Cyber Week in Review: October 26, 2018
Here is a quick round-up of this week’s technology headlines and related stories you may have missed:
1. Sliding into Russia's DMs. The New York Times reports that U.S. Cyber Command has begun targeting individual Russian operatives responsible for disinformation campaigns against the United States. According to anonymous defense sources, the U.S. military is looking to warn Russian cyber actors that they have been identified and could face consequences if they continue spread U.S. election-related disinformation. U.S. officials hope that piercing the Russians' sense of anonymity will successfully deter future influence campaigns while being moderate enough to avoid triggering escalation. Over the last four months, the Department of Justice has charged over a dozen Russian military intelligence officials for compromising U.S. networks, and just last week charged a Russian national working for a Kremlin-linked oligarch with coordinating online influence campaigns against the United States. It is also the second time that U.S. officials have publicly announced a cyber campaign against an adversary. In 2016, the Pentagon announced that it had launched an effort against the self-declared Islamic State to disrupt their command and control infrastructure. Reviews of that operation were mixed, with former Defense Secretary Ash Carter saying that it was not as successful as he had hoped.
2. Get off your high horse. Apple CEO Tim Cook delivered a speech to privacy regulators in Brussels that is being billed as a scathing critique of the tech industry's data collection practices. Cook took aim at the "data industrial complex," that takes "scraps of data" to create "an enduring digital profile" that lets companies know their customers better than they know themselves. Calling privacy a "human right," he also praised the EU General Data Protection Regulation and called for a federal privacy law in the United States. As Google and Facebook come under scrutiny for data gathering practices that generate much of their ad-fueled revenue, Apple has sought to distance itself from its big tech brethren by emphasizing its commitment to privacy. That approach, however, is not without its critics. Earlier this year, the company announced that a Chinese state-owned company would take over the operation of iCloud for its Chinese customers, almost certainly giving Beijing unfettered access their data. In a Twitter thread, former Facebook security lead Alex Stamos argued that uncritically reporting Cook's remarks "ignores treating Chinese citizens as less deserving of privacy protections because a CEO is willing to bad-mouth the business model of their primary competitor."
3. Huawei find a wei. Reuters reports that telecom equipment giant Huawei will open a source code review center in Germany to assuage regulators of the security of its products ahead of a 5G spectrum auction in that country. Huawei has come under intense scrutiny over the last few months as countries weigh the potential security risk of its equipment in the next generation of wireless networks. Countries have so far developed two responses to the potential security risks associated with Huawei: outright ban the company from bidding on 5G projects, or establish a center to probe for vulnerabilities in Huawei product. While Australia has opted for the former response, the latter option appears to be gaining more adherence. The UK has had a source code and review center since 2010; in addition to Germany, Canada is considering a similar approach. Behind the scenes, U.S. intelligence officials and lawmakers have urged Canada to ban Huawei.