Ukraine has issued a warning about Russia’s escalating use of TikTok to challenge President Volodymyr Zelenskiy’s legitimacy and erode national morale amid Russia’s military actions. Russian influencers and bots are reportedly behind viral TikTok videos targeting 20 May, the date when Zelenskiy’s first term would have ended if not for election disruptions due to martial law. Andriy Kovalenko, a senior official focused on countering Russian misinformation, highlighted Russia’s systematic approach to TikTok, exploiting the platform to sway public opinion.
As Russia continues its military campaign against Ukraine, it has expanded its information warfare to platforms like TikTok alongside traditional battlegrounds. The use of TikTok to disseminate misinformation represents a strategic shift in Russia’s multifaceted approach to influencing public perception and leveraging its advantage in cyberspace. TikTok, owned by ByteDance, has responded by enhancing safety measures and removing harmful misinformation in Ukraine amid broader scrutiny over data security and misinformation concerns from the US and the EU.
In response to these challenges, Ukraine advocates for greater cooperation from social media companies like TikTok by urging them to establish full-scale offices in Kyiv to combat disinformation effectively. Kovalenko, who actively uses TikTok to counter false narratives, emphasised the need to adapt Ukraine’s approach to this influential platform. The call for action by Kovalenko comes as TikTok reports uncovering covert influence operations related to Ukraine conflict and removing millions of problematic videos during the last quarter.
Why does it matter?
Ukraine’s efforts to confront Russia’s information campaign on TikTok reflect broader concerns over the app’s influence and security. While governments like the US and the EU take measures to safeguard against potential threats posed by platforms like TikTok, the ongoing geopolitical dynamics and the use of social media as a battleground highlight the complex challenges digital technologies pose in the modern information landscape.
According to reports, a significant cyberattack targeted the UK Ministry of Defence, exposing the sensitive details of tens of thousands of armed forces personnel. The breach, believed to have occurred multiple times on a third-party payroll system, prompted the MoD to assess the extent of the hack over three days. While the Ministry has not confirmed any data theft, it reassured service members about their safety amid the incident.
The attack follows earlier attributions of cyberattacks to Chinese ‘state-affiliated actors’ in the UK between 2021 and 2022. In March, Deputy Prime Minister Oliver Dowden disclosed sanctions against individuals and a company linked to the Chinese state for alleged malicious cyber activities, including attacks on the Electoral Commission. These actions underscore a growing concern over cyber threats originating from China.
While Chinese President Xi Jinping embarked on a European tour, the cyberattack allegations persisted, with French lawmakers targeted by similar incidents urging an official investigation. Despite mounting accusations, French authorities refrained from directly attributing the attacks to China, contrasting with formal accusations made by the US, UK, and New Zealand. As President Xi continues his diplomatic engagements in Europe, with planned visits to Serbia and Hungary, the cybersecurity landscape remains a pressing issue, with nations navigating the complexities of state-sponsored cyber activities.
South Korean police disclosed that major North Korean hacking groups have been relentlessly conducting cyber assaults on South Korean defence firms for over a year. These attacks have resulted in breaches of internal networks and the theft of crucial technical data. Identified groups include Lazarus, Kimsuky, and Andariel, all linked to North Korea’s intelligence apparatus.
Hackers successfully infiltrated networks using various methods, such as planting malicious codes directly into defence companies’ systems or through their contractors. Police, collaborating with national spy agencies and private sector experts, tracked these attacks. They used indicators such as source IP addresses, signal rerouting architecture, and malware signatures to identify the perpetrators.
One notable case, dating back to November 2022, saw hackers inserting a code into a company’s public network. This code later infected the intranet during a temporary disengagement of the internal security system for a network test. Exploiting security oversights, hackers gained entry through subcontractors’ accounts, who used identical passcodes for personal and official email accounts, extracting confidential technical data.
Although the police did not disclose the affected companies or the specifics of the data breaches, South Korea has become a significant global defence exporter. In recent years, lucrative contracts for items such as mechanised howitzers, tanks, and fighter jets have been valued at billions of dollars. This latest revelation underscores the persistent threat posed by North Korean cyber operations, which extend beyond national borders and target critical industries worldwide.
China has taken a significant step in modernising its military by establishing the Information Support Force (ISF) to bolster its ability to wage networked warfare. President Xi Jinping formally inaugurated the ISF, emphasising its crucial role in ensuring the People’s Liberation Army (PLA) can succeed in modern conflicts. The ISF aims to develop a network information system tailored to the demands of contemporary warfare, enhancing the PLA’s combat capabilities.
The creation of the ISF consolidates China’s cyberspace and aerospace capabilities under a unified command within the Strategic Support Force. President Xi’s leadership underscores the strategic importance of this new force in advancing China’s military strength across all domains. While specific details of the ISF’s operations remain undisclosed, its establishment aligns with Xi’s broader vision for China’s military modernisation, particularly in light of the PLA’s upcoming centennial anniversary in 2027.
