Does this imply/mean that we are in the middle of a global pandemic, and researches aren't sharing that research globally? That to gain access, it has to be stolen?
Does this imply/mean that we are in the middle of a global pandemic, and researches aren't sharing that research globally? That to gain access, it has to be stolen?
While there is an ideal of most information being shared, there are problems, both with information that inherently shouldn't be shared or public, and information that could be warped to damage...
Exemplary
While there is an ideal of most information being shared, there are problems, both with information that inherently shouldn't be shared or public, and information that could be warped to damage development. The Russian state is taking an unusual competitive and political stance toward vaccine development: see, for example, this article, which makes this more concerning.
As an example of information that inherently shouldn't be shared, consider that a hostile actor could significantly reduce confidence in a double-blind trial by stealing participant information, and then leaking it publicly, or worse, to the participants directly. Imagine a large-scale double-blind trial, for example, where every participant receiving a placebo is emailed to inform them of this fact, say, ostensibly as a warning about how they are at risk of COVID-19 infection, and shouldn't trust the trial.
But while this would be an overt act of sabotage, other information that doesn't inherently need to be secret could be abused, especially if, as the article above suggests, Russia seeks to make this a battle over "trust." Suppose you steal all the private email discussions between researchers, and leak them in a way that presents discussions of minor technical concerns as major faults and conspiracies to hide them. We see this with email discussions around climate research, for example: researchers often discuss things in ways that, to the public, sound considerably less confident and considerable more critical that they would be interpreted within the research community. Find some minor arguments about study design, amplify them throughout social media, and argue that a particular other vaccine doesn't have these problems.
Similarly, consider the possibility of leaks of partial side effect data, or data on infections of participants, before the full data is analysed. Say you have a 30,000 participant trial. An attacker seeking to damage confidence in your vaccine could leak identities of participants who contracted COVID-19 as they were diagnosed: a vaccine could be extremely useful and still have hundreds of participants receiving the active vaccine still contract it. Similarly consider an attacker amplifying every report of side effects, even when these side effects are not yet investigated, or when they are extremely rare: the attacker would not need to mention the frequency or actual severity. This line of attack could be particularly problematic because in a double-blind study, the attackers, not being concerned about the blinding, could actually have more access to information than the study authors themselves.
I think that one of the issues here, for better or for worse, is that if (when?) a working coronavirus vaccine comes to fruition, the "winning" country might have a head start on production for...
I think that one of the issues here, for better or for worse, is that if (when?) a working coronavirus vaccine comes to fruition, the "winning" country might have a head start on production for what, at least initially, will be a very scarce commodity.
Of course, one could argue that the antidote to that problem is radical sharing of information, but, y'know, geopolitics.
In addition to the excellent points @pallas brought up about the information itself, they could be trying to ensure cooperation. Let's say country A has InfoA, country B has InfoB, and country C...
In addition to the excellent points @pallas brought up about the information itself, they could be trying to ensure cooperation. Let's say country A has InfoA, country B has InfoB, and country C has InfoC. If A and B freely publish their info to the world, there's nothing stopping C from using it without reciprocating and giving themselves an advantage. If A and B only share information with reciprocity, then C has to either share theirs to get the group's info or go it alone at a disadvantage. While the reality is C may be able to get away with sharing only part of their info if they can convince the group it's all of their info, but it's better than nothing and their claims can be scrutinized or checked through less direct means.
"The NCSC assesses that APT29, also named “the Dukes” or “Cozy Bear” almost certainly operate as part of Russian intelligence services". In other words, there's no evidence and we have no idea?...
"The NCSC assesses that APT29, also named “the Dukes” or “Cozy Bear” almost certainly operate as part of Russian intelligence services". In other words, there's no evidence and we have no idea?
Looking at the "full assessment" PDF, it says nothing about who could be targeting them or any attempt to trace back who's behind it and any evidence linking anything. It just says some exploits were used.
My guess is that this is one of those "open secret" situations. Everyone knows APT29 are the Russians, but you don't outright say that in your assessment because diplomacy. It's one thing for the...
My guess is that this is one of those "open secret" situations. Everyone knows APT29 are the Russians, but you don't outright say that in your assessment because diplomacy. It's one thing for the press, and even Ministers, to say "the Russians are hacking us!" but without 100% solid evidence intelligence agencies shouldn't make such claims - and the Russians will be careful to maintain just enough plausible deniability. Even when there is incontrovertible evidence of state-level involvement I suspect that evidence is more useful as leverage in diplomatic situations rather than shouting about publicly. It's all part of the game.
