The Kitchen Sync

November 6, 2020

Soooo ... everything's ok?

What's new: It appears that aggressive US action, improved election security, and the bad guys' own choices have prevented significant technical election interference from foreign nations.

Why this matters: It already feels like we're tap-dancing on a landmine. Any evidence of manipulated votes by Russia, China, or someone else would really increase the chances of something blowing up.

Key points:

  • Last week, the FBI and DHS warned that an Iranian cyber group was targeting US election websites and sending disinformation to American voters.

  • This came on the heels of last month's warning from DNI Ratcliffe that several nations were trying to interfere with the US presidential election -- on behalf of both presidential candidates.

  • Now, recent reporting is shedding light on some of the aggressive actions that are being taken by NSA/USCYBERCOM and others -- including "forward threat hunting operations" (see next story).

  • As of the writing of this newsletter, there are no significant claims of impactful foreign cyber attacks on US election infrastructure.

What we're thinking: It seems pretty clear that we have not decisively changed the calculus of Russia and others when it comes to interfering in US elections -- there's still plenty of "active measures" and propaganda in our political processes. But, if it turns out that foreign actors either chose not to, or were prevented from, manipulating our votes, the women and men in the US defense, intelligence, homeland security, law enforcement, and election security communities deserve our thanks. Even so, we cannot become complacent. This problem is only getting bigger and policymakers on both sides of the aisle need to make a concerted effort against this persistent threat.


CYBERCOM "hunting forward"

What's new: US CYBERCOM is sending teams to Europe, the Middle East, and Asia to find and engage foreign hacking threats.

Why this matters: These "hunt forward operations" build on the Command's efforts started in 2018 to assume a more aggressive, proactive posture on cyberthreats. 

Key points:

  • According to the New York Times, while not exclusively focused on protecting US election security, the 2020 presidential race is playing a key role in the Command's overseas operations.

  • The Command began sending teams overseas more than two years ago, when operators deployed to Macedonia, Montenegro, and other locations to learn more about Russia's online actions.

  • In the run-up to the 2018 mid-term elections, these US teams also sent warnings to Russian trolls not to interfere and even temporarily took down one of Moscow's largest troll farms on Election day and the day afterward.

  • CYBERCOM calls its work with allies to find enemy hackers “hunt forward operations.” After getting close to foreign adversaries’ own networks, our digital ninjas can then identify and potentially neutralize attacks on the US.

  • “We want to find the bad guys in red space, in their own operating environment,” said Lt. Gen. Charles L. Moore Jr., the deputy head of CYBERCOM. “We want to take down the archer rather than dodge the arrows.”

What we're thinking: "To show respect for the opponent is to go and kill with every single action. That is the way you show it. You need to be aggressive." (Mauricio Pochettino)


Ant IPO getting squashed

Dean Cheng, Sr. Research Fellow, Asia Studies Center

What’s New: Chinese regulators halted the world’s biggest initial public offering for Ant Group Inc, and in the process cast doubt on the future of Jack Ma, one of China’s richest and most well known businessmen.

Why This Matters: The decision to halt an IPO expected to raise some $34 billion is a sign that China’s leadership is increasingly emphasizing ideology over economic development. That it was against a venture headed by Jack Ma reflects an ongoing crackdown aimed at many of China’s most successful businessmen and largest private corporations.

Key Points:

  • Chinese regulators suspended the expected $34 billion IPO for Jack Ma’s Ant Group, sponsor of Alipay (China’s version of Paypal) and other new e-finance institutions, according to the New York Times. This comes after Ma had criticized China’s “financial ecosystem” as being moribund.

  • Xi Jinping has demonstrated an increasing emphasis on ideology, whether in cracking down on businesses or Hong Kong, accepting the economic and financial repercussions. It is clear that he prefers companies be Chinese, including toeing the Chinese Communist Party’s line, over being world-class.

  • This bodes ill for the autonomy of Hong Kong, for the prospect of future economic reform in China proper, and for the likelihood that China will join the West’s rules-based order where it disagrees with Xi’s vision of China.

What we're thinking: Under Xi Jinping, China has gone from welcoming businessmen into the Chinese Communist Party to cracking down on them and their companies. Much as Xi Jinping has demonstrated that it is more important that Hong Kong be a Chinese city than a world financial center, he appears intent on demonstrating that it is the CCP that controls businessmen, rather than businessmen who can influence the CCP. This seems to be reflected in the decision by Chinese financial regulators to end the Ant Group IPO.

Jack Ma’s recent criticisms of Chinese financial regulations, and the lack of a modern financial infrastructure, likely antagonized key Chinese leaders, as he made clear that the state-run banking system’s approach was part of the problem. Whether this is due to Xi fearing that businessmen might be a rallying point for opposition, or because Xi has chosen to increasingly emphasize the role of ideology in Chinese policy-making, future prospects for sustained economic reform appear bleak.  


AI can tell if you have COVID by your cough

What's new: Researchers have a new AI model that detects COVID-19 from "hearing" a forced cough, according to ScienceAlert.com.

Why this matters: One of the challenges to limiting the spread of the coronavirus is in identifying and isolating infected people quickly – especially when symptoms aren't always noticeable.

Key points:

  • The AI (ResNet50) was originally built to detect Alzheimer's disease but was repurposed after the breakout of the COVID-19 pandemic.

  • It was trained on a thousand hours of human speech, then on a dataset of words spoken in different emotional states, and then on a database of coughs to spot changes in lung and respiratory performance.

  • When the three models were combined, a layer of noise was used to filter out stronger coughs from weaker ones. Across around 2,500 captured cough recordings of people confirmed to have COVID-19, the AI correctly identified 97.1 percent of them – and 100 percent of the asymptomatic cases.

  • The scientists behind the findings emphasize that the main value of their research is in identifying the difference between healthy coughs and unhealthy coughs in asymptomatic people – not in diagnosing COVID-19. In other words, it's an early warning system.

What we're thinking: While amazing, this finding isn't that surprising. Other research has demonstrated an AI is able, simply by listening to your speech or even coughs, to identify a person's gender, native language, or emotional state. 


Securing gov use of facial recognition

What's new: Heritage's visiting fellow for law and technology, Brian Finch, has published a paper on "Addressing Legitimate Concerns About Government Use of Facial Recognition Technologies (FRTs)."

Why this matters:  Facial recognition systems generate significant controversy over their potential to create an unblinking, discriminatory surveillance system across the US. This paper explains how best to address these concerns and to secure this data from foreign exploitation.

Key points:

  • The capabilities of facial recognition systems have improved dramatically, especially by reducing the possibility of individual misidentification.

  • The US should set testing benchmarks for facial recognition systems so public-sector users can purchase systems unlikely to enable discrimination.

  • Updated encryption standards should be applied to facial recognition databases to make them less vulnerable to theft by foreign adversaries.

Specifically, we recommend the following policy actions:

  • Require the NIST to provide false-positive rates for racial, ethnic, and gender groups when testing results for identification algorithms.

  • Require maximum acceptable false-positive rates across racial, ethnic, and gender groups for federal procurement of algorithms.

  • Adopt legislation addressing government use of FRTs that focuses on limiting, not prohibiting, their use and on educating the public about those limitations and their legitimate uses.

  • Require increased encryption on government facial recognition systems.

  • Share threat information with industry.

What we're thinking: Brian has put a ton of work into this project and it is full of helpful background, examples, and insight. We highly recommend it for your weekend reading.