View profile

Behind the News: Sources and Analysis from the Week Ending in July 23

The Soren Review
Behind the News: Sources and Analysis from the Week Ending in July 23
By The Soren Review • Issue #3 • View online
This is a retrospective look at the major headlines in cybersecurity and tech policy, pointing out to the source documents, expert analysis, and code repositories that lie behind the headlines.

China, China, China
One of the biggest stories of the week was the joint finger pointing by the US and other governments at China for their actions in cyberspace. Our first set of sources include CISA releases of Indicators of Compromise (IoCs), Tactics, Techniques, and Procedures (TTPs), and other artifacts of the US Governments investigations into these Chinese activies:
Chinese State-Sponsored Cyber Operations: Observed TTPs | CISA
In addition, here is some the expert analysis of China’s actions and the US response that is informing the media coverage:
FAST THINKING: A turning point on Chinese hacking - Atlantic Council
The White House Responded to the Chinese Hacks of the Microsoft Exchange Servers This Week. Is It Enough? - Lawfare
A related issue in our relationship with China is increasing awareness of Chinese “influence” campaigns in cyberspace. Some analysis on that from the experts:
Chinese Disinformation Efforts on Social Media | RAND
Holding the LINE: Chinese Cyber Influence Campaigns After the Pandemic
And finally: a broader discussion of the technology landscape in China and how it relates to the US Tech industry:
Hong Shen on How Tech Really Works behind the Great Firewall - Centre for International Governance Innovation
FAST THINKING: Will quantum computing be the next frontier of competition with China? - Atlantic Council
Cyber Capabilities and National Power: A Net Assessment
Military Grade Spyware
The other major story this week stemmed from some investigations into the NSO Group’s Pegasus spyware. Amnesty International led a group of investigators and journalists in looking into the software, including a mysterious list of 50,000 phone numbers supposedly targeted by regimes around the world. NSO Group has denied many of the accusations, in particular the targeting list, but the reporting has nonetheless stirred up a massive debate about online privacy and security from government surveillance.
Here is some of the original investigative work, published by Amnesty:
GitHub - AmnestyTech/investigations: Indicators from Amnesty International's investigations
And here is a tool meant to analyze a phone for indicators of compromise from Pegasus, also released by the team working on this investigation:
GitHub - mvt-project/mvt: MVT is a forensic tool to look for signs of infection in smartphone devices
Some expert analysis of the issues of spyware and surveillance:
Authoritarianism Has Been Reinvented for the Digital Age - Centre for International Governance Innovation
Tips to Uncover the Spy Tech Your Government Buys - Global Investigative Journalism Network
Spyware for sale: the booming trade in surveillance tech
Governments Are Using Spyware on Citizens. Can They Be Stopped? - Carnegie Endowment for International Peace
Fighting cyberweapons built by private businesses - Microsoft On the Issues
And for a different perspective:
How the Intelligence Community Can Get Better at Open Source Intel - Defense One
Did you enjoy this issue?
The Soren Review

News, analysis, and opinion on tech policy, governance, security, and economics.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue