EU condemns Russian hacks on Germany, Czechia, Poland, Lithuania, Slovakia and Sweden | Australian MPs not told of Chinese hacks | Drone Warfare, now in Burma
Good morning. It's Monday May 6th.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
The European Union and its Member States, together with international partners, strongly condemn the malicious cyber campaign conducted by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia. Today, Germany has shared publicly its assessment on APT28 compromise of various e-mail accounts of the German Social Democratic Party executive. At the same time, Czechia announced its institutions have been a target of this cyber campaign. State institutions, agencies and entities in Member States, including in Poland, Lithuania, Slovakia and Sweden have been targeted by the same threat actor before. Council of the European Union
However, the [spy] agencies decided not to tell the Government or the MPs affected. Instead, the 20 Australian MPs belonging to the Inter-Parliamentary Alliance on China (IPAC) only learned of the attempted attack when the US Department of Justice released its indictment against seven Chinese hackers in April this year — three years after the first warning was provided. The Nightly
In flip-flops and shorts, one of the finest soldiers in a resistance force battling the military junta in Myanmar showed off his [drone]. Despite the ragtag conditions, rebel drone units have managed to upend the power balance in Myanmar. With little more than instructions crowdsourced online and parts ordered from China, the resistance forces have added ballast to what might seem a hopelessly asymmetrical civil war. The techniques they are using would not be unfamiliar to soldiers in Ukraine. The New York Times
ASPI
First speakers announced for ASPI’s Sydney Dialogue on 2-3 September
ASPI's The Sydney Dialogue
This year’s event builds on the strong lineup of speakers at the previous two dialogues and will include:
- The Hon Tim Watts MP, Australia’s Assistant Minister for Foreign Affairs
- David van Weel, Assistant Secretary General for Innovation, Hybrid and Cyber, NATO
- Urvashi Aneja, Founder and Executive Director, Digital Futures Lab
- Shigeru Kitamura, President and Chief Executive Officer of Kitamura Economic Security Inc.
Other leaders, innovators and top thinkers from across governments, industry and civil society will be announced in the lead-up to the event.
Campus protests give Russia, China and Iran fuel to exploit U.S. divide
The New York Times
Steven Lee Myers and Tiffany Hsu
As protests over the war in Gaza have spread across the United States, Russia, China and Iran have seized on them to score geopolitical points abroad and stoke tensions within the United States, according to researchers who have identified both overt and covert efforts by the countries to amplify the protests since they began..The influence efforts have been tracked by researchers at Clemson and NewsGuard, as well as the Institute for Strategic Dialogue, the Foundation for Defense of Democracies, the Australian Strategic Policy Institute and Recorded Future, a threat intelligence company. One covert Chinese influence campaign known as Spamouflage, which was first linked to an arm of the Ministry of Public Security in 2019, has also turned its attention to the protests.
Cyber capabilities in the Indo-Pacific: Shared ambitions, different means?
RUSI
Louise Marie Hurel, Dr Gatra Priyandita, Arindrajit Basu, Bich Tran, Wilhelm Vosse and Mike Bareja
What has been made public is that offensive cyber is used to support military operations, disrupt cybercrime and ‘enable ASD to manipulate, disrupt or degrade our adversaries’ capability’. The Strategy also states that Australia will ‘amplify our domestic law enforcement and offensive cyber activities to make Australia a harder target for cyber criminals’.
World
The data arms race in China-US technological competition
The Diplomat
Sunny Cheung
As China actively redefines the contours of data flow, the United States is actively responding to protect its own data integrity and security. The international community must remain astute observers and proactive participants. The ongoing developments will likely reshape not just the geopolitics but the international legal and business landscapes, compelling stakeholders across the globe to adapt to new realities of privacy, security, and economic competitiveness in an increasingly digital world.
Australia
Spy agencies kept Australian MPs in dark after they were targeted by Chinese hackers
The Nightly
Latika M Bourke
Instead, the 20 Australian MPs belonging to the Inter-Parliamentary Alliance on China (IPAC) only learned of the attempted attack when the US Department of Justice released its indictment against seven Chinese hackers in April this year — three years after the first warning was provided.
Russian gang behind hack exposing family violence victims, government agencies
The Age
Sherryn Groch
In online forum posts the group claimed its haul totalled 395 gigabytes, attaching as proof scans of passports, including individual immigration identifiers, and other sensitive documents it said were looted from ZircoDATA’s clients. The National Cybersecurity Co-ordinator called the disclosure of private details about sexual violence and assault victims “distressing”.
Meet the woman taking on AI, its 'fake' models and alarming beauty standards
ABC News
Leisa Scott and Rebecca Armstrong
The more Bonner explored, the more her concerns grew beyond her industry. She worried about what these computer-generated images of the "perfect" woman would do to the self-confidence of the real-life ones, especially girls. She was aghast that AI models were being presented as real, luring people to porn or dating sites, or to buy goods.
NSW government's $230 million emergency domestic violence package to include bail law changes and integrated support service
ABC News
Nick Dole
The duress alarms can be worn on the wrist, like a watch or fitness monitor, and signal their activation with vibrations, so a violent partner is not aware it has been triggered. Police can be called automatically and on some devices, can even listen to the audio.
China
Blacklisted Chinese tech giant is covertly funding scientific research at U.S. universities through a nonprofit
Fortune Magazine
Kate O'Keeffe and Bloomerg
Huawei is the sole funder of a research competition that has awarded millions of dollars since its inception in 2022 and attracted hundreds of proposals from scientists around the world, including those at top U.S. universities that have banned their researchers from working with the company, according to documents and people familiar with the matter.
