Tornado Alley (PROG)

[fuagf]

The Cybersecurity 202: Russia and China's vaccine hacks don't violate rules of road for cyberspace, experts say

"Russia Is Trying to Steal Virus Vaccine Data, Western Nations Say
"How Trump’s Ukraine Mess Entangled CrowdStrike" "

By Joseph Marks
July 20, 2020 at 10:01 p.m. GMT+10

with Tonya Riley

Lawmakers are pushing for stiff consequences against Russia and China for hacking Western research into coronavirus .. https://www.washingtonpost.com/health/2020/02/28/what-you-need-know-about-coronavirus/?itid=lk_inline_manual_2 .. vaccines – calling it a “life or death” issue.

But stealing vaccine research during a global pandemic – seen as a digital extension of classic espionage – doesn’t directly violate rules of the road for which U.S. officials have spent years advocating in cyberspace. And some cybersecurity experts worry the push could undermine the effort to instill those global norms.

“There are a lot of things the Russian and Chinese intelligence services are doing that we should be absolutely outraged about. This is pretty low on my list of concerns,” Dmitri Alperovitch, former chief technology officer at the cybersecurity company CrowdStrike, told me. Alperovich is now chairman at the Silverado Policy Accelerator, a nonprofit think tank.

On the other hand, experts fear that the new hacking authorities President Trump granted the Central Intelligence Agency could be a slippery slope that ends up undermining the push to define acceptable and unacceptable behavior for nations online. The kind of broad authorization described in the Yahoo News .. https://news.yahoo.com/secret-trump-order-gives-cia-more-powers-to-launch-cyberattacks-090015219.html .. report, they worry, could open the door to hacks that affect foreign elections or disrupt energy service or financial transactions — just the sort of hacking the United States has traditionally condemned.

“What it’s really signaling is the long-standing U.S. policy on attempting to advocate for the establishment of international cyber norms… that’s gone,” Susan Hennessey, a senior fellow at the Brookings Institution and former NSA lawyer, said on the think tank's Rational Security podcast .. https://www.lawfareblog.com/rational-security-tick-tock-tiktok-edition?utm_campaign=wp_the_cybersecurity_202&utm_medium=email&utm_source=newsletter&wpisrc=nl_cybersecurity202 . “Now, instead, we have a U.S. policy…that’s about…being authorized to do all the things we have been screaming about China and Iran and other countries doing for years.”

The developments each underscore the difficulty of creating and abiding by hard-and-fast rules as cyberspace constantly changes. That has been particularly challenging during the Trump administration, when the White House has primarily focused on projecting strength in cyberspace and pledging to punch back against adversaries rather than working with allies on creating norms for good behavior.


President Trump disembarks Marine One. (Jabin Botsford/The Washington Post)

Several top GOP lawmakers are taking their concerns about Chinese vaccine hacking straight to the president.

They’re calling on Trump to sanction Chinese government hackers for stealing that research and other data in a letter this morning, saying it “puts the very lives of our citizens at risk.” The letter was signed by Reps. Michael McCaul (Texas), leading Republican on the House Foreign Affairs Committee; Greg Walden (Ore.), leading Republican on the Energy and Commerce Committee and Patrick McHenry (N.C.), leading Republican on the Financial Services Committee.

House Intelligence Chairman Adam B. Schiff (D-Calif.) similarly called the Russian efforts a “life and death” issue and promised a rigorous congressional investigation. That statement came just hours after the efforts were revealed .. https://www.washingtonpost.com/world/uk-us-and-canada-report-russian-cyberspies-may-be-trying-to-steal-vaccine-research/2020/07/16/d7c0dbd6-c765-11ea-a825-8722004e4150_story.html?itid=lk_inline_manual_16 ..... in a joint alert by officials in the United States, the United Kingdom and Canada. Russia has denied .. https://www.politico.com/news/2020/07/19/russia-cyberattack-vaccine-coronavirus-369514 .. the claims.

Experts, meanwhile, are savaging Trump for the CIA move, saying it
could erode years of efforts to impose rules in cyberspace.

