Neutrality is a core tenet of cryptocurrency. But in the course of the war in Ukraine, exchanges have blocked accounts of sanctioned Russian individuals and those close to them. Activists have also used apps like Tinder and Google Maps to circumvent Russia’s information blockades, offering a counterweight to the country’s propaganda machine. And face recognition algorithms have made it frighteningly easy to identify Russian soldiers—which could backfire disastrously when the technology inevitably gets it wrong.
Elsewhere in the world, security researchers have caught China’s APT41 hackers spying on US state systems. That’s no big surprise in itself, but the way they got in—through a livestock-tracking app and the Log4j vulnerability—was an unexpected combo. Critical bugs in an IoT remote-access tool have put hundreds of thousands of medical devices, ATMs, and more at risk. And we looked at how law enforcement in some parts of the world use phone data to persecute LGBTQ communities.
We also explored how NFTs really work, and we took a look at YouTube’s policy against election disinformation—and why it’s not sustainable in the long run. And while it’s not strictly a security story, this in-depth profile of Facebook’s Joel Kaplan goes a long way toward explaining how those sorts of policies get formed in the first place.
And there’s more! We’ve rounded up all the news here that we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.
A week after blocking Facebook in the country, Russia has now throttled access to Instagram as well. It also launched a criminal probe against parent company Meta, intending to label it an extremist organization. The moves came after Meta announced that it would allow calls for violence against Russian soldiers—and for the death of Vladimir Putin—by users in the region, which in peacetime would be a violation of the platforms’ policies. Facebook’s president of global affairs clarified on Friday that the loosened policy would apply only to users in Ukraine.
Around the time of Russia’s invasion of Ukraine, the satellite company Viasat experienced a disruption in service in parts of Europe. It initially called the incident a “cyber event” but didn’t provide much detail. Now, Reuters reports, Western intelligence agencies have taken an interest in the apparent hack. It’s not clear yet if Russia was the responsible party, but Viasat does have defense contracts with the US and some European countries, which raises the stakes of potential intrusion by Moscow.
As part of the $1.5 trillion omnibus spending bill headed soon to Joe Biden’s desk, critical infrastructure operators will be required to report cyberattacks and ransomware directly to the US Cybersecurity and Infrastructure Security Agency within 72 hours. The hope is that this kind of visibility will not only help with formulating responses to these incidents, but will give the US a fuller picture of how adversaries are attacking it. There’s no financial penalty for noncompliance, but CISA will be able to subpoena any organization that drags its feet.
One problem with ransomware is that even when you find the people doing it, they can be very hard to arrest. That’s thanks in large part to the blind eye Russia has historically turned to the operations of domestic groups. This week, though, the US managed to extradite not one but two alleged ransomware operators, including one of the people behind last summer’s unprecedented Kaseya hack. The other was a Canadian man accused of acting as a Netwalker ransomware affiliate.
More Great WIRED Stories