Cyber Week in Review: November 12, 2021

House passes infrastructure bill; over $1 billion for local cybersecurity infrastructure included 

The House of Representatives passed a nearly $1 trillion infrastructure bill earlier this week. The bill now goes to President Biden, who will almost certainly sign the bill into law. Included in the bill’s provisions is the largest investment in local and state-level cybersecurity infrastructure ever. The bill provides over $1 billion for state, tribal, territorial, and local governments and encourages states to invest more in cybersecurity. The bill will release the funding yearly, with over $200 million available for states and counties in 2022. The bill gives federal agencies more power to respond to cyberattacks, and will increase cooperation between the federal government and state and local agencies affected by cyberattacks.  

Chinese state media accuses Indian hackers ‘Evil Flower’ of shutting down airline records 

On November 5, the Global Times reported that Indian hacking outfit “Evil Flower” launched cyberattacks against Chinese aerospace industries. According to the report, Evil Flower—which is also known as “rattlesnake” and is suspected of operations against Pakistan, Nepal, and Saudi Arabia as well—previously targeted a traditional Chinese medicine research institute in 2019 and Chinese import and export enterprises in 2020. The Global Times article includes a timeline displaying a two-year trend of China-targeted cyberattacks originating from South Asia. Although Chinese cybersecurity firms allege “regularly [detected] attacks from foreign state actors, including the U.S.,” Chinese state media publicly revealing the identity of foreign hackers is a rarity. After the New York Times and others alleged that Beijing was responsible for an attack on the Indian power grid during a border dispute, China is looking to recast itself as the victim in cyberspace.   

United States arrests REvil associates, seizes millions of dollars in ransomware payments 

The U.S. Justice Department announced earlier this week major indictments and seizures related to the ransomware attack on the IT firm Kaseya. Ukranian national Yaroslav Vasinskyi, who is accused of being behind the attack on Kaseya, was arrested in Poland last month and is being held in the country pending extradition hearings. The U.S. also announced the seizure of almost $6.1 million in ransomware payments to the REvil group. Romania, South Korea, and Kuwait have also arrested suspects believed to be tied to the REvil group, and it’s likely that Mr. Vasinskyi is not the last of the group to be arrested. In comments to the press, Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, noted that the arrests were part of the publicly visible disruption activities, but “others [disruptive activities] are less so.” “We are committed,” Neuberger continued, “to using every tool we can within the U.S. Government’s capabilities . . . to ensure that we address the ransomware activity which is impacting U.S. individuals, businesses, and allies and partners all around the world.” 

Facebook/Meta announces changes to ad-targeting choices for advertisers 

Meta, previously known as Facebook, announced significant changes to its ad-targeting for advertisers which will take effect on January 19, 2022. The goal of the changes is to prevent ad-targeting from being abused by advertisers and comes after Meta’s advertising business has increasingly come under fire. Advertisers will no longer be able to target consumers based on categories like sexual orientation, race, gender, and political beliefs. The decision is likely to upset advertisers at a time when the company’s revenue has already fallen significantly due to privacy changes made by Apple. Both Republican and Democratic strategists and campaigners have already criticized the change, calling it “harmful to nonprofit and public affairs advertisers.” Meta’s changes to advertising are among some of the changes it has made to its business model recently, and it remains to be seen how advertisers will react. 

TSMC and Sony greenlight $7 billion USD chip factory to be built in Japan 

On November 9, Taiwanese chipmaker Taiwan Semiconductor Manufacturing Company (TSMC) announced it would partner with Japanese electronics giant Sony to build a chip factory in Japan. The initial investment of the project will be $7 billion USD, of which Sony will contribute $500 million. Mass production from the completed plant is expected to start at the end of 2024. The joint venture addresses a global semiconductor shortage that has impacted producers across sectors in major economies. This cooperation between Taiwanese and Japanese tech giants has already garnered “strong support from the Japanese government,” which wants to increase resilience in its supply chain. TSMC, which is building a $12 billion fab in Arizona, is facing increased pressure from some of its largest customers to build new factories in their home markets.