Deepfake creators revictimize sex trafficking survivors | OpenAI taking steps to block China’s access | US Supreme Court rules in favor of government in social media jawboning case
Good morning. It's Thursday 27th of June.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
Deepfake creators are revictimizing GirlsDoPorn sex trafficking survivors by using footage from the operation to create nonconsensual pornographic videos. Despite legal actions and awarded damages, the spread of this content highlights the need for stronger protections against the misuse of AI in creating explicit material. WIRED
OpenAI is blocking access to its AI tools in China, starting in July, in response to US pressure to limit Chinese access to advanced technologies. This move follows revelations of covert influence operations and has led Chinese firms like Alibaba and Zhipu AI to promote their own products as alternatives. Bloomberg
The US Supreme Court has ruled 6-3 against a state-led effort to restrict the federal government's ability to communicate with social media companies regarding content moderation, emphasizing that the plaintiffs lacked standing to challenge these actions on free speech grounds. Semafor
China
OpenAI taking steps to block China’s access to its AI tools
Bloomberg
OpenAI is taking additional steps to curb China’s access to artificial intelligence software, enforcing an existing policy to block users in nations outside of the territory it supports. The Microsoft Corp.-backed startup sent memos to developers in China about plans to begin blocking their access to its tools and software from July, according to screenshots posted on social media that outlets including the Securities Times reported on Tuesday. In China, local players including Alibaba Group Holding Ltd. and Tencent Holdings Ltd.-backed Zhipu AI posted notices encouraging developers to switch to their own products.
China-backed hackers step up spying on Taiwan: security firm
Radio Free Asia
Suspected Chinese state-sponsored hackers have intensified cyber-espionage activities against Taiwanese targets since late last year, with a particular focus on its technology sector, an online security company said in a new report. U.S. cybersecurity company Recorded Future said RedJuliett – a “likely Chinese state-sponsored group” – has conducted a campaign to collect intelligence on government, academic, technology, and diplomatic organizations in Taiwan over the six months from last November.
‘Father’ of China EV industry calls for investment talks with EU
Bloomberg
The former government minister considered the father of China’s electric car industry has called for China and Europe to resume talks for an investment deal as a way to resolve trade tensions that have seen the European Union set to impose tariffs of up to 48% on imported EVs. Wan Gang, China’s minister of Science and Technology between 2007 and 2018, said Wednesday the tariffs were politically motivated and not supported by all EU countries.
China’s AI strength suggests US curbs could backfire
Bloomberg
Catherine Thorbecke
US officials and tech leaders have spent much of this year celebrating the success of all-out efforts to stifle China’s AI ambitions. But it’s too soon to count Beijing out of the race, and American attempts to limit China’s progress have pushed the nation to advance in creating a homegrown ecosystem at a time when developing sovereign AI has emerged as a global national security imperative. It would be unwise to underestimate the stakes for China, especially when the technology is still in its infancy.
Chinese hackers are increasingly deploying ransomware, researchers say
CyberScoop
AJ Vicens
Chinese-linked cyberespionage campaigns are increasingly deploying ransomware as the final stage in operations to either make money, distract their adversaries or make it more difficult to attribute their work, researchers with SentinelLabs and Recorded Future said Wednesday. Historically, cyberespionage groups working on behalf of states have mostly eschewed the use of ransomware, but that appears to now be changing as state-backed hackers are increasingly using the epidemic of ransomware to hide their operations. According to Wednesday’s report, apparent ransomware attacks against the Brazilian presidency and the All India Institute of Medical Sciences (AIIMS), carried out in 2022 and so far unattributed, were in fact the work of a suspected Chinese-linked cyberespionage operation tracked as ChamelGang, or CamoFei.
