China's tech pipeline fuels Russia's Ukraine war efforts | Facebook and Instagram hit with EU probes over disinformation | US State Dept reduces arms licensing burden for UK, Australia
Good morning. It's Wednesday 1st May.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
When Russia launched its full-scale invasion of Ukraine in February 2022, Western companies pulled out of the Russian market. As sanctions make it harder to get access to high-end tech, Russia's military has been adapting civilian hardware, from chips to drones, for the front line. Nikkei Asia
Meta’s Facebook and Instagram face sweeping fines after the European Commission opened probes on Tuesday into their handling of disinformation from Russia and other foreign countries. POLITICO
The U.S. State Department unveiled its proposal to reduce licensing requirements for transferring military equipment and sensitive technology to Australia and Britain under the AUKUS security pact. Reuters
ASPI
‘Abject failure’: why Australia’s scheme to curb foreign influence doesn’t work and can’t be fixed
The Conversation
Shireen Morris & Sarah Sorial
Foreign interference in Australian democracy poses a growing risk to our national sovereignty. Australia’s Foreign Influence Transparency Scheme, is supposed to prevent foreign interference through increased transparency. Potential foreign influence in the Voice referendum was notably not captured by the scheme. The Australian Strategic Policy Institute reportedly found accounts on X (formerly known as Twitter), which appeared to be connected to the Chinese Communist Party, sharing negative referendum content.
World
How China's ad-hoc tech pipeline fuels Russia's Ukraine war efforts
Nikkei Asia
Tracy Wen Liu & Peter Guest
When Russia launched its full-scale invasion of Ukraine in February 2022, Western companies pulled out of the Russian market. But many others saw an opportunity. Two months after the invasion, as Amazon, Apple and other U.S. tech giants were busy extricating themselves from Russia, Hank, who had been selling electronic components online in his native China, registered as a seller on Ozon.ru, the Russian e-commerce platform. The technology flowing into Russia from China is turning up in Ukraine. As sanctions make it harder to get access to high-end tech, Russia's military has been adapting civilian hardware, from chips to drones, for the front line.
US State Dept reduces arms licensing burden for UK, Australia
Reuters
Mike Stone
The U.S. State Department unveiled its proposal to reduce licensing requirements for transferring military equipment and sensitive technology to Australia and Britain under the AUKUS security pact. However, the sharing of closely guarded technology, which is governed by strict U.S. International Trafficking in Arms Regulations, has been a hurdle for cooperation. Under the rule change proposed by the U.S. Department of State on Tuesday, the Department's Directorate of Defense Trade Controls will no longer be required to license or approve defence articles, reducing some administrative burdens for companies seeking to make defence products in Australia or the UK.
Australia
Australia urged to impose big tech tax to fund trusted media and fight disinformation
The Guardian
Daniel Hurst
Australia has been urged to hit big tech companies with a new digital platform tax to fund trusted news media in order to confront the “rising tide of misinformation and disinformation”. An options paper published by AP4D on Tuesday says new ideas should be considered because previous efforts to address the news media’s financial woes, regulate social media companies and make them pay for news “have faltered”. The recommendations include the need to educate citizens in Australia on how to spot misinformation and disinformation, and also to fund independent journalism across the Pacific.
Read AP4D’s paper on Australia’s and the information environment here.
Revealed: the Australian companies using AI to beat cyber hackers
The Australian
Jared Lynch
Microsoft is quietly unleashing its artificial intelligence Copilot on Australian companies, in an effort to bolster their cyber defences as a “moment of opportunity” emerges to gain the upper hand on attackers. The Australian can reveal that AustralianSuper, Powerlink and TAL Insurance have been using Microsoft Copilot for Security as part of the tech titan’s early access program since last December. The platform – which was launched globally this month – harnesses Microsoft’s global threat intelligence – which includes up to 78 trillion daily threat signals a day – to allow companies the ability to “move and respond at machine speed and scale” to cyber criminals.
Technology-facilitated abuse booming in workplaces: report
The Australian
Sarah Ison
Companies should deploy Artificial Intelligence across employees’ devices to intercept workplace technology-facilitated sexual harassment, with new research finding one in four people have harassed their colleagues and that abuse through texts or phone calls is “prevalent and growing”.
