Daily Drop (496): US-Russia Information Security Relations, SpaceX's Saudi Astronaut Mission, China Bans Micron Products, Ukraine's Ever-Changing Cyber War, "Hack & Whack" Conflict Tech
05-22-2023
Monday, May 22, 2023 // (IG): BB // Intro Exploit Dev // Coffee for Bob
International Information Security in US-Russian Bilateral Relations
Analyst Comments: While Russia emphasizes dialogue and cooperation, the U.S. is more focused on maintaining its dominance and viewing Russia as a strategic rival. The article underscores the importance of maintaining communication channels to manage conflicts and prevent further escalation in cyberspace. The UN platforms, such as the Open-ended Working Group, serve as important channels for dialogue and engagement on IIS. However, significant challenges exist in reconciling the differing visions of Russia and the U.S. on issues like responsible behavior, sovereignty, and the regulation of cyberspace.
FROM THE MEDIA: The relationship between the United States and Russia regarding international information security (IIS) has experienced periods of convergence and cooldown. While Moscow remains open to dialogue and advocates for responsible conduct in the ICT environment, Washington is focused on maintaining its leadership and deterring Russia in cyberspace. Bilateral interactions on IIS currently take place through platforms such as the UN Open-ended Working Group on the Safe Use of ICTs. However, reaching agreements in the near future seems unlikely due to differing priorities and approaches. The U.S. views Russia's proposals as an attempt to limit ICT development and challenge American leadership. Despite these challenges, communication between the two countries is crucial for managing contradictions and reducing the risk of escalation in cyberspace.
READ THE STORY: Modern Diplomacy
SpaceX Sends Saudi Astronauts, Including Nation's 1st Woman in Space, to International Space Station
Analyst Comments: The launch of Saudi Arabia's first astronauts since 1985 marks a significant milestone for the country's space program. The sponsorship by the Saudi Arabian government demonstrates their growing interest and investment in space exploration. Private space tourism is becoming more prominent, as shown by Axiom Space's second private mission to the International Space Station. The collaboration between nations in space exploration fosters cooperation and advances scientific research.
FROM THE MEDIA: Saudi Arabia's first astronauts in decades, sponsored by the Saudi Arabian government, embarked on a chartered SpaceX flight to the International Space Station. The crew includes Rayyanah Barnawi, the first woman from Saudi Arabia to go to space, and Ali al-Qarni, a fighter pilot with the Royal Saudi Air Force. They will be greeted at the station by an astronaut from the United Arab Emirates. Axiom Space, the Houston-based company organizing the private flight, plans to add its own rooms to the space station in the future. The cost of the mission has not been disclosed, but Axiom previously mentioned a ticket price of $55 million each.
READ THE STORY: VOA
China bans Micron products after security review finds unspecified flaws
Analyst Comments: The lack of specific details about the risks associated with Micron's products raises questions about the rationale behind the decision. Analysts suggest that the ban is primarily symbolic and will have limited impact since memory is a commodity and alternative suppliers can be found. The move is seen as part of China's broader strategy to retaliate against US restrictions on technology exports and the bans on Chinese firms. It reflects the ongoing tensions between the US and China in the field of technology and national security. Micron's response indicates its willingness to engage in discussions with Chinese authorities to address the concerns raised.
FROM THE MEDIA: China's Cyberspace Administration (CAC) has ruled that US memory maker Micron poses a threat to national security and ordered some local organizations to stop using its products. The CAC conducted a national security assessment of Micron in response to concerns about hidden product problems. Late on Sunday, the CAC announced that Micron had failed the assessment, stating that its products had serious potential network security issues that pose a major security risk to China's key information infrastructure supply chain. However, the CAC did not provide details about the specific risks associated with Micron's products. Analysts believe the ban is performative and that the impact will be limited as memory is a commodity and supply chains can adjust. The move is seen as China's retaliation against recent US restrictions on the export of technology to China and the bans on Chinese firms like Huawei and ZTE on national security grounds.
READ THE STORY: The Register // Bloomberg
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
Analyst Comments: The sentencing of Tejay Fletcher highlights the serious consequences faced by individuals involved in facilitating cybercrime. iSpoof enabled widespread fraud, resulting in significant financial losses for victims. The case underscores the importance of law enforcement efforts to dismantle criminal operations and hold those responsible accountable. Phone number spoofing services pose a significant threat, as they enable fraudsters to deceive individuals and organizations, leading to financial and personal harm. It is crucial for individuals to remain vigilant and exercise caution when receiving calls from unknown numbers, especially when disclosing sensitive information or making financial transactions.
FROM THE MEDIA: Tejay Fletcher, the administrator of the iSpoof online phone number spoofing service, has been sentenced to 13 years and 4 months in prison in the UK. Fletcher pleaded guilty to multiple cyber offenses, including facilitating fraud and possessing and transferring criminal property. iSpoof was a paid service that allowed fraudsters to mask their phone numbers and impersonate representatives from banks and official organizations to deceive victims. The criminals used false identities to trick victims into disclosing sensitive financial information or transferring money. The total losses to victims in the UK are estimated to be over £48 million ($59.8 million), with global losses exceeding £100 million ($124.6 million). Fletcher is believed to have made millions of pounds in illicit proceeds and was found in possession of luxury items. The iSpoof service was dismantled in a coordinated law enforcement operation.
READ THE STORY: THN
Ukraine’s cyber chief on the ever-changing digital War with Russia
Analyst Comments: The interview with Yurii Shchyhol provides insights into the evolving cyber threat landscape in Ukraine and the measures being taken to address it. The shift in Russian hackers' focus on new targets and the increase in supply chain attacks demonstrate their adaptability and the need for continuous vigilance. The emphasis on collaboration between the government and private sector reflects the recognition that cybersecurity is a collective effort. The establishment of a military CERT and the need for dedicated Security Operations Centers in various industries highlight the importance of proactive defense measures. The assistance received from foreign partners and the recognition of Ukraine's expertise in cyber warfare further underscore the significance of international cooperation.
FROM THE MEDIA: Yurii Shchyhol, the chief of Ukraine's State Service of Special Communications and Information Protection, has spoken about the evolving cyber threat from Russia and the measures being taken to defend against it. Shchyhol noted that Russian hackers have shifted their focus to new targets, such as the energy sector, and have increased supply chain attacks against the private sector. He highlighted the importance of collaboration between the government and private businesses to identify vulnerabilities and provide the necessary protection. Shchyhol also emphasized the need for every industry to have its own Security Operations Center (SOC) and the establishment of a military CERT (Computer Emergency Response Team). He discussed the assistance received from foreign partners and the importance of public-private partnerships in countering cyberattacks. Shchyhol stressed the significance of holding those responsible for cybercrimes accountable, stating that cyberattacks that could result in the deaths of innocent civilians should be recognized as war crimes.
READ THE STORY: The Record
Keep reading with a 7-day free trial
Subscribe to Bob’s Newsletter to keep reading this post and get 7 days of free access to the full post archives.