Welcome to The Cybersecurity 202! Tim here. If youâre remotely interested in boxing, or maybe even if you arenât, youâll definitely want to be watching Saturday night. Errol Spence Jr. versus Terence Crawford is one of the best matchups of the century: two unbeaten fighters, both extra-skilled, fast and powerful.
Below: A contested surveillance tool was used on a senator, and a recent Microsoft hack may have exposed other data. First:
A Chinese marketing firm that has counted state police and other government bureaus as clients is leveraging newswire services to place pro-Beijing stories on the websites of almost three dozen news outlets across America in an apparent effort to help Beijing improve its image abroad.
The Shanghai-based firm â Shanghai Yihuan Cultural Communication Co., Ltd., which goes by the brand name Haixun Press â says on its website that it can plant news articles globally, and can boost the content by providing paid inauthentic social media likes on platforms including Twitter, Facebook and Instagram.
- Haixun is a private company but has links to Chinese government actors, according to its own publicity and government media coverage of the firm.
- Itâs not clear whether the content published on U.S. news websites is paid for by Chinese state actors. However, much of it is directly reproduced from Chinese state media reports or state-funded think tanks.
The articles â which have appeared in financial news subdomains of at least 32 websites including the Arizona Republic and the Pittsburgh Post-Gazette â include Chinese state media stories and scathing critiques of U.S. policymakers, academics and others critical of Beijing.
Haixun has placed the articles using a newswire distribution service called CloudQuote.io, which is run by the California-based firm FinancialContent and provides financial and market content to small news outlets across America, according to a new report by cybersecurity firm Mandiant, which is owned by Google. The articles were still visible last week on sites that use CloudQuote.io content.
While the articles have so far garnered few views compared with the outsize presence of Chinaâs state media outlets on Western social media, they highlight the expanding array of tactics deployed to overhaul Beijingâs image abroad and undermine its political opponents.
âThese actors are trying to blur the line between fiction and fact by placing these pro-[China] articles onto legitimate U.S. news outlets, likely without their knowledge,â said Ryan Serabian, senior analyst at Mandiant, which first shared its latest investigation into a campaign it calls HaiEnergy with The Cybersecurity 202. âSo, I think itâs very important for us to shine a spotlight on that so that measures are taken to prevent this from happening.â
After being asked about the articles by The Post and Mandiant, the Arizona Republic and the Pittsburgh Post-Gazette redirected visitors of the pages where Haixun content appears to other pages on their website.
The Pittsburgh Post-Gazetteâs subdomain began redirecting to its main website after Mandiant contacted the organization with questions in April. Allison Latcheran, director of marketing for the Post-Gazette, told The Post that âwe aren't able to comment on this at this time.â
The Arizona Republic began redirecting the subdomain to its main website after a reporter contacted the news outletâs owner, Gannett. âThese pages no longer include the Arizona Republic branding and we have informed [FinancialContent] of the misinformation,â said a spokesperson, Lark-Marie Anton.
- Anton did not answer additional questions, such as who within the company operated the subdomain, when the newspaper began using the services or how much traffic the subdomain got.
Mark Dierolf, founder and CEO of FinancialContent, hung up on a reporter when reached by phone. Neither he nor anyone at the company responded to subsequent requests for comment.
Haixun did not respond to requests for comment.
Mandiant previously reported in August 2022 that Haixun was responsible for a network of 72 inauthentic news sites hosting pro-Beijing news content. However, its discovery of the Haixun-linked newswire represents the first time the Haixunâs content has appeared on the subdomains of legitimate U.S. journalism companies.
The Haixun-linked effort also highlights the difficulties in tracking the scope of Beijingâs overseas influence efforts, which at times take a scattergun approach, employing a mix of rapidly changing tactics despite varying levels of success.
Articles visible on the subdomains of the U.S. newspapers cover a broad range of topics but often have a common theme: highlighting Chinaâs successes while casting doubt on American culture and politics.
- The articles criticized a speech by President Biden about China and then-House Speaker Nancy Pelosiâs (D-Calif.) visit to Taiwan, as well as U.S. policy on fentanyl, human rights, democracy, race and press freedom.
- In all, between the Haixun-affiliated Times Newswire and WorldNewswire, the subdomains have carried approximately 2,000 of their articles at any given time, some of which dated back to at least August 2021.
Although itâs not clear that Haixun placed the articles for Chinese government entities, the firm appears to have worked for Chinese institutions.
In online sales material and social media postings from Haixunâs website and social media accounts, the company said it works with over 150 clients that include Chinese government departments, police and state media.
During the coronavirus pandemic, the state media articles and blogs from Haixun show that local Chinese police have used analytical software developed by the firm to surveil peopleâs movements as part of health control restrictions. According to other state media and marketing material, Haixun provides âpublic opinion managementâ services to government agencies.
Campaigns to purchase positive media are not new in China. However, Chinese state and private propaganda operations have since 2017 increasingly focused on turning those operations outward to counter negative narratives about Beijing abroad.
Every government agency in Beijing has a budget to promote its image abroad, said an employee of a public opinion management firm in Beijing that works with the central government. The employee, who spoke to The Post on the condition of anonymity because they were not authorized to speak to reporters, said that agencies âneed to proveâ they are achieving results, including in English-speaking countries.
