The Security Challenges Around the Globe We Followed This Week
Depending on where you are in the world this week, a lot has happened—or everything is at a standstill. Here’s a special rundown of major security stories that the Security Management team has been following.
The Suez Canal Situation
As of Security Management’s press time, the cargo ship Ever Given was still stuck in the Suez Canal—blocking traffic in one of the world's main shipping arteries. The 400-meter long ship, owned by the Evergreen Marine Corp., ran aground on Tuesday morning due to a storm and high winds that prevented it from steering, the Suez Canal Authority said. Authorities are attempting to free the ship to allow traffic to resume through the canal, but so far have not been successful. Instead of remaining at anchor while the Ever Given situation is resolved, some ships have changed their routes to travel around the Cape of Good Hope in South Africa.
#SuezCanal Incident Demonstrates Just How Much Global Supply Chains Rely On Shipping: @shippingics > Check out the article 👉https://t.co/5Fdr7sfnUV#Shipping #EverGiven #Maritime #MarineInsight pic.twitter.com/gumEcI1WlF
— MarineInsight (@MarineInsight) March 26, 2021
“The owners and insurers of the ships stuck in this logjam are staring at lawsuits and claims amounting to millions of dollars,” according to Marine Insight. “Experts fear that a loss is inevitable as claims are bound to arise. Even if the Evergreen ship is refloated quickly, there will be some delay in transit and hence the claims.”
Some manufacturers, including Caterpillar, are weighing the costs of having cargo airlifted to prevent further delays and avoid further costs. Moody’s Investors Service said that Europe’s manufacturing and auto sectors will be hit the hardest by the canal blockage.
“This is because they operate ‘just-in-time’ supply chains, meaning they do not stockpile parts and only have enough on hand for a short period, and source components from Asian manufacturers,” according to the analysts who spoke to Reuters. “Even if the situation is resolved quickly, port congestion and further delays to an already constrained supply chain are inevitable.”
COVID-19 in Africa
The World Health Organization (WHO) issued a warning that rising cases of COVID-19 in at least 12 African countries could overwhelm the continent’s healthcare systems. Just 7 million people have been vaccinated on the continent, which has a population of more than 1 billion people.
“The second wave of COVID-19, which began towards the end of 2020, hit African countries more aggressively, with a 30 percent rise in infections compared with the first wave,” The Guardian reports. “However, fewer public health measures were implemented than in the first wave, according to a study this week in the Lancet medical journal.”
The study found that several factors may be leading to a larger second wave of cases in Africa, such as adherence fatigue leading to a decrease in mask wearing and physical distancing behaviors that would limit the spread of the disease.
“Additionally, new variants of concern—reported to be more transmissible, more deadly, and with the potential to escape existing immunity—are circulating among Member States and likely to be changing disease dynamics,” the study said.
Sexual Abuse Settlement
The University of Southern California (USC) will pay more than $1 billion to patients who were treated by a former gynecologist accused of sexual abuse. The BBC reports that it is the largest “sex abuse-linked pay-out in higher education history,” and comes after more than 350 women shared their stories of abuse by George Tyndall—710 women signed on to a lawsuit against the university, which employed Tyndall who is now awaiting trial on criminal charges.
The settlement from the lawsuit totaled $852 million. USC had previously agreed to settle a U.S. federal class action lawsuit in 2018 for $215 billion, bringing the total settlement to $1.1 billion.
“I am deeply sorry for the pain experienced by these valued members of the USC community,” said USC President Carol Folt in a statement. “We appreciate the courage of all who came forward and hope this much-needed resolution provides some relief to the women.”
Folt explained in her statement that USC has since added new protective measures and protocols to enhance safety, including providing comprehensive patient education materials about sensitive examinations; employing more female, board-certified physicians; and creating a new method for collecting information about potential misconduct.
“It is especially important to me that students, staff, and faculty know their rights, know where and how to report concerns, and that all complaints are investigated, tracked, and resolved by appropriate university officials and authorities in a timely manner,” she said.
Marijuana Legalization
New York officials reached a deal to legalize recreational use of marijuana, potentially creating a $4.2 billion industry that would become one of the largest cannabis markets in the United States. The agreement, reached between lawmakers and New York Governor Andrew Cuomo, would legalize recreational use of marijuana for adults 21 and older, allow delivery of marijuana, and legalize marijuana lounges where people could use the drug.
“The deal was crafted with an intense focus on making amends in communities impacted by the decades-long war on drugs,” according to The New York Times. “Millions of dollars in tax revenue from cannabis sales would be reinvested in minority communities each year, and a sizable portion of business licenses would be reserved for minority business owners.”
The bill is still being finalized but is expected to be introduced in the New York state legislature next week.
Espionage Gaps
U.S. National Security Agency (NSA) Director General Paul Nakasone testified before Congress this week, admitting that the agency does not have the ability to identify foreign hacking efforts that exploit domestic infrastructure.
