UK Gov launches IOT cybersecurity fund

The Department of Digital, Culture, Media and Sport (DCMS) has launched a £400,000 fund to fuel ambition for the security of internet-connected products.

The ultimate hope will be to kick-start the development of an assurance market for consumer internet-connected products such as wearable devices or smart doorbells. Such assurance schemes could offer accreditation for products which have undergone relevant tests, providing more confidence for consumers to purchases and to make full use of all functionality without fear of poor security.

“We are committed to making the UK the safest place to be online and are developing laws to make sure robust security standards for consumer internet-connected products are built in from the start,” said Digital Infrastructure Minister Matt Warman.

“This new funding will allow shoppers to be sure the products they are buying have better cyber security and help retailers be confident they are stocking secure smart products.

“People should continue to change default passwords on their smart devices and regularly update software to help protect themselves from cyber criminals.”

The idea is a simple one, but a very good one. Should such assurance programmes be nurtured correctly, and the general public be made suitably aware, it would become a factor in the buying decision making process. Manufacturers would be effectively coerced into compliance as sales could be impacted without the presence of the certification.

Alongside this initiative, new laws in the UK will come into play for both enterprise and consumer internet-connected devices. Any device sold in the UK will soon have to adhere to three rules:

  1. Device passwords much be unique with no option to restore to factory settings
  2. Manufacturers must create and maintain a public point of contact to report device or software vulnerabilities
  3. Manufacturers must state how long the device will receive security updates

These rules should form the basis of a more secure digital economy, though product assurance programmes would add more credibility and confidence in the quickly developing segment.

Recent figures from IDC suggest the wearables market is growing, 29.7% year-on-year for the first three months of 2020, though the numbers could have been higher. The on-going COVID-19 pandemic limited shipments due to supply chain disruptions and sourcing component for the products.

While the consumer IOT segment is still in the early development stages, it is critical the industry set the standards on security. Should the segment be allowed to progress too far with bad habits, attempting to correct mistakes and bad practice will become much more difficult. The UK should be applauded for its attempts to get ahead of trends, and hopefully other Governments are taking note.


Telecoms.com Poll:

When will OpenRAN be ready to be embraced by the industry without reservation?

Loading ... Loading ...

UK’s National Cyber Security Centre launches another Huawei probe

The National Cyber Security Centre (NCSC) has confirmed it is attempting to understand what impact potential US sanction directed towards Huawei would have on UK networks.

With Huawei equipment and components delicately woven throughout the complex tapestry of telecoms in the UK, sanctions from the US which would materially inhibit Huawei operations should be a major concern.

“The security and resilience of our networks is of paramount importance,” a cross-government statement reads. “Following the US announcement of additional sanctions against Huawei, the NCSC is looking carefully at any impact they could have to the UK’s networks.”

There have been reports circulating through the press suggesting UK Prime Minister Boris Johnson is once again considering the role of Huawei in the telecoms landscape. These rumours are a separate story, but directly linked; the US wants to reduce the commercial opportunities for Huawei, and this is yet another attempt.

First, the US Government attempted the diplomatic approach, with Secretary of State Mike Pompeo attempting to prove his debating skills. Secondly, fear was introduced with the US attempted to reignite xenophobic fears of communism. The third strategy was more directly aggressive; work with Huawei or have access to our intelligence data, you can’t have both.

None of these strategies worked, but the latest attempt is an interesting one. If Huawei’s supply chain can be compromised, the UK (and other) Governments might have to turn its back on the Chinese vendor because it does not meet the standards required for resiliency tests.

Should the UK Government be revising its position, it would certainly be a blow to Huawei’s credibility.

“We’ve seen the reports from unnamed sources which simply don’t make sense,” said Victor Zhang of Huawei. “The government decided in January to approve our part in the 5G rollout, because Britain needs the best possible technologies, more choice, innovation and more suppliers, all of which means more secure and more resilient networks.

“As a private company, 100% owned by employees, which has operated in the UK for 20 years, our priority has been to help mobile and broadband companies keep Britain connected, which in this current health crisis has been more vital than ever. This is our proven track-record.”

