Issue #79 – Friday, 1st April 2022

Dear readers, 

We hope you haven’t fallen victim to too many pranks and jokes today. Our digest is not one of them – we remain 100% trustworthy in issue #79, just as we always have. As the Ukraine war continues, we keep our concise report on the digital battlefield as a staple of our weeklies. Today, we are also looking back on discussions at the OEWG, cybersecurity, and (class action) lawsuits against tech giants.

Stay safe,
Andrijana, Pavlina and the Digital Watch team

// UKRAINE //

The first cyberwar in human history?

The Chairman of the State Service of Special Communication and Information Protection of Ukraine Yurii Shchyholhe said that the first cyberwar in human history is now underway. What is happening on the cyber battlefield?

The use of Russian tech is also being opposed: Last Friday, the US FCC added Kaspersky Lab to its list of communications equipment and services considered to pose a threat to national security. This week, Reuters reported that the US government privately warned some American companies that Russia might manipulate Kaspersky’s software to cause harm on 25 February. Across the pond, the UK advised organisations providing services related to Ukraine or critical infrastructure to reconsider using Russian computer technology in their supply chains. ‘We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence,’ states the guidance issued by the UK's National Cyber Security Centre.

On the other hand, Russia is claiming that there has been an increase in cyberattacks on Russian government institutions, mass media, and critical infrastructure. The country is threatening ‘grave consequences’ over this ‘cyber aggression’. Per TASS’s report, the Russian Foreign Ministry stated: ‘Ukrainian special detachments of information and technical influence, trained besides the United States by other NATO member states, wage the cyber war against us involving on a broader scale of anonymous hackers and provocateurs, who follow orders of Western coordinators supporting the Kiev regime.’ Data from Kaspersky Labs also suggests that Russian businesses are under cyber stress: their research claims that the number of cyberattacks on Russian businesses quadrupled in Q1 2022 compared to Q1 2021.

The EU and USA pledged to provide cybersecurity assistance to Ukraine and reinforce responsible state behaviour in cyberspace. A serious cyberattack occurred in Ukraine this week. Ukrtelecom, a major internet service provider used by the Ukrainian military, suffered a cyberattack, reported the Ukrainian State Service for Special Communications and Information Protection (SSSCIP Ukraine). SSSCIP Ukraine attributed the attack to Russia. While the hack has been neutralised, significant disruptions to the internet were observed.

Internet observatory NetBlocks confirmed that it was the most severe disruption in service registered since the beginning of the conflict.

Ukraine is investigating the attack, Deputy Head of the State Service for Special Communications and Information Protection Victor Zhora confirmed to Forbes, noting that it is not yet certain how the attack was perpetrated.

New information about the February 24 hack of Viasat’s satellite internet service is now available as Viasat shared the incident report. The attackers exploited a VPN misconfiguration to gain access to the trusted management segment of the KA-SAT network, and then moved laterally and executed commands to render the modems unable to access the network. SentinelOne posited that hackers deployed a data wiper malware, dubbed AcidRain, to achieve this. SentinelOne assessed with medium confidence that there are similarities between AcidRain and VPNFilter; the FBI attributed VPNFilter to Russia in 2018.

Information warfare

The Economist dubbed the war in Ukraine the ‘most viral war’ to date. And it is undoubtedly also a war of narratives and political leanings: The Economist notes that the Ukrainian narrative has gained a lot of traction in the West. In African and Asian societies, the Russian narrative has gained more traction by building on anti-Western sentiments. 

Russia and Ukraine are also fighting to win the hearts and minds of their domestic populations. 

The Ukrainian Security Service (SSU) claims to have discovered and shut down five bot farms engaged in spreading fake news about the Ukrainian conflict, aiming to 'inspire panic among Ukrainian citizens and destabilise the socio-political situation in various regions’, on Russian orders.

Russia is still fighting tech giants: YouTube is under growing pressure as Russia’s telecoms watchdog Roskomnadzor draws up two cases against Google for not removing banned content. Roskomnadzor sent another second notice to Wikimedia requesting removal of ‘false information concerning the special military operation in Ukraine’. 

However, Russia also noted that the IT giants that left Russia can return, under the condition of full grounding in the country, i.e. registering local legal entities in Russia.

Sanctions

Sanctions continue to have strong tech and information components. On 31 March, the UK imposed sanctions against RT, Rossiya Segodnya media group, and 12 Russians, or, as Foreign Secretary Liz Truss put it, ‘the shameless propagandists who push out Putin’s fake news and narratives’.

The same day, the USA imposed fresh sanctions. On the list of sanctioned entities: Russian government malicious cyber actors, and key Russian technology companies supplying the military with satellite imagery, hardware, microelectronics, and navigational equipment, Most notably, Russia’s largest chipmaker Mikron is on the list.

We already mentioned that the US FCC added Russia-based Kaspersky Lab to the national security threat list (businesses in the US are barred from using federal subsidies provided through the FCC’s Universal Service Fund to purchase any products or services from the companies on the list). A report from the WSJ now claims that the USA and Europe are afraid that imposing sanctions against Kaspersky Lab could increase the risk of Russian cyberattack.