Deep-fake ASX video scam lingers on Facebook despite reporting
The Australian
Paulina Duran
A deep-fake Facebook video ad showing former ASX boss Dominic Stevens promoting an “Australian Securities Exchange-ASX” group purporting to give investment insights has been reported to the social media company, but remains on the platform. A media representative for the stock exchange confirmed the video ad was fake and said it had been reported to Facebook on Monday morning. The Australian was still able to access the ad late on Monday evening. The Facebook parent is under pressure from governments around the world to respond more swiftly to the growing problem of AI-powered scams on its platform.
China
China highlights data and ‘digital silk road’ in new plan to drive innovation as US tech rivalry intensifies
South China Morning Post
Jane Cai
China has pledged to push ahead with a plan to build a digital economy this year, drawing upon the country’s data assets to drive innovation amid an intensifying tech rivalry with the West. China will adopt an “appropriate forward-thinking plan” to accommodate future digital infrastructure needs, accelerate the creation of a national integrated computing network and pave the way for breakthroughs in digital technology and innovations in key areas, according to a government circular on digital economy work for 2024. Beijing will also boost international cooperation on the digital economy, speed up trade digitalisation, create a sound environment for international collaboration and advance the development of the Digital Silk Road, the technology arm of China’s Belt and Road Initiative, it said.
USA
Defending infrastructure, securing systems key to CISA’s new AI guidelines
SC Magazine
Simon Hendery
The U.S. Cybersecurity and Infrastructure Security Agency released new guidelines aimed at protecting critical infrastructure systems in a threat landscape increasingly impacted by artificial intelligence. The 28-page document covers critical infrastructure risk and security considerations from three distinct perspectives: defending against attackers armed with AI-enabled tools, protecting AI-powered systems from attack, and developing secure and failsafe AI systems.
US spy agencies to share intelligence on critical infrastructure in policy revamp
CyberScoop
Christian Vasquez
The U.S. intelligence community will be required to share information about threats to critical infrastructure with the owners and operators of those systems under the terms of a revised policy document that President Joe Biden is set to sign Tuesday. The highly anticipated revision to Presidential Policy Directive 21, which governs how the federal government interacts with and protects critical infrastructure, comes amid a sharp increase in cyberattacks against entities like water treatment facilities, the electrical grid and communications providers.
TikTok, Tesla Show US-China Battle Over Data Is Just Beginning
Bloomberg
Sarah Zheng & Josh Xiao
The US push to ban TikTok marks a new phase in its approach to data security that could eventually impact everything from electric vehicles to health care, reshaping trade relations between the world’s biggest economies. President Joe Biden last week signed legislation barring Chinese parent ByteDance Ltd’s ownership of TikTok, a move aimed at preventing Beijing from accessing troves of data that the video sharing app collects from its 170 million American users. The law takes a page out of China’s playbook, viewing the potential misuse of data as a national security threat.
NIST launches a new platform to assess generative AI
TechCrunch
Kyle Wiggers
The National Institute of Standards and Technology, the U.S. Commerce Department agency that develops and tests tech for the U.S. government, companies and the broader public, on Monday announced the launch of NIST GenAI, a new program spearheaded by NIST to assess generative AI technologies including text- and image-generating AI. NIST GenAI will release benchmarks, help create “content authenticity” detection (i.e. deepfake-checking) systems and encourage the development of software to spot the source of fake or misleading AI-generated information, explains NIST on the newly launched NIST GenAI website and in a press release.
FCC fines carriers $196 million for selling customer location data
The Record by Recorded Future
Suzanne Smalley
T-Mobile, Verizon and AT&T have been fined a collective $196 million for illegally sharing access to consumers’ location data without obtaining their consent, the Federal Communications Commission announced Monday. The agency said the telecom giants also failed to take “reasonable measures” to safeguard customers’ location information so that it would not be disclosed without their authorisation.
US newspapers sue OpenAI for copyright infringement over AI training
Reuters
Blake Brittain
A group of newspapers, including the New York Daily News and Chicago Tribune, sued Microsoft and OpenAI in New York federal court on Tuesday, accusing them of misusing reporters' work to train their generative artificial-intelligence systems. The eight newspapers, owned by hedge fund Alden Global Capital's MediaNews Group, said in the lawsuit that the companies unlawfully copied millions of their articles to train AI products, including Microsoft's Copilot and OpenAI's ChatGPT.
