Welcome to The Cybersecurity 202! Join us this afternoon for a Washington Post Live event I’m moderating on cloud security, would you please?
Was this forwarded to you? Sign up here.
Below: The National Cyber Director nominee is confirmed to his post, and Apple plans to roll out a new iPhone security feature. First:
Swapped smiles and egg shortages: Researchers identify campaign to manipulate online conversations about Taiwan elections
Hundreds of fake social media accounts have been trying to influence online discussions about elections in Taiwan next month, according to research out this morning, deploying swapped smiles and emphasizing stories about egg shortages.
The Graphika report, which the Cybersecurity 202 is first to report, doesn’t name who’s behind the campaign, and most of the activity has since been removed by tech platforms. But the influence operation — which appeared to utilize accounts on Facebook, TikTok and YouTube — features Chinese-language memes and videos, displays clumsy Taiwanese language skills and favors the political party in Taiwan that is considered more pro-China while criticizing its main rival, the social media analytics firm said.
In the disinformation hotbed that is Taiwan, officials have been stepping up their warnings of Chinese election interference where the Taiwanese presidency is up for grabs. And Graphika warned broadly of more influence operations likely to come before the race concludes.
“We assess that attempts by foreign and domestic [influence operation] actors to manipulate the online political conversation in Taiwan will very likely increase ahead of the 2024 election,” its report states.
The roots
Graphika traced the origins of the campaign back to at least May 2022. As of last week, the company counted 800 Facebook profiles, 13 Facebook pages, one TikTok account and one YouTube channel as being involved in the operation, “most” of which has been removed. As for its reach?
“While some of the videos received tens of thousands of views on TikTok, the coordinated effort to amplify this content on Facebook does not appear to have generated significant engagement among authentic users,” Graphika analyst Libby Lange told me via email. “Some posts by the operation, however, have previously appeared in top search results on Facebook for terms related to the Taiwanese election, likely due to the actors repeatedly posting identical sets of hashtags.”
The persona at the center of the operation was a TikTok and YouTube account that went by “Agitate Taiwan.”
The themes of the campaign are consistently supportive to Taiwan’s KMT party, viewed within Taiwan as more supportive of China, and critical of Taiwan’s pro-independence DPP, according to Graphika. The DPP has held the presidency since 2016. For instance, the operation has emphasized stories about the egg shortage that has bedeviled the current administration. Overall it sought to criticize the DPP and its candidate Lai Ching-te — trying to tar them as corrupt, beyond pushing other storylines — and to highlight the ideas and achievements of the KMT candidate Hou Yu-ih.
Many of the tactics the campaign used are similar to those that often pop up in online influence operations, but with at least one standout, according to Graphika.
What the others involved say
A TikTok spokesperson who requested anonymity to protect employee safety said it was investigating the account and that it doesn’t have evidence that the account was inauthentic, referencing Graphika’s note that it was unable to assess whether Agitate Taiwan was inauthentic or an authentic account repurposed for the campaign. The spokesperson noted its community guidelines do not permit spam, covert influence operations or misinformation about electoral processes.
YouTube concluded that Agitate Taiwan violated its policies. “Upon careful review of the channel, flagged in the Graphika report, we terminated the channel for violating our spam, deceptive practices and scams policy,” the company said.
Meta said it appreciated Graphika’s work.
“We worked with researchers at Graphika to investigate this cross-internet activity which failed to build engagement among real people on our platform,” Ryan Daniels, a Meta spokesperson, told me via email. “We took it down and continue to monitor for any additional violations of our inauthentic behavior policy. We welcome research into deceptive campaigns like these as they rarely, if ever, target one single platform, and it takes a broader whole-of-society response to counter them.”
The keys
National Cyber Director nominee confirmed to post
National Cyber Director nominee Harry Coker on Tuesday was confirmed to his post in a 59-40 Senate vote, closing a 10-month gap in which the White House Office of the National Cyber Director did not have a full-time leader to coordinate and plan cybersecurity across the government.
Positive reactions poured in from government-affiliated organizations and the private sector, praising Coker’s experience in the intelligence community and work with other entities. He has advised or has been a board member on a number of companies and was also a senior fellow at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.
Sen. Angus King (I-Maine), who co-leads the Cyberspace Solarium Commission, said in a statement he was “relieved” to have a permanent leader in the office. “After meeting with Coker at length, I firmly believe that his experience — and the expertise and skill-set it imbued him with — makes him highly qualified for the position,” King said.
Coker advanced out of the Senate Homeland Security Committee last month. All but one Republican on the panel voted against him. At least one Republican, Sen. Rick Scott (Fla.), contested the nomination because of concerns about whether the Biden administration would be using the office to help censor free speech.
When asked about social media censorship at his nomination hearing, Coker said that “with regards to ONCD, we do not have a role related to that.” He also said that “censorship is not an area that I personally believe in,” and that “I am an advocate for constitutionally protected speech.”
Russia, Ukraine exchange headline-making cyberattacks amid Zelensky visit to Washington
Russia and Ukraine have been targeting one another in a pair of high-profile hacking incidents reported over the past day.
Russian hackers hit Ukraine’s largest mobile network operator on Tuesday, as reported by our colleagues David L. Stern, Siobhán O’Grady, Missy Ryan and Kamila Hrabchuk. Meanwhile, Ukraine’s military service on Wednesday said it breached Russia’s federal tax service and wiped the group’s database and its backups, according to Bleeping Computer’s Sergiu Gatlan.
The Russian cyberattack targeted Kyivstar, knocking out service to more than 24 million subscribers and severing connection from early-warning air raid systems in some parts of the country. Some banking machines were also shuttered in the incident.
Meanwhile, Ukraine’s hack on the Russian Federal Taxation Service (FNS) “led to all compromised FTS servers being infected with malware, as well as the hacking of a Russian IT company that provides FNS with data center services,” Gatlan writes.
The attack is said to be severe and may hinder Russia’s tax system for a significant period of time, according to Ukraine’s Main Directorate of Intelligence (HUR).
Apple to release new security setting aimed at preventing low-tech iPhone breaches
Apple is rolling out a new security setting in a coming software update that would prevent thieves from using a stolen iPhone passcode from pilfering other sensitive data on a person’s device, the Wall Street Journal’s Joanna Stern and Nicole Nguyen report.
The reporting centers on a relatively low-tech but still effective method of breaching and exfiltrating data from an iPhone, compared to multiple high-profile incidents from throughout the year that have centered on spyware tools being covertly installed onto iPhones to spy on journalists, politicians and dissidents.
Government scan
Hill happenings
Securing the ballot
Industry report
National security watch
Global cyberspace
Cyber insecurity
Daybook
Chat room
Secure log off
On this day in 1980, @Apple went public. The initial stock price was $22 per share ($0.10 if adjusted for the 5 stock splits that have happened since then). pic.twitter.com/oWFuXOcTqM
Thanks for reading. See you tomorrow.