CyberWire Daily - A Parliamentary report alleges active Huawei cooperation with Chinese intelligence. Coordinated inauthenticity, mostly focused on domestic opinion. Guilty pleas from former eBayers.
Episode Date: October 9, 2020A Parliamentary committee issues a scathing report on Huawei’s connection to the Chinese government and the Communist Party of China. Facebook takes down coordinated inauthenticity with a domestic f...ocus in four countries. Twitter goes after influence operators in four other countries. Betsy Carmelite addresses threats to telehealth platforms. Our guests are the FBI’s Herb Stapleton and the US Secret Service’s Greg McAleer new multi-agency mission center to tackle the highest priority cyber criminal threats facing the US. And two of the former eBayers charged in a cyber-stalking case have taken their expected guilty pleas. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/197 Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
Calling all sellers.
Salesforce is hiring account executives to join us on the cutting edge of technology.
Here, innovation isn't a buzzword.
It's a way of life.
You'll be solving customer challenges faster with agents, winning with purpose,
and showing the world what AI was meant to be. Let's create the agent-first future together.
Head to salesforce.com slash careers to learn more. Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected. Thank you. Now at a special discount for our listeners. Today, get 20% off your Delete Me plan
when you go to joindeleteme.com slash N2K
and use promo code N2K at checkout.
The only way to get 20% off
is to go to joindeleteme.com slash N2K
and enter code N2K at checkout.
That's joindeleteme.com slash n2k code n2k. on Huawei's connection to the Chinese government and the Communist Party of China. Facebook takes down coordinated inauthenticity
with a domestic focus in four countries.
Twitter goes after influence operators in four other countries.
Betsy Carmelite addresses threats to telehealth platforms.
Our guests are the FBI's Herb Stapleton
and the U.S. Secret Service's Greg McAleer
on their new multi-agency mission center,
which is hoping to tackle the highest priority cybercriminal threats facing the U.S. Secret Service's Greg McAleer on their new multi-agency mission center, which is hoping to tackle the highest priority
cyber criminal threats facing the U.S.
And two of the former eBayers charged in a cyber stalking case
have taken their expected guilty pleas.
From the Cyber Wireire studios at DataTribe,
I'm Dave Bittner with your CyberWire summary for Friday, October 9th, 2020.
The BBC reports that a British parliamentary committee yesterday released a report that concluded there was clear evidence of collusion between Huawei and the Chinese Communist Party. informed anti-China hysteria, the House of Commons Defense Committee supported its conclusions
by noting the subsidies the company has received from the Chinese government,
some $75 billion over the last three years. That subsidy enabled Huawei, the report said,
to lowball its competition and secure great market share by selling its equipment at a ridiculously low price point.
The report also cites research that alleges that the Shenzhen hardware giant
has engaged in a variety of intelligence, security, and intellectual property activities.
In sum, the parliamentary study concludes,
it is clear that Huawei is strongly linked to the Chinese state and the Chinese Communist Party, despite its statements to the contrary.
This is evidenced by its ownership model and the subsidies it has received.
The report is expected to have the effect of advancing the replacement of Huawei equipment in the UK's telecommunications infrastructure.
infrastructure. For its part, Huawei expressed its confidence that people will see through these accusations of collusion and remembered instead what Huawei has delivered for Britain over the
past 20 years. Fortune sees the report as harsher than any official statements other critics of
Huawei, including the US and Australian government, have so far offered. It represents a direct
official accusation that Huawei is
actively working for the Chinese government. Previous warnings have concentrated on the
company's susceptibility to Beijing's influence, and this report goes beyond that.
Yesterday, both Facebook and Twitter disclosed the discovery and suspension
of politically motivated or state-connected networks of inauthentic accounts.
Facebook's takedowns involved coordinated inauthenticity that sought to engage mostly domestic audiences,
a U.S.-based network of thinly-veiled personas associated with the Rally Forge marketing firm,
which appears to have been working on behalf of Turning Point USA and
another conservative political organization that favored the re-election of President Trump.