Looking at the other rumours outside this confirmed investigation into the impact of US sanctions on Huawei, the underlying cause could be directed back tor Conservative backbencher Sir Iain Duncan Smith. Once a prominent voice in the House of Commons, Duncan Smith’s influence has been wilting rapidly, so much so this is one of the first times anyone has paid attention to him for what feels like decades.

In March, Duncan Smith led a small group of Tory revolters in opposition of the Supply Chain Review. Instead of limiting ‘High Risk vendors’ to 35% of any telecoms network, this group wanted them banned completely. These politicians clearly did not understand the complexities of the situation and debates were riddled with inaccuracies, but it appears the pressure has been enough to turn the head of Prime Minister Boris Johnson.

What is worth noting is that while the industry has been in firm support of Huawei in recent years, this staunch stance seems to be softening.

Vodafone Group CEO Nick Read recently discussed the Huawei situation during the telco’s earnings call, and while Vodafone had been warning of catastrophic consequences to prevent work with Huawei, the current rhetoric is no-where near as firm. The executive talked of removing certain firms “moderately” and investments into alternatives. It does appear Vodafone is preparing for the worst-case scenario.

While the rumours are nothing more than rumours, with the US undermining Huawei’s ability to operate as desired some uncomfortable questions will be asked. Top of the list is whether the vendor can maintain security and resiliency credentials for its products and components following such a disruption to its supply chain. This could drastically impact its position in the UK telecoms landscape.


Telecoms.com Daily Poll:

Should Huawei be allowed to operate in the UK?

Loading ... Loading ...

Trump needs fodder for the campaign trail, maybe Huawei fits the bill

A thriving economy and low levels of unemployment might have been the focal point of President Donald Trump’s re-election campaign, pre-pandemic, but fighting the ‘red under the bed’ might have to do now.

In 2016, Donald Trump won the Presidential election for numerous reasons, but one very important element was his ability to mobilise the vote of elements of society who wouldn’t have had any interest in politics otherwise. One reason was because of who Trump was and is, a celebrity more than a statesman, but perhaps a more critical element was the message.

Trump ignored political correctness, seemingly appealing to racism and xenophobia as the Make America Great Again slogan was born. He proposed the deportation of all illegal immigrants, the construction of a wall on the US-Mexico border and a temporary ban on foreign Muslims entering the US. The forgotten men and women of the US were the focal point of this campaign.

This campaign, focusing on a single message of foreign people are bad for patriotic US citizens, worked. If Trump is to repeat the success of his 2016 Presidential Election in November, there will have to be another message at the core of the campaign to rouse the masses and build a slogan on.

There has been a suspicion that the success of the economy and low levels of unemployment would have been this focal point. Prior to the COVID-19 pandemic, the economy was on the rise. From Trump’s entry to the Oval office on 6 January 2017, to the final days before lockdown in February, the Dow Jones grew from 19,963 to 29,398, a 47% surge. Unemployment was down to 3.5%, slowly eroding through the three-year period.

The message could have been ‘look what four years of Trump has gotten you, wouldn’t you like four more?’. But then coronavirus hit, and the economy went down the toilet.

The Dow Jones will recover, as will unemployment, but the Trump campaign would be playing with fire by making this the central point of the campaign. Many believe Trump was too slow to act against the coronavirus after spending months claiming it was little more than the common flu. At its worst point, the Dow Jones fell to 18,591 while unemployment is currently as high as 14%, and likely to go higher.

Using the economy as a reason for re-elections is offering ammunition to the Democrat candidate, the opening round of a slug match where Trump can be undermined and embarrassed.

Without this weapon in his arsenal, Trump will have to find a new focal point to build a campaign around; China and Huawei could fit the bill.

Trump needs to redirect attention away from his failings as a leader during the pre-coronavirus weeks. People generally need an enemy when times are hard, and the invisible enemy of today will not do; you can’t get people angry about a virus, not in the way that the Trump campaign will want. If Trump can further vilify the Chinese, he can position himself as the hero, the man to champion US values, whatever they might be.