Americas
MPs, senator ask why government didn't warn them they were targeted by China-backed hackers
CBC News
Catharine Tunney
Canadian parliamentarians say they were warned recently that they had been targeted by China-affiliated hackers — and now they're wondering why that warning didn't come from the federal government or any of Canada's security services. "It is unacceptable that we were not informed," Conservative MP Garnett Genuis told the House of Commons Monday, after rising on a question of privilege. Genuis said the FBI told the Inter-Parliamentary Alliance on China that members of the international organisation had been hit with a pixel reconnaissance cyberattack launched by a suspected Beijing-controlled entity in 2021.
North Asia
Microsoft, Google partner with Japanese cities on AI rules
Nikkei Asia
Akira Oikawa
Japanese cities will work with tech giants like Microsoft and Google to set guidelines for the use of artificial intelligence in government services, aiming to do more with fewer employees while avoiding pitfalls. The Japanese units of Microsoft, Google, Amazon Web Services and Oracle are among the companies taking part in a consortium on municipal AI governance that will start Wednesday, along with the cities of Osaka, Tsukuba, Nagoya and Yokosuka.
Japan to trial AI bear warning system after record number of attacks
The Guardian
Gavin Blair
Japan is to trial an AI bear-warning system after a record number of attacks on humans over the past year as the animals struggle to find their staple foods. A pilot system in Toyama prefecture, central Japan, will monitor live feeds from government, municipal and private security cameras to identify bears on the move in areas close to people, and send instant warnings to relevant local authorities, police and hunters. AI will also be used to monitor bears movement patterns and try to predict their future whereabouts.
Southeast Asia
Microsoft to Invest $1.7 Billion in Indonesia for AI, Cloud
Bloomberg
Yuan Gao, Saritha Rai & Chandra Asmara
Microsoft Corp. will invest $1.7 billion to build out cloud computing and artificial intelligence infrastructure in Indonesia, betting on Southeast Asia’s biggest economy to spur growth. Chief Executive Officer Satya Nadella announced the outlay, to be made over four years, after meeting with President Joko Widodo in Jakarta on Tuesday. The company also pledged to help train 2.5 million people in Southeast Asia with AI skills, including 840,000 in Indonesia.
Ukraine - Russia
Telegram blocks, then unblocks, chatbots used by Ukraine’s intelligence services
The Record by Recorded Future
Daryna Antoniuk
The Telegram messaging app has restored access to chatbots used by Ukraine’s security services and intelligence agencies to collect data about Russian military activity after they were temporarily blocked, according to the Ukrainian state center of strategic communications. On Monday, Ukraine’s military intelligence (GUR) claimed that Telegram “unjustifiably blocked several official bots that opposed Russia's military aggression against Ukraine.
Ukrainian military intelligence claims attack on website of Russia’s ruling party
The Record by Recorded Future
Daryna Antoniuk
Ukraine’s military intelligence agency, the GUR, launched a cyberattack against the online services of Russia's ruling United Russia party late last week, according to a source in the spy agency who spoke to several Ukrainian media outlets. The attack targeted United Russia’s servers, websites and domains, rendering the party’s digital platforms "partially inaccessible." The agency didn’t provide any further details about the operation. United Russia said on Friday on its official Telegram channel that it experienced "massive" distributed denial-of-service (DDoS) attacks on all of its services but assured that the party's critical digital infrastructure remained operational.
Europe
Facebook and Instagram hit with EU probes over Russian disinformation
POLITICO
Clothilde Goujard
Meta’s Facebook and Instagram face sweeping fines after the European Commission opened probes on Tuesday into their handling of disinformation from Russia and other foreign countries. The popular online platforms are suspected of failing to uphold requirements to limit the spread of falsehoods and coordinated foreign manipulation under the bloc’s content-moderation law, the Digital Services Act. Companies can face fines of up to 6 percent of their annual revenues over infringements.
Europe ministers say more resources needed to combat Russian disinformation online
EURACTIV
Théo Bourgery-Gonse
Ministers from France, Germany, and Poland revealed on Monday (29 April) that the Russian disinformation network “Portal Kombat” has continued growing, with new websites targeting 19 member states and the Western Balkans, and called for more resources to tackle online disinformation ahead of June’s EU elections.