USA
US Supreme Court rules in favor of government in social media jawboning case
Semafor
Caroline Anders and Mathias Hammer
The US Supreme court on Wednesday rejected a state-led effort to limit the federal government’s communications with social media companies about their content moderation policies. At issue was whether Washington could ask platforms to take down posts deemed as harmful or misinformation. In a 6-3 ruling, the court found that the states of Missouri and Louisiana, together with a group of five social media users, did not have standing to bring the case against the Biden administration on grounds of free speech.
CISA warns chemical facilities may have been hacked in CSAT breach
TechRadar
Benedict Collins
Chemical facilities across the US that utilize the Cybersecurity & Infrastructure Security Agency’s (CISA) ‘Chemical Security Assessment Tool’ could be at risk following thanks to a data breach that reportedly struck in January 2024. The attackers may have been able to access sensitive and confidential material relating to facility security assessments after abusing an Ivanti device to plant a webshell.
What happened to Stanford spells trouble for the election
The New York Times
Renée DiResta
In 2020 the Stanford Internet Observatory, where I was until recently the research director, helped lead a project that studied election rumors and disinformation. As part of that work, we frequently encountered conspiratorial thinking from Americans who had been told the 2020 presidential election was going to be stolen. The way theories of “the steal” went viral was eerily routine. First, an image or video, such as a photo of a suitcase near a polling place, was posted as evidence of wrongdoing. The poster would tweet the purported evidence, tagging partisan influencers or media accounts with large followings. Those accounts would promote the rumor, often claiming, “Big if true!” Others would join, and the algorithms would push it out to potentially millions more.
South & Central Asia
Hacker claims data breach of India’s eMigrate labor portal
TechCrunch
Jagmeet Singh
A hacker claims to be selling an extensive database associated with an Indian government portal meant for blue-collar workforce emigrating from the country. Launched by India’s ministry of external affairs, the eMigrate portal helps Indian labor legally emigrate overseas. The portal also provides emigration clearance tracking and insurance services to migrant workers. According to a listing on a known cybercrime forum that TechCrunch has seen, the pseudonymous hacker published a small portion of the data containing full names, email addresses, phone numbers, dates of birth, mailing addresses and passport details of individuals who allegedly signed up to the portal.
Ukraine - Russia
Russia has nuclear advances for an AI era, top arms control diplomat says
Reuters
Dmitry Antonov
Russia's top diplomat for arms control said on Tuesday that Russia had made advances in nuclear deterrence that would allow it to ensure its security for decades to come even in an era dominated by advances in Artificial Intelligence. Asked at a conference in Moscow if Russia could ensure nuclear security in an era of AI competition, Deputy Foreign Minister Sergei Ryabkov said it could. "In recent years, such groundwork has been done in the field of nuclear deterrence that will allow us to ensure our own security for decades to come," Ryabkov, Russia's arms control point man, said.
Ukraine’s tech hub develops AI-driven drone swarms to combat Russian forces
Kyiv Post
A Ukrainian startup says it’s on the brink of revolutionizing warfare with an AI-driven drone swarm capable of coordinated attacks on enemy tanks and intelligence gathering, potentially giving Ukraine a significant advantage in its war with Russia, as per The Times’ report. “It’s the equivalent of bringing the steam engine into the factory all those years ago,” said Serhii Kuprienko, the founder of the startup. “Our core mission is to get robots to do the fighting, not humans.”
Russia bans distribution of dozens of EU news outlets in retaliatory step
Reuters
Guy Faulconbridge and Andrew Osborn
Russia said on Tuesday it was banning access inside Russia to the broadcasts of 81 different media outlets from the European Union including Agence France-Presse and Politico in retaliation for a similar EU ban on several Russian media outlets. The European Union said in May it was suspending the distribution of what it described as four "Kremlin-linked propaganda networks," stripping them of their broadcasting rights in the bloc.
Russian propaganda floods Europe's social networks
CNRS News
Marina Julienne
As the European elections draw near, Paul Bouchaud, a specialist in algorithms, shows that Meta (the company that owns Facebook, Instagram, and WhatsApp) is not preventing pro-Russian propaganda from flooding its platforms with political messages.