Huawei has been made the proxy of the Chinese Government in the eyes of the US. If the US is scared about the ‘red under the bed’, the idea of communism creeping into democratic societies secretly, the successful telecoms vendor can be made public enemy number one.

This is clearly not a new campaign of hate from the President, but it is one which had quietened off over the last few months. It is an on-going conflict point between the US and Chinese Governments, and fuel was thrown onto the embers last week.

In a new assault from the US Department of Commerce, further efforts were made to inhibit the ability of Huawei to source semiconductor components for smartphones and base stations. The US is perhaps hoping the globalised nature of the technology industry, which has allowed Huawei to thrive, can be weaponised against it as few (if any) companies could operate without a single trace of the US in its supply chain.

“We have survived and forged ahead despite all the odds,” Huawei Rotating Chairman Guo Ping said at a virtual conference this week. “The US insists on persistently attacking Huawei, but what will that achieve for the world?”

Conflict with the Chinese might not sound good for economic reasons, but for political ones, it is fantastic. Trump needs an enemy so he can be the champion of for the forgotten men and women of the US.

While it is clear there are a lot of US politicians buying into the anti-China campaign of hate, we asked Telecoms.com readers how they feel about the on-going aggression towards Huawei:

Telecoms.com Poll: Do you feel the US Government is justified in its action against Huawei?
Yes, it is effectively a pawn for the Chinese Government 43%
Yes, but Government links are not there 1%
Maybe, but show us the evidence of foul play first 12%
No, Trump shouldn’t punish a company just because it is Chinese 22%
No, international competition should be left to sort itself out 22%

Huawei might have enjoyed a brief breather over the last few months, but the signs are there to suggest there might be greater conflict on the horizon. Speaking at the Munich Security Conference this week, Secretary of State Mike Pompeo and Secretary of Defence Mark Esper both drew battle lines.

“Let’s talk for a second about the other realm, cybersecurity,” Pompeo said during his speech. “Huawei and other state-back tech companies are trojan horses for Chinese intelligence.”

“Under President Xi’s rule, the Chinese Communist Party is heading even faster and further in the wrong direction,” said Esper. “More internal repression, more predatory economic practices, more heavy handedness, and most concerning for me, a more aggressive military posture.”

Further sanctions and more aggressive policies against Huawei specifically, as well as other Chinese companies in the international markets, could be on the horizon. Huawei executives have certainly expressed concern, but there are numerous other companies who should also be sitting uncomfortably.

The US Senate recently passed the Holding Foreign Companies Accountable Act (S.945) which could result in numerous companies who do not pass strict criteria being delisted from US stock exchanges. China is of course a target with this legislation.

“The SEC works hard to protect American investors from being swindled by American companies,” said Senator John Kennedy, one of the politicians to introduce the original bill.

“It’s asinine that we’re giving Chinese companies the opportunity to exploit hardworking Americans – people who put their retirement and college savings in our exchanges – because we don’t insist on examining their books. There are plenty of markets all over the world open to cheaters, but America can’t afford to be one of them.”

This legislation would not impact Huawei, it is a private company after all, but it is further evidence of increasing aggression towards China, and suggestions there could be rising tensions.

And while Huawei might be attracting the most attention from US Senators right now, there are certainly more which could fall into the crosshairs. Tencent owns TikTok which has already come under criticism, Alibaba is hoping to expand its cloud computing venture into international markets, while the likes of OPPO and Xiaomi are proving to be quite successful in gaining interest as challenger smartphone brands. These are all companies which would perhaps fall foul of US opinion.

The first Trump campaign rallies will give more of an indication of what will be the focus of his scorn and hatred over the coming months, and where the pent-up frustrations of US citizens could be directed. We suspect Huawei could be in for a rough few months as Trump further vilifies the Chinese Government and looks for an opponent to bureaucratically challenge during the campaign.

Taking down Huawei could be the feather the Trump campaign is looking for in its quest for re-election to the White House.


