Cyber Week in Review: February 9, 2024

Meta Oversight Board says that manipulated video of President Biden should remain on platforms

The Meta Oversight Board ruled that a manipulated video of President Biden, which falsely depicts the President inappropriately touching his adult granddaughter, should stay on Meta’s platforms, which include Facebook and Instagram, because the average user would not find it misleading. Despite its decision, the Board criticized Meta’s policies around fake content. Board Co-chair Michael McConnell stated that the “[Facebook fake content] policy makes little sense” and emphasized the policy’s failure to address manipulated audio. The board can only make individual decisions on keeping up or taking down content and cannot issue binding changes to Meta’s overall content policies.  The Board urged Meta to flag any altered videos to promote platform accountability. Meta faces tough choices this year, as an unusually large worldwide election cycle coincides with the growing threat of AI-enabled, and misleadingly edited, deepfake and “cheap fake” content spreads on its platforms as part of preexisting extremist, electoral, and political misinformation.

U.S. sanctions Iranian hackers for attacks on water facilities

The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) announced sanctions against six Iranian officials from the  Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) for their role in a cyberattack in the fall of 2023. The officials, members of the hacker group Cyber Av3ngers,  disabled Unitronics programmable logic controllers (PLC) at a booster station operated by the Municipal Water Authority of Aliquippa, Pennsylvania in the attack. PLCs control pumps and valves in U.S. water and wastewater infrastructure and have been exploited in past destructive cyberattacks. The hackers appear to have targeted the PLCs because Unitronics is an Israeli company, defacing the PLCs with a message that read, “You have been hacked. Down with Israel. Every equipment “made in Israel” is Cyber Avengers legal target.” The group also targeted ten water treatment stations in Israel around the time of its attack on Aliquippa. The new sanctions will prohibit companies that want to operate in the United States from conducting business with the six named Iranian officials. The U.S. Cybersecurity and Infrastructure Security agency has made defending U.S. water infrastructure from state-sponsored malicious cyber activity and cybercriminals a priority, publishing a set of cybersecurity best practices for the water industry three weeks ago.

Congress halts funding for the Affordable Connectivity Program

The Affordable Connectivity Program (ACP), a U.S. program designed to help provide low-income people with high-speed internet, stopped accepting new applications and enrollments on February 7. The program helps households and individuals who are far below the federal poverty line save $30 to $75 per month on internet bills and provides them with discounts for laptop and desktop computers. The ACP was created in December 2021 under the Infrastructure Investment and Jobs Act and has been one of the largest broadband affordability programs aimed at addressing the digital divide, helping nearly 23 million Americans gain access broadband for the first time, or maintain access when they otherwise could not have. The Biden administration is calling on Congress to extend the program and a bipartisan group of 174 mayors also sent a letter urging congressional leaders to pass legislation to extend the ACP. Allowing the program to lapse would have a significant impact on historically underserved communities, military families, and senior citizens, who rely on the internet for access to adequate healthcare and education, which can help close socioeconomic and racial disparities. One study found that 81 percent of ACP recipients worry about their children falling behind in school without home internet access, and 65 percent fear they could lose their job if Congress fails to reauthorize the program.

State Department announces visa restrictions for individuals tied to spyware industry

The State Department announced that it will restrict visas for individuals tied to commercial spyware vendors (CSVs), especially those involved in the misuse of such spyware. The restrictions will apply to individuals involved in the use of spyware against vulnerable populations or groups, journalists, activists, and other members of civil society; individuals who facilitate or profit from use of spyware against such groups; and the spouses and children of any individuals sanctioned under the restrictions. This decision comes nearly a year after the United States signed a joint statement with other governments in Oceania, Latin America, and Europe, who expressed a mutual interest in curbing the proliferation and misuse of spyware. The visa restrictions are an outgrowth of the Biden administration’s push to curb spyware, and come comes three years after the Biden administration blacklisted an Israeli spyware company, NSO Group, for its sales of Pegasus spyware. Forbidden Stories, a Paris-based media non-profit, found that governments used Pegasus against at least 180 journalists, in addition to other human rights advocates, heads of state, and union leaders. A Google Threat Analysis Group (TAG) report released this week stated that CSVs cause “real-world harm” and highlighted three high-risk users who felt fear for their safety but a “determinism to continue their important work.”

Scammers use deepfake to steal $25 million from Hong Kong firm

Scammers used deepfake AI-generated videos of several senior employees of a multinational firm to convince an employee at the Hong Kong branch of the firm to send more than $25 million to the scammers. The targeted employee was told to join a video call, where deepfakes of the company’s senior leadership, including the chief financial officer, told the employee to make over fifteen wire transfers to accounts controlled by the scammers. The scammers apparently used publicly available audio and video to create the deepfakes of the leadership team, and police said that one or two other employees were likely targeted with the deepfakes as well, although they were not involved in the transfers. Some of the risks associated with AI-generated, video, audio, and text have become increasingly apparent, as the U.S. Federal Communications Commission announced it was banning the use of AI-generated voices in robocalls.

Cecilia Marrinan is the intern for the Digital and Cyberspace Policy Program.