Yevgeny Prigozhin and his paramilitary forces are still making their move to Belarus, and when he gets there, expect a disinformation factory to be right there with them.
HAPPY MONDAY, and welcome to Morning Cybersecurity! Congress is back in action, the NATO summit is almost underway, and now the NBA has unveiled it will have a new in-season tournament starting this year. Time for LeBron to become the first player to win two trophies in one year. Then hes *definitely* the GOAT, right?
Got tips, feedback or other commentary? Send them to Joseph at [emailprotected]. You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below.
Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. Youll also receive daily policy news and other intelligence you need to act on the days biggest stories.
CISA Director Jen Easterly is delivering the keynote address at the Homeland Securitys Startup Studio final pitch event. 1 p.m.
COMING TO A BELARUS NEAR YOU While NATO leaders gather this week in Lithuania against the backdrop of Moscows war in Ukraine, something else might be brewing just across the border in Belarus.
Wagner Groups head honcho Yevgeny Prigozhin may not be in the country yet, but there are signs the Kremlin disinformation chief is getting ready for the next phase of his operation, Russian disinformation and Wagner Group researcher Lukas Andriukaitis at the Atlantic Councils Digital Forensic Research Lab told Morning Cyber.
Its all connected: Prigozhins empire stretches far beyond a ground force to encompass Russias most notorious troll factories. There are rumblings that new bases are being built in Belarus, Andriukaitis says, and the suspicion is theyre setting up camp for the Wagner Groups arrival. And when Wagner comes to town, its entire operation follows.
Its the whole package, Andriukaitis said. When it comes to Wagners military operations its going to be tied with the influence campaign as well.
Its unclear whether Wagner itself has a sizable cyber faction, but Prigozhin has claimed to have founded the U.S.-sanctioned Internet Research Agency, and on another occasion said he interfered in U.S. presidential elections through the spread of disinformation.
Dont forget: The web and presence of the Wagner troll factories are being felt in countries across Africa right now with anti-Western disinformation focusing on domestic and international politics proliferating to exacerbate regional instability, according to a DFRLab report. Documents obtained by POLITICO earlier this year also detail operations meant to sway political events on the ground across Africa in an effort to bolster pro-Moscow sentiments.
Internal unrest: Belarusian President Alexander Lukashenko, who invited Prigozhin with open arms, may be the next victim of his troll army.
[Prigozhin] has hinted that the Belarusian presidency was promised to him, Adriukaitis said. Meaning that he might be interested in having an area of personal influence within Belarus.
Be on the lookout for Prigozhin to possibly focus his influence attacks on his next host country to try and destabilize Lukashenkos regime, Adriukaitis said.
Money man: All signs point to the Russian oligarch having access to his money post-mutiny investigation, meaning Prigozhins cyber operations could continue at full tilt, Russia watchers say. Hackers from the Dossier Center investigating Prigozhins cyber troops concluded in March that all the work within his businesses are organically linked.
This means that while the Kremlins long-feared cyberwar capabilities havent broken through Ukraines infrastructure like many expected, Prigozhins funding of IT infrastructure, IP hosting and disinformation tactics could keep pulsing.
DATA DUMP We were telling you last week about the United States announcing how its fulfilled its commitments to implement the U.S.-EU Data Privacy Framework a mechanism designed over months and months of negotiations to safely transfer EU citizens personal data to the United States. Now there is talk the EU could opt for an approval on the framework as soon as today, report our colleagues at Politico Europes Cyber Insights.
What it means: The DPF indirectly plays a role in promoting secure data handling practices. Generally, the U.S. tends to lean toward open data flows tied to trade agreements, while the EU likes to emphasize strict privacy protections. But the framework has gotten wide backing in Europe with 24 out of 27 (unnamed) capitals in favor and 3 abstaining, according to a record of the vote.
So when and if the approval comes, U.S. companies will have to comply with EU data protection law while still being subject to U.S. foreign intelligence surveillance laws. And it will go into effect the very day its issued.
