Cyber Week in Review: November 18, 2022

There will be no Week in Review next Friday, November 25. The Week in Review will return on Friday, December 2. 

UK blocks takeover of semiconductor manufacturer 

The United Kingdom announced it was blocking the takeover of semiconductor manufacturer Nexperia Newport by Chinese firm Wingtech Technology, even though the sale concluded in May 2022. Regulators said they were concerned about the potential for sensitive technology to leak to the Chinese government. Nexperia condemned the move, saying that it would likely be forced to shut down its Welsh factory after the decision. Nexperia is a small manufacturer by most industry standards, and it reported only $43 million in revenue in 2021. European regulators have taken a hard line on the Chinese acquisition of semiconductor manufactures in recent weeks, as German regulators blocked the sale of Elmos Semiconductors to a Chinese-owned firm last week, also on national security grounds. 

Australia plans an offensive attack against cyberhackers following recent ransomware attacks 

Australian Minister for Cyber Security Clare O’Neil announced last weekend that the Australian Signals Directorate (ASD) will actively disrupt ransomware operators’ networks and communications. Australia has been hit by several major ransomware attacks and data leaks in the past month, including health insurer Medibank and telecommunications giant Optus. The Russian hackers behind the breach of Medibank publicly released the sensitive details of hundreds of patients after the company refused to pay a ransom, and have signaled they will likely release more. The new campaign will be led by the Australian Federal Police and the ASD and will collaborate with police organizations worldwide in this effort. The United States and United Kingdom have both targeted ransomware networks in the past, but Australia plans for its campaign to be both more intense and sustained.  

Google settles location tracking lawsuit for $391 million 

Google agreed to a $391 million settlement with forty states following investigation into how the company tracked users’ locations. The suit alleged that Google misled users and broke consumer protection laws by recording users’ movements even after they opted out of such tracking. Several state attorneys general discovered that the unauthorized location tracking data was being sold to digital advertisers. Google has faced several lawsuits from states in recent years, including a suit filed in October 2022 by Texas attorney general Ken Paxton which alleges that Google had collected biometric data from Texans without their informed consent. 

United States and European Union set to release new AI roadmap 

The United States and the European Union plan to release an artificial intelligence (AI) road map at the upcoming meeting of the U.S.-EU Trade and Technology Council on December 5. The plan is expected to prioritize security and risk management in AI. The roadmap is meant to ensure that developing artificial intelligence technologies are in line with democratic principles. The plan is also aimed at opening the market for small and medium-sized AI businesses in both the EU and U.S., although it remains unclear what the plan would do to accomplish this goal. This AI road map follows recent efforts by the EU to regulate artificial intelligence through the Artificial Intelligence Act, which will create a process for self-certification and government oversight for what the EU deems high-risk uses of AI.   

Italy bans use of facial recognition and smart glasses 

Italy’s Data Protection Agency (DPA) has outlawed the use of facial recognition and smart glasses except for limited use by law enforcement agencies. The Data Protection Agency barred the use of facial recognition until at least the end of next year or a law on the subject is adopted. Authorities are still allowed to use facial recognition in judicial or criminal investigations,. Civil rights campaigners in the EU celebrated the move, although some raised concerns that exceptions for police forces created worrying loopholes. The ruling appears to be a response to plans to deploy facial recognition glasses for police forces in the municipality of Lecce and the city of Arezzo.