Telecoms.com Daily Poll:

Can the sharing economy (ride-sharing, short-stay accommodation etc.) survive COVID-19?

Loading ... Loading ...

After 107 million downloads in April, TikTok faces a European privacy probe

Questions over the privacy of popular video-sharing application TikTok have been raised by Dutch authorities, but scepticism can’t slow the rapid expansion.

Although other investigations around the world are far more damning, suggesting some very nefarious activities, let’s not forget giants can be taken down by unsuspecting means. After all, Goliath was conquered by a pebble and Al Capone was felled by tax evasion charges.

“A huge number of Dutch children clearly love using TikTok,’ said Monique Verdier, Deputy Chairman of the Dutch DPA.

“We will investigate whether the app has a privacy-friendly design. We’ll also check whether the information TikTok provides when children install and use the app is easy to understand and adequately explains how their personal data is collected, processed and used. Lastly, we’ll look at whether parental consent is required for TikTok to collect, store and use children’s personal data.”

The investigation will focus on whether TikTok effectively protects the privacy of Dutch children, and whether there would need to be any changes enforced on the team through regulation. As with every other investigation, this probe from the Dutch could shed light on certain aspect of operations which could have a domino effect.

While TikTok was thrust on the world to much consumer enthusiasm last year, the momentum has certainly continued through 2020 and has perhaps been compounded by lockdown protocols currently in place around the world.

Most downloaded Apps (non-gaming) during April 2020 – Global
Overall App Store Google Play
1. Zoom Zoom Zoom
2. TikTok TikTok TikTok
3. Facebook Google Meet Facebook
4. WhatsApp Microsoft Teams WhatsApp
5. Instagram Netflix Aarogya Setu

Source: Sensor Tower

With more entertainment needed by those taking part in enforced lockdown, there has been a surge in interest in numerous categories, but social media and content streaming applications are close to the top of the list. TikTok has benefitted from these tendencies, but also endorsements from numerous celebrities around the world.

Over the weekend, Anthony Hopkins challenged Sylvester Stallone and Arnold Schwarzenegger to a dance-off on the platform with Drake’s Toosie Slide.

@anthonyhopkins##Drake I’m late to the party… but better late than never. @oficialstallone @arnoldschnitzel ##toosieslidechallenge♬ original sound – officialanthonyhopkins

With more and more celebrities embracing the platform, everyday consumers will be encouraged, especially during a period of boredom. This might be seen as a worrying trend to US politicians who are attempting to dilute the influence China and its companies have on global societies and economies.

Last October, Republican Senator Tom Cotton and Senate Minority Leader Chuck Schumer wrote to the Acting Director of National Intelligence, Joseph Maguire, to formally request an investigation into TikTok, questioning whether it is a threat to national security as the applications developer ByteDance could be coerced to collaborate with the Chinese Government.

A few days later, Senator Josh Hawley also introduced a new bill, known as the National Security and Personal Data Protection Act (S.2889), which would force foreign technology companies to store data locally.

This would provide some protections to US consumers but would also open up the political class to a barrage of complications as the US has been attempting to punish countries who enforce data localisation rules on US companies. India is one of these nations at loggerheads with the US, and while many would attempt to avoid such complications, hypocrisy and irony seem to be completely lost on the current political administration.

TikTok has escaped much scrutiny over the last few months, though this is perhaps due to other areas demanding more attention. The application might be enjoying success for the moment, but we suspect it is not clear of privacy investigations just yet.

FCC starts process to ban Chinese telcos in US

The FCC has issued what is known as a ‘Show Cause Order’ to four Chinese telcos operating in the US, demanding evidence to prove they are not at the behest of the Chinese Government.

In what might prove to be an impossible task, China Telecom Americas, China Unicom Americas, Pacific Networks, and ComNet all have to prove two things to retain domestic and international section 214 authorizations, which allow them to operate in the US. Firstly, the four will have to demonstrate the licences are within the public interest, and secondly, that the executive team and/or corporate strategy is not under the influence of the Chinese Government.

