Cybersecurity and Cyberwarfare

Every four years, International Telecommunication Union (ITU) member states meet at a three-week conference, the Plenipotentiary (or the Plenipot), to set the priorities of the organization for the next period and elect its top five leadership positions. The 2018 Plenipot took place in Dubai, from the end of Oct to the middle of Nov. Here are some of the key issues that Public Knowledge followed in the Plenipot:

The Justice Department unsealed charges against two Iranian criminal hackers who allegedly used ransomware to hit American hospitals, universities, government agencies and the city of Atlanta (GA), causing tens of millions of dollars in damages. More than 200 victims were affected, more than $6 million in ransom was collected and damages exceeded $30 million, officials said. Ransomware encrypts data on affected systems, with an offer to decrypt if a ransom is paid.

The US government has initiated an extraordinary outreach campaign to foreign allies, trying to persuade wireless and internet providers in these countries to avoid telecommunications equipment from China’s Huawei Technologies Co., apparently. American officials have briefed their government counterparts and telecom executives in friendly countries where Huawei equipment is already in wide use, including Germany, Italy and Japan, about what they see as cybersecurity risks.

In 2017, Ivanka Trump sent hundreds of emails to White House aides, Cabinet officials and her assistants using a personal account, many of them in violation of federal records rules. White House ethics officials learned of Trump’s repeated use of personal email when reviewing emails gathered by five Cabinet agencies to respond to a public records lawsuit.

The Department of Commerce's Bureau of Industry and Security (BIS) controls the export of dual-use and less sensitive military items through the Export Administration Regulations (EAR), including the Commerce Control List (CCL). As controls on exports of technology are a key component of the effort to protect sensitive U.S. technology, many sensitive technologies are listed on the CCL, often consistent with the lists maintained by the multilateral export control regimes of which the United States is a member.

The scale of Chinese state support for the Internet of Things (IoT) and 5G, the close supply chain integration between the United States and China, and China’s role as an economic and military competitor to the United States create enormous economic, security, supply chain, and data privacy risks for the United States.