Belarus secret service website still down after hackers claim to breach it
The Record by Recorded Future
Daryna Antoniuk
The website of Belarus’ main security service agency has reportedly been down for two months following a cyberattack by Belarusian politically motivated hackers. The hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is “in the process of development.”
France's Thales could be tempted by some Atos defence assets, CFO says
Reuters
Tim Hepher
Thales opened the door on Tuesday to buying a limited part of the strategic assets of troubled French IT group Atos after the French government floated a rescue package. The government provisionally offered at the weekend to acquire various strategically important assets including Atos' Advanced Computing, Mission-Critical Systems and Cyber Products, and said it would also seek industrial partners.
UK
UK becomes first country to ban default bad passwords on IoT devices
The Record by Recorded Future
Alexander Martin
On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from IoT devices. Unique passwords installed by default are still permitted. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.
Africa
Burkina Faso suspends foreign news media over massacre reports
EURACTIV
Burkina Faso has suspended a swathe of international news organisations in recent days for airing accusations of an army massacre of civilians, a move sparking concern on Monday. They were suspended for reporting on a Human Rights Watch statement accusing soldiers of killing at least 223 people in revenge attacks on two villages on 25 February.
Big Tech
Screenshots suggest TikTok is circumventing Apple App Store commissions
TechCrunch
Sarah Perez
TikTok may be routing around the App Store to save money on commissions. According to new findings, the ByteDance-owned social video app is presenting some of its users with a link to a website for purchasing the coins used for tipping digital creators. Typically, these coins are bought via in-app purchase, which requires a 30% commission paid to Apple.
Binance founder Changpeng Zhao sentenced to four months in prison
The Verge
Elizabeth Lopatto
Binance founder Changpeng Zhao was sentenced to four months in prison for failing to establish adequate anti-money laundering protections. Zhao, once the head of the largest crypto exchange in the world, pleaded guilty in November 2023.
Tesla's self-driving bid for China faces rivals racing ahead
Reuters
If Tesla succeeds in bringing its "Full Self-Driving" system to China, the world's largest car market, the U.S. electric-car pioneer will be shifting into the fast lane of the global race toward autonomous vehicles. On a whirlwind trip to Beijing starting Sunday, Musk came to discuss the potential rollout of its FSD driver-assistance system and the possibility of securing government approvals for overseas transfers of data from Tesla vehicles in China, according to a source with knowledge of the trip.
Misc
FKA Twigs Developed Her Own Deepfake
Rolling Stone
Ethan Millman
FKA Twigs is developing a deepfake AI version of herself to engage with her fans, the singer revealed on Tuesday. The musician is set to testify on Capitol Hill later today to encourage heightened regulation of the technology. The artist cited AI as a potentially helpful tool for recording artists to handle marketing and help streamline creative processes, but only when done with their consent and control.
Killer Asteroid Hunters Spot 27,500 Overlooked Space Rocks
The New York Times
Kenneth Chang
A couple of years ago, a team of researchers dedicated to finding killer asteroids before they kill us came up with a neat trick. Instead of scanning the skies with telescopes for asteroids, the scientists wrote an algorithm that sifts through old pictures of the night sky, discovering about 100 asteroids that had been overlooked in those images. With the help of Google Cloud, scientists churned through hundreds of thousands of images of the night sky to reveal that the solar system is filled with unseen objects.
Research
What does it look like for Australia to... Use all tools of statecraft in the information environment
AP4D
Coordinated disinformation campaigns are now an established feature of domestic politics in Australia’s region. This means that attempts to mitigate harms in the information domain are now at the top of political and security agendas, both for Australia and for partners and allies. Emerging technologies continue to shape the information environment in new ways, with advances in artificial intelligence both enabling the faster detection of information operations, but also making the creation and dissemination of disinformation and propaganda cheaper and more convincing.
Events & Podcasts
JoiningFORCES
ASPI
The JoiningFORCES conference will explore ways to bridge national and international boundaries to deliver more joint, collective and effective defence. It will bring together government ministers, senior defence officials, leading industry figures, and international experts across the two-day event and formal dinner. We will also use collaborative wargaming and scenario exercise techniques to generate insights on enhancing regional deterrence. Our focus will be on strategic and operational level challenges and will consider the vital role of industry in delivering capability at the speed needed to meet the strategic threats Australia faces.
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
Jobs
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work. The closing date for applications is 10 May 2024– an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.