What is worth noting is that there is a nuance in the language of the Order:

The Orders direct the companies to explain why the Commission should not start the process of revoking their domestic and international section authorizations enabling them to operate in the United States.

The starting point for the FCC is in the negative; the licences will be removed unless the four telcos can offer reason not to. This is different to most judgments, where one would hope the judge would enter in a neutral position. Once again, this action is built on the justification of pursuing or increasing US national security.

“Foreign entities providing telecommunications services – or seeking to provide services – in the United States must not pose a risk to our national security,” said FCC Chairman Ajit Pai.

“The Show Cause Orders reflect our deep concern – one shared by the US Departments of Commerce, Defense, Homeland Security, Justice, and State and the US Trade Representative – about these companies’ vulnerability to the exploitation, influence, and control of the Chinese Communist Party, given that they are subsidiaries of Chinese state-owned entities. We simply cannot take a risk and hope for the best when it comes to the security of our networks.”

And it appears the opportunity to fight the Chinese is a bipartisan cause.

“Since communist China is willing to disappear its own people to advance the regime’s geopolitical agenda, it is appropriate for the FCC to closely scrutinize telecom carriers with ties to that regime,” said FCC Commissioner Brendan Carr. “This is a prudent step to ensure the security of America’s telecom networks. In the Show Cause orders issued today, we give carriers 30 days to explain why the FCC should not initiate proceedings to revoke their authority.”

Within 30 days the four telcos will have to prove the value of operating in the US, to provide telecoms services to US corporations and foreign parties, as well as proving there is no material influence on strategy and operations from Beijing. We suspect this will be a very difficult mission to fulfil. With each of the four companies being owned by Government entities (to varying degrees), their presence in the US will have already irked lawmakers.

As with other iterations of this argument, Government ownership is going to be a major factor, as is the presence of a law which coerces Chinese companies to assist the Government with intelligence gathering activities.

The national intelligence law has been circulating for over a year, though there are many half-truths bouncing around, depending on your allegiance. In truth, the vagueness and nuanced language make it very difficult to understand the weight of the law, how regularly these rules are enforced and what it actually means for foreign interests.

While we do not pretend to be legal moguls, the law effectively states Chinese-national companies can be compelled to assist the Government in intelligence-gathering activities. This is a law which has been in place for domestic operations for decades, though it was expanded during 2019 to broaden the reach, possibly to include international operations.

Huawei has been under the spotlight thanks to this law, and it was one of the factors used to effectively ban US telcos from working with the equipment vendor. However, Huawei has also pointed to clauses in the laws which state Chinese companies cannot be compelled to assist where it would break the law, undermine trust or compromise commercial relationships in international markets.

Again, due to the vagueness of the way the rules are written, is not entirely clear which angle is actually correct, or what even counts as co-operation. Political bias has been leading this rhetoric for years and separating fact from propaganda is becoming increasingly difficult, though it has been positioned that the US is not safe from Chinese espionage while these companies are permitted to operate within its borders.

What is worth noting is that most lawyers have agreed it would be difficult for Chinese companies to resist orders from the Government for data which is stored on Chinese servers, or for companies which are state-owned. However, there is little evidence to validate any claims, irrelevant to the side of the argument.

Although the law, which is likely to be the focal point of many arguments, is incredibly difficult to fully comprehend, it is quite clear that the Chinese telcos are in a bit of bother. Popular opinion is forming against the Chinese, with the COVID-19 outbreak certainly not helping matters in the US, and the starting opinion of the authorities will make it very difficult to maintain the licences.

France does exactly what it was told not to with COVID-19 app

Much has been said about using technology to combat the coronavirus outbreak, but France has done exactly what many critics feared by cutting corners to compromise security and privacy.

France is one of the hardest hit countries during this pandemic, with more than 114,000 confirmed cases at the time of writing, therefore it is understandable the Government wants to accelerate the deployment of any projects. However, this latest debacle will have data security and privacy advocates tearing their hair out.

