Monday, April 10, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
The Dangerous Weak Link in the US Food Chain
Analyst Comments: The lack of resources, expertise, and government support, along with the increasing digitization and automation of the industry, have created significant weaknesses that could have catastrophic consequences. The article suggests that the industry needs more dedicated support and resources from the federal government, along with a dedicated ISAC to help companies fight back against cybersecurity threats.
FROM THE MEDIA: The US food and agriculture sector is highly vulnerable to cyberattacks due to the lack of resources, expertise, and government support to protect itself from a rapidly expanding range of cybersecurity threats. The industry's widespread vulnerabilities, including remote access technology, make it a prime target for foreign government operatives or cybercriminals seeking to contaminate fertilizer, disable farming equipment, cripple milk supplies, or kill chickens. Although some companies participate in a Food and Agriculture Special Interest Group (SIG), the offerings are limited and the industry is one of four critical infrastructure sectors without an information sharing and analysis center (ISAC).
READ THE STORY: Wired
Beijing chooses targets carefully as it goes on offensive in US chip wars
Analyst Comments: The Micron investigation highlights the growing tension between China and the US over the control of critical technology supply chains. The probe shows Beijing's willingness to use its administrative and regulatory levers to push back against US companies. However, the long-term impact on Micron could be limited, given that memory chips are standardized, and it is easy to change suppliers from the US to non-US. Also, Micron can redirect its chips elsewhere. Nonetheless, the investigation could have a wider implication, as it indicates that China is stepping up efforts to de-Americanize its supply chains and accelerate its domestic semiconductor capabilities.
FROM THE MEDIA: China has launched a national security investigation into Micron Technology, an Idaho-based memory chip manufacturer. Micron generates 11% of its revenue in mainland China and another 5% in Hong Kong. The probe is seen as Beijing's retaliation to the US government's restrictions on the export of chips and equipment to China. Micron is the first target of this probe as its tech can be more easily replaced with competitors' chips if China ultimately decided to ban it. Moreover, Micron has downsized some of its operations on the mainland while increasing investment in the US, which Beijing sees as playing an unfriendly role in the country's semiconductor industry. However, industry experts believe any further retaliation from China will be limited given the country's reliance on artificial intelligence chips made by Nvidia and other processors manufactured by Intel and Qualcomm.
READ THE STORY: FT
Twitter Changes Label On NPR Account From ‘State-Affiliated’ To ‘Government Funded’
Analyst Comments: Elon Musk's decision to label NPR as "government-funded" and potentially apply the label to other media outlets raises questions about how he is using his power as CEO of Twitter. While Musk has the right to apply labels as he sees fit, critics argue that the move is politically motivated and unfairly targets media outlets that receive some government funding. Musk's recent labeling strategy for NPR and his blocking of links to Substack have caused some users to question his management of the site and his commitment to free speech.
FROM THE MEDIA: Twitter CEO Elon Musk has changed the label on National Public Radio's Twitter account from "state-affiliated media" to "government-funded." While NPR receives a small percentage of its funding from the federal government, the majority of its funding comes from corporate sponsorships and fees charged to local radio stations, and the outlet has editorial independence much like other state-funded broadcasters around the world. Musk reportedly told NPR that the new label will be applied to "a larger number of institutions." The move has caused controversy and raised questions about how Musk is managing Twitter, which he bought for $44 billion in 2022.
READ THE STORY: Forbes
‘Silent Invasion’: How China’s Greatest Covert Operation Fooled The US, Stunned Australia & Shocked The World
Analyst Comments: China's influence operations seek to undermine the legitimacy of democratic institutions and values, such as free speech and the rule of law. They also use economic leverage to pressure other countries into making policy decisions that benefit China, such as aligning with Chinese positions on sensitive issues or allowing China greater access to key sectors of the economy. China has been accused of using cyberattacks to steal sensitive information from other countries, including intellectual property, military secrets, and personal data.
FROM THE MEDIA: Chinese influence operations, known as "sharp power," are used to shape foreign perceptions, policies, and institutions in favor of China's interests. These operations include media manipulation, economic coercion, political subversion, espionage, and cyberattacks. The impact of these operations is significant, undermining democratic values and institutions, such as free speech and the rule of law. The threat from Chinese influence operations to global stability and democratic values is substantial, and countries must take steps to counter these operations by increasing transparency, strengthening democratic institutions, and promoting media literacy.
