In early April 2021, the U.S. District Court for the Southern District of Texas granted the Department of Justice the authority to disrupt the exploitation of Microsoft Exchange server vulnerabilities. This authority empowered the Federal Bureau of Investigation (FBI) to “hack” into private sector computers without having to notify those organizations. The intent was to protect infected systems by identifying malicious code designed to take control of the victimized computers.
Beijing appears to be engaging in political warfare where it is attempting to fester animosity between foreign governments that show favor to Taiwan, a threat to the long-standing policy of “One Country, Two Systems” with regard to the island. In a recent instance, a fake announcement appeared to be from Taiwan’s Presidential Office on Facebook that asserted that the Taiwanese government intended to accept contaminated wastewater from a Japanese nuclear power plant. A second incident occurred in December 2020 when Taiwanese authorities investigated two Taiwanese with ties to Chinese mainland spreading a similar fake Presidential Office announcement that alleged U.S. and Taiwanese in involvement in protests in Thailand.
On 15 April the Biden Administration formally attributed the Solar Winds attacks to Russia’s Foreign Intelligence Service, the SVR. Soon thereafter they issued several directives implementing sanctions against Russia and some Russian related business leaders. The fall out from these actions is still underway and we will continue to track and assess how these matters could impact business and government strategies and decision-making. This post provides context important in assessing why any cyber retaliation needs to be both quick and meaningful.
Beijing’s March 2021 China and Arab States Data Security Agreement is supposed to strengthen cooperation in communications and information technology. While details have yet been published, the document focuses on ensuring the integrity of data and production chains that drive the digital economy. This is not the first time that China and the Arab nations have collaborated, having engaged one another in emerging technologies like 5G and artificial intelligence. However, it is noteworthy as this partnership makes the Middle East the first region to have engaged in a data security initiative with China, according to China’s Foreign Minister.
Iran and Russia have a relationship that has wavered between strong mutual support and contention. Currently, the two have drawn closer having the same strategic goal – offsetting U.S. influence in the Middle East. Russia provides Iran with significant economic and military support. With sanctions applied against Iran by the United States and Europe, Tehran has forged closer economic ties with Moscow, highlighted by Iran’s joining a free trade agreement with the Eurasian Economic Union, of which Russia is prominent member. This post dives into what CEOs and other business leaders should know about this geopolitical dynamic.
As the U.S. government parses through the Solar Winds software supply chain breach, many questions still remain as to the motive, the entities targeted, and length of time suspected nation state attackers remained intrenched unseen by the victims. The attack stands at the apex of similar breaches in not only the breadth of organizations compromised (~18,000), but how the attack was executed.
In February 2020, the U.S. Department of Justice (DoJ) issued indictments against four Chinese individuals suspected in conducting the 2017 intrusion into Equifax, a global information solutions company that organizes, assimilates, and analyzes data on consumers and businesses worldwide. The personal data of approximately 145 million U.S. citizens was stolen in the breach. The four suspects are alleged to be members of the People’s Liberation Army’s (PLA) 54th Research Institute.