Cyber Week in Review: September 29, 2023

X cuts half of its election integrity team 

X, formerly known as Twitter, reportedly laid off half of its election integrity team earlier this week, including Aaron Rodericks, the head of the team. The move comes a few days after X’s CEO Linda Yaccarino had said that the company was planning to expand its safety and election teams. After the layoffs Musk wrote that the fired team was “undermining election integrity,” although it was unclear if he had any evidence to back the accusation. Musk may have fired Rodericks and his team because Rodericks had liked posts that were critical of Musk. Rodericks, who lives in Ireland, petitioned the Irish High Court for an injunction to halt X from taking any disciplinary steps against him, alleging that the firm was unfairly terminating him. The court granted the injunction early Friday. 

U.S. Privacy and Civil Liberties Oversight Board calls for limits to FISA Section 702 

The U.S. Privacy and Civil Liberties Oversight Board (PCLOB) voted three to two to release a new report [PDF] which endorses significant limits on Section 702 of the Foreign Intelligence Surveillance Act (FISA). Section 702, which authorizes U.S. intelligence agencies to collect the electronic communications, including emails, texts, and calls, of foreign nationals outside of the United States. The most notable limit the PCLOB endorsed was a provision that would require the FBI to get a warrant to access Section 702 data on prohibited groups. Critics have said that while Section 702 is supposed to exclude the communications of U.S. citizens and those living within the United States, intelligence agencies have used the communications to surveil these groups. The two Republican appointees on the panel voted against the release of the report and said the changes would be detrimental to U.S. national security. 

Cyberattack hits Bermudan government systems 

A cyberattack against the government of Bermuda on Thursday, September 21 took down key government services, including the ability to process and send electronic payments. The government said that the attack likely emanated from Russia, and it was unclear whether the attack was ransomware or another kind of malware. Bermudan Premier David Burt said the attack affected other Caribbean governments’ systems, but it remains unclear which countries may have been affected beyond Bermuda. Experts have raised concerns in recent years that essential government services in Latin America and the Caribbean could be affected by cyberattacks, especially as government services are increasingly being digitized in both regions. 

Pro-Ukrainian group leaks Russian flight records from 2007-2023 

A pro-Ukrainian hacking group calling themselves the Muppets claimed to have stolen the database of a Russian flight booking system called Sirena that documents flights between 2007 and 2023. The database contains over six hundred million data points on passengers, including phone numbers, flight numbers, and routes. The open-source intelligence group Bellingcat has previously made use of a much smaller leak of the Sirena database, covering 2014 to 2017, to inform around a dozen stories it published. The group behind the hack said that it would not make the entire database public, but would instead likely make the database available to select journalists or to the Ukrainian Armed Forces. 

United States will convene a cybersecurity summit with Latin American governments 

The U.S. Department of Homeland Security (DHS) convened the Western Hemisphere Cyber Conference with leaders from the Organization of American States (OAS) on Wednesday and Thursday. The event focused on a variety of different topics, ranging from China’s digital influence, protecting critical infrastructure from cyberattacks, and the rising threat of ransomware in Latin America. U.S. officials from a number of different departments, including the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and Justice Department, participated in the event. DHS officials were confident about the effect of the conference, with Assistant Secretary for Cyber, Infrastructure, Risk, and Resilience Iranga Kahangama, saying “This is not just a one off conference. It's the start of a long lasting relationship.”