READ THE STORY: The EurAsian Times
Restrictions on Semiconductor Export to China a Must for Security
Analyst Comments: Japan's decision to tighten export controls on chip manufacturing equipment is aimed at preventing China from achieving military expansion through a military-civil fusion of industries. As semiconductors are essential to the development and production of weapons under this strategy, Japan is under direct threat from China from an economic security perspective. The move is a natural response to protect its own national interests. However, the business of the 10 or so targeted companies in Japan that have trade ties with China may be affected. Coordination with the US and other friendly countries to strictly enforce the regulations is necessary to ensure that the restrictions will be fully effective. Effective screening of export destinations and intended applications is also crucial to prevent China from gaming the system.
FROM THE MEDIA: Japan is tightening export controls on advanced semiconductor manufacturing equipment to prevent China from producing advanced semiconductors for military purposes. The US began tightening restrictions on exports of semiconductors and chip manufacturing equipment to China in October 2022. As a leader in the chip manufacturing equipment segment, Japan is following the US example. The government will amend the Foreign Exchange and Foreign Trade Law and issue a ministerial ordinance in May 2023 to tighten the regulations. The new measures will take effect in July 2023 and will subject exports of sensitive equipment to "list restrictions" that require permission from the Minister of Economy, Trade, and Industry (METI) on a case-by-case basis. Twenty-three items will be added to the list, including exposure and cleaning systems. Although no specific countries are identified as export destinations to which the new restrictions will apply, China is not among the 42 countries and regions for which the system permits a simplified examination process. The measures are limited to manufacturing equipment for advanced semiconductors and do not include general-purpose products.
READ THE STORY: Japan Forward
Iran-based threat actor MERCURY caught targeting hybrid environment
Analyst Comments: The discovery of MERCURY targeting on-premises and cloud environments underscores the ongoing threat of state-sponsored cyber attacks on critical infrastructure. It is concerning that MERCURY works in partnership with other actors to carry out destructive actions, and the fact that the group was able to move from on-premises to the cloud highlights the need for improved security measures. Organizations should ensure that they have up-to-date security protocols in place and regularly patch their systems to mitigate the risk of cyber attacks.
FROM THE MEDIA: Microsoft security researchers have discovered Iran-based threat actor MERCURY targeting on-premises and cloud environments. The researchers believe that the threat actor likely worked in partnership with another actor tracked as DEV-1084 to perform destructive actions. MERCURY initially exploits known vulnerabilities in unpatched applications before handing off access to DEV-1084 to move laterally throughout the network. The researchers also observed the threat actors performing the destruction of cloud resources. Microsoft has detailed security measures to mitigate the techniques used by the actors.
READ THE STORY: Devdiscourse
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required
Analyst Comments: The addition of these vulnerabilities to the KEV catalog highlights the importance of patching systems and ensuring that software is up to date. The active exploitation of these vulnerabilities by threat actors underscores the need for organizations to remain vigilant and implement robust security measures to protect against potential cyberattacks. It is critical that affected organizations apply the necessary patches to secure their networks and mitigate any potential risks. The recent release of updates by Apple to address zero-day flaws that have been exploited in real-world attacks also serves as a reminder of the ongoing threat posed by cybercriminals and the need for continuous cybersecurity efforts.
FROM THE MEDIA: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, with evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software that could allow the execution of privileged commands on the system. Google-owned Mandiant also reported that an affiliate associated with the BlackCat ransomware operation is targeting publicly exposed Veritas Backup Exec installations to gain initial access by leveraging the aforementioned three bugs. Another vulnerability added by CISA is a privilege escalation flaw impacting Microsoft Windows Certificate Dialog that could be exploited to run processes with elevated permissions on an already compromised host. Additionally, there is an information disclosure flaw in Arm Mali GPU Kernel Driver that was abused by an unnamed spyware vendor as part of an exploit chain to break into Samsung's Android smartphones.
