Weekly Roundup - October 31

Freedom House recently released their annual Freedom on the Net report, “Countering an Authoritarian Overhaul of the Internet.” A key finding from the report was that global internet freedom has declined for the 12th consecutive year, with the steepest declines occurring in Russia, Myanmar, Sudan, and Libya. Additionally, the report found a global trend in governments breaking apart from a global internet. This development poses a threat to the flow of information online and free expression. Despite these findings, Freedom House has found that multi stakeholder initiatives, such as the Copenhagen Pledge or the Freedom Online Coalition, are proven to be a viable option in combating decreasing internet freedom. Collaboration of the public and private sectors is critical in defending an open and free internet. 

Global Tech Policy:

• Doreen Bogdan-Martin won the election for Secretary-General of the International Telecommunication Union (ITU). The election was seen as a test of how many countries would side with Moscow after its recent invasion of Ukraine. U.S. Secretary of State Anton Blinken wrote an endorsement of Bogdan-Martin, paired alongside a statement of support from Joe Biden. Bogdan-Martin pledged to address issues such as digital connectivity, climate change, food security, and the gender gap.

Cybersecurity: 

• According to a study by the Center for Democracy and Technology, only 1 in 4 local election office websites use the .gov domain, even though it improves security and makes visitors less likely to fall for fake sites. This number is higher than it was 2 years ago thanks to Congress passing the DOTGOV Act and CISA waiving the fee to apply for a .gov address. 25% is still very low, especially considering that the FBI identified dozens of illegitimate election websites designed to look like authentic ones that could be used to interfere in elections. The .gov websites also have security features not always found in commercially available web addresses.
• Business email compromise (or BEC) is a type of phishing attack where criminals pose as someone a victim trusts, such as their company’s CEO, and then sends an urgent message to transfer money, which they then steal. This can happen by hacking into the CEO’s account and/or by using personal information found on social media to convince targets. In 2021, BEC accounted for approximately a third of the year’s $6.9 billion in cyber losses. And cases are on the rise. Experts describe it as “death by a 1,000 papercuts” and say it should get as much attention as ransomware attacks.

• The Atlantic Council recently issued an issue brief outlining the network of cyber actors in Russia. From front companies to hackers to cybercriminals, the brief analyzes the range of incentive structures and relationships with the state for different cyber actors in Russia. 
• Twitter admitted that it wasn’t properly logging users out of their apps when users changed their passwords.This is the latest in a long string of security issues at Twitter, including a $150 million settlement with the FTC after it used the phone numbers and email addresses that users inputted for two-factor authentication for targeted advertising.

Disinformation:

• A group of 100 cyber experts say “it’s okay to expose the government.” The Washington Post published and participated in a survey along with 100 cybersecurity experts about whether or not it is okay to expose government disinformation campaigns. 
• While a relatively small number of people share disinformation on fringe media platforms like Truth Social, Parler, and Gab, the recent spread of false election claims from former President Trump demonstrate how such information can break past platform walls and still reach viewership through screenshots on larger platforms.

Online Harassment:

• A recent scapegoat incident that led to mass harassment of a voice actor has demonstrated some of the dangers of instant mobilization on social media platforms. After one voice actor misrepresented the reasons she was no longer playing the lead in the "Bayonetta" franchise, fans swarmed to attack the new voice actor set to take the role. After users attach themselves to one person's narrative, they can often create a dangerous online environment without leading to the purported goal of structural change.

Open Internet:

• The Freedom Online Coalition (FOC), which is composed of 34 governments including the U.S., have demanded that Iran end its internet restrictions. The FOC denounced the internet shutdowns in Iran enacted in response to protests against the killing of Mahsa Amini. Internet shutdowns and restrictions have become a key part of the Iranian government's violent repression of dissent both on and offline. A similar tactic was used in 2019, when the same account published videos of protestors being injured and killed by the police.
• Signal, DemTech’s highly recommended secure message app, is helping those in Iran communicate. The app is publishing instructions for users to set up a proxy server, which would enable people in Iran to connect to Signal and communicate securely. 

ICT4D:

• African open source participation is trending upwards. General trends of open source contributions between 2010 and 2020 show a general increase in the share of contributing Github authors in African countries. Contributing authors are those who upload Github code rather than just simply download and use codes with Nigeria becoming the country with the largest number of contributing authors. 

Other Tech News:

• California drivers will now be able to get digital license plates. Rather than the traditional metal plate, drivers will have license plate-sized screens displaying plate numbers and would allow motorists to renew their registration automatically. Drivers can even customize their plates with personal banners and choose between light and dark modes.