Neutrality is a core principle of cryptocurrency. But over the course of the war in Ukraine, exchanges have blocked accounts of sanctioned Russian individuals and their loved ones. Activists have also used apps like Tinder and Google Maps to circumvent Russia’s information blocks, as a counterbalance to the country’s propaganda machine. And facial recognition algorithms have made it terrifyingly easy to identify Russian soldiers, which can backfire if the technology is inevitably wrong.
Elsewhere in the world, security researchers have caught Chinese APT41 hackers spying on US state systems. That in itself isn’t much of a surprise, but the way they got in — through a livestock tracking app and the Log4j vulnerability — was an unexpected combination. Critical bugs in an IoT remote access tool have compromised hundreds of thousands of medical devices, ATMs and more. And we looked at how law enforcement in some areas of the job uses phone data to persecute LGBTQ communities.
We explored how NFTs really work. We looked at YouTube’s policies against election misinformation — and why this isn’t sustainable in the long run. While not strictly a security story, this in-depth profile of Facebook’s Joel Kaplan goes a long way in explaining how those kinds of policies are formed in the first place.
And there’s more! We’ve gathered all the news here that we haven’t covered extensively this week. Click on the headlines to read the full stories. And stay safe out there.
A week after blocking Facebook in the country, Russia has now also restricted access to Instagram. It also launched a criminal investigation against parent company Meta, intending to call it an extremist organization. The measures came after Meta announced it would allow calls for violence against Russian soldiers — and for the death of Vladimir Putin — for users in the region, which would be considered a policy violation in non-war times. Facebook’s president of global affairs clarified on Friday that the relaxed policy only applies to users in Ukraine.
Around the time of the Russian invasion of Ukraine, satellite company Viasat experienced a service disruption in parts of Europe. It initially called the incident a “cyber event,” but did not provide much further detail. Now, Reuters reports, Western intelligence agencies have expressed interest in the apparent hack. It is not yet clear whether Russia was the responsible party, but Viasat does have defense contracts with the US and some European countries, raising the chance of a possible intrusion by Moscow.
As part of the $1.5 trillion omnibus spending bill soon to be sent to Joe Biden’s desk, critical infrastructure operators must report cyber-attacks and ransomware directly to the US Cybersecurity and Infrastructure Security Agency within 72 hours. The hope is that this kind of visibility will not only help formulate responses to these incidents, but give the US a more complete picture of how adversaries are attacking it. There is no financial penalty for non-compliance, but CISA can sue any organization that lingers.
One problem with ransomware is that even if you notice the people doing it, they can be very difficult to arrest. That is largely due to the blind eye that Russia has turned to the operations of domestic groups in the past. This week, however, the US managed to extradite not one but two alleged ransomware operators, including one of the people behind last summer’s unprecedented Kaseya hack. The other was a Canadian man accused of acting as a Netwalker ransomware partner.
More great WIRED stories
This post Russia wants to label Meta as ‘extremist organization’
was original published at “https://www.wired.com/story/russia-meta-extremist-satellite-security-roundup”