The Iranian women’s march on the streets: The story of Mahsa Amini, a woman killed in protests for women, life, freedom, and human rights
For the past five weeks, thousands of Iranians, led by courageous young women, have taken to the streets of dozens of cities around the country, driven to action by the case of Mahsa Amini, a 22-year-old Iranian woman who died while in the custody of the country’s Morality Police. At tremendous risk to their safety, these young people are demanding an end to years of oppression, burning their hijabs, shearing their hair, and marching in solidarity as the protest anthem Baraye, with its chorus “for women, life, freedom,” echoes through the streets. Over 229 Iranians are believed to have died in the brutal response by authorities. The government has instituted strict internet controls, blocking access to social media and messaging apps, as well as knocking the entire web offline for hours at a time at a time in an effort to hide the extent of the protests.
The CEO of the unit that addresses threats to open society is Amos Green. She leads an interdisciplinary team that works on technological solutions to a range of global security challenges, including violent extremists and hate and harassment.
In 2021, when we at Jigsaw interviewed people who had been impacted by internet shutdowns, one individual from the Democratic Republic of Congo highlighted the particular risk faced by remote villagers who, without access to the internet during shutdowns, could find themselves in the middle of heated combat. “Women are raped,” he told us. VILLAGES are destroyed. One activist told us about how he used social media to keep watch over the activities of the Salvation Army in refugee camps in order to avoid attacks. He underscored the risk internet shutdowns posed to his life. He was killed a few months after we last spoke. Iranians, even those not participating in the demonstrations, now face similar risks due to the lack of situational awareness created by the ongoing internet restrictions.
At least 225 internet shutdowns have taken place in response to popular protests since 2016. Access Now, a digital human rights advocacy group that tracks internet shutdowns, reports that protests and political instability were the cause of 128 of 182 confirmed internet shutdowns in 2021. At least five countries in the last 10 months have seen a surge in popular protests that have led to severe internet restrictions.
NPR downloaded Twitter search results mentioning either Beijing, Shanghai and Guangzhou in Chinese from Nov 21, 2022 to Dec. 1, broke up the dataset into three tranches of equal amount of time – Nov. 21 to Nov.24, Nov. 24 to Nov. 27, and Nov. 27 to Nov. 29, and shared samples containing 5% of these tranches with the Social Media Research Foundation. Here is a place to view NPR’s analysis.
They also say that other known information operations considered linked to the Chinese government tend to not only engage in flooding, but also amplify messages aligned with the state’s agenda.
Researchers at the Dfr Lab think that over 72 times a day is a bot behavior. China’s three largest cities were mentioned at least one day a day from Nov 21, 2022, to Nov 30, according to an analysis by NPR. The data shows an uptick in the number of these accounts, peaking on Nov. 28.
The spamming doesn’t appear to be connected to the change in management. The researchers at the social media foundation pulled search results days before and after Musk took over and found that the biggest cluster of accounts had already been created.
Researchers say that spamming activity alone isn’t conclusive evidence to suggest a government information operation. It is possible that it is what social media watchers call #hijack, which is when an organization identifies a certain topic and then uses it to drive traffic to their accounts.
When Nancy Pelosi visited Taiwan, raising ire from the Chinese government and generating significant discussion online, fans of Korean and Chinese entertainers used the same social media terms to boost their popularity even though there was no relationship between the two.
The Chinese government is more likely to flood mentions of locations where the protests happened, rather than focusing on the city of Shanghai.
A prominent example is from 2019 when Twitter identified over 900 accounts the company said were linked to the Chinese government. While Twitter was never specific about how it zeroed in on those accounts, researchers at the analytics firm Graphika identified patterns of behavior and unearthed a network of related accounts across other social media platforms like YouTube and Twitter. Graphika’s report identified narrative themes the accounts would coalesce around, ranging from personal attacks to support for the police.
Some of the bots could also just be advertising sex services, which are banned in China, researchers say. A reporter for Semafor reached out to one of the advertised accounts and received a response asking where in Beijing the potential client is.
The 20th Party Congress, where China’s president was re-elected for a third time, could be the reason why the bots were created.
WhenNPR identified bot-like accounts before andafter the fire, half were created in 2022, which is a major sign of inauthentic activity. NPR shared a random sample of tweets with researchers at the Social Media Research Foundation, a non-profit that analyzes social media content. Their network analysis showed a large group of accounts that repeatedly post escort ads – not all at a bot-like level – and do not otherwise interact with other users. The escort ad group of accounts was the largest group in the search results before the fire and initially after the fire, and they were mostly created from September to October of 2022.
Sam Bankman-Fried: The Last of the Cryptocurrencies? A New Look at the Case of the Collapse of FTX
As NPR has reported, Twitter, like other major social networks, has struggled with moderating content outside of the US, facing challenges in navigating non-English languages, politics and culture. With prior mechanisms of international content moderation now degraded, many worry that the situation is going to worsen.