China’s emphasis on information warfare reflects a global recognition of the critical role of communication in modern conflict. However, concerns persist regarding China’s aggressive cyber activities, with FBI Director Christopher Wray characterising China as a persistent threat to US infrastructure. Wray highlighted China’s extensive hacking capabilities, fueled by the theft of intellectual property and data, and emphasised the importance of collaborative efforts to counter these threats.
The FBI’s response to Chinese cyber operations involves close coordination with various entities, including the US Cyber Command, foreign law enforcement agencies, and private sector partners. Wray emphasised the role of partnerships in confronting Beijing’s cyber aggression, stressing the need for proactive engagement from potential victims to mitigate the impact of cyber intrusions. By leveraging collaboration and information sharing, efforts to combat Chinese cyber threats aim to protect critical infrastructure and safeguard against future attacks.
FBI Director Christopher Wray issued a stark warning about Chinese government-linked hackers infiltrating critical US infrastructure, awaiting a strategic moment for devastating action. Speaking at Vanderbilt University, Wray outlined the ongoing Volt Typhoon hacking campaign, which has breached American companies in vital sectors like telecommunications, energy, and water, with 23 pipeline operators among the targets.
FBI Director Christopher Wray issued a warning that Chinese hackers are preparing to attack critical US infrastructure:
“China is positioning its enormous hacking enterprise…The PRC has made it clear that it considers every sector that makes our society run fair game in its… pic.twitter.com/Fwsoj4jWXF
At the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats, Wray emphasised China’s evolving capability to inflict physical damage on crucial infrastructure at its discretion. The campaign’s intent remains elusive, though it aligns with China’s broader strategy to dissuade US intervention in Taiwan, a democratic territory claimed by Beijing.
China, which has never disavowed the use of force to assert control over Taiwan, denies any government involvement in Volt Typhoon, dismissing it as the work of criminal ransomware groups. The Chinese Embassy in Washington echoed this stance, accusing the US of politicising cybersecurity by attributing attacks to China and portraying itself as the victim.
Wray disclosed that Chinese hackers employ a network of compromised devices globally to obfuscate their activities, a tactic previously identified by private cybersecurity firms like Microsoft and Google. As tensions persist between the US and China over Taiwan and cybersecurity, the spectre of cyberwarfare looms large, underscoring the imperative for robust defences against digital incursions.
On 1 November 2023, the First Committee (Disarmament and International Security) of the UN General Assembly approved a draft resolution on lethal autonomous weapons systems (LAWS), expressing concern about the possible negative consequences and impact of autonomous weapons systems on global security and regional and international stability and stressing the urgent need for the international community to address the challenges and concerns raised by such systems.
The resolution, once endorsed by the General Assembly, would require the UN Secretary-General to seek the views of Member States and observer States on LAWS and on ways to address the challenges and concerns they raise from humanitarian, legal, security, technological, and ethical perspectives, and to submit a report to the General Assembly at its seventy-ninth session. The Assembly would also request the Secretary-General to invite the views of international and regional organizations, the International Committee of the Red Cross, civil society, the scientific community and industry and to include those in the annex to the report.
Within the First Committee, the draft resolution was adopted by a vote of 164 in favour to 5 against (Belarus, India, Mali, Niger, Russian Federation), with 8 abstentions (China, Democratic People’s Republic of Korea, Iran, Israel, Saudi Arabia, Syria, Türkiye, United Arab Emirates). In addition, 11 votes were recorded on the resolution’s provisions.
Egypt noted that algorithms must not be in full control of decisions that involve harming or killing humans. Human responsibility and accountability for the use of lethal force must be preserved.
The Russian Federation expressed concern that the resolution seeks to undermine the work of the GGE on LAWS, which is the sole ideal forum to discuss LAWS. The country also argued that the resolution does not acknowledge that autonomous weapons systems can play an important role in defence and in fighting terrorism, and that international law fully applies to these systems.
Iran noted that the definition and scope of the term ‘lethal autonomous weapons’ are not clearly defined, and that GGE on LAWS should focus on states parties.
Türkiye also raised the issue of a lack of agreement on the definition of autonomous weapons systems and noted that the absence of shared terminology increases ‘question marks’ on the way forward. The country also added that international law and international humanitarian law should be sufficient to alleviate concerns regarding the use of such weapons systems.
The USA stated that it does not support the creation of a parallel process on LAWS or any other efforts that will seek to undermine the centrality of the GGE on LAWS on making progress on this issue. Poland also noted that the GGE is the forum to make progress on identifying challenges and opportunities related to LAWS, and that other international forums are not equally fit, as they often lack technical and diplomatic capacity and do not address the significant balance between humanitarian aspects and military necessity.
Israel called on member states not to undermine the work done in the Convention through the creation of a parallel forum. It also outlined the importance of the full application of international humanitarian law to LAWS.
Australia called for the report to be prepared by the UN Secretary-General to be balanced and inclusive of the views of all UN member states. South Africa expressed concern about the provision of the resolution, noting that the integrity of the process under way in the GGE on LAWS should be respected, and states parties have already made their views known on the issue. Brazil argued that the GGE might benefit from the fresher views of a wider audience.
