Cyber Week in Review: April 14, 2017

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. The party would like to know when your data leaves the country. The Chinese government has drafted a new regulation on internet security that would require internet operators doing business in China to receive approval before transferring data outside of the country. The draft regulation would vest internet regulators and public security officials with the power to block data from leaving the country if the data in question contains personal information, or sensitive information related to national security. The Cyberspace Administration of China said the new rules--which would be the world's strictest data portability rules--are intended to “protect internet sovereignty,” but several U.S. tech giants are concerned that the broadening of the existing data-localization requirements would only complicate their operations in China.

2. We, the undersigned, declare... G7 foreign ministers issued a declaration on what they believe is responsible state behavior in cyberspace. The document mostly repeats existing G7 commitments to respect rights online, abide by international law and the peacetime norms issued in the 2015 UN Group of Governmental Experts report, and support the development of confidence building measures. Interestingly, the declaration notes that a state is "free to make its own determination ... with respect to attribution of a cyber-act to another state." That line drew mild criticism from Microsoft President Brad Smith, who has joined others to argue for the creation of an attribution body--something akin to an International Atomic Energy Agency for cyberspace--that would independently assess the facts of a cyber incident and identify who was behind it.

3. Could the United States and Russia cooperate on cybercrime? After his meeting with U.S. Secretary of State Rex Tillerson, Russian Foreign Minister Sergey Lavrov mentioned that both parties are “interested in close cooperation on cybercrime.” That might come as a surprise to some given that Moscow is known to leverage its criminal underground to conduct is cyber espionage activities, and might therefore be reluctant to hand over fugitives. Nevertheless, there is precedent for cyber cooperation between both countries. The United States and Russia agreed to a series of bilateral confidence building measures in 2013, and the U.S.-China mechanism on cybercrime cooperation has been successful--possibly providing a template for U.S.-Russian efforts. In addition, Kimberly Marten, the director of the U.S.-Russia program at Columbia University's Harriman Institute, argues that Washington and Moscow start building trust in the cyberspace by agreeing to not reveal personal or compromising information about each others' leaders--a practice known as doxing.

4. More Shadow Brokers. The Shadow Brokers released another round of what is believed to be National Security Agency (NSA) cyber tools and related data. Wired reports that the leaked data shows that the NSA may have compromised EastNets, a company that oversees payments in the SWIFT network for clients in the Middle East. The NSA operation seems to be more run-of-the-mill espionage, as opposed to an effort to steal money as North Korea allegedly did with its compromise of Bangladesh bank. However, the leak raises important questions. Nicholas Weaver at Lawfare points out the Shadow Brokers release shows that the NSA did not disclose zero-days to vendors after they potentially knew they were compromised. Over at Medium, security researcher Matt Suiche makes the case that a U.S. compromise of the SWIFT network could bolster Russia and China's efforts to build support for alternate transfer mechanisms.