Our review of tech news in 2022 moves onto April, when an entire country was taken hostage by a ransomware gang.
Seeing businesses disrupted by ransomware gangs is nothing new, but in April notorious Russian hackers Conti went a step further and held the nation of Costa Rica to ransom.
Quite why and how Costa Rica ended up in Conti’s sights is unclear, though Latin American countries are often targeted by cybercriminals because of their perceived lack of adequate defences. For whatever reason, Conti managed to breach multiple government departments, leaving key agencies such as the country’s finance ministry and the tax office unable to function and crippling public services.
Conti demanded $10m to return stolen information, but Costa Rica refused to comply, instead declaring a “state of emergency” as the incident unfolded, which saw the government dedicate further resources to crisis-hit departments.
The US government stepped in to offer up to $15m for information leading to the arrest of Conti members, in an apparent bid to end the gang’s reign of terror. No arrests were ever publicly announced, but the sizeable bounty may have contributed to Conti splitting up a month later.
Elon Musk reveals plans for Twitter, experts unimpressed
One of tech’s biggest stories of 2022 began to unfold in April when Elon Musk’s $44bn offer to buy Twitter was accepted by the company’s directors.
Musk subsequently tried to bail on the deal, but relented under threat of legal action and became the proud owner of the notoriously unprofitable social network in October. Since then, it is fair to say things have not gone completely smoothly for the Tesla billionaire. Dubbing himself 'Chief Twit', he has made big cuts to the company's workforce and proposed radical changes to the way Twitter operates.
Meanwhile many high-profile users have left the platform after Musk began to hand out bans to accounts that criticised his behaviour (he has since relented on many of these), while others have noted a rise in hate speech and criminal activity since the takeover.
All this is a far cry from the supposedly noble intentions Musk had when he announced the deal. "I also want to make Twitter better than ever by enhancing the product with new features, making the algorithms open source to increase trust, defeating the spam bots, and authenticating all humans," he said in April. "Twitter has tremendous potential – I look forward to working with the company and the community of users to unlock it."
These bold plans have largely yet to come to fruition, but experts who spoke to Tech Monitor at the time were sceptical that open-sourcing Twitter's code would be beneficial, and said it would likely amount to little more than a token gesture in the battle against bots and spam. Security expert Jamie Moles added the plan may also lead to greater security risks for users: "Making its code open source may increase transparency for Twitter users, but it may also make Twitter a much bigger target for attackers," he said. We have yet to discover whether Musk will pursue his algorithmic transparency plan in 2023.
Can anyone regulate Pegasus spyware?
Both the UK government and European Commission were revealed as targets for Pegasus spyware, which turns mobile devices into surveillance tools.
The attacks raised the question of whether spyware like Pegasus, which is often used by authoritarian governments to spy on opponents, can be effectively regulated. Though the US government has blacklisted NSO Group, the Israeli company which makes Pegasus, barring it from doing business in America, other governments are less keen to take action, not least because many rely on spyware as part of their cybersecurity strategies.
However, a de facto regulator may appear in the form of Big Tech. Facebook's parent company Meta is suing NSO, claiming that the Israeli company’s spyware was used to dispatch malware to users of Meta-owned WhatsApp. Apple is also taking NSO to court and seeking an injunction to bar its software from all Apple devices.
“[Big Tech] might not initiate legislation or due diligence, but their actions might clip the wings of companies like NSO and force better practices in response,” said Emily Taylor, CEO of Oxford Information Labs. “It could be an informal way of [regulating] spyware.”