Updates

A Russian court approved the state’s communication watchdog, Roskomnadzor, request to limit access to Telegram, due to the company’s repeated refusal to hand over encryption keys, this way undermining privacy of its users. Raskomnadzor asked the court to block the app, and for the ban to take an immediate effect. The media reports that the court scheduled the hearing one day prior, during which it took 18 minutes to approve the watchdog’s request. Raskomnadzor’s head, Alexander Zharov, stated that the ban would be soon in effect, and soon after also blocked. The judge, Yulia Smolina, said: ‘The court decided to meet the requirements of Roskomnadzor, impose restrictions on access to Telegram messenger and stop providing technical conditions for the exchange of messages.’ Russia’s Federal Security service claimed the need to access to some of the messages as part of the guarding against terrorist attacks. Telegram Funder and CEO, Pavel Durov, reacted to the decision by saying that the app will use built-in systems to circumnavigate the ban, underlying that the access will be difficult without the use of a virtual private network. Telegram’s lawyer, Pavel Chikov, wrote on a Telegram channel: ‘They have demonstrated again and again that the court system is devoted to serving the interests of the authorities. They no longer even care about basic external appearances.’ Among app’s 9.5 million active users within the country are also journalists and members of Russia’s political opposition. Telegram is also used by the Kremlin for communicating with reporters, as well as to arrange conference calls with Russian President Vladimir Putin’s spokesman.

United Kingdom launched a major offensive cyber-campaign on Islamic State in 2017, the director of UK’s Government Communications Headquarters (GCHQ) revealed. This is the first instance in which UK has systematically degraded online efforts of an adversary in a military campaign. The operation hindered the ISIL’s ability to coordinate attacks and use their communication channels to spread propaganda. Aside from disrupting ISIL’s online activities, the operation even destroyed equipment and networks.

On 11 April 2018, the Article 29 Data Protection Working Party (composed of data protection authorities in EU member states) wrote to the Internet Corporation for Assigned Names and Numbers (ICANN) with regard to ICANN's proposal for an 'Interim model for compliance with ICANN agreements and policies in relation to the European Union's General Data Protection Regulation (GDPR)'. The group welcomed ICANN's proposal for layered access to WHOIS data (data of domain name registrants) and for an accreditation programme to govern access of law enforcement agencies and other parties to non-public WHOIS data. But it also raised concerns about several provisions of the proposed interim model seen as not being in line with the GDPR, and asked ICANN to further work on issues such as: explicitly defining the legitimate purposes for which registrant data is collected; specifying more clearly the relation between the legitimate purposes of the data processing and the relevant legal basis; developing policies applicable to incidental and systematic requests for access to WHOIS data, in particular for law enforcement agencies; and ensuring that registrars and registries have appropriate logging and auditing mechanisms in place to detect possible misuse of WHOIS data.​

Member states of the EU signed a declaration which will establish a European Blockchain Partnership. Twenty two EU countries will share the expertise in regulatory field. Also they will try to prepare for the launch of EU wide blockchain application. By the words of Mariya Gabriel, EU Commissioner for Digital Economy and Society: ‘The Partnership launched enables Member States to work together with the European Commission to turn the enormous potential of blockchain technology into better services for citizens’. Declaration is a continuation of the EU Commission work to develop a common approach on Blockchain technology for the EU. [link]

According to Ace Ratcliff at the Huffington Post, Disabled People (Might) Finally Get Emojis That Represent Us, changing a scenario that currently has only one of 2,666 emojis representing persons with disabilities. Apple recently unveiled a proposal to the Unicode Consortium, suggesting 13 new emoji developed in consultation with community organizations like the American Council of the Blind, the Cerebral Palsy Foundation, and the National Association of the Deaf.

                                                                                         13 new emoji proposed by Apple
                                                                                          Isabella Carapella/HuffPost/Apple

The author notes that the lack of emojis is just one way in which persons with disabilities are underrepresented in society, stating that 'Apple’s 13 proposed emojis may be what society needs to recognize that disability representation is sorely needed and long overdue'.

Cisco Smart Install (SMI) Client, a legacy utility allowing simple “no touch” configuration of switches, is being exploited in attacks against systems, including critical infrastructure, Cisco Talos warns. According to the US CERT alert, some of the attacks are believed to be conducted with support of nation-state actors. The abuse of the feature allows modifying the general configurations of the switch by a third party, allowing it to log-in and execute IOS commands which can serve as an attack vector. The problem prevails in spite of Cisco’s report with recommendations, issued in February.

FireEye released Mandiant® M-Trends® 2018 report, sharing statistics and insights gleaned from Mandiant investigations around the globe in 2017. FireEye has discovered that organizations which can detect breaches internally are doing so faster, with median duration between the start of an intrusion and it being identified decreased to 57.5 days in 2017 from 80 days in 2016. However, the global median dwell time before any detection —external or internal— rose to 101 days in 2017, from 99 in 2016. The data provided in the report shows that organizations which have been victims of a targeted compromise are likely to be targeted again by the same or a similarly motivated attack group, with 49 percent of customers successfully attacked again within one year. The demand for skilled cyber security personnel is continuing to rise, but the supply is not keeping pace, and the skills gap is affecting two areas: visibility and detection, and incident response.

Reuters World News reports that Malaysia outlaws 'fake news'; sets jail of up to six years, noting that 'The government said the law would not impinge on freedom of speech and cases under it would be handled through an independent court process.' Critics say it is aimed at restricting dissent before the forthcoming general election. Hillary Grigonis asks in Digital Trends Should fake news be illegal? Malaysia could be among the first to penalize it. Grigonis goes on to say that 'Critics, however, are voicing concern over the bill’s potential impact on free speech' and quotes Amnesty International’s director for the Southeast Asia and Pacific regions, James Gomez, as calling it a 'vaguely worded, catch-all bill that can be — and will be — used to crack down on peaceful government critics. 

Cnet's Daniel Van Boom notes that fake news is a problem, but adds that experts say that the new law is a dangerous one, quoting David Kay, clinical professor of law at the University of California: 'This legislation is problematic on so many different levels' ... 'The definition of fake news is so broad it seems like the government could decide anything could be fake news. On top of that, it has these extraordinarily harsh penalties.' Van Bloom notes that the law applies overseas, and could affect Malaysians outside the country, or foreign journalists when they visit Malaysia if they wrote or share stories categorised as fake news.

In an event hosted on 29 March at the College de France in Paris, French President Emmanuel Macron announced a national strategy in the field of artificial intelligence (AI), aimed at putting France on the map of leading country in AI. '[AI] is a technological, economical, social and obviously ethical revolution. This revolution won’t happen in 50 or 60 years, it’s happening right now. There are new opportunities and we can choose to follow some innovations or not,' noted Macron in his intervention. The strategy is built on several pillars: support for AI research and development, sharing of new data sets by public entities, to be used for AI services, and regulations allowing companies to experiment in multiple industries (such as autonomous cars). Overall, France intends to invest €1.5 billion in AI initiatives by 2022. The strategy is said to be based on a report prepared by mathematician and member of the French Parliament Cedric Villani.