Cyber Week in Review: November 5, 2021
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: November 5, 2021

China's personal information law goes into effect; Israeli companies targeted by ransomware; NSO Group blacklisted; Social media's falling revenue; Biden announces bounty on DarkSide leaders; Yahoo pulls out of China.
Tim Cook at Apple's headquarters in Cupertino, CA.
Tim Cook at Apple's headquarters in Cupertino, CA. Brooks Kraft/Apple

China’s Personal Information Protection Law takes effect Nov. 1st 

China’s Personal Information Protection Law (PIPL), ratified on August 20, officially took effect on Monday. The law, which marks China’s “first comprehensive legal attempt to define personal information (PI) and regulate... information [transfer],” has significant implications for companies doing business in China. According to Beijing’s decree, multinational corporations will now have to obtain authorization from government institutions to transfer data outside of China's borders. Furthermore, PIPL’s “extraterritorial aspect” will also apply to non-PRC companies processing and/or analyzing data belonging to Chinese users. Since PIPL took effect this week, China’s Ministry of Industry and Information Technology (MIIT) has already sent notices to 38 apps—including the popular Tencent News, dating app Tantan, and social media platform Xiaohongshu—due to their “excessive collection of personal information.” Look for the PIPL’s enforcement to strengthen Beijing’s regulatory efforts and punitive measures against violating companies. 

Iran-linked group launches ransomware attack against Israeli businesses 

Black Shadow, an Iranian-linked hacking group, stole data from a variety of Israeli businesses over the past week and threatened to release it unless a ransom was paid. Black Shadow has since released the personal data of over 290,000 patients from the Machon Mor medical institute and has also begun leaking data from a large LGBTQ dating site, Atraf. The data leaked from Atraf includes users HIV status, and puts LGBTQ individuals at risk in conservative areas of the country. Israeli cybersecurity experts have called the attack one of the most severe Israel has ever seen in terms of the amount and type of data released. The attack has already led to inquiries into the cybersecurity practices of several sites, as the Israeli Authority for Defense of Privacy announced Wednesday that it was opening an investigation into the cybersecurity protocols of several of the companies affected. 

Biden administration blacklists NSO Group over Pegasus spyware 

More on:

Cybersecurity

Iran

Israel

China

Technology and Innovation

The United States added Israel’s NSO Group to a federal blacklist which prevents companies from receiving American technology, and which will make it very difficult for NSO Group to do business with U.S. companies. NSO Group had previously been the subject of public scrutiny over its Pegasus spyware, which is typically marketed as a counter-terrorism tool. NSO Group had sold Pegasus to countries in the Middle East and Latin America who used the program to spy on dissidents, journalists, and human rights activists. Pegasus was also allegedly used to spy on Saudi dissident Jamal Khashoggi, his friends, and even his wife. The designation means that U.S. companies will be prohibited from selling any kind of hardware or software to NSO Group. While the practical damage of the decision is significant, the reputational damage of the designation is likely to cast an even larger pall over the activities of NSO Group and severely limit their ability to engage with Western multinational corporations in any way. NSO Group is one of the first companies to be blacklisted from Israel; the United States rarely targets companies from allied countries with a blacklist.  

Social media companies lost over $10 billion in revenue after Apple’s recent privacy changes 

After Apple implemented its App Tracking Transparency program in April of this year allowing users to control how and when companies can track their browsing, there was an outcry among social media companies who saw the change as a threat to their business model. That fear appears to be well-founded, as Facebook, Twitter, and other large social media companies lost almost $9.85 billion in revenue after the change. That total represents almost 12 percent of the profits of the companies analyzed by Lotame, a research advertising technology firm. Lotame’s estimates may be conservative, with some experts estimating that Facebook’s losses alone totaled $8.3 billion in revenue since the change. The changes Apple made require users to opt into tracking, on which many social media companies rely for extra data, and it appears that only around 16 percent of Apple users have opted in. The ability of social media to target ads has been critical to their success in recent years, even as some have raised concerns about the effects of the practice on American political life. The battle between Facebook and Apple over data doesn’t appear to be cooling off anytime soon, as Apple has announced that its next iteration of its mobile operating system, iOS 15, will entirely mask the IP addresses of users from advertisers. 

The United States announces $10 million bounty on members of the DarkSide ransomware group 

The Biden administration announced on Thursday that it was offering a bounty of $10 million for information leading to the identification or location of leaders of the DarkSide ransomware group. The announcement also states that individuals can claim a $5 million reward for information leading to the arrest of low-level members and associates of the DarkSide gang. The bounty is a notable escalation of a long-running conflict between the United States and ransomware groups in Eastern Europe. The Biden administration had already announced a broader $10 million bounty in July for the arrest of prominent ransomware gangs. The BlackMatter gang, widely thought to be a rebrand of the DarkSide group, said it was shutting down earlier this week because of pressure from authorities in the U.S. and Europe. While ransomware gangs have frequently reformed themselves to elude authorities, the Biden administration’s campaign keeps evolving to maintain steady pressure on them. 

Yahoo announces it’s pulling out of China 

On Monday, Yahoo became the latest American web services provider to pull out from the Chinese market. Citing its “recognition of the increasingly challenging business and legal environment in China,” the company’s decision coincides with the implementation of China’s new Personal Information Protection Law and professional social network LinkedIn’s recent decision to close its localized version in China. While the company communicated its commitment “to the rights of [its] users and a free and open internet,” the decision to exit China does not seem entirely politically motivated. Many of the website’s services such as email and news had been pulled from Chinese versions since 2013. As was reported by the Global Times, Yahoo’s market share has reduced to “negligible levels” in recent years. It seems that Yahoo’s decision to pull out of China is a confluence of both an inhospitable political and industry climate. 

More on:

Cybersecurity

Iran

Israel

China

Technology and Innovation