Cyber Week in Review: May 13, 2022

Costa Rica declares a national emergency after ransomware attack 

The new Costa Rican President Rodrigo Chaves declared a state of emergency immediately after being sworn in on Sunday, as the government continues to struggle to recover from the Conti Group’s ransomware attack that hit state agencies last month. The former president José Figueres refused to pay the $10 million ransom demanded by Conti, leading the group to retaliate by publicly releasing most of the 672 gigabytes of data they stole in the attack. The ransomware disrupted Costa Rica’s customs and taxes systems, as well as one energy supplier, causing an estimated $200 million in losses due to system outages. The United States has announced a $10 million bounty for information on Conti’s operators. 

U.S. Treasury sanctions cryptocurrency mixer for laundering North Korean hacking profits 

The U.S. Department of the Treasury announced new sanctions on a cryptocurrency mixer, Blender.io, that was used by North Korean hackers to launder profits from one of their ransomware attacks. Currency mixers are used to pool and anonymize digital assets, and have been abused by ransomware groups and hackers to launder stolen profits. In a press release, the Treasury claimed that North Korea’s Lazarus Group had laundered $20.5 million in cryptocurrency on Blender.io after stealing $625 million from online video game Axie Infinity. This marks the first time that a cryptocurrency mixer has been targeted by Treasury sanctions, though the agency has issued sanctions on cryptocurrency exchanges in the past. 

U.K. sanctions Russia’s main chip makers 

The United Kingdom announced sanctions on sixty three new Russian entities, including two of the country’s most important chip makers, Baikal Electronics and Moscow Center of SPARC Technologies (MCST). The sanctioned entities will both lose access to the chip designs they rent from Arm, a company based in the United Kingdom. This action could necessitate redesign of Baikal and SPARC’s chips, a process which is estimated to take two to three years. Russia is relying on local chip makers more than ever, as the country has been cut off from Western suppliers such as Intel, AMD, and IBM. These sanctions could also disrupt Russia's ambitious plan, first announced in April, to invest three trillion rubles into its domestic microelectronics industry. 

China looks to remove foreign personal computers from government offices 

The Chinese government has reportedly ordered its agencies and state corporations to abandon their use of personal computers made by foreign companies, switching instead to domestic alternatives within two years. There are at least fifty million computers from the central government alone which will need to be replaced. In addition, China has plans to replace Windows operating software with Linux-based systems. This decision follows repeated accusations by China that the United States is spying on the nation and is spreading disinformation about Chinese hacking. Chinese officials have issued similar declarations in the past, and the policy contradicts statements made by the Chinese government in November 2021, when the foreign ministry spokesperson denied any plans of replacing foreign technology. 

Clearview AI agrees to stop sales to private sector 

The controversial company Clearview AI, which has previously marketed facial recognition software to governments and militaries, reached a court settlement with the American Civil Liberties Union. Clearview agreed not to sell its database of over ten billion images of individuals to private companies and will only supply the algorithms that use facial recognition to validate commercial transactions. Clearview has been criticized for constructing its database by aggressively scraping social networks, often without users’ consent. Clearview had recently begun offering its database to private companies, but will now be restricted to working with the more than 1800 local law enforcement agencies and 10 federal agencies it has contracts with.