Weekly Roundup 14 April through 21 April

By Cat Ramsey | May 02, 2022

Large Photo
Photo
A dark background with a red grid and blue ones and zeroes and a hexagon grid. In the center, over everything is a yellow triangle with an exclamation point in it. Everything is glowing.
Caption
Image credit: Getty Images, Cyberscoop's "Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says" article.
Small Photo

14 April
Meta has reported the takedown of a network of active Brazilian military personnel using the company’s platforms to pose as environmentalists and increase support for Brazilian President Jair Bolsonaro’s plans for the Amazon in its Quarterly Adversarial Threat Report. Meta’s investigation did not reveal whether the members of the military involved in the network were acting independently or based on orders from a superior, but the deforestation narratives they promoted counter criticism of President Bolsonaro’s climate policy in the lead up to the October 2022 election.

The incident will likely add fuel to the debate on social media regulation already raging in Brazil, with President Bolsonaro claiming that platform moderation is biased against conservative politicians and his opponents claiming that he and his party use platforms to undermine democracy and spread disinformation. The Facebook and Instagram accounts posing as nonprofits had posted about the pandemic and land reform in 2020 before focusing on environmental disinformation in 2021.

 

21 April

Earlier this week, Project Zero announced that 2021 had been a record year in zero-day vulnerability detection. 58 vulnerabilities were disclosed by the Google  project, constituting a two-fold increase compared to 2020 and the most ever recorded  since the project began in 2014. Researchers said that the majority of the detected exploits were not technically innovative, mostly relying on traditional bags and patterns to infiltrate systems.

The Project Zero team hopes that the increasing sophistication of zero-day detection will encourage private companies to more readily disclose vulnerabilities they detect “in the wild.” Of particular concern are memory-corruption vulnerabilities, which made up 39 of the 58 vulnerabilities detected.

 

Russian Invasion of Ukraine

  • There are signs that Ukrainian and Western efforts to fight Russian domestic disinformation are starting to make a difference. Data analytics companies tracking Russian opinions on the war demonstrate the success of a combination of Cold War tactics, like Western-funded media organizations like Radio Free Europe, and technology, like mirror websites, which are essentially copy websites which have to be hunted down and removed individually by Russian censors.
  • A cyberattack on one of Ukraine’s largest energy companies came very close to shutting down power for two million people in the country. It is believed that Sandworm, a Russian military cyber unit was responsible for the attack. The incident, taking place on 8 April, represents the most serious cyberattack of the war so far.
  • The nonprofit, Tracking Exposed, has released a report on TikTok’s response to the Russian crackdown on independent media. The platform has walled off Russian users from the rest of the world, stopping foreign media from entering Russia’s information system, and not allowing those in Russia to upload new videos, but failures in implementation have led to a proliferation of pro-war media. 
  • On the 18th of April, images of Russian military bases on Google Maps flooded the internet. Ukraine and Russia announced that Google had repealed its policy of obscuring locations sensitive to Russia. However,  Google Maps refuted this, stating that the images were from before the war. While the US government has access to far stronger satellite imagery, Google satellites are key to OSINT research. 
  • Russian media regulator Roskomnadzor has accused Wikipedia of being a source of anti-Russian disinformation about the war in Ukraine, but the website has not yet been banned in the country. At the same time, the structure of Wikipedia makes it extremely vulnerable to disinformation and a study found citations from known disinformation actors across the site, especially in languages other than English. 

 

Gender and Inclusion

  • Women in politics in New Zealand are targets of increasing gendered abuse and threats. Women at all levels are targeted and while the issue is taken seriously by law enforcement officials, the regulatory framework is weak and women with less power must cope with the abuse with fewer resources. 
  • The vice president of the Philippines, Leni Robredo, is the only woman candidate in the upcoming presidential elections. She has been disproportionately targeted throughout the race, including attacks utilizing online gender-based disinformation, with some attempting to scandalize her 34 year old daughter. 