Let's be realistic, how much evidence do we actually need to say the Russians are hacking us? Apart from we exist, Russia exists, computers exist. Don't get me wrong, I'm sure they can say the same. Although I would hope our spooks aren't slowing down vaccine research efforts.
Does this imply/mean that we are in the middle of a global pandemic, and researches aren't sharing that research globally? That to gain access, it has to be stolen?
While there is an ideal of most information being shared, there are problems, both with information that inherently shouldn't be shared or public, and information that could be warped to damage development. The Russian state is taking an unusual competitive and political stance toward vaccine development: see, for example, this article, which makes this more concerning.
As an example of information that inherently shouldn't be shared, consider that a hostile actor could significantly reduce confidence in a double-blind trial by stealing participant information, and then leaking it publicly, or worse, to the participants directly. Imagine a large-scale double-blind trial, for example, where every participant receiving a placebo is emailed to inform them of this fact, say, ostensibly as a warning about how they are at risk of COVID-19 infection, and shouldn't trust the trial.
But while this would be an overt act of sabotage, other information that doesn't inherently need to be secret could be abused, especially if, as the article above suggests, Russia seeks to make this a battle over "trust." Suppose you steal all the private email discussions between researchers, and leak them in a way that presents discussions of minor technical concerns as major faults and conspiracies to hide them. We see this with email discussions around climate research, for example: researchers often discuss things in ways that, to the public, sound considerably less confident and considerable more critical that they would be interpreted within the research community. Find some minor arguments about study design, amplify them throughout social media, and argue that a particular other vaccine doesn't have these problems.
Similarly, consider the possibility of leaks of partial side effect data, or data on infections of participants, before the full data is analysed. Say you have a 30,000 participant trial. An attacker seeking to damage confidence in your vaccine could leak identities of participants who contracted COVID-19 as they were diagnosed: a vaccine could be extremely useful and still have hundreds of participants receiving the active vaccine still contract it. Similarly consider an attacker amplifying every report of side effects, even when these side effects are not yet investigated, or when they are extremely rare: the attacker would not need to mention the frequency or actual severity. This line of attack could be particularly problematic because in a double-blind study, the attackers, not being concerned about the blinding, could actually have more access to information than the study authors themselves.
Thank you so much for writing this out for me. I felt like I was missing something, and now I know what that was.
I think that one of the issues here, for better or for worse, is that if (when?) a working coronavirus vaccine comes to fruition, the "winning" country might have a head start on production for what, at least initially, will be a very scarce commodity.
Of course, one could argue that the antidote to that problem is radical sharing of information, but, y'know, geopolitics.
But if the research is open to all, how does anyone get a head start?
That's precisely my point: Governments are probably trying to restrict that in an effort to be "first" and control the supply.
In addition to the excellent points @pallas brought up about the information itself, they could be trying to ensure cooperation. Let's say country A has InfoA, country B has InfoB, and country C has InfoC. If A and B freely publish their info to the world, there's nothing stopping C from using it without reciprocating and giving themselves an advantage. If A and B only share information with reciprocity, then C has to either share theirs to get the group's info or go it alone at a disadvantage. While the reality is C may be able to get away with sharing only part of their info if they can convince the group it's all of their info, but it's better than nothing and their claims can be scrutinized or checked through less direct means.
"The NCSC assesses that APT29, also named “the Dukes” or “Cozy Bear” almost certainly operate as part of Russian intelligence services". In other words, there's no evidence and we have no idea?
Looking at the "full assessment" PDF, it says nothing about who could be targeting them or any attempt to trace back who's behind it and any evidence linking anything. It just says some exploits were used.
My guess is that this is one of those "open secret" situations. Everyone knows APT29 are the Russians, but you don't outright say that in your assessment because diplomacy. It's one thing for the press, and even Ministers, to say "the Russians are hacking us!" but without 100% solid evidence intelligence agencies shouldn't make such claims - and the Russians will be careful to maintain just enough plausible deniability. Even when there is incontrovertible evidence of state-level involvement I suspect that evidence is more useful as leverage in diplomatic situations rather than shouting about publicly. It's all part of the game.
Let's be realistic, how much evidence do we actually need to say the Russians are hacking us? Apart from we exist, Russia exists, computers exist. Don't get me wrong, I'm sure they can say the same. Although I would hope our spooks aren't slowing down vaccine research efforts.