Tuesday, April 18, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
ICE Records Reveal How Agents Abuse Access to Secret Data
Analyst Comments: The abuse of law enforcement databases is a serious concern, and the WIRED report highlights that the problem is not isolated to ICE agents. It raises serious questions about whether the existing monitoring and oversight mechanisms are effective in preventing the abuse of these powerful tools. The report indicates that the sheer volume of misconduct might suggest that ICE has a systemic problem that requires systemic solutions. The lack of information about the disciplinary measures imposed on employees whose allegations of misconduct were substantiated by investigators is also concerning.
FROM THE MEDIA: According to a report by WIRED, US Immigration, and Customs Enforcement (ICE) employees and contractors have been investigated for abusing confidential law enforcement databases and agency computers since 2016. The alleged misconduct includes stalking, harassment, and passing information to criminals. Access to these databases was allegedly misused to carry out personal schemes and vendettas, and sometimes even to commit fraud or pass privileged information to criminals for money. Since 2016, ICE employees or contractors have been investigated for misusing agency data or computers at least 414 times, and in nearly half of those incidents, the misconduct triggered investigations by the Office of Professional Relations (OPR).
READ THE STORY: Wired
Chinese Cops Ran Troll Farm and Secret NY Police Station, US Says
Analyst Comments: This is a significant development in the ongoing conflict between the US and China. The charges against the 34 individuals suggest that the Chinese government is willing to use disinformation and harassment tactics to target its critics abroad. The fact that the group was allegedly attempting to undermine US democratic processes is particularly concerning. The charges are likely to increase tensions between the US and China and may prompt further action from the US government in response to Chinese aggression.
FROM THE MEDIA: The US Justice Department has announced charges against 34 individuals who are allegedly part of a Chinese government-backed task force called the “912 Special Project Working Group”. The group is accused of spreading disinformation and harassing Chinese dissidents and critics of the Chinese Communist Party. The charges include conspiracy to transmit foreign threats and conspiracy to commit interstate harassment. The group is said to have operated a troll farm, using fake online personas to spread messages across social media platforms such as Facebook and Twitter. The group is accused of trying to undermine confidence in US democratic processes.
READ THE STORY: Wired // The Record
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
Analyst Comments: The reported closure of QuaDream is a significant development in the ongoing debate around the regulation and oversight of private-sector offensive actors. The use of cyber espionage tools by such companies raises concerns about data privacy, human rights, and national security, as they can be used to target journalists, activists, and opposition figures. While the closure of QuaDream may be seen as a positive development, it is important to note that other PSOAs such as NSO Group and Candiru continue to operate, and their activities will remain a subject of scrutiny by governments, civil society organizations, and the private sector.
FROM THE MEDIA: Israeli cyber espionage vendor QuaDream is reportedly closing its business in the next few days, following the exposure of its hacking toolset by Citizen Lab and Microsoft. Calcalist, an Israeli business newspaper, reported that the company's board of directors is looking to sell off its intellectual property and that the company has been in a difficult situation for several months. QuaDream specializes in hacking Apple devices using "zero-click" infections which do not require any action on the part of the victim. The company's spyware framework, called REIGN, was outed as having been used against journalists, political opposition figures, and NGO workers across North America, Central Asia, Southeast Asia, Europe, and the Middle East. QuaDream, NSO Group, and Candiru are all private-sector offensive actors (PSOAs) that market end-to-end hacking tools for use by their customers to run their targeted cyber operations.
READ THE STORY: THN
Chinese genetics company targets US despite political tensions
Analyst Comments: The decision by MGI Tech to press ahead with its US expansion plans is a bold move, given the current climate surrounding Chinese genomic companies. Concerns about data security and the potential risks posed by Chinese genomic companies are very real, and MGI Tech will need to ensure that it is transparent about its ownership structure and data security measures to persuade US customers to switch from Illumina. While MGI Tech insists that it is different from its former parent company, concerns about the ownership structure and financial ties between the two companies remain, and this could become an issue of interest for US authorities. As Lindsay Gorman of the German Marshall Fund of the United States noted, Chinese companies have a modus operandi of spinning off companies from parents that have garnered some policymaker concern and branding them as something different while retaining ownership or financial ties. MGI Tech will need to be very careful to avoid being seen as such a company.
FROM THE MEDIA: MGI Tech, a gene sequencing machine manufacturer, has announced plans to continue with its US expansion despite concerns about potential security threats from Chinese genomic companies. MGI Tech was a subsidiary of BGI, a company that was subject to US trade restrictions due to concerns about Americans’ genetic data security. MGI Tech’s Chief Scientific Officer, Rade Drmanac, insists that the company is different from its former parent company and that its gene sequencing machines are more accurate and efficient than Illumina's equipment. MGI Tech's US products will be sold under the Complete Genomics brand, a US-based subsidiary of MGI Tech that was acquired by BGI in 2013 for $120 million. However, US authorities have warned about the potential risks posed by Chinese genomic companies, with the National Counterintelligence and Security Center stating that Chinese genomic companies pose a significant risk to privacy, economic, and national security. Lindsay Gorman, Head of the Technology and Geopolitics Team at the German Marshall Fund of the United States, stated that MGI Tech's spin-off from BGI could be of interest to US authorities if ownership ties remained between the two companies.
READ THE STORY: FT
Iranian-Russian cooperation on hack attacks may challenge Israeli cyber supremacy
Analyst Comments: The cyberattack on Israeli banks and other companies is another example of how cyberwarfare is becoming an increasingly important battleground in the ongoing conflict between Israel and Iran. While the attack only caused minor service interruptions, it could be a harbinger of things to come. The possibility of Iranian-Russian cooperation in cyberspace could mark a significant shift in the regional balance of power in favor of Iran. This underscores the need for Israel and other countries to invest in robust cybersecurity defenses to protect themselves against future cyberattacks.
FROM THE MEDIA: Israeli banks, telecom companies, and the postal service were subject to a cyberattack on the last Friday of Ramadan. The attack was claimed by a group called “Anonymous Sudan,” which reportedly has strong links to Russia. While Friday’s cyberattack only caused minor service interruptions, it is significant because of the message it sends to Israel. The possibility of Iranian-Russian cooperation in cyberspace could mark a new stage in the ongoing shadow war between Iran and Israel. This would significantly affect the regional balance of power in favor of Iran. Cyberwarfare between the two countries has escalated over the last six years. Israel has been behind cyberattacks that have disrupted Iran, and Iran has been building up its cyber capabilities to respond. Iran has not yet caused major damage to Israel’s cyber defenses, but Tehran has not given up trying. The cooperation between Iran and Russia appears to be part of a new Iranian strategy to strengthen its position in the region.
READ THE STORY: The Times of Israel
Keep reading with a 7-day free trial
Subscribe to Bob’s Newsletter to keep reading this post and get 7 days of free access to the full post archives.