As November turned into December, the number of active bot-like accounts returned to pre-protest level. Local governments in China relaxed COVID restrictions, authorities tracked down protest participants and the on-the-ground protests in China subsided.
For the entire existence of the cryptocurrencies world, they’ve been plagued with money-laundering, theft, and scam. It seems one of the most dangerous players in the economy is hiding from the public. Sam Bankman-Fried, the poster boy for Cryptocurrencies, stands accused of more than $8 billion in fraud after the collapse of FTX. While the mess caused by FTX’s collapse has yet to be completely untangled, the company’s new CEO John Ray says he’s never seen anything like it. FTX’s own trading platform, Alameda Research, went bankrupt under Bankman-Fried’s leadership. He had appeared to want tighter government controls of the industry but he was not the only one who found that troubling. He’s become like a hybrid of Lehman Brothers and ElizabethHolmes, representing the face of regulatory capture.
21st Century Cybercrime in the 2022 Ukraine Crisis: The Orphans, The Cannihilators, and the Phantoms of the Trump Era
You could be forgiven for being confused because it’s not 2014, though. No, all these episodes of global chaos occurred in 2022, each one a rerun of previous events, but now with the threat they posed vastly multiplied in scale.
The phantoms of the Trump era seemed to disappear, but they were only made room for new threats and ghosts of years past. The same dictators have been threatening the global order for a long time. Fresher digital threats like India’s slide into online repression, and brazen cybercriminals displaying more ruthlessness than ever. And then there were some vestiges of the Trump era that seemed to have hung on, such as one particularly loud and quixotic billionaire with a large, cultlike following, seemingly doing his best to singlehandedly corrupt social media.
The GRU military intelligence agency of Russia houses some of the most aggressive and dangerous hackers in the world. The GRU groups known as Sandworm, and APT28, have wreaked havoc in the past seven years, including the release of NotPetya, the hack-and-leak operation that caused at least $10 billion, and the cause of the two Ukrainian power failures. Russia’s unprovoked and brutal war in Ukraine in 2022 brought the focus of the GRU back to the country that had always been Russia’s favorite hacking victim. In 2022, it launched countless cyberattacks designed to destroy data on Ukrainian government and corporate networks, often in tandem with physical attacks carried out by the invasion forces. One GRU malware attack went so far as to disable communications to 5,000 wind turbines across Germany in a case of collateral damage reminiscent of NotPetya. The GRU’s Sandworm hackers also attempted a third blackout attack in Ukraine, which—according to Ukraine’s government at least—defenders managed to foil this time. A+) for continued aggressive behavior. B- for execution.
In 2022, North Korea continued to distinguish itself as the world’s top perpetrator of state-sponsored cybercrime: Its government hackers continued to steal hundreds of millions of dollars worth of loot, largely in the form of cryptocurrency, from targets around the globe. That spree of burglaries actually seems to be escalating. In the first five months of 2017, North Korean thieves stole $840 million, which is more than the previous two years combined. Some $600 million of that came from just one heist. All of it goes toward funding one of the worst regimes in the world, with hundreds of thousands of political prisoners in concentration camps and a tendency to fire missiles over its neighbors’ heads.
The world was still plagued by the threat of ransomware, and no group was more accurate in showing that threat than Conti. In the first months of the year, the group hit dozens of corporate and government targets. Most catastrophically, it launched a wave of crippling cyberattacks across Costa Rica, shutting down 27 government bodies and medical services there and leading to a national state of emergency. The leak of the group’s internal communications was caused by one of the disgruntled members leaking a huge amount of internal communications online, after they declared their support for the war in Ukraine. It is probably only in name that it has shut down. The chaos that is their business model will not be altered even after they rebranded and splintered.
The only thing more dangerous than a group of ruthless ransomware hackers is a group of ruthless ransomware hackers who are also teenagers. In December of 2021, Lapsus$ made its entrance onto the hacking scene with a cyberattack on the Brazilian Ministry of Health in the midst of its Covid-19 response. It has carried out a series of big breaches of tech firms, such as Okta and Microsoft, and sometimes nihilistic. Last spring, British law enforcement arrested seven people suspected of being members of the group, all ages 16 to 21. Lapsus$’s alleged 16-year-old “mastermind” was among those who were arrested. But inexplicably, those suspects were released without charges, and the group’s “hacker joyride” rolls on.
For years, China’s hackers focused on by-the-book espionage. The closest thing China has to North Korean state-sponsored hacking is the group known as APT41. For years the group that the US Department of Justice tied in an indictment to a ministry of state security contractor has been a for-profit cybercriminal outfit. The group was linked to the theft of 20 million dollars in Covid-19 relief funds by a Chinese state-sponsored hacking outfit. Meanwhile, APT41 was also responsible for dozens of espionage-focused intrusions across the world this year, according to analysts at PricewaterhouseCoopers, which calls the group the most prolific cyberspying operation in the world. Despite the Justice Department charging seven of the group’s members, they remain at large and their unique blend of espionage and theft continues.