Whatever the pundits may say about cyberattacks used in the Ukraine war. Dave Aitel Notes that they believe this confirms previous predictions regarding cyberwar. Scott Shapiro said that it isn’t surprising what the adversaries have used to attack cyberspace. agrees. Doxxing Russia’s troops and spies all over the globe by the Ukrainians has been a common practice. Russians are attacking Ukraine’s grid. Surprisingly, the grid attacks in Ukraine haven’t seriously affected civilian lives. This is despite the fact that Russia has had to put in a lot of work to make any difference. Cyberwar has not been a complete failure. However, it seems a little too hyped. Scott says that it is more of a confession than a declaration of strength. “My military attack doesn’t do the job. So I’ll add some fancy cyberweapons for The Boss.”
What impact would it have in the U.S. It’s impossible to know until someone (either Russians or others) gives it another try. Dmitri alperovitch, Sam Charap and Sam Charap offer their plan: We will shut down Russia’s Internet for just a few hours to prove that we can. We like it better than none, but given the limited effect and high risk of being exploited, we aren’t ready to declare that it is the best plan.
It is also surprising and more fascinating to see how Ukrainian mobile phones networks have been an integral part of Ukrainian defense. The Ukrainian government has made it possible for civilians to continue using their mobile phones regardless of where they are in the country or what network is available. Russian soldiers, however, are discovering that this network can be a deadly honeypot. Dave and me believe there are some lessons to be learned from this incident for the emergency management of other country’s phone networks.
Gus Hurwitz sums up the Elon Musk and Twitter stories. It is clear that Musk will not be able to succeed if Twitter takes his poison pill. What else can we talk about? To keep with my confirmation bias story, I do a quick victory lap because I predicted Musk would attempt to be the Rupert Murdoch for the social oligarchs. Gus joins us in enjoying the Festschrift of Hypocrisy by the Usual Sources, declaring that internet censorship is essential for democracy’s survival.
Scott takes us deep on pCiting the colleague’s experience with ipeline safety Article for Lawfare about the subject. Because of the TSA, he believes that responsibility for protecting pipelines should shift from Transportation Security Administration to Federal Energy Regulatory Commission. It is the Biden’s administration shares this sentimentHowever, it’s not my favorite option. TSA has the ability to borrow cyberexpertise from CISA (its sister agency) while they may not have been as proactive in regulatory compliance. Scott suggests that FERC also has an option.
It is impossible to talk about cyber-security of pipelines without talking about industrial control security. Scott & Gus break down a new ICS malware package, which is a Metasploit that can be used for hacking operational tech systems. Although it has a lot of useful features, Gus doubts that this is the most effective tool to cause major disruptions in electricity grids and pipelines. Amazingly, the information was not disclosed to any nation that could use it against an opponent. That’s forward defense!
Gus will be our palate cleanser and take us through recent EU cloud protectionionism. This sounds like an unwise measure, but it will not harm the U.S. intelligence and make Europe more successful in its efforts to create its cloud industry. This is the story of the subpoena lawsuit, CLOUD Act, and the latest counter-CLOUD Attack. It feels like Microsoft is playing two sides in this whole situation.
Dave leads us on a tour through some of the proposals currently being considered to regulate Artificial Intelligence. I notice that the Congressional Dems are ready to go after the face recognition vendor, id.me. The problem of bias in content moderation is briefly re-examined. It seems that moderator bias is evident when I examine research showing that Republican tweet accounts are four times as likely to be suspended following the 2020 election. Research showing that Republican accounts were more likely than Democrats to post links to websites that an unbalanced cross section of voters considers to be unreliable makes me at least partially convinced. Is confirmation bias available when you are in need of it?
Download the 403rd Episode (mp3)
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbakerUse Twitter. Use Twitter to send questions, comments, or suggestions about topics and interviewees. CyberlawPodcast@steptoe.com. Keep in mind: We’ll send you a Cyberlaw Podcast mug if your suggested guest makes an appearance on the show.
This podcast is a collection of opinions that the speakers have shared and does not represent the views or clients of any of them.