OSIRIS Brief 1.22.0
NewsCorp Hacked; Cryptocurrency theft arrests; US Government and facial recognition.
China Hacks NewsCorp
News Corp announced this week that it had detected an information security breach by ‘persistent nation-state’ entity. News Corp notified law enforcement and hired cybersecurity firm Mandiant to investigate. Mandiant has attributed the cyberattack to a Chinese Advanced Persistent Threat (APT) and promises additional information. Early reports indicate that the Chinese Ministry of State Security (MSS) accessed thousands of journalist emails.
News Corp is a multinational corporation founded by Rupert Murdoch, owning some of the largest news organizations in the world. In the US, News Corp publishes The Wall Street Journal and The New York Post. News Corp’s international outlets include The Times in the United Kingdom. Rupert Murdoch and his family remain major shareholders in News Corp.
There could be many reasons the MSS would be interested in News Corp and journalists, but the most likely reason is just to collect as much information as possible. The Murdoch family’s media holdings seem to some to occupy a unique position in the Anglophone political sphere, but that position need not be the reason the MSS targeted News Corp. Intelligence and news organizations both collect information. Getting whatever information a news corporation has is enough reason to want to read reporters’ emails. Other motivations may also be at play, but we would need more direct information to draw reliable conclusions.
Arrests in Massive Crypto Hack
The FBI arrested a married couple in New York City last week who were allegedly attempting to launder billions of dollars in cryptocurrency. Ilya Lichtenstein and Heather Morgan were arrested trying to launder thousands of bitcoin originally stolen in a 2016 hack. The seizure of $4.5 billion is the largest financial confiscation in history The couple cultivated personas online and in the technology community, and Morgan even identified herself as “The Crocodile of Wall Street.”
While governments have an uneasy relationship with cryptocurrency, most are at least taking fraud using cryptocurrency seriously. Stealing is against the law, even if the law does not recognize what was stolen as valuable. Valuable exchangeable goods are magnets for criminals. We may learn that this money-laundering scheme was part of some broader criminal enterprises.
US Government Conflicted on Facial Recognition
It seems the US government has a love/hate relationship with “facial recognition” software. First, the IRS backed off its requirement to use biometrics to file taxes electronically. Then it was revealed that the US Air Force had contracted for research with ClearView for augmented reality and facial recognition software. I know nothing personally about this contract, other than what has been reported publicly.
People are understandably concerned when governments develop facial recognition capabilities. Some governments use facial recognition for social control, and others have a deserved reputation for losing control of sensitive information. We should take heart that the IRS has abandoned its planned requirement for biometrics. While the Air Force’s interest merits observation, there are non-nefarious uses for augmented reality.
Noteworthy
How We Can All Work Together For a Better Internet by McAfee
The Cost of Ignoring the Log4j Vulnerability by Atkinson
When Platforms Do the State’s Bidding, Who Is Accountable? by Keller
Spam and Phishing Report for 2021 by Kulkova
Do You Need to Reboot Your Cyber Strategy, or Just Get Everyone to Play Together? by Evans
David Benson is a Professor of Strategy and National Security focusing on cyberstrategy and international relations. You can reach him at dbenson@osiriscodex.com.
To get more insightful analysis like this in your inbox at no cost please subscribe.
Ask a question! Raise an objection! Leave a comment!