In Other News – Simmering unrest in Cuba, Ransomware Attacks, & More – July 16, 2021

July 16, 2021

Simmering unrest in Cuba erupts in collective protest, Venezuela watching closely. Last weekend thousands of anti-regime protestors took to the streets across the island nation in some of the largest protests since the Cuban Revolution. In 2020, Cuba’s national GDP dropped by 11% – the worst regression since 1993, and medicine and medical supply shortages are now peaking during the height of the nation’s Covid crisis. On July 11, in a rare moment of collective public outcry, thousands of Cubans mobilized to protest government policies and the increasing lack of food, electricity, and basic goods. Cuban authorities tried to restrict internet access during the protests, a now-common authoritarian tactic to contain live dissent, but rapid social media dissemination of the imagery made denial of the events difficult. Reports from NGOs indicate that at least 100 protestors, activists and independent journalists have been detained nationwide. On Monday, Venezuela, who is a close political ally of Cuba’s and is likewise deep into a humanitarian crisis that it blames on U.S. sanctions, arrested former opposition deputy Freddy Guevara, charged him with terrorism and treason, and surrounded the home of opposition chief Juan Guaido. While Venezuelan officials attribute the actions to self-defense against a purported opposition criminal gang plot, some U.S. politicians have suggested that Venezuela was taking precautionary measures to prevent any spillover effects from Cuba. In late June, the United States, Canada, and the EU promised to review sanctions policies if Venezuela moved towards free elections for its upcoming November race, but Monday’s actions run contrary to this effort.

As ransomware attacks continue at a pricey and rapid clip, cyber insurance is a heated topic of debate. The dramatic uptick in sophisticated ransomware attacks since 2019 has transformed what was once an IT issue into one of business viability. Curbing the greater threat will require some combination of international agreements and industry-specific measures, but in the meantime many companies have opted to purchase cyber insurance to help them manage and recover the losses of cyberattacks. While it may have previously been cheaper just to pay the ransom than to deal with insurance, the ransoms are so high now that for some the calculus has shifted. A recent report on cyber insurance by the Royal United Services Institute (RUSI) argues that cyber insurance could theoretically help prompt policy holders to set up stronger defenses and that implementing “minimal ransomware controls”- such as quickly patching vulnerabilities, requiring multi-factor authentication, segmenting data compartments and access, and saving regular backups, should be a requirement of any insurance coverage. These minimal requirements are also in the interest of the insurance companies whose profitability has been challenged by the exorbitant payouts for ransomware attacks over the past year. But while the idea is hopeful, RUSI finds that so far cyber insurance hasn’t done much to improve cybersecurity practices. Further, criminals try to learn if, and how much, cyber insurance coverage exists before choosing their victims, and criminals are also targeting the insurance companies themselves. The issue of whether cyber insurers will be required by law to halt reimbursements for ransom payments, or if they will even have enough funds to do so, remains to be seen.

India-China border conflict exposes distrust of diplomatic measures. In recent weeks, India moved an additional 50,000 troops and significant military equipment to its Chinese border Line of Actual Control (LAC), bringing the total number of Indian troops to about 200,000. On Wednesday, the Chinese and Indian foreign ministers met and reportedly agreed to work on a mutually acceptable solution, but China and India have never seen eye to eye on their 3,488 km border line, and each nation’s infrastructure projects in the immediate region are increasingly viewed as security threats. A dispute in 2017 was triggered when the Chinese started to build a road within the Doklam region, and in mid-2020, in the most violent confrontation along the border in decades, fighting erupted in the Galwan Valley not long after India was working on a strategic road bridge. Further, Indian defense officials have remarked that the 2020 conflict prompted New Delhi to accelerate the construction of roads, tunnels, and bridges to provide for the quick movement of troops along the border. In addition to better road connectivity with Pakistan and Tibet, regional Chinese infrastructure developments are strongly guided by a desire to secure water access. China is planning to build a mega-dam in Tibet spanning the Brahmaputra River which would have potential environmental and access consequences for downstream countries like India. China has also previously withheld critical water-level data about the Brahmaputra from India during times of political tension. While boosting troops along the LAC is one defensive measure, Indian Prime Minister Modi, who recently slighted China in a rare move by publicly wishing the Dalai Lama happy birthday, is also re-invigorating the Quad Security Dialogue with the U.S. and allies, further indicating that India isn’t counting on a purely diplomatic solution with China moving forward.