Poland’s security services. Zaryn also stated that it reminded him of a similar hacking attempt in 2020 that sought to spread hysteria about a non-existent radioactive cloud that was said to be heading toward Poland from Ukraine. According to the AP, the message from this recent fabrication “did not receive much notice.”

Finland Attributes Hack of Parliament to Chinese Threat Actor

Finland’s Security and Intelligence Service, known as Supo, has attributed a December 2020 cyber espionage operation targeting the country’s parliament to APT 31, a threat actor that is widely linked to the Chinese government. According to Supo, APT 31 breached information systems that granted them access to some lawmakers’ email accounts. Detective superintendent of Finland’s National Bureau of Investigation Tero Muurman, who is further investigating Supo’s claims, said that the breach likely sought to “gather intelligence to benefit a foreign state or to harm Finland’s interest.” Although Supo did not explicitly blame China in their statement, it has previously named China and Russia as the primary actors attempting to spy on Finland.