U.S. on thin ice: Secretary of Commerce Gina Raimondo confirmed in her approval last week that the EU, Iceland, Liechtenstein and Norway are now qualifying states for redress meaning their citizens can sue U.S. spy agencies if theyre suspected of breaking U.S. laws.
The Snowden of it all: The Court of Justice of the EU struck down two previous data deals Privacy Shield and Safe Harbor after revelations of heavy-handed surveillance tactics on the use of data in the United States from Edward Snowden and others. Privacy activists have said theyd take this version to court, too.
EASTERLY KEYNOTE CISA director Jen Easterly will be in Arlington this afternoon speaking to entrepreneurs, scientists and inventors alike who are collaborating on projects to address national security concerns in the public and private sector.
The meeting is part of the Homeland Security Startup Studio, an event aiming to speed up the deployment of cutting edge technology for commercial and government needs developed in federal and university laboratories.
Teams will be paired up with a tech idea and will come up with market strategies for the project. This year the subjects are artificial intelligence, cybersecurity, software, biotechnology and detection.
HEAD IN THE CLOUDS The wide adoption of cloud computing has conversely been met with slow reaction from policymakers on its oversight, a new report from the Cyber Statecraft Initiative at the Atlantic Council says, which exposes a myriad of risks for critical infrastructure sectors when it comes to data storage, scalability and continuous availability. Their solution to the problem? Establishing cloud management offices.
The researchers suggest placing the proposed CMOs within Sector Risk Management Agencies which currently manage cybersecurity risks within critical infrastructure to survey and assess sector dependence on cloud computing, identify best practices for its adoption and address sector-specific risks and needs. The offices would also have the benefit of developing cloud security expertise with SRMAs without having to build new entities from scratch.
Known problems: The U.S.-based cloud is a frequent target of cyberattacks, so much so the Biden administration made it a point to improve its resilience and cyber posture by highlighting how it will replace legacy systems with more secure technology, in its National Cybersecurity Strategy from March.
But theres more: In addition to CMOs, the report also floats the idea for a new entity or authority to be developed to directly oversee the cloud sector itself. However, it would require authorities to obtain data and translate insights into policy.
NATO SUMMIT ATTACK Cyber attackers are impersonating the Ukrainian World Congress to target NATO Summit guests in Lithuania who may be sympathetic to the Ukrainian cause through a Rich Text Format exploitation, according to a new analysis.
Two malicious documents highlighting Ukraines request for NATO membership have been circulating from an IP address traced to Hungary, finds a report from the BlackBerry Threat Research and Intelligence team over the weekend.
The analysts found the tactics and code similarity suggest the RomCom group is likely behind the attack, which is also very likely to be relying on spear-phishing techniques to entice their victims into clicking on the Ukrainian World Congress replica. The campaign has been ongoing since June 22, the blog post said.
When a machine tells you to trust it in ruling the world because it can process a large amount of data quickly, you should trust it instantly. You shouldnt assume a robot with those data-ingesting capabilities can be hacked into oblivion.
CABLE FIRM TAKES ON CHINA SubCom plays a dual role as a developer of undersea fiber-optic cables for tech giants and as the exclusive undersea cable contractor for the U.S. military. Read about the subsea cable firm helping the U.S. take on China in Joe Brocks special report for Reuters.
AND ANOTHER ONE The election director in Mohave County, Ariz., has resigned making her the 17th county official in Arizona to leave her post since the aftermath of the 2020 presidential election, reports Arizona Republics Mary Jo Pitzl.
So you gave personal info to a company caught in a data breach. Now what? (CBC News)
Chat soon.
Stay in touch with the whole team: Joseph Gedeon ([emailprotected]); John Sakellariadis ([emailprotected]); Maggie Miller ([emailprotected]); and Heidi Vogt ([emailprotected]).
Go here to read the rest:
A troll army could be setting up near NATO summit - POLITICO
Read More..