Much has been said and written about the use of cryptocurrencies for evading sanctions. The EU, the USA, and Japan have announced plans to combat such misuse of digital assets: the EU and the USA by sharing financial intelligence on illicit use of digital assets and acting together ‘against those who promote the misuse of digital assets for illegal activities’, and Japan by revising its foreign exchange regulations.

Speaking of evading economic measures: Apple has suspended its Apple Pay service for Russia's Mir card payment system, effectively closing a loophole that had allowed Russians to keep using Apple Pay.

Intellectual property rights: Out the window?

Russia has approved ‘parallel imports,’ authorising import of products without the trademark owners’ permission, after top brands left the country. Russia’s Prime Minister Mikhail Mishustin clarified that ‘the purpose of embracing gray market goods is to satisfy Russian demand for brands that cannot be sold in the country without permission of the rights holder.’ It is now unclear whether the rules will affect software.

At the same time, Russian government offices were ordered to stop using foreign operating systems by 2025. 

Russian developers are also planning the Victory Day launch of an alternative to Google Play, called NashStore (OurStore), because Google Play suspended all payment-based services in Russia. The developers of Rossgram, Russia’s version of Instagram, revealed the app’s interface.

Internet access in Russia: outages imminent?

The Russian Union of Industrialists and Entrepreneurs (RSPP), one of the largest entrepreneurship unions in Russia, warns that the country will face internet outages due to telecoms equipment shortages. Western equipment suppliers have left the market, and the reserves of telecoms operator equipment will last for another six months, after which shortages may ensue. According to Kommersant, the Russian Ministry of Digital Development rejected these concerns.

// CYBERSECURITY //

OEWG holds its second session largely in informal mode 

The UN Open-Ended Working Group (OEWG) held its second substantive session this week (28 March–1 April). The group, which started its work in June 2021, still hasn’t agreed on organisational matters. The disagreement concerns how stakeholders will participate in the OEWG. Therefore, the member states didn’t adopt the provisional programme of work, which made it impossible to continue the session in a formal mode. The chair decided that the OEWG would proceed in an informal mode to discuss substantive issues.

Using an informal mode, the group discussed substantive issues under its mandate: the existing and potential threats in the ICT sphere and data security; rules, norms, and principles of responsible behaviour of states in cyberspace; how international law applies to the use of ICTs by states; confidence-building measures; and capacity building.

We’ve been following the OEWG closely since its inception, and this substantive session is no exception. Visit the UN OEWG 2021–2025 2nd substantive session on the Digital Watch Observatory over the course of the next week to read our expert analyses.

Apple and Meta shared user data with hackers who used fake emergency data requests 

Apple and Meta Platforms shared user data with hackers who sent the companies used fake emergency data requests in mid-2021, Bloomberg reported.

The two companies provided basic subscriber details, such as customers’ addresses, phone numbers, and IP addresses. Snap Inc. also received a fake legal request from the same hackers, but it’s not known if it provided data to the hackers.

Israeli police got weaker variant of Pegasus phone-hacking tool

The Israeli spyware firm NSO Group has now confirmed that it sold Israeli police a weaker version of the Pegasus hacking software – called Saifan – to access Israeli cell phones. Israeli media reports that, unlike the Pegasus software sold by NSO Group for export, Saifan is designed for real-time eavesdropping and can’t access past correspondence stored on cell phones.

The announcement comes one month after the Israeli government said it would investigate reports that the Israeli police had illegally used Pegasus spyware against its citizens without a court order. 

The NSO group stated that all of its sales are ‘government-authorised and it does not itself run Pegasus.’

// LEGAL //

Google and Apple sued over 30% commission in app stores

The number of regulatory interventions and lawsuits involving the misuse of dominant market position by Google and Apple keeps growing. The enduring motive is the 30% commission fee Google and Apple charge developers on their respective app platforms.

In France, a lawsuit was brought against Google and Apple by French Finance Minister Bruno Le Maire for imposing abusive contractual terms on French startups and developers on their respective app platforms. This week, the Paris Commercial Court found that Google ‘imposed various contractual obligations, including a 30% commission fee, against developers without providing them with the opportunity to negotiate in good faith.’ The court imposed a €2 million fine and ordered Google to amend seven clauses from contracts dating back to 2015 and 2016.

In the Netherlands, virtually the same accusation of charging 15%–30% commission fees to app developers on its platform was brought against Apple. A Dutch class-action lawsuit alleges that the commission Apple charges makes app prices higher than they should be, and that the total cost to consumers is almost €5 billion.

Meta paid to sabotage TikTok

Meta paid one of the most prominent US consulting firms, Targeted Victory, to sway public opinion against TikTok by planting op-eds and letters to the editor in major local and regional newspapers, claiming that certain harmful trends originated on TikTok even though they actually originated with Meta.

A spokesperson for Meta defended the company: ‘We believe all platforms, including TikTok, should face a level of scrutiny consistent with their growing success.’