Having developed an application to track the spread of COVID-19 using Bluetooth contact tracing, though some functionality of the app is being prevented by Apple’s security features. Designed to protect user data, the iOS feature prevents data being moved off Apple devices via Bluetooth.

Instead of attempting to adapt the application, to ensure privacy and security is maintained for the users, according to Bloomberg French authorities have made the almost laughable decision to request Apple turn off the features in France.

Almost everyone in the digital community recognises the importance of maintaining security and privacy principles despite the severity of the situation, but it appears France missed this memo.

“We’re asking Apple to lift the technical hurdle to allow us to develop a sovereign European health solution that will be tied our health system,” French Digital Minister Cedric O said.

The French Government has stated the data would only be stored on its own servers, with the healthcare authority acting as the data controller, but this seems to be missing the point. O is effectively asking Apple to lift a security protocol and introduce a vulnerability to French Apple devices. And wherever there is a slightly weakness in cyber-defences, the nefarious characters of the dark web are waiting to pounce.

Over the last few weeks, European Data Protection Supervisor Wojciech Wiewiórowski has been quite active. In one letter, responding to concerns over user privacy, Wiewiórowski said the transfer of data would be fine under GDPR assuming the relevant protections have been put in place. It is questionable whether asking Apple to remove a security feature is consistent with this message from Wiewiórowski.

The collection of data is a reasonable approach by any authority, though it does not have to be done in a way which compromises user security and privacy. There are thousands of applications on the App Store which makes use of location or device proximity data without compromising iOS guidelines, so it clearly can be done.

What is also worth noting is that Apple is currently working in partnership with Google to create a framework for COVID-19 applications.

Although bringing the smarts of Google and Apple into the equation will certainly help, the framework which is being proposed would rely on short-range Bluetooth signals, secure local databases and anonymized device identifiers, but would ultimately store data locally on user devices. This is a point of contention with Governments who would like to collect data on centralised servers.

The application of new technologies is certainly the best way to tackle this on-going pandemic, however what appears to be the case here is a fragmented ecosystem.

Silicon Valley is taking one approach, dozens of governments are putting together their own ideas, while privacy advice is being given by centralised regulators but not being adhered to by localised authorities. The mishmash of policies and ideas is not the most efficient way to tackle the problem, or to ensure data protection and security principles are being respected.

Three weeks ago, the European Data Protection Supervisor called for a consolidated, co-ordinated approach, creating a pan-European effort which would be significantly more beneficial. More data, more scientists and more money being thrown at the problem, but this logical idea has fallen on deaf ears as the French ignore advice, cut corners and endanger the digital lives of users.

Europe releases guidelines for building COVID-19 apps

The European Commission has unveiled guidelines for member states creating COVID-19 apps, with perhaps an attempt to prevent mission creep from private industry.

The document, which is available here, suggests the national health authorities take the leadership position in developing the applications, while another recommendation is to store data on devices wherever possible. Minimising data analysis, external storage and the role of private organisations are ways and means to maintain privacy principles but also reduce the risk of data breaches.

“This is the first global crisis where we can deploy the full power of technology to offer efficient solutions and support the exit strategies from the pandemic,” said Vice-President for Values and Transparency, Věra Jourová.

“Trust of Europeans will be key to success of the tracing mobile apps. Respecting the EU data protection rules will help ensure that our privacy and fundamental rights will be upheld and that the European approach will be transparent and proportional.”

Although the guidelines are relatively simple, such a tick-box exercise is critical to ensure the largest possible adoption rates. The apps will assist individuals irrelevant as to how many people install, however for the contact tracing features to be the most effective in slowing the spread of COVID-19, downloads would have to meet critical mass. Oxford University researchers suggest this would be at least 60% of the population.

If any of the apps being discussed are to reach 60% penetration, privacy and security fears would have to be addressed, while legislation would have to be introduced to ensure such tracking activities do not become the new normality and data is not retained after the crisis.