READ THE STORY: THN
Can Russia Really Break Away from the West
Analyst Comments: The article provides insights into Russia's efforts to pivot to the East and build ties with non-Western countries as relations with the West continue to deteriorate. The assessment suggests that Russia faces significant challenges in achieving this goal, including limited infrastructure and economic conditions and the absence of a direct and painful incentive for such a 'turn'. The author highlights the need for Russia to engage with a variety of cultures and ways of life and listen more than it talks and learns more than it teaches. Overall, the article provides a nuanced analysis of Russia's pivot to the East and the challenges it faces in building ties with non-Western countries.
FROM THE MEDIA: The current crisis in relations between Russia and the West has driven an increase in the number and quality of ties with countries outside the control of the US, and has prompted Russia to focus on developing its relations with the non-Western world. Russia's relations with the non-Western world are likely to take into account several interrelated tasks, including the formation of centers of power that are relatively independent from the United States and its allies, the creation of reliable opportunities for modernization through interaction with the non-Western world, and ensuring security vis-à-vis the West. Russia may find itself in a situation where certain Western models will again come to Russia through the East.
READ THE STORY: ModernDiplomacy
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Analyst Comments: The large scale and persistence of the Balada Injector campaign highlights the importance of keeping website software up-to-date, removing unused plugins and themes, and using strong WordPress admin passwords. The attackers' use of obfuscation techniques and newly registered domains makes it difficult for security researchers to detect and mitigate the campaign. Website administrators must be vigilant and regularly monitor their sites for any suspicious activities.
FROM THE MEDIA: Over one million WordPress websites have been infected by a campaign to deploy malware called Balada Injector since 2017. The attackers leverage known and recently discovered theme and plugin vulnerabilities to compromise vulnerable WordPress sites. The attacks are designed to play out in waves once every few weeks and are identified by its preference for String.fromCharCode obfuscation, the use of freshly registered domain names hosting malicious scripts on random subdomains, and by redirects to various scam sites. The campaign aims to gain access to database credentials in the wp-config.php file and to generate fake WordPress admin users, harvest data stored in the underlying hosts, and leave backdoors for persistent access.
READ THE STORY: THN
The Open Source VPN Out-Maneuvering Russian Censorship
Analyst Comments: The article provides valuable insights into how internet users in Russia are coping with increasing censorship efforts by the government. It highlights the importance of censorship circumvention tools, such as VPNs, and how local activists and developers are coming up with new solutions to ensure access to free information. The article is well-researched, with quotes from local activists and founders of Amnezia VPN, and it provides useful information on the technical aspects of the tool. Overall, the article is informative and engaging, and it sheds light on a crucial issue facing internet users in Russia and other countries with repressive regimes.
FROM THE MEDIA: Since the Russian government blocked more than 10,000 websites for content about the war in Ukraine, many Russians are using censorship circumvention tools, such as VPNs, to access free information. One of them is Amnezia VPN, a free, open source VPN client, which allows users to buy and set up their own servers. Amnezia VPN was created in 2020 during a hackathon supported by Russian digital rights organization Roskomsvoboda, and it is an order of magnitude more resilient than typical commercial VPNs. The Kremlin is escalating its efforts to control information, with Russian authorities attempting to control tools such as VPNs and anonymous proxy servers, but local activists and developers are coming up with new solutions. The fate of mass public VPNs in Russia does not look bright with the current technology stack, but anti-censorship solutions that are being developed in Russia are not just relevant to Russian citizens, as tools that help circumvent censorship are constantly being tested by users in different countries with repressive regimes.
READ THE STORY: Wired
Twitter Changes Label On NPR Account From ‘State-Affiliated’ To ‘Government Funded’
Analyst Comments: This article provides an informative summary of the recent controversy surrounding Twitter's labeling of NPR's Twitter account as "state-affiliated media" and subsequent change to "government-funded." The article also notes that other state-funded broadcasters like BBC and ABC News may receive similar labels in the future. The author provides context by explaining NPR's funding sources and editorial independence, and includes relevant tweets from NPR's Bobby Allyn and venture capitalist Paul Graham.
FROM THE MEDIA: Twitter CEO Elon Musk has changed the label on National Public Radio's Twitter account from "state-affiliated media" to "government-funded," following criticism for putting NPR in the same category as Russian and Chinese propaganda outlets. NPR gets 1-2% of its funding from the federal government, with the rest coming from corporate sponsorships and fees charged to local radio stations. The editorial independence of state-funded broadcasters like NPR, BBC, and Australia's ABC News is well-established. In a tweet, NPR's Bobby Allyn said that Musk told him Twitter would apply the "government-funded" label to a larger number of institutions.
