Cyber Week in Review: October 21, 2022

Chinese WeChat users lose access after Beijing protest 

China censored hundreds of social media users after images of two banners criticizing General Secretary Xi Jinping hung from a bridge in Beijing circulated on WeChat and Weibo. The protest comes at an important moment for the Chinese Communist Party, as leaders convene in Beijing for the 20th Party Congress, where Xi is widely expected to secure a third term. A Weibo hashtag “I saw it,” in reference to the banners, was viewed more than 180,000 times before it was deleted. Weibo blocked all results for keywords related to the incident, including “bridge,” “brave,” and “warrior.” Users have reported that the ban from all WeChat services besides payments could be permanent. A lifetime ban would be an unusually severe punishment; the sharing of a video of anti-lockdown protests in Shanghai in April only resulted in authorities censoring the video, not outright bans.  

China uses American technology for hypersonic missile development 

A report from the Washington Post found that Chinese military entities covered by U.S. export controls have in fact been able to access American technology used in hypersonic missiles. The report found more than three hundred sales of U.S.-origin technology to China since 2019, and some of the products purchased were developed by firms that received grants from Department of Defense. Six Chinese military labs likely used the U.S. technology for missile development and testing purposes. In addition to acquiring American technologies, China has made targeted efforts to recruit Chinese-born scientists working at U.S. government laboratories to assist in hypersonic missile development. Reports have found that Russia is also working to circumvent U.S. export controls, purchasing software from American developer Extreme Networks for use in missile development, following U.S. sanctions earlier this year which crippled [PDF] its ability to purchase components for missile systems.  

Russia plans to centralize video surveillance footage 

The Moscow Department of Information Technologies plans to centralize the video streams of Russia’s facial recognition system from across the country at one facility in Moscow. The centralized data center is reportedly being built due to “an increased terrorist threat.” It appears that the system will not be used live, but instead authorities will review stored video when necessary. Previously, some Russian regional governments had created their own video surveillance systems, but the new order will apply to all regions and centralize collection and storage of video in Moscow. Russian officials have proposed a number of uses for the system, including identifying and tracking those who are eligible for the military draft, which was imposed in September to help support Russia’s invasion of Ukraine.  

U.S. announces new cybersecurity guidelines for railroads 

The U.S. Transportation Security Administration (TSA) announced new cybersecurity standards for railroads earlier this week. Railroad companies will be required to submit a cybersecurity plan to the TSA on a yearly basis, which will outline how they are patching vulnerabilities, controlling access to and segmenting networks, and monitoring and detecting threats to networks. The requirements are similar to those announced for the pipeline industry earlier this year, which were developed in the wake of the Colonial Pipeline ransomware attack in 2021. The standards follow the Biden administration’s warnings of the potential for destructive Russian cyberattacks on U.S. critical infrastructure in response to U.S. aid to Ukraine. 

FBI warns that Chinese hackers are scanning U.S. political parties’ systems 

The FBI is reportedly warning  U.S. political parties and politicians that Chinese hackers are scanning their systems for vulnerabilities ahead of the midterm elections. The FBI said that the hackers had scanned over one hundred systems, although none of those warned appeared to be breached. Officials warned that Chinese hackers will likely continue targeting political party domains going forward. The hackers are likely focused on gaining intelligence on Democratic and Republican positions on major issues, which Chinese hackers have done before, most notably in 2008, when they hacked the campaigns of both John McCain and Barack Obama. U.S. government agencies have made securing election systems a priority since 2016, when Russian president Vladimir Putin ordered extensive hacking campaigns against several political campaigns.