In brief, the guidelines are as follows:

  • Downloading the app should be voluntary not compulsory
  • National health services should own the project and be responsible as the Data Controller
  • Data minimisation principles should be applied
  • GDPR principles of right to deletion should be adhered to
  • Data should be stored on user devices wherever possible
  • Consent should be applied to each element of the application not a catch-all opt-in at the beginning
  • Rules should be introduced for the deletion of collected raw data and the subsequent insight

There are of course multiple other nuances and elements included in the 14-page document, though should the above guidelines be adhered to and the role of private industry limited, there could be trust installed in the apps. Irrelevant to how elegant and sophisticated the apps are, the most important aspect is user adoption.

This is not the first time the world has faced a pandemic to this degree, but technology and insight are tools which we have never had at our disposal before. The contact tracing apps, to warn individuals of potential infection and educate on how to further prevent the spread, should be adopted by every nation. However, privacy and security concerns should not be ignored.

The technology and telecoms industry has a pretty poor record when it comes to privacy and security. Executives might point to policies and features to improve resilience, however these are almost always reactionary additions not proactive. Considering the sensitive nature of the data which is being discussed in relation to these apps, this is the time to be overly cautious in applying privacy and security principles.

Nokia: traffic surges are flattening but DDoS is on the up

Nokia has released its latest update on internet traffic during the coronavirus outbreak, and while networks seem to be standing up to the strain, Distributed Denial of Service (DDoS) traffic is on the up.

As with every aspect of our lives, for all the good that some do there will always be others who try to take advantage of the situation. At a time where telcos are being presented with new challenges, the dark corners of the web are still home to those looking to capitalise on the tiniest of opportunities for nefarious means.

“We noticed a steady increase in the overall volume of DDoS traffic – with amounts exceeding the pre-pandemic levels by 40%,” said Craig Labovitz, CTO of Nokia Deepfield. “This increase may be related to the significant rise in gaming-related DDoS attacks; we continue to investigate this issue – so more to come on this topic.”

Distributed Denial of Service (DDoS) traffic is a malicious traffic aimed at rendering websites or online services inoperable. In short, it is the blunt tool of cybercriminals, one of the oldest tricks in the book but still very popular because of its effectiveness. By flooding one or more web servers with a disproportionately high-level of internet traffic, the aim is to reduce performance or take the service down.

One example has recently been discovered by Bitdefender researchers and has been named Dark_Nexus.

This new IOT botnet disguises traffic as innocuous browser-generated traffic to actively target IOT devices. There have been as many as 40 updates to the code between December 2019 and March 2020. It was potentially designed by greek.Helios, a known botnet author who sells DDoS services and botnet code.

On a slightly brighter note, Nokia has also confirmed traffic growth across Europe is flattening, likely due to a combination of peak video consumption, reaching practical maximum levels and the streaming services placing limitations on downloads. Many fears have already been calmed, but it is always worth reiterating; COVID-19 is highly unlikely to break the internet. Not unless it learns to twerk.

Internet traffic has been as much as 45% higher during the week following the introduction of self-isolation measures across Europe, and up to 20% higher on the weekend. Upstream traffic is still on the increase, but it does appear there is ample headroom for the telco networks to deal with the increased traffic.

Texas Judge rules for White House over Huawei

Huawei has faced a setback in its pursuit of legitimacy in the US. as a Texas District Court ruled against its lawsuit directed towards the National Defense Authorization Act (NDAA).

Judge Amos Mazzant of the US District Court in East Texas ruled that section 889 of the NDAA was valid and legal. Huawei had argued the clause, which effectively banned it and ZTE from working with any company receiving federal funding, was unconstitutional on the grounds it presumed guilt without a fair trial.

While a Huawei victory was hardly going to make an impression with the single-minded White House policy makers, this is a victory for the Government, seemingly validating its decision.

“Contracting with the federal government is a privilege, not a constitutionally guaranteed right – at least not as far as this court is aware,” Judge Mazzant said in the ruling, first reported by Reuters.