READ THE STORY: Forbes
Europe must resist pressure to become ‘America’s followers,’ says Macron
Analyst Comments: Macron’s call for strategic autonomy for Europe is not new, but his latest comments come amid increasing tensions between the US and China over Taiwan, and increasing criticism of US policy in Europe. Macron’s views on strategic autonomy have been endorsed by China, which suggests that Beijing sees it as a way of weakening the transatlantic relationship. Macron’s comments are also in line with those of French officials who have expressed concern about the impact of US sanctions on European companies. However, it is unclear how much support Macron’s views have in other European countries.
FROM THE MEDIA: French President Emmanuel Macron has said that Europe must reduce its reliance on the US and avoid getting embroiled in the conflict between China and the US over Taiwan. Macron emphasized his pet theory of “strategic autonomy” for Europe, which he believes should be led by France. Macron believes that the “great risk” facing Europe is being dragged into crises that are not theirs, preventing them from building their strategic autonomy. He called for Europe to become a “third superpower” and reduce its dependency on the US for weapons and energy. The President also suggested that Europe should reduce its dependence on the US dollar, which has become a key policy objective for Moscow and Beijing. Macron did not address the question of ongoing US security guarantees for Europe.
READ THE STORY: Politico
Israel's cyber infrastructure vulnerabilities exposed in recent wave of attacks
Analyst Comments: The article provides a concise overview of recent cyberattacks against Israeli institutions and infrastructure and highlights the need for robust cyber defense. The article effectively explains different types of cyberattacks and the motives behind them. However, the article would benefit from further discussion of the potential implications of these attacks on Israeli national security and the actions being taken to mitigate these risks beyond the proposed cyber defense law.
FROM THE MEDIA: Israel has experienced a wave of cyberattacks against its institutions and infrastructure, including the Israeli Postal Company and irrigation systems. The identity of the hackers behind the attacks remains unknown, but some attacks have been attributed to groups such as Anonymous Sudan and an annual campaign called "OPIsrael." The primary objectives of such attacks are often to cause panic and distress, followed by a political message and stealing personal information. The attacks on Israeli infrastructure highlight the need for robust cyber defense, particularly for critical and vital infrastructure. Israel's cyber security infrastructure has proven mostly sufficient at neutralizing attacks, but there have been exceptions, and there is a need for greater regulation and authority for the National Cyber Directorate to prevent future attacks.
READ THE STORY: CTECH
Artificial Intelligence In Space: The Amazing Ways Machine Learning Is Helping To Unravel The Mysteries Of The Universe
Analyst Comments: The article provides a comprehensive overview of the different ways in which AI is being used in space exploration, and presents interesting and exciting use cases. It highlights how AI is helping to overcome complex and dangerous scientific and technical operations in space, making them more efficient and optimized.
FROM THE MEDIA: The article discusses various use cases of artificial intelligence (AI) in space travel, exploration, and observation. It explains how AI is being used to optimize fuel usage and automate engine operations during take-off and landing, as well as to ensure that rockets and satellites do not collide with other objects in space. AI is also being used to explore and study distant planets like Mars and classify features of the terrain. Astronomers are using AI to map the universe, detect black holes and predict the behavior of stars and galaxies. Furthermore, AI is helping to construct accurate images of black holes and understand their interiors.
READ THE STORY: Forbes
‘A whole appeasement psychology’: How America let Putin off the hook after Crimea
Analyst Comments: The article provides an in-depth analysis of the Justice Department's enforcement of sanctions and penalties targeting Russia over its near-decade-long assault on Ukraine. The author uses extensive research, including conversations with former US officials and court records, to support their arguments. The article highlights the criticism faced by the Justice Department for being too lenient and not prioritizing Ukraine-related penalties until last year, when Putin escalated the situation by invading Ukraine. However, the department has defended itself by stating that investigations take time and must meet a high bar, and it was also hampered by a lack of cooperation from other countries.
