Cyber Week in Review: April 29, 2022

Elon Musk buys Twitter 

Elon Musk is set to buy Twitter and take the company private in a $44 billion dollar deal. Despite some initial opposition, Twitter’s board announced on Monday that it had unanimously voted to approve the transaction. The announcement attracted instant scrutiny, as critics warn that it will grant Musk unprecedented control over a major social media platform. Twitter boasts over 217 million users, and two-thirds of Twitter's American users claim the platform is an important source of their news. Musk has expressed his desire to transform Twitter to promote free speech, which has sparked concerns among his critics that he will eventually weaken content moderation policies, making women, minorities, and other marginalized users more vulnerable to harassment and trolling. In addition, experts warn that Musk’s plan to make Twitter's algorithms open-source could empower malicious actors to abuse the algorithms for disinformation campaigns. 

Agreement reached on the EU Digital Service Act 

On April 23, the European Union (EU) reached a deal on the Digital Services Act, which is aimed at forcing internet platforms to address problems such as disinformation, hate speech, illicit content, and targeted ads. Platforms such as Facebook, Instagram, and YouTube will be subject to annual audits, allowing regulators and third-party researchers to investigate companies’ data collection and algorithmic processes.  The conflict in Ukraine appears to be behind a decision by policymakers to also include restrictions on internet companies that can be enacted during national security or health crises, including measures to combat state propaganda on social media. Politicians in the EU have announced major changes to digital policy in the past month, including the Digital Markets Act, which regulates major technology companies’ anticompetitive behavior.  

Chinese chipmaker faces allegations of breaching U.S. export restrictions by selling to Huawei 

The White House and U.S. Department of Commerce are investigating claims that the state-owned Chinese semiconductor company Yangtze Memory Technologies Co (YMTC) violated U.S. export controls by supplying Huawei with chips for its Enjoy 20e phone. YMTC uses American technology to make its products, meaning the company is subject to the Foreign Direct Product Rule which bans the exportation of U.S. technologies to Huawei. If the allegations prove to be true, YMTC could be placed on the commerce department’s “entity list,” putting its access to U.S. technology in jeopardy. This could be troublesome for American companies such as Apple, which recently considered buying YMTC chips for the iPhone.  

North Korea’s APT 37 targets journalists  

In a sophisticated campaign, North-Korean linked threat actor APT 37 used RokRAT malware to hack the email account of a former director at South Korea’s National Intelligence Service, enabling the group to steal information about the official’s prior correspondence with journalists. Impersonating the official, the hackers then targeted South Korean journalists from a spoofed account, sending emails laced with Goldbackdoor malware. Analysis of the Goldbackdoor malware indicates that it can be used to steal passwords and upload documents to a cloud account owned by the hackers. Goldbackdoor has many similarities to another piece of malware, Bluelight, which APT 37 used to target the website of a South Korean newspaper, the Daily NK, last year. 

Biden administration joins fifty five countries in call for new global internet rules 

The Biden administration announced that the United States would join more than fifty five countries in signing the Declaration for the Future of the Internet. The declaration emphasizes the need for a global internet, underpinned by a respect for human rights, competition, and privacy. The countries, many of which are traditional U.S. allies, agreed to pursue these goals and spread the vision of global internet. Though they are not named in the document, the declaration is an effort to mobilize opposition to China and Russia’s efforts to construct an internet under strong government control.