Chris Finan, cybersecurity director on the National Security Council during the Obama administration who’s now CEO of Manifold Technology:

Chris Finan
@CTFinan
The Trump admin giving carte blanche to agencies for norm-
breaking cyber activities undermines two decades of norm-
building as a cyber policy objective where open societies
benefit most

Kim Zetter
@KimZetter
Really good pts made by @shaneharris @benjaminwittes, @tcwittes
@Susan_Hennessey about our story published this wk on CIA's expanded
covert cyber powers, which let CIA launch destructive cyberattacks on
banks/crit infrastructure (https://news.yahoo.com/secret-trump-order-gives-cia-more-powers-to-launch-cyberattacks-090015219.html
)
https://directory.libsyn.com/episode/index/id/15227648/tdest_id/251036
2:01 AM · Jul 19, 2020
9 See Chris Finan’s other Tweets

The 2018 authorization basically gave the CIA broad powers to conduct convert actions in cyberspace without first getting a go-ahead from the White House and specifically mentions Russia, China, Iran and North Korea as possible targets, Yahoo reports. Since it was approved, the agency has launched dozens of secret hacking operations, the article says.

The reactions reveal just how murky the rules can be in the shadowy world of cyberspace.

In the case of the vaccine hacks, there has been no evidence so far that China or Russia wants to do anything other than to steal information that will help their own scientists work faster on combating the novel coronavirus. Experts say that focus on promoting public health makes this kind of hacking far different from the economic espionage U.S. officials have traditionally pilloried China for and which centers on raiding American companies' intellectual property to benefit Chines companies’ bottom lines.

But that could change down the road. For instance, China might use the stolen information to help its companies get a leg up on U.S. competitors in the market for coronavirus treatments. Even worse, hackers could use the access they gained to U.S. research labs’ computer networks to sabotage future work.

“The biggest concern is doing something in a way that disrupts or a slows down a potential cure,” said Chris Painter, who was the State Department’s top cybersecurity diplomat during the Obama administration. “If they do things that are impeding the manufacture or research of a vaccine in any way, that would clearly cross a line.”


Chinese President Xi Jinping learns about the progress on the research into covid-19 vaccine
candidates. (Ding Haitao/Xinhua/AP)

In the case of the new CIA authorities, part of what the agency is reportedly doing is hacking and releasing information that might be embarrassing to U.S. opponents. The Yahoo article points to a handful of recent data leaks that might be connected to the CIA including information about an ostensibly independent Russian company that was working with Moscow's intelligence services and about the personal information of Iranian intelligence officers.

Those operations could raise problems if they seemed aimed at affecting an election and could undermine U.S. efforts to insist that such hacks should be off the table.

“I happen to think the Russians actually need some payback in the hacking and dumping department, but it should stay the heck away from anything that looks like an electoral intervention,” Brookings Senior Fellow Benjamin Wittes said during the Rational Security podcast. “You want to be super cautious about anything that could look like an intervention into a foreign election because that is a norm that we want to strongly support.”

Diplomatic efforts to impose global cyber rules have slowed since a burst of diplomatic activity between 2013 and 2017.

Since then officials have largely focused on the harder task of imposing consequences on nations that flout those rules.

The Trump administration has also pivoted to focusing more on project strength in cyberspace. That's included retaliatory cyberstrikes against Russia .. https://www.washingtonpost.com/opinions/2020/07/10/trump-confirms-an-interview-us-cyberattack-russia/?itid=lk_inline_manual_37 .. during the 2018 midterm elections and against Iran .. https://www.washingtonpost.com/national-security/us-military-carried-out-secret-cyber-strike-on-iran-to-prevent-it-from-interfering-with-shipping/2019/08/28/36202a4e-c9db-11e9-a1fe-ca46e8d573c0_story.html?itid=lk_inline_manual_37 .. for shooting down a U.S. surveillance drone. But they haven’t prompted either nation to significantly reduce cyberattacks against the United States.

“We have countries signing onto these norms…but we haven’t done a very good job at imposing consequences when those norms get violated,” Painter told me. “We’ve become a little better at trying to disrupt them. But we still don’t see quick actions that change the calculus of people violating the norms. And if they get a benefit from violating them then they’ll keep doing it.”

The keys

Early evidence suggests a massive Twitter hack was not politically motivated.