FROM THE MEDIA: The US Justice Department's enforcement of sanctions, export controls and other penalties targeting Russia over its near-decade-long assault on Ukraine has been criticized for being too lenient. A review by POLITICO of court records and material covering hundreds of pages, as well as conversations with former US officials with national security and law enforcement expertise, found only 14 criminal cases were filed from January 2014 through February 2022, some of which were only tangentially related to Ukraine. Critics argue that if more cases had been brought, Putin may have been discouraged from pursuing his large-scale invasion in 2022. However, the department has defended itself by saying that investigations take time and must meet a high bar, and that it was also hampered by a lack of cooperation from other countries. The review's findings suggest that enforcing Ukraine-related penalties on Russia was not, until last year, a top focus for the Justice Department or the presidents it served.
READ THE STORY: Politico
The Chinese military posted an animated video simulating how China's forces would attack Taiwan if war breaks out
Analyst Comments: The release of the animated video is likely a form of propaganda, demonstrating China's military capabilities and signaling to Taiwan and the US that it is willing and able to take military action if necessary. The military drills could also be seen as a warning to Taiwan against pursuing independence, and a show of strength by China. The US will likely continue to support Taiwan while adhering to the One China policy to avoid further escalation of tensions with China.
FROM THE MEDIA: China's Eastern Theatre Command has released an animated video on its official WeChat account, showing how it could launch a full-scale attack on Taiwan with military aircraft and navy vessels. The video outlines the trajectory of missiles landing on Taiwan and its surrounding waters, as well as how the Chinese military could coordinate a targeted, multi-pronged assault on the island. This follows drills conducted by the People's Liberation Army Eastern Theater Command, which included 70 Chinese aircraft and 11 Chinese navy vessels encircling Taiwan as part of a military exercise. The drills come in response to Taiwanese leader Tsai Ing-wen's US visit and meeting with House Speaker Kevin McCarthy. Although China considers Taiwan part of its territory, the US has an unofficial diplomatic relationship with the island, which it views as a sovereign state.
READ THE STORY: Yahoo News
Items of interest
Apocalypse Now: The Revelations of Vladimir Putin
Analyst Comments: The article is a thought-provoking and well-written piece that offers a nuanced perspective on the current geopolitical situation in Ukraine and the actions of its neighbor, Russia. It draws on historical and literary sources to provide context and insight into the nature of tyranny and its consequences. The author's argument that humanity must triumph over tyranny through authentic sacrificial love, critical thinking, and action is compelling and thought-provoking.
FROM THE MEDIA: The article discusses how the term "apocalypse" has been used in popular culture, particularly in the movie "Apocalypse Now," to describe the horrors of war. It then relates this to the current situation in Ukraine and the actions of Russian leader Vladimir Putin, who is depicted as a tyrant perpetuating heartless imperialism in the guise of Christianity. The author argues that unchecked self-worship can lead to the heart of darkness, as seen in the case of Putin, and that humanity must triumph over tyranny through authentic sacrificial love, critical thinking, and action. The article also references historical and literary figures such as Thucydides, Xenophon, Plato, Aristotle, and Cicero to provide context and insight into the nature of tyranny.
READ THE STORY: Providence
China Objects to term ‘Indian Ocean’ | History Lesson on South China Sea (Video)
FROM THE MEDIA: While China is on a re-naming spree for Arunachal Pradesh. Let's not forget that China has often raised an objection to the Indian Ocean as well. China believes the Indian Ocean isn't India's and shouldn't be named after our nation. However, when it comes to the disputed South China Sea, China claims that history has guided it to name the South China Sea. We take the next half hour to present a clear history lesson to China. There is no such thing as the south china sea. If we were to follow China's own guiding principles - then the south china sea must be renamed and called the Champa Sea. Yes, you heard that right. The disputed waters between the southeast Asian nations were historically called the Champa Sea, named after the Champa kingdom. Let's take a moment to understand the region.
Xi Jinping's 48-hour plan to invade Taiwan: 'China's military is expanding' (Video)
FROM THE MEDIA: The conflict in Ukraine has implications for Taiwan, as China seeks to reunify with Taiwan and does not hide its view that Taipei will unify with the mainland. China's President Xi Jinping is committed to this goal and it is said that no Chinese premier would be able to stay in position if they renounced their claim to Taiwan. The situation presents a challenge for the international community, which must navigate the complex web of political and economic ties with both China and Taiwan while seeking to maintain stability in the region.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.