Russia export controls and sanctions

Europe is upping its game on cyberdefense, European Commission officials said at a Thursday briefing. Cyberspace is "increasingly contested and the number of cyber-attacks against the EU and its Member States continues to grow," an EC Q&A noted. Russia's attack on the KA-SAT satellite network, which disrupted communications for several public authorities and Ukrainian armed forces, shows how much civilian and defense players rely on the same critical infrastructure, it said. The European security and defense package encompasses a cyberdefense policy and a plan for free movement of military forces by cutting bureaucracy and ensuring up-to-date infrastructure and digitalized procedures, said Margrethe Vestager, EC executive vice president-Europe Fit for the Digital Age. One common thread for both is the need for better cooperation between military and civilian actors, said EU High Representative for Foreign Affairs and Security Josep Borrell. The plan intends to, among other things, create an EU cyberdefense coordination center and a network of military computer emergency and response teams akin to civilian ones, and to address gaps in the cyberdefense workforce, he said. Bad actors can also do damage through 5G networks, Vestager said. Nearly three years after the EC adopted a 5G toolbox to keep networks secure, some EU countries haven't done so, she said: Those that haven't imposed restrictions on high-risk suppliers must act quickly. Asked how vulnerable Europe is to cyberattacks, Vestager noted worrying incidents around Europe, including assaults on Danish and German railroads and on the Nord Stream pipelines, not to mention the attack on Ukraine: "It is piling up." The defense and military mobility package is part, but not all, of the answer, she said.

Space security experts think Russia is unlikely to engage in armed attacks on U.S. commercial satellite assets despite its reportedly considering commercial satellites aiding the Ukrainian military effort as legitimate military targets. Though such an attack might be justified legally, nondestructive attacks like jamming or blinding satellites via lasers are far more likely, we were told.

Governments should never control the internet but should "preach self-restraint," said Roberto Viola, European Commission DG Connect director-general, Wednesday at a Prague hybrid in-person and virtual EC/Council conference on the future of the internet. The declaration for the future of the internet (DFI), now signed by 62 nations, says administrations will never legislate free speech, but self-restraint alone isn't enough, he said: Governments must tackle issues such as disinformation arising from Russia's invasion of Ukraine.

FCC Chairwoman Jessica Rosenworcel circulated an order last week aimed at “Protecting Against National Security Threats to the Communications Supply Chain through the Equipment Authorization Program.” FCC officials said the order would update the rules for the commission’s “covered list” of equipment suppliers deemed to present security concerns. Ten companies are on the list, all Chinese except for Russia’s Kaspersky Lab.

SpaceX anticipates launches at least once a week of its second-generation satellites in 2023, the company told the FCC International Bureau Tuesday. It said the number of satellites could range between 20 and 60 satellites on each Falcon 9 launch and between 50 and 100 satellites on each Starship launch. It said its proposed second-gen constellation would carry enough propellant for 5,000 propulsive maneuvers over the satellite's life, including about 350 collision avoidance maneuvers. It said its first-gen satellites are averaging fewer than three collision avoidance maneuvers every six months over the past year -- most of them to avoid debris from Russia's 2021 anti-satellite weaponry testing. It said as the bureau keeps requesting information that goes beyond the scope of its rules, it "is concerned that this additional information, which no other operator is required to provide, will be used as a basis for conditioning a grant of its application." It said there isn't a legal basis for conditioning grant of its pending application on launch cadence, fuel or other information it has voluntarily provided. Viasat told the bureau SpaceX's second-gen plans rely on a collision risk analysis that doesn't reflect the actual physical characteristics of the second-gen satellites it plans to deploy. It said SpaceX also has indicated its noncompliance with the commission's per-satellite collision probability limit is worse than previously indicated.

Russia launched a “massive, broad” cyberattack on Ukraine as part of its invasion of the country in an attempt to “create disorder and overwhelm Ukraine’s cyber defenses,” but the results show the limits of cyberwar, Daniel Hoffman, former CIA senior officer and station chief, said in a keynote at an AT&T virtual cybersecurity conference Tuesday. Hoffman spoke with AT&T Chief Technology Officer Jeremy Legg.

Tighter rules for online platforms got final approval Tuesday from EU government ministers. The Digital Services Act (DSA) governs providers of intermediary services such as social media, online marketplaces, "very large online platforms and very large search engines," the EU Council noted. Very large platforms are those that reach 45 million or more users in the EU. Bigger services with more societal impact will be subject to tougher rules than smaller enterprises. The act places special obligations on online marketplaces to combat the sale of illegal products and services; introduces measures mandating that platforms react quickly to illegal content; and bars platforms from using targeted advertising based on the use of minors' personal data. Very large platforms and search engines will have to offer users a system for recommending content that's not based on profiling, and analyze the systemic risks they create for dissemination of illegal content or adverse effects on fundamental rights. The DSA also includes a crisis response mechanism to fight manipulation of online information in the context of Russia's invasion of Ukraine, making it possible to gauge the impact of the activities of very large search engines and platforms on the crisis. The European Parliament approved the DSA in July (see 2207050003). "If the EU is serious about protecting consumers and leading the world when it comes to regulating the online environment, it is crucial that the Digital Services Act is effectively applied and enforced," said European Consumer Organisation Deputy Director General Ursula Pachl.

Doreen Bogdan-Martin easily won election as secretary-general of the ITU Thursday, winning 139 votes to 25 for Russian Rashid Ismailov at the ITU Plenipotentiary Conference in Bucharest, Romania. The win was expected (see 2209280046), but industry officials said they were surprised by the size of the victory. Bogdan-Martin becomes the first woman to head the ITU and first American since 1965. She had led the ITU Telecom Development Bureau, after being elected to that post in 2018.

ITU votes are difficult to handicap, but Doreen Bogdan-Martin remains the front-runner to be the organization's next secretary-general, industry experts said Wednesday. The vote is scheduled for Thursday in Bucharest, Romania. The other major candidate is Russian nominee Rashid Ismailov, who mounted his campaign despite concerns across the world over Russia’s invasion of Ukraine (see 2205110075).

The FCC's orbital debris draft order on Thursday's agenda (see 2209080057) is expected to pass 4-0, though some tweaks are possible to the draft's language on waivers for its requirement that satellites in low earth orbit be disposed of via re-entry within five years of the end of mission, an agency official told us. Space regulatory experts said other regulators around the globe are likely to mirror the commission in reducing the post-mission time frame for de-orbiting from 25 years to five.