A bird flies near signage displayed outside Twitter headquarters in San
Francisco. (David Paul Morris/Bloomberg News)

That attack compromised the accounts of former vice president Joe Biden .. https://www.washingtonpost.com/elections/candidates/joe-biden/?itid=lk_inline_manual_42 , former president Barack Obama and a slew of business leaders but the hackers don’t appear to have had a political ax to grind, a law enforcement official told Rachel Lerman .. https://www.washingtonpost.com/technology/2020/07/16/twitter-security-breach-response/?itid=lk_inline_manual_42 . The FBI is leading a federal investigation into the hack.

“This was not a hack of Biden’s campaign,” the official said. “Or of Elon Musk. This was all about a fraud scheme and not about trying to turn the political winds in a certain direction.”

Four hackers identified as involved in the scam told The New York Times .. https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html .. their main goal was profiting off the accounts by using them in a bitcoin scam.

Twitter confirmed in a blog post .. https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html .. that the attackers targeted 130 accounts and downloaded the data of eight accounts. None of the eight accounts were verified, meaning that hackers did not steal the data of high-profile targets including Biden, Twitter said. The company pinned the attack .. https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html .. on hackers who conned employees into giving up credentials that provided access to Twitter's internal systems.

Hackers were also able to view personal information including email addresses and phone numbers for the 130 accounts targeted. For the 45 accounts they took over, that could have included "additional information," though Twitter didn't give specifics.

Trump, citing mail-in voting, declined to say that he will accept the election results.

VIDEO - Trump's Fox News interview, in 4 minutes
In an interview that aired July 19, "Fox News Sunday" host Chris Wallace asked President
Trump about the coronavirus, upcoming elections and civil unrest. (The Washington Post)

The president claimed without evidence in a Fox News interview that mail-in voting could “rig” the November results, Felicia Sonmez reports .. https://www.washingtonpost.com/politics/trump-declines-to-say-whether-he-will-accept-november-election-results/2020/07/19/40009804-c9c7-11ea-91f1-28aca4d833a0_story.html?itid=lk_inline_manual_53 . Trump has repeatedly railed .. https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/07/08/the-cybersecurity-202-trump-s-voting-by-mail-assaults-could-cost-him-the-election/5f051d4b602ff10807197096/?itid=lk_inline_manual_53 .. against mail-in voting even as many states are turning to the process as a safer alternative to in-person voting during the coronavirus pandemic.

Fox News host Chris Wallace asked Trump if he “might not accept the results of the election.” Trump replied, “I have to see. Look, you — I have to see. No, I’m not going to just say ‘yes.’ I’m not going to say ‘no.’ And I didn’t last time, either.”

Biden's campaign slammed the remarks. “The American people will decide this election,” Biden spokesman Andrew Bates said. “And the United States government is perfectly capable of escorting trespassers out of the White House.”

Biden warned Friday that the real threat to the November election is foreign interference. Biden has received intelligence briefings that both Russia and China are actively engaged in trying to sow doubt about the election results, Matt Viser reports .. https://www.washingtonpost.com/politics/joe-biden-citing-intelligence-briefings-warns-that-russia-china-are-engaged-in-election-meddling/2020/07/17/3ce81580-c89a-11ea-a99f-3bbdffb1af38_story.html?itid=lk_inline_manual_58 .

Those foreign interference efforts, so far, fall far short of the interference operation Russia conducted in 2016, Chris Krebs, the top cybersecurity official at the Department of Homeland Security, said Friday .. https://thehill.com/policy/cybersecurity/507888-senior-dhs-official-says-agency-not-seeing-coordinated-foreign-election .

“Compared to where things were in 2016, we are not seeing that level of coordinated, determined cyber activity from adversaries,” Krebs said during a virtual event hosted by the Brookings Institution. “We absolutely have better visibility across the networks, and we are just not seeing that same level of activity that we saw in 2016.”

The Trump campaign is attacking TikTok and accusing it of spying on users.

More - https://www.washingtonpost.com/politics/2020/07/20/cybersecurity-202-russia-china-vaccine-hacks-dont-violate-rules-road-cyberspace-experts-say/