This is an interesting nuance which has been put forward by Judge Mazzant. Huawei has argued the clause banning service providers from spending federal money on Chinese equipment is unconstitutional, though Judge Mazzant has stated that the Government should have the right to control how its money is allocated and spent. The Act does not prevent Huawei from doing business in the US entirely, which keeps the Government on the right side of the line.

The lawsuit, which was filed in March 2019, stated that Congress was acting in violation of the US Constitution as it was denying the firm the right to bid on both Government and private sector contracts. Huawei suggested the Act was a Bill of Attainder, as it presumed guilt without trial. Under Article I Section 9 in federal law, and in state law under Article I Section 10, US Constitution forbids such actions.

For the US, this could add some momentum to the already existing propaganda campaign against China and seemingly all companies from China. This ruling could add buoyancy to the Simple Resolution which has recently been passed in the House of Representatives.

The resolution, which can be used to influence administrative actions and foreign policy, stated that the House of Representatives believed all Chinese countries were effectively under Government control, state-owned or private. Such a broad-brush approach to condemnation is a very dangerous and small-minded approach to take, though the anti-China rhetoric could be offered a new lease of live…

US outlines the North Korea cybersecurity threat

In a joint statement, US Government agencies have outlined the cybersecurity threats which have been attributed to North Korea.

With the days of James Bond espionage increasingly becoming a thing of the past, cyber criminals are becoming more common and organised. On one side of the coin, this could be private criminals, think of a digital Mafia, but state-sponsored campaigns and attacks are just as, if not more, common.

Russia and China might hit the headlines frequently, but North Korea is a long-time enemy of the US and it appears the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) hasn’t forgotten about it.

All state-sponsored cybersecurity activity tied to North Korea is code-named Hidden Cobra, and thus far, seven malware variants have been publicly announced.

  • Hoplight – proxy applications that mask traffic between the malware and the remote operators
  • Bistromath – performs simple XOR network encoding and are capable of many features including conducting system surveys, file upload/download, process and command execution, and monitoring the microphone, clipboard, and the screen.
  • Slickshoes – a Themida-packed dropper that decodes and drops a file “C:\Windows\Web\taskenc.exe” which is a Themida-packed beaconing implant
  • Hotcroissant – custom XOR network encoding and is capable of many features including conducting system surveys, file upload/download, process and command execution, and performing screen captures
  • Artfulpie – performs downloading and in-memory loading and execution of a DLL from a hardcoded url
  • Buffetline – sample uses PolarSSL for session authentication, but then utilizes a FakeTLS scheme for network encoding using a modified RC4 algorithm. It has the capability to download, upload, delete, and execute files; enable Windows CLI access; create and terminate processes; and perform target system enumeration
  • Crowdedflounder – a Themida packed 32-bit Windows executable, which is designed to unpack and execute a Remote Access Trojan (RAT) binary in memory

While the concept of a state-sponsored cyber attack is far from new, the frequency of these incidents are becoming much more common. And worryingly, these are only the incidents which the general public is made aware of.

In November, New Zealand’s National Cyber Security Centre (NCSC) suggested that 38% of the incidents it had to respond to were most likely state-sponsored. These are only a small proportion of the total cyber incidents, though the NCSC is tasked with tackling the most serious. The Five Eyes intelligence alliance, of which New Zealand is a member, has attributed the WannaCry incident to North Korea and NotPetya to Russia in recent years.

Looking at December 2019 alone, the Center for Strategic and International Studies suggests there were attacks from a Chinese state-sponsored group on multiple nations, a Cambodian Government agency was targeted, login credentials from government agencies in 22 nations across North America, Europe, and Asia were stolen by unknown hackers, a suspected Vietnamese state-sponsored hacking group attacked BMW and Hyundai, while Russian government hackers targeted Ukrainian diplomats, officials, military officers, journalists, and non-governmental organizations in a spear phishing campaign.

State-sponsored cyber incidents are most certainly on the rise, but the worrying element of this trend is that no-one genuinely knows. The likelihood of being able to attribute these incidents back to a particular regime with absolute certainly, and free from political bias, is incredibly low.