The network's audience was primarily a U.S. domestic one, with secondary audiences in
Botswana and Kenya. Those distinctly secondary audiences were delivered content that, oddly,
favored big-game hunting, a topic perhaps of concern to factions in those two countries.
Facebook also dismantled a network in Myanmar that consisted of 17 pages,
50 Facebook accounts, and 6 Instagram accounts.
Their line was critical of the National League for Democracy and political leader Aung San Suu Kyi.
There was also some anti-Rohingya content.
The network was linked to members of Myanmar's military.
The social network removed 589 Facebook accounts,
7,906 pages and 4,047 accounts on Instagram based in Azerbaijan.
These were engaged in praise of President Ilham Aliyev
and the New Azerbaijan Party,
criticism of the opposition with accusations of treason
and denials that human rights were being abused in Azerbaijan.
They also included patriotic content about the ongoing fighting
with Armenia over Nagorno-Karabakh.
Finally, in Nigeria, 79 Facebook accounts, 47 pages, 93 groups,
and 48 Instagram accounts were suppressed.
The networks supported Ibrahim Nakzaki and Nigeria's Islamic movement.
They were critical of the government.
Twitter's cancellations showed little overlap with Facebook's most recent round,
although some of them did coincide with Facebook's September enforcement round.
Twitter canceled inauthentic Iranian accounts that aimed principally at deepening U.S. social fissures during the election season.
The company also removed more than 500 Cuban accounts.
It also canceled Saudi accounts that operated principally against regional rival Qatar.
The most interesting takedowns were of a network of accounts associated with the Royal Thai Army
that amplified pro-government and anti-opposition content.
Stanford's Internet Observatory called the army's operation low-impact and cheerleading without fans.
The Bangkok Post reports that the Royal Thai Army
has denied any involvement in disinformation.
And finally, two former eBay employees,
sometime members of the online auction services
global intelligence team,
have entered their guilty pleas
in a Massachusetts case of cyber-stalking.
The harassment was directed against a mom-and-pop newsletter
that somehow attracted what appears retrospectively to be the disproportionate
ire of some eBay managers, none of whom remain employed by the company. Reuters reports that
three other Global Intelligence Team alumni are expected to enter their own guilty pleas
later this month. A total of seven former eBayers have been charged in the case.
Transat presents a couple trying to beat the winter blues.
We could try hot yoga.
Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools. And a
spa. And endless snacks. Yes!
Yes! Yes! With savings
of up to 40% on Transat South
packages, it's easy to say
so long to winter. Visit Transat.com
or contact your Marlin travel professional
for details. Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have continuous visibility
into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection
across 30 frameworks like SOC 2 and ISO 27001. They also centralize key workflows like policies,
access reviews, and reporting, and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7,
365, with Black Cloak. Learn more at blackcloak.io.
The FBI, the U.S. Secret Service, and other federal agencies are partnering in a unique mission center environment to tackle the highest priority cyber criminal threats against the United States, including ransomware.
The new mission center, based at the National Cyber Investigative Joint Task Force, will integrate operations and intelligence across agency lines to more effectively impose risks and consequences on cyber adversaries.
Joining us to discuss the new initiative are FBI Cyber Division Section Chief over Cybercrime,
Herb Stapleton, and U.S. Secret Service Executive Deputy Assistant Director, Greg McAleer.
We hear from Greg first.
The interesting thing about the Secret Service's equities in enforcing and investigating cybercrimes is we share many of the same equities as the FBI, and we have historically worked very well together.
I think what we've figured out now is that this mission set is just so big that everybody has to participate and we have to combine our forces in order to combat the threat.
The Secret Service has the equities in 1030.
The difference, I think, with the Secret Service and FBI is we do not have necessarily a national security arm.
We investigate only crimes within Title 18. Now, since cyber is such a ubiquitous operation, we frequently wind up with
national security touch points within our investigations, and there was a natural
connection for us to share that information with the FBI. And furthering, that is the NCIJTF,
where now the Secret Service, the FBI, and all our other partners work together with all of our equities at the table.