The employee said that government bureaus and state-owned enterprises allocate funds for [positive] propaganda work abroad, including positive mentions in foreign media.
The funds also pay for inauthentic social media activity to promote China and its government, and agencies frequently purchase bot services from groups outside China, in Southeast Asia and the United States, said the employee, who does not work directly with Haixun but is familiar with the firm.
âItâs becoming a requirement,â the employee said.
FBI personnel improperly searched a surveillance database using the names of a U.S. senator and state senator, as well as the Social Security number of a state judge, according to an April court opinion released Friday.
That was one of several developments related to so-called Section 702 surveillance authorities. The surveillance powers are set to expire at the end of this year and are used to target foreigners, but under certain restrictions intelligence officials can use them to obtain information on communications involving Americans. U.S. officials have been pushing for Congress to re-up Section 702, but many experts say theyâd make changes to the spy powers.
- FBI Director Christopher A. Wray wrote in a letter to congressional leaders that for the first half of this year, â97 percent of the FBI's raw technical reporting on malicious cyber actorsâ came from Section 702.
- A March opinion from the Foreign Intelligence Surveillance Court (FISC) concluded that the FBIâs steps to improve its compliance with rules for querying the 702 database had been effective. A 2021 FISC opinion issued before the FBIâs remedial measures detailed years of compliance problems.
Critics of how the government has used Section 702 reacted to Fridayâs news with displeasure.
âThe FBI continues to break the rules put in place to protect Americans, running illegal searches on public officials including a U.S. senator, and itâs long past time for Congress to step in,â said Patrick Toomey, deputy director of the American Civil Liberties Unionâs National Security Project. âAs Congress debates reauthorizing Section 702, these opinions make clear why fundamental reforms are urgently needed.â
Sen. Ron Wyden (D-Ore.) criticized not only the breadth of Section 702 spying but how much of the court orders had been blacked out: âWhile I commend the administration for these releases, it remains the case that information the public needs in advance of 702 reauthorization has been unnecessarily redacted.â
The hackers that breached the Microsoft email accounts of high-ranking U.S. government officials may have pilfered other documents and files protected by Microsoft login information, our colleague Joseph Menn reports, citing research from cloud security company Wiz.
- âThe hack ⊠alarmed officials because the attackers used a stolen or forged Microsoft signing key of the kind that the company uses to authenticate customers,â Joseph writes, adding that, with the key, âthey could masquerade as any Microsoft Exchange or Outlook email customer and approve access to employee inboxes.â
The Wiz researchers claimed that âanyone with the signing key could have extended their access and signed into other widely used Microsoft cloud offerings including SharePoint, Teams and OneDrive,â as Joseph writes.
While Microsoft revoked that authentication key, the researchers say that the hackers may have built in backdoor access to applications, and that some software could still approve a session with an expired key.
- Microsoft downplayed the research. âMany of the claims made in this blog are speculative and not evidence-based,â said Jeff Jones, a Microsoft spokesperson.
- The Cybersecurity and Infrastructure Security Agency similarly said it had not seen any the hackers go beyond email. (They reportedly targeted Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns).
Despite the hack, Raimondo still plans to make a scheduled trip to China later this year, Reuters reported.
A couple accused of laundering billions of bitcoin linked to the 2016 hack of the Bitfinex cryptocurrency exchange are poised to plead guilty, Cyrus Farivar reports for Forbes, citing federal court records.
- Farivar writes: âThe two were arrested in February 2022 at their Manhattan apartment, and their wild tale captivated the world. Shortly after their arrests the world quickly discovered Heather Morganâs rap alter ego as âRazzlekhanââ where she sang in the 2019 song âVersace Bedouin.â
Morgan and husband Ilya Lichtenstein each face âone count of money laundering conspiracy,â and Morgan âalso faces one count of conspiracy to defraud the United States,â according to the report. They are expected to plead guilty in D.C. next month.
- Prosecutors are asking the couple forfeit some $3 billion pilfered in cryptocurrency, the report adds. The stolen crypto was worth about $71 million at the time it was stolen but appreciated so much it was worth around $4.5 billion when they were arrested.
- CISA officials speak at the National Homeland Security Conference in Chicago today through Wednesday.
- FCC Chair Jessica Rosenworcel speaks at a Center for Strategic and International Studies event on 5G spectrum security tomorrow at 2 p.m.
Thanks for reading. See you tomorrow.
Author: Caleb Monroe
Last Updated: 1699968722
Views: 2093
Rating: 4.1 / 5 (98 voted)
Reviews: 85% of readers found this page helpful
Name: Caleb Monroe
Birthday: 1988-01-07
Address: 914 Greene Plains, Thomaschester, KS 61515
Phone: +4302058700581350
Job: Article Writer
Hobby: Playing Piano, Rowing, Horseback Riding, Arduino, Skydiving, Pottery, Telescope Building
Introduction: My name is Caleb Monroe, I am a vivid, striking, Adventurous, skilled, honest, unguarded, irreplaceable person who loves writing and wants to share my knowledge and understanding with you.