Russian hackers are reportedly intensifying their cyberattacks on Ukraine’s law enforcement agencies, focusing on uncovering information related to investigations of war crimes allegedly committed by Russian soldiers.
According to an SSSCIP report, the Russian objective appears to be to identify war crime suspects, potentially aiding them in evading prosecution and facilitating their return to Russia. Additionally, the hackers are likely keen to ascertain the identities of elite soldiers and officers captured in Ukraine for possible exchange.
Ukrainian cybersecurity officials have voiced concerns over these espionage campaigns, which have targeted entities such as the prosecutor general’s office, courts, and other bodies investigating war crimes.
In a development that may be related, Karim Khan, the lead prosecutor of the International Criminal Court (ICC), announced that the court intends to investigate cyberattacks as possible acts of war crimes. Russia’s cyber assaults on Ukraine’s essential civilian infrastructure could be some of the initial instances under this new interpretation.
Not long after this announcement, the ICC decided to establish a field office in Kyiv in charge of investigating Russian war crimes. The ICC then reported a breach of its computer systems without divulging further details regarding the severity or attribution of the attack.
Japan is developing a counter-cyber attack grid for the Indo-Pacific region to protect its interests and allies from cyber threats. The grid will consist of a cyber defence network that covers Pacific islands and enhances cybersecurity cooperation with regional countries.
This project is aligned with Japan’s goal of creating a free and open Indo-Pacific region, where it can balance the rising power of Russia, North Korea, and especially China. Japan wants to build this grid to prevent future cyberattacks and protect its national security and stability.
To strengthen cyber capabilities in the Indo-Pacific, the Japanese Foreign Ministry has allocated around a $75 billion investment plan to strengthen its ties with South and Southeast Asian nations and promote peace, connectivity, and security in the Indo-Pacific. The allocated funds will be utilized for various initiatives, including installing necessary cybersecurity equipment. Additionally, capacity building efforts will be undertaken through joint training sessions. The World Bank will also offer a dedicated fund to support the development of cybersecurity human resources in these nations.
Why does it matter?
The move comes amid growing concerns over China’s alleged involvement in cyber attacks against Japan. Around 200 Japanese organizations, including the Japan Aerospace Exploration Agency, are believed to have been targeted by Chinese cyber hackers. Reports suggest that Chinese military hackers have also accessed Japanese defence secrets.
The document highlights the perils of weaponising new and emerging technologies, such as the proliferation of armed uncrewed aerial systems, the ease of access to powerful tools that facilitate the spread of misinformation, disinformation, and hate speech, and the misuse of digital technology by terrorist groups.
Among the 12 sets of recommendations detailed in the Policy Brief as steps towards achieving more effective multilateral action for peace and security, one is dedicated to ‘preventing the weaponisation of emerging domains and promote responsible innovation’. Here, the Secretary-General calls for:
The development of governance frameworks, at the international and national levels, to minimise harms and address the cross-cutting risks posed by converging technologies.
The establishment of an independent multilateral accountability mechanism for malicious use of cyberspace by states, to reduce incentives for such conduct. Such a mechanism, the Secretary-General argues, could enhance compliance with agreed norms and principles of responsible state behaviour.
The conclusion, by 2026, of a legally binding instrument to prohibit lethal autonomous weapon systems that function without human control or oversight, and which cannot be used in compliance with international humanitarian law, and to regulate all other types of autonomous weapons systems.
The development of frameworks to mitigate risks relating to AI-enabled systems in the peace and security domain. The Secretary-General specifically mentions the International Atomic Energy Agency, the International Civil Aviation Organization and the Intergovernmental Panel on Climate Change as governance approaches that member states could seek inspiration from. He also invites member states to consider the creation of a new global body to mitigate the peace and security risks of AI while harnessing its benefits to accelerate sustainable development.
The development of norms, rules and principles around the design, development, and use of military applications of AI through a multilateral process, with the engagement of stakeholders from industry, academia, civil society and other sectors.
The development of a global framework regulating and strengthening oversight mechanisms for the use of data-driven technology, including AI, for counter-terrorism purposes.
The development of measures to address the risks involved in biotechnology and human enhancement technologies applied in the military domain.
The UK National Cyber Force (NCF) – a partnership between the country’s armed forces and the Government Communications Headquarters (GCHQ) – disclosed details about its approach to ‘responsible cyber operations to counter state threats, support military operations, and disrupt terrorists and serious criminals’.
The document outlines that central to NCF’s approach is the ‘doctrine of cognitive effect’ – using techniques that have the potential to sow distrust, decrease morale, and weaken the adversaries’ ability to plan and conduct their activities effectively with the goal of changing their behaviour. This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the internet to spread disinformation. NCF’s operations are covert, and the intent is sometimes that adversaries do not realise that the effects they are experiencing are the result of a cyber operation.
‘In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace,’ GCHQ director Jeremy Fleming said. The statement was published alongside a 28-page paper designed ‘to illustrate aspects of how the UK is being a responsible cyber power’. It did not elaborate on the specifics of those operations.