So, Herb, can you give us some insights here?
What do you hope to come out of this partnership?
By formalizing this, what are some of the benefits that you hope to achieve?
Well, you know, one of the ways that we look at the cybercrime problem is sort of like an enormous puzzle. And so one thing that we know is
that we don't hold all the pieces to that puzzle here in the FBI. Some of those pieces are held by
the Secret Service, some of them by our private sector partners. And so I think really bringing
all that talent together from the Secret Service, from the FBI, and from other agencies who are willing to
work together with us on the cybercrime problem, bring that talent together in one place and try
to attack the problem as a whole of government, as one U.S. government instead of each individual
agency on its own, I think really will lead to better outcomes for the American people by making sure that when we have a priority issue that needs to be solved, we're bringing all the resources of the U.S. government to bear on that particular problem.
Greg, can you give us some examples of the kinds of things that you're hoping to tackle together?
Are there certain types of cybercrime
that this will lend itself to?
Well, Dave, the creation of the Criminal Mission Center
is a very forward-leaning idea
that A.D. Gorham had shared with my assistant director
and I'm sure many of the other executives
in the other agencies.
You know, traditionally within the FBI executives in the other agencies. Traditionally within the
FBI and within the NCIJTF, there were lines of effort that had a national security focus,
and then there was criminality within those mission centers. So I think if we were to look
at the NCIJTF that way, those are kind of the bones.
And the criminal mission center is going to be the muscles and the ligaments that are going to kind of move this whole organization forward.
So we will roll up and interact with all the different mission centers and then also explore the criminal elements within these larger campaigns.
And I think that that's really what's going to drive this forward.
This is a first-time effort by all the agencies to coalesce around the national security issues
and then the criminal issues, which, to Herb's point,
were not always shared as seamlessly and as effectively as in the past.
as seamlessly and as effectively as in the past.
Greg, is this sort of putting the bad guys on notice around the world,
that this is something that continues to be of growing importance to the U.S. government?
Oh, absolutely.
And I am happy and looking forward to putting as many of the bad guys, as you say, on notice.
And I think that the NCI JTF is the perfect vehicle for doing that.
Herb, you know, looking at the long-term picture here, what do you hope comes out of this?
Can you see other parts of the government joining in?
Is this the first step perhaps of many?
Well, certainly the Secret Service and the FBI aren't the only participants here at the NCIJTF.
So we certainly see those who are already, those agencies who are already on board at the NCIJTF being a big part of the criminal mission center, even if that's not their primary focus.
And we would also just encourage, and this is really an open door for those working
within the government in the cyber space to come and take advantage of this collaboration
opportunity. I think over the long term, you know, certainly we hope to achieve operational outcomes
that are consistent with our mission, putting bad guys in jail, disrupting the operations of cyber criminals
all over the world, having, you know, imposing risk and consequence on that cyber criminal ecosystem
that makes all these things possible. But as we go along and do that, I hope that we also send a
message to the American public and the people who count on us that the FBI, the Secret Service,
and our other partners here at the NCIJTF,
we aren't working against each other to try to combat this cyber problem. We're working together
to try to make sure that this country can stay as secure from cyber threats as possible.
That's the FBI's Herb Stapleton and the U.S. Secret Service's Greg McAleer.
There's more to this interview. You can check it out over on our website, thecyberwire.com in the Cyber Wire Pro section.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly
and securely. Visit ThreatLocker.com today to see how a default-deny approach can keep your and joining me once again is Betsy Carmelite she is a senior associate at Booz Allen Hamilton
Betsy it's always great to have you back you know as we've been going through this COVID-19
pandemic there has been an explosion in the use of telehealth. And I know that's
something that you and your team have been keeping an eye on and working with your customers with.
Can you give us some insights? What are some of the things that you're watching?
Sure. And I would also say, you know, this is something that I've personally used and adopted.
So I've been watching it as well from a personal perspective.