 

Global Tech Policy

  • Vietnam is planning to introduce a new law requiring platforms to remove posts considered illegal in the country within 24 hours. Illegal live streams would have an even shorter period of 3 hours, while removal of posts threatening national security would be required to be immediate.  
  • The President of the Philippines, Rodrigo Duterte has vetoed the SIM Card Registration Act, which would require platforms to register users’ phone numbers and identities when they create an account. The law would have allowed the government to collect personal data from citizens and decrease internet freedom, but it also would have restricted the use of trolls and bots on social media. 

 

Open Internet

  • The lockdown in Shanghai has inspired a wave of forbidden posts, with which Chinese censorship methods are struggling to keep up. Even as pandemic workers demanded that a resident remove critical posts, a video of authorities forcing themselves into his house was uploaded. In addition to the sheer volume of posts, people are creatively misusing hashtags and utilizing sarcasm to evade censors. 

 

Disinformation

  • Tech platforms are playing a key role in the democratic discussion leading up to Kenya’s August elections. Just as they are in the United States, platforms are expected to be used to share important information as well as to spread disinformation and hate speech. However, only a small percentage of the resources afforded to US elections will be available in Kenya.
  • Meta’s April Quarterly Adversarial Threat Report includes an investigation into Azerbaijan’s Ministry of Internal Affairs for running a network which combines cyber espionage with coordinated inauthentic behavior to target the opposition, journalists, and activists within the country. 
  • A number of large Chinese platforms have announced that they will begin to display users’ locations on posts. The new feature is not mandated by law, but it cannot be disabled and aims to counter disinformation by preventing users from misrepresenting where they are from. The feature will use IP addresses to determine a poster’s country or province if posting from within China.
  • Advancements in language learning machines and AI can play a role in strengthening democracy and bolstering information integrity. However, to make an AI work, massive data sets are necessary, which utilize the entire internet and unintentionally teach the machines racism, disinformation, and hate speech. 

 

ICT4D

 

Data Protection and Privacy

  • Last week, the Indian Parliament passed the Criminal Procedure Identification Bill (CPC), which allows law enforcement agencies to demand biometric data from those detained. While proponents believe it will reduce crime, the opposition believes that due to India’s lack of data protection laws, the bill gives the government a tool to repress dissenters . 
  • Serbia’s interior ministry plans to buy facial recognition software, which the country’s personal data protection commissioner says is illegal. The software, produced by a Swedish company, is used by Europol, but in addition to identifying faces, it downloads personal data and combines this with state-owned information to create extremely detailed profiles. 
  • The US Immigration and Customs Enforcement Agency (ICE) is legally restricted in the data it can share and obtain from law enforcement agencies, but immigrant advocacy groups have determined that ICE has been purchasing data from private brokers and issuing legal requests to squeeze data from platforms. 

 

Blockchain

  • Virgil Griffith, a US cryptocurrency expert, has been fined and sent prison for more than five years for teaching the Democratic People’s Republic of Korea (DPRK) about blockchain, allowing the government to use cryptocurrency to evade US sanctions. 
  • Chainanalysis, a blockchain data platform, has reported that Africa is the region with the fastest growing use of cryptocurrency, prompting experts to consider how the new technology may expand financial markets to underserved areas. However, a number of African countries still maintain strict crypto regulation, which may stifle growth. 

 

Other Tech News

  • The browser-making company Brave and the search engine DuckDuckGo have implemented features to disable Google’s AMP, which will prevent the platform from observing web traffic. Though Google claims AMP makes webpages load faster and contributes to a search result ranking system which makes it easier to find information online, critics say AMP allows Google to gather data and monopolize online advertising.
  • Technology is being used by the Myanmar junta as a means to surveil the population, restrict expression and movement, and control the population, especially the media. However, pro-democracy forces within the country are also utilizing the internet to share information, organize protests, and maintain physical safety by avoiding military forces. 
Projects

Share