Cyber Week in Review: January 7, 2022

Irina Baranova

Poland purchased Pegasus spyware after meeting between Polish and Israeli prime ministers 

Three Polish activists were confirmed as targets of the Israeli NSO Group’s Pegasus spyware. Included in the three was Krzysztof Brejza, a prominent Polish opposition politician who alleged that stolen data from the hacks was used by the ruling Law and Justice Party’s campaign against him in the 2019 parliamentary elections. Cybersecurity experts have said that there were probably a far larger number of victims in the country. Pegasus was introduced into the country after a visit by Israeli Prime Minister Benjamin Netanyahu in 2017, with the first infections being documented in November 2017. Recent disclosures have highlighted how Pegasus was used to spy on Hanan Elatr, wife of murdered Saudi dissident Jamal Khashoggi, the team from the United Nations tasked with investigating war crimes in Yemen, and Indian opposition activists. 

India announces antitrust investigation against Apple over the company’s App Store 

India’s antitrust watchdog, the Competition Commission of India (CCI), announced an investigation into Apple’s practices in relation to the company’s App Store. The report will be completed in the next sixty days and focuses on an Indian non-profit’s claims that the commission taken by the App Store is the product of Apple’s dominant position in the market. The CCI’s investigation comes at a precarious moment for Apple, which faces mounting investigations and attempts to rein in its influence across the globe, from South Korea to the European Union. Despite the pushback against Apple, the company just became the first ever to reach a $3 trillion valuation. 

The Chinese government’s enormous surveillance apparatus turns toward foreign organizations 

More on:

Cybersecurity

Influence Campaigns and Disinformation

Poland

China

The Chinese government has begun using its domestic surveillance services on foreign websites like Facebook and Twitter. The program is directed largely at foreign journalists and academics and at analyzing international opinion on issues that Beijing considers especially sensitive, such as Taiwan or the repression of Uyghurs in Xinjiang. The investments in new programs represent an expansion of Beijing’s domestic surveillance programs into the ecosystem of multinational social media companies. The Chinese security apparatus also monitors the social media posts of Chinese citizens abroad and has developed an extensive surveillance system that allows it to find the owner of virtually any social media account. 

Russian executive extradited to the United States may offer an inside look into Russian disinformation campaigns 

The United States announced the extradition of a major Russian executive, Vladislav Klyushin, from Switzerland for his role in a scheme to trade on stolen earnings reports. Klyushin’s information security company has several major contracts with the Kremlin, and Klyushin received a medal from President Vladimir Putin in 2020. These contacts have reportedly made Klyushin a high value target for recruitment by American and British intelligence agencies , and the Russian government may fear that he possesses enough documentation and inside knowledge to conclusively tie APT28, also known as Fancy Bear, to the effort to influence the 2016 election. Klyushin’s deportation was a contentious subject in Switzerland, as the United States and Russia both made attempts to have Klyushin deported into their respective custody. 

China mandates cybersecurity reviews for prospective foreign IPOs holding large amounts of data 

On January 4th, thirteen Chinese government ministries issued a new regulation that will require firms holding data of over one million users to apply for a mandatory cybersecurity review when listing IPOs abroad. The law, which will come into effect next month, is a revision of the June 2020 Network Security Review Measures and reflects the heightened national security emphasis in Beijing’s new Data Security Law. The PRC’s cyber watchdog, the Cyberspace Administration of China (CAC), has become increasingly powerful as the country ramps up its crackdown on big tech firms. In November, the CAC began subjecting prospective Hong Kong IPOs to similar cybersecurity reviews. 

More on:

Cybersecurity

Influence Campaigns and Disinformation

Poland

China

 

https://www.cfr.org/blog/cyber-week-review-january-7-2022

Next Post

Beware Of Business E-mail Compromise ("BEC") Schemes - Criminal Law

United States: Beware Of Business E-mail Compromise (“BEC”) Schemes 07 January 2022 Masuda, Funai, Eifert & Mitchell, Ltd. To print this article, all you need is to be registered or login on Mondaq.com. Executive Summary […]