Cyber Week in Review: January 8, 2021 – Council on Foreign Relations

Experts Assessing Cybersecurity Fallout After Raid on Capitol

The rioters that raided the U.S. Capitol building on Wednesday, breaking windows and doors, ransacking offices, and damaging statues, also stole electronics, including at least one laptop from Senator Jeff Merkleys (D-OR) office. They also stole a laptop from Representative Nancy Pelosis (D-CA) office and were able to view the email inbox of one of her staffers. Though none of the devices that the rioters are believed to have accessed contain classified material, other sensitive information from emails and unencrypted files could have been compromised. "This is probably going to take several days to flesh out exactly what happened, what was stolen, what wasn't," said acting U.S. attorney for the District of Columbia Michael Sherwin. It could have potential national security equities. If there was damage, we don't know the extent of that yet.

Trump Bans U.S. Transactions on Eight Additional Chinese Apps

On Tuesday, President Trump signed an executive order banning U.S. transactions on eight additional Chinese software applications, including the Alipay payment platform. A senior Trump administration official said in a briefing that the order was intended to prevent the personal data of Americans from falling into the hands of the Chinese government and fueling its mass tool for global oppression. Despite the forty-five-day timeline for the order taking effect, the U.S. Department of Commerce plans to identify specific prohibited transactions before President-Elect Bidens inauguration on January 20. Chinese Foreign Ministry Spokesperson Hua Chunying responded to the ban by calling the U.S. government hypocritical and ridiculous, while U.S. Secretary of Commerce Wilbur Ross endorsed President Trumps commitment to protecting the privacy and security of Americans from threats posed by the Chinese Communist Party.

Anne Neuberger Tapped for New NSC Cybersecurity Role

More on:

Cybersecurity

Transition 2021

China

Coronavirus

On Wednesday, Politico reported the Anne Neuberger, director of cybersecurity at the National Security Agency, will be named deputy national security advisor for cybersecurity on President-Elect Bidens National Security Council (NSC). Neubergers hiring is another sign that the incoming Biden administration plans to elevate cybersecurity as a major national security priority after President Trump eliminated the cybersecurity coordinator position on the NSC in 2018. Among her first responsibilities is likely to be coordinating the federal response to the SolarWinds hack, which is still under investigation. One congressional staffer remarked that Neubergers experience is needed now more than ever at the highest levels of government, especially in light of recent events and the shifting cyber threat landscape.

U.S. Extradition Attempt for Assange Fails

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs.2-4 times weekly.

On Monday, a British judgedenieda U.S. extradition request for WikiLeaks founder, Julian Assange, due to concerns over his mental health. Assange, who has been indicted on seventeen espionage charges and one charge of computer misuse over WikiLeaks' publication of secret military and diplomatic documents, has been held in a London prison since the Ecuadorean embassyrevokedhis political asylum in 2019. The U.S. Department of Justice plans to appeal the ruling. If extradited, Assange faces up to 175 years inprison.

After the ruling was released, the Mexican government announced that it was prepared toofferAssange political asylum. Mexican President Andres Manuel Lopez Obrador said Assange deserves a second chance,grantedhe does not interfere in the political issues of any country.

Digital and Cyberspace Update

Digital and Cyberspace Policy program updates on cybersecurity, digital trade, internet governance, and online privacy.Bimonthly.

Singapore Reverses Course on Contact Tracing Data

Singaporean officials revealed on Monday thatdatafrom Singapore's COVID-19 contact tracing program, TraceTogether, can be used to assist with criminal investigations, contradicting previous assurances that the data would only be used for contact tracing. The program uses Bluetooth signals from smartphones and wearable tokens to determine who individuals that have tested positive for COVID-19 have been in contact with.To encourage enrollment, the Singaporean government repeatedlystressedthat the data would "never be accessed unless the user tests positive" and would only be accessible to a small number of contact tracers.Nearly 80 percent of Singaporeanshave adopted the TraceTogether contact tracing app and wearable token to date. Digital Rights Watch expressed concern about the Singaporean governments decision, saying it was the worst case scenario that privacy advocates have warned about since the start of the pandemic and will erode public trust in future health responses and therefore impede their efficacy.

More on:

Cybersecurity

Transition 2021

China

Coronavirus

More here:

Cyber Week in Review: January 8, 2021 - Council on Foreign Relations