But we've seen these telehealth services basically be an essential lifeline between patients and providers in our socially distanced world right now during the COVID-19 pandemic.
But it's really important to remember that these telehealth platforms really expand one's attack surface and could be a potential avenue for cyber attacks. So we're seeing private insurers and the U.S. government rapidly extend access to these medical services for just millions of patients and doctors.
These platforms are also creating
that digital footprint for cybercriminals to target.
What sort of specific concerns are out there as folks are using these things?
What are we worried about?
Sure. Again, it's a balance against the benefits of using telehealth, these hidden security challenges could result in risks
that outweigh the rewards. So we've seen some softer regulations around security and oversight
protections, which is very concerning. So government organizations have stated openly
that they may not enforce rules designed to protect patient data or conduct audits for new
patient billing. So those HIPAA waivers do raise the possibility of patient data protection being
at risk. It's made things a little bit more nebulous around what is covered and what's going
to be regulated. But again, it's striking the balance between accessible healthcare during this time
and protecting the privacy and infrastructure.
And that's just a really difficult prospect right now.
Yeah, you know, the easing of the HIPAA requirements is fascinating to me
because on the one hand, a lot of people I've talked to,
including members of my own family, have said, I'm not going back. This telehealth is convenient and I like it and
it just takes less of my time and I'm on board with this. So I can't help wondering as organizations
are adopting it, I suppose they shouldn't assume that these HIPAA waivers are going to be permanent.
I suppose they should be working towards the possibility that things may tighten up in the
future? Absolutely, because as you just pointed out, we'll probably see the persistence of the
need for telehealth. It's something where, you know, it's accelerated
the adoption of these platforms, but now we've become accustomed to them and they've made life
easier. Again, if health organizations and government regulators aren't making telehealth
a security priority now and maybe reevaluating those HIPAA waivers. With that persistent use
of these platforms, we'll likely see the exploitation only grow. Cyber criminals are
already profiting from these security vulnerabilities in telehealth. You know,
they could possibly hack cloud-based services where patient data is stored. And that's potentially COVID-19 health-related data.
And federal, state, local health departments all need quicker and greater access to that
information. So we're only going to see greater use of the cloud storage and cyber criminals
exploiting the vulnerabilities in those. Yeah, it's really fascinating how this whole experience
has really been kind of a catalyst for moving things forward,
for forcing change, I guess, at a much faster rate than anyone had expected.
That's right. That's right.
And we saw, for one, these healthcare organizations needing to store and process far more data because of the pandemic.
It's likely that also in a quick way expanded their digital infrastructure, tool adoption, and the need to secure that technology.
But it probably has not kept pace with the tool adoption.
Yeah.
All right.
Well, Betsy Carmelite, thanks for joining us.
Thank you.
And that's the Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
And for professionals and cybersecurity leaders who want to stay abreast of this rapidly evolving field, sign up for Cyber Wire Pro.
It'll save you time and keep you informed.
It's the choice of a new generation.
Listen for us on your Alexa smart speaker, too.
Don't miss this weekend's Research Saturday,
my conversation with Yuval Avrahamy from Palo Alto Network's Unit 42 on escaping virtualized containers.
That's Research Saturday. Check it out.
The CyberWire podcast is proudly produced in Maryland at the startup studios of DataTribe,
where they're co-building the next generation of cybersecurity teams and technologies.
Our amazing CyberWire team is Elliot Peltzman, Puru Prakash, Stefan Vaziri, Kelsey Bond, Tim Nodar,
Joe Kerrigan, Carol Terrio, Ben Yellen, Nick Valecki, Gina Johnson, Bennett Moe, Chris Russell,
John Petrick, Jennifer Ivan,
Rick Howard, Peter Kilby, and I'm Dave Bittner. Thanks for listening. We'll be taking a break
for the Columbus Day holiday here in the U.S., so we will be back here on Tuesday. Thank you. ease through guided apps tailored to your role. Data is hard. Domo is easy. Learn more at
ai.domo.com. That's ai.domo.com.