China signals a loosening of data and AI governance
The Diplomat
Jonathan Dove
These regulations make frequent reference to striking a complementary balance between “security” and “development.” In the fast-moving digital economy however, the reality on the ground is more complex and uncertain, with security often taking precedence.
USA
The tech hawks took down TikTok. Now what?
Foreign Policy
Rishi Iyengar
That hawkishness has also made its way to Silicon Valley, the U.S. tech industry’s biggest power center, with companies and investors significantly dialing back their exposure to the Chinese tech ecosystem in recent years. Sequoia Capital, one of the biggest and most storied investment firms, spun off its China and India businesses into independent firms last year due to geopolitical tensions and amid pressure from U.S. lawmakers.
U.S. big tech in China: too big to bail
The Wire China
Ngor Luong, Sam Bresnick and Kathleen Curlee
Most major tech firms are continuing to invest in China despite difficult market and international conditions.
North Asia
South Korea considers joining AUKUS pillar II
The Diplomat
Rod McGuirk
South Korea is considering sharing advanced military technology with the United States, the United Kingdom and Australia through the so-called AUKUS partnership, South Korean Defense Minister Shin Won-sik said.
Southeast Asia
Drones changed this civil war, and linked rebels to the world
The New York Times
Hannah Beech and Paul Mozur
They are much harder to fly than conventional drones, operated with goggles that allow the pilot to see from the perspective of the drone. In Ukraine, pilots often train for hundreds of hours on simulators before getting the chance to fly in combat. One drone pilot, Ko Sai Laung, sat in a bamboo shack sharpening his skills on a laptop loaded with Ukrainian drone simulation software. He cradled a joystick in his hands, occasionally wiping away the sweat trickling down his face as he piloted a virtual drone above simulated Ukrainian farmland toward Russian tanks.
Israeli firms sold invasive surveillance tech to Indonesia: Report
Al Jazeera
The research by Amnesty International’s Security Lab – based on open sources including trade records, shipping data and internet scans – uncovered links between official government bodies and agencies in the Southeast Asian country and Israeli tech firms NSO, Candiru, Wintego and Intellexa, a consortium of linked firms originally founded by a former Israeli military officer, going back to at least 2017.
Ukraine - Russia
Ukraine unveils AI-generated foreign ministry spokesperson
The Guardian
“It’s only the visual part that the AI helps us to generate,” Dmytro Kuleba, the Ukrainian foreign minister, said, adding that the new spokesperson was a “technological leap that no diplomatic service in the world has yet made”.
Europe
Statement on behalf of the EU on continued malicious behaviour in cyberspace by the Russian Federation
Council of the European Union
Peter Stano
Today, Germany has shared publicly its assessment on APT28 compromise of various e-mail accounts of the German Social Democratic Party executive. At the same time, Czechia announced its institutions have been a target of this cyber campaign. State institutions, agencies and entities in Member States, including in Poland, Lithuania, Slovakia and Sweden have been targeted by the same threat actor before. In 2020, the EU imposed sanctions on individuals and entities responsible for the APT28 attacks targeting the German Federal Parliament in 2015.
Elite Russian hackers breach Scholz’s German socialist party
POLITICO
Clothilde Goujard and Laurens Cerulus
The German government on Friday lashed out at Russian intelligence services for hacking email accounts belonging to Chancellor Olaf Scholz's Social Democratic Party last year.
Poland says it too was targeted by Russian hackers
POLITICO
Carlo Boffa
Poland said it was also "among the targets" of the Russian-controlled hacking group that attacked Germany and the Czech Republic.
Germany, Czech Republic & the EU Call Out Russia for orchestrating cyber attacks
Tech Report
Krishi Chowdhary
The Czech Republic has also accused Russia of cyber attacks. According to the government officials, many of its state agencies faced data breaches in 2023 planned by APT28—once again through a Microsoft Outlook vulnerability.
GPS jamming is a ‘side effect’ of Russian military activity, Finnish transport agency says
POLITICO
Tommaso Lecca
Jamming GPS signals over the Baltic Sea is “most likely” a side effect of Russia's anti-drone activities, Traficom, the Finnish Transport and Communications Agency, said today. “The interference intensified when Ukraine's drone attacks on Russia's energy infrastructure began in January 2024,” Traficom said in a press release.
Big Tech
Social media is more 'chaotic' and 'fragmented' than ever, so what's the future of how we live online?
ABC News
Jessica Riga
"Platforms are trying to work out what to do about young people's changing uses of social media where they're less inclined to post publicly, [instead] much more ephemeral video, all these kinds of things." For Dan Angus, the director of the Queensland University of Technology's Digital Research Centre, "fragmented is the best way I would describe it."
Events & Podcasts
JoiningFORCES
ASPI
The JoiningFORCES conference will explore ways to bridge national and international boundaries to deliver more joint, collective and effective defence. It will bring together government ministers, senior defence officials, leading industry figures, and international experts across the two-day event and formal dinner. We will also use collaborative wargaming and scenario exercise techniques to generate insights on enhancing regional deterrence. Our focus will be on strategic and operational level challenges and will consider the vital role of industry in delivering capability at the speed needed to meet the strategic threats Australia faces.
Jobs
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work. The closing date for applications is 10 May 2024– an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.