“It’s not the fact that we can’t connect the dots—we can’t see all the dots,” he said according to CyberScoop, which was covering the hearing. “We have a difficulty as a government understanding the totality of the actual intrusion.”
US lacks visibility into digital espionage at home, NSA boss sayshttps://t.co/uXKyRqjDPP pic.twitter.com/Nz5uz4DkX5
— CyberScoop (@CyberScoopNews) March 26, 2021
The U.S. government has come under fire since the private sector notified officials that hackers had gained access to SolarWinds to infiltrate its clients, including government agencies and private companies.
U.S. Capitol Attack
After a push by U.S. Speaker of the House Nancy Pelosi for bipartisan cooperation failed, seven U.S. House of Representative committees opened investigations into the U.S. federal government’s handling of the attack on the U.S. Capitol on 6 January.
The committees sent letters to 16 government agencies to request all communications between agency officials about the joint session of Congress held on 6 January to certify the results of the electoral college and Joe Biden as president of the United States.
“The unusually broad committee review comes as Speaker Nancy Pelosi has been unable to secure bipartisan cooperation to launch an independent commission to review the federal government’s handling of the attack, which left five people dead, including a Capitol Police officer,” according to Politico. “The Justice Department has since charged more than 300 people with breaching the Capitol, including dozens who they allege conspired to violently halt the Electoral College certification.”
SMS Authentication
All major U.S. telecommunications carriers changed the way they route SMS messages after Motherboard disclosed how private companies could be used to intercept messages and direct them to third parties. While this tactic could allow a hacker to invade someone’s privacy, it also posed serious risks for those who use SMS messages as a multi-factor option for logging into accounts.
In a statement, communications firm Aerialink—which routes text messages—said it will not support SMS or MMS text enabling on its wireless numbers. “The announcement adds that the change is ‘industry-wide’ and ‘affects all SMS providers in the mobile ecosystem,’” Motherboard reports.
Ethnic Profiling
Facebook announced that it took action to disrupt an espionage campaign targeting the Uyghur community, including individuals living in Australia, Canada, Kazakhstan, Syria, the United States, and Turkey.
Facebook called the group behind the campaign Evil Eye or Earth Empusa and said the hackers were using Facebook to distribute malware and hack people’s accounts.
“They targeted activists, journalists, and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad,” Facebook said in a post. “This group used various cyber espionage tactics to identify its targets and infect their devices with malware to enable surveillance.”
Taking Action Against Hackers in China https://t.co/I99dbkTi4H
— Facebook Newsroom (@fbnewsroom) March 24, 2021
The Evil Eye group is known for attacks on Uyghurs, and Facebook’s research included finding attack methods beyond its social media service. Facebook’s “cyber espionage investigations team went so far as to trace the Android malware used in the Evil Eye campaigns to two development firms: Beijing Best United Technology Co., Ltd. and Dalian 9Rush Technology Co., Ltd.,” according to WIRED. “Facebook says that research from the threat intelligence firm FireEye contributed to its discovery of these connections.”
Facebook’s announcement came just days after Canada, the European Union, the United Kingdom, and the United States issued sanctions against China for human rights abuses against Uyghurs and other minority groups.
“The EU was first to move, saying early Monday that it would hit four Chinese officials and a public security bureau with travel bans and asset freezes—its most significant measures since an arms embargo following the 1989 killings in Tiananmen Square,” The Washington Post reports. “China quickly responded, leveling similar measures against a list of its European critics.”
Extremism Online
The CEOs of three of the most powerful companies in the world testified before the U.S. Congress on Thursday about how their platforms have been used to spread disinformation, misinformation, and polarized messaging.
Facebook’s Mark Zuckerberg, Google's Sundar Pichai, and Twitter’s Jack Dorsey all appeared before a House committee and were grilled by lawmakers about their platforms' role in planning the attack on the U.S. Capitol. Only Dorsey said that Twitter bore some responsibility for the misinformation that contributed to the riot.
“The roughly five-hour hearing before a House committee marked the first time lawmakers directly questioned the chief executives regarding social media’s role in the January riot,” according to The New York Times. “The tech bosses were also peppered with questions about how their companies helped spread falsehoods around COVID-19 vaccines, enable racism, and hurt children’s mental health.”
Outside assessments have found that social media has contributed to increased polarization. A report published this week by nonprofit advocacy group Avaaz also found that Facebook has allowed groups to glorify violence, including in the lead-up to the 2020 presidential election and the attack on the Capitol.
“More than two-thirds of the groups and pages had names that aligned with several domestic extremist movements,” according to the AP’s assessment of the report. “The first, boogaloo, promotes a second U.S. civil war and the breakdown of modern society. The second is the QAnon conspiracy, which claims that Donald Trump is waging a secret battle against the ‘deep state’ and a sect of powerful Satan-worshipping pedophiles who dominate Hollywood, big business, the media, and government. The rest are various anti-government militias.”
Despite being banned by Facebook, Avaaz found 119 of these pages and groups were still active on the social media site—as of 24 February—and had millions of followers.