US charges Russian civilian for allegedly helping GRU spies target Ukrainian government systems with data-destroying malware
TechCrunch
Zack Whittaker
The Department of Justice has charged a Russian civilian with conspiracy to destroy Ukrainian government computer systems as part of a widespread hacking effort by Russia ahead of its illegal invasion of Ukraine. U.S. prosecutors in Maryland said Wednesday that Amin Stigal, 22, is wanted for helping to set up servers used by Russian government hackers that were used to launch destructive cyberattacks on Ukraine government ministries in January 2022, a month before the Kremlin ordered tanks and troops to cross Ukraine’s borders.
Europe
French police shut down chat website reviled as 'den of predators'
The Record by Recorded Future
Daryna Antoniuk
French law enforcement has shut down the chat website Coco, which authorities said has allowed offenders to coordinate child sexual abuse, rapes, homicides and other serious crimes. As of Tuesday, the website is no longer available and only displays a seizure notice from the French national police. According to a statement by the Paris prosecutor's office, the investigation into Coco’s operation was initiated in December 2023. France collaborated with law enforcement from Bulgaria, Germany, Lithuania, the Netherlands and Hungary.
Africa
South Africa’s national health lab hit with ransomware attack amid mpox outbreak
The Record by Recorded Future
Jonathan Grieg
South Africa’s National Health Laboratory Service (NHLS) confirmed on Tuesday that it is dealing with a ransomware attack significantly affecting the dissemination of lab results as the country responds to an outbreak of mpox. A spokesperson for the organization told Recorded Future News that the ransomware attack began Saturday morning and that hackers deleted sections of their system, including backup servers, meaning they will have to rebuild many of the affected parts.
Gender & Women in Tech
Cybersecurity specialist Carole House returns to White House
The Record by Recorded Future
Suzanne Smalley
A cybersecurity expert returned on Monday to the National Security Council (NSC) as special adviser for cybersecurity and critical infrastructure policy, two years after departing the White House agency. Carole House, who also has worked in senior cybersecurity roles at the Department of Treasury and the White House’s Office of Management and Budget (OMB), brings significant cybersecurity expertise to the NSC in the months leading up to November’s election.
Artificial Intelligence
Political deepfakes top list of malicious AI use, DeepMind finds
Financial Times
Cristina Criddle
Artificial intelligence-generated “deepfakes” that impersonate politicians and celebrities are far more prevalent than efforts to use AI to assist cyber attacks, according to the first research by Google’s DeepMind division into the most common malicious uses of the cutting-edge technology. The study said the creation of realistic but fake images, video and audio of people was almost twice as common as the next highest misuse of generative AI tools: the falsifying of information using text-based tools, such as chatbots, to generate misinformation to post online.
Researchers fool university markers with AI-generated exam papers
The Guardian
Richard Adams
Researchers at the University of Reading fooled their own professors by secretly submitting AI-generated exam answers that went undetected and got better grades than real students. The project created fake student identities to submit unedited answers generated by ChatGPT-4 in take-home online assessments for undergraduate courses. The university’s markers – who were not told about the project – flagged only one of the 33 entries, with the remaining AI answers receiving higher than average grades than the students.
Misc
Deepfake creators are revictimizing GirlsDoPorn sex trafficking survivors
WIRED
Matt Burgess
The most notorious deepfake sexual abuse website is hosting altered videos originally published as part of the GirlsDoPorn operation. Experts say this new low is only the beginning. For years, nonconsensual deepfake pornography has been used to harass, silence, shame, and abuse women. Celebrities and influencers have their faces implanted into existing adult videos; men have used the technology to place “friends” into explicit videos; and boys have allegedly created “nude” images of their female classmates. However, among the ever growing harassment and abuse, deepfake creators have now, arguably, hit a new low: using videos of sex trafficking victims as the basis of the nonconsensual videos.
Events & Podcasts
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.