Download this Brief in PDF format.
The UK Bans Huawei from National 5G Network
The UK reversed course, and complied with US requests to ban including Huawei in the British 5G network. Huawei can supply all aspects of a 5G system, which appeals to many buyers because of the simplicity and low costs, but the US and other countries view Huawei as a national security threat. British inclusion of Huawei in their 5G infrastructure potentially threatened the Five Eyes intelligence alliance.
While most observers believe the UK’s reversal resulted from US pressure, but it’s likely the UK would ultimately reject Huawei. The NCSC recognized the strategic risk, even though it assesses the risk of sole suppliers to be greater. Nonetheless, China’s domestic political structure cannot guarantee that Huawei currently or in the future will act independently of the Chinese government. Having Huawei components in their 5G system would be politically untenable for the UK, a potential security and economic time-bomb, without American pressure.
It’s plausible the maneuver was primarily signalling to domestic and international audiences. Accepting Huawei then rejecting it did allow the Johnson government to appear independent of American influence. Changing demonstrated loyalty to the longstanding alliance. Doing both attracted attention consitently hewing to NATO’s position would not have created.
Russia Tries to Hack COVID-19 Research
The US accused “Fancy Bear,” the same organization that stole John Podesta’s emails, of attempting to steal COVID-19 vaccine research. The accusations against Russia come after similar allegations against Chinese groups.
Russia and China have long histories of stealing intellectual property to compensate for domestic short-comings. Developing a vaccine first would bolster either government’s domestic legitimacy. While both country hosts many excellent scientists, government control regimes restrict information flows slowing research, hampering those efforts. It seems unsurprising both China and Russia would turn to cybersecurity exploits attempting to ensure they can rival western countries ability to develop medical technology.
Twitter Gets Pwned from Inside
In what will likely be regarded as a low point for the company, several high-profile Twitter accounts were hi-jacked to promote an advanced fee–style, Bitcoin scam. The attack seems to have come from an insider who did not steal any passwords.
While vulnerability exploitation gets a lot of press, insiders are the greater threat. Insiders have access without exploits, and know where valuable information is without spelunking. Government can have similar effects through legal means (e.g. warrants) and extra-legal means (e.g. coercing the company). The best information security cannot protect against a spy from within or a government agent beating down the door.