Pranksters have already defaced Trump’s new social network | Oversight board condemns Facebook for withholding information on how it moderates VIPs | Twitter study says its algorithm favours the right

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • Former president Donald Trump and his team declared Wednesday night that they would soon launch a “media powerhouse” that would help them triumph in their long-running war against Big Tech. But within hours, pranksters found what appeared to be an unreleased test version and posted a picture of a defecating pig to the “donaldjtrump” account. The Washington Post

  • Facebook’s oversight board condemned the platform on Thursday for withholding relevant information about its content moderation system that was revealed by The Wall Street Journal through leaked documents. CNBC

  • Twitter is publicly sharing research findings today that show that the platform's algorithms amplify tweets from right-wing politicians and content from right-leaning news outlets more than people and content from the political left. Protocol

ASPI ICPC

Australia’s choice about China has been long in the making
Australian Financial Review
@FergusHanson
September was a big month for Australia’s international relations. There was AUKUS, there was the diplomatic tour of the Indo-Pacific by ministers Marise Payne and Peter Dutton, and in late September there was the first in-person summit of Quad leaders at the White House, attended by Scott Morrison. But lost amid all the meetings and activities and submarines has been a far more powerful development. It is one of those inflection points that will bend the arc of Australian history.


A 3D deep dive into the India–China border dispute
The Strategist
@grewalbaani @Nrg8000
India–China border tensions have become one of the Indo-Pacific’s defining territorial disputes. The ongoing Ladakh crisis ended more than three decades of confidence-building measures and border agreements in June 2020 with the deaths of Indian and Chinese soldiers. Multiple rounds of tactical and diplomatic talks have resulted in a stalemate between the two Asian powers. Over the past year, there’s been a renewed build-up of military and transport infrastructure along the border as both countries reacted to tensions.

Tightening Up
ChinaFile
@fryan
Many of the regulatory actions against tech companies had been in the works for some time and their delivery was delayed both by the COVID-19 pandemic and the Party’s centenary celebrations in July 2021. A confluence of factors brought about their implementation seemingly all at once, including the onslaught of sanctions from the U.S., the stresses of the pandemic, and a slowing economy. Some have been reactive. In the case of the actions against Ant Group and DiDi, regulators scrambled at the last minute in reaction to those companies racing toward IPOs before satisfying their regulatory obligations.

Lowy Institute Conversations: Fan Yang and Fergus Ryan on Chinese-language media in Australia
Lowy Institute
In this episode of Conversations, Jennifer Hsu talks with Fan Yang and Fergus Ryan about the media representation of Australia-China relations, WeChat, self-censorship and the pressures faced by Chinese-language media outlets in Australia.

World

Twitter’s own research shows that it’s a megaphone for the right. But it’s complicated.
Protocol
@anna_c_kramer
Twitter is publicly sharing research findings today that show that the platform's algorithms amplify tweets from right-wing politicians and content from right-leaning news outlets more than people and content from the political left.

Australia

Old-school and cyber spying now our biggest concern
The Australian
@_clivewilliams
The ASIO 2000-21 annual report tabled in parliament this week is the second by director-general Mike Burgess. It highlights a growing ASIO concern about espionage and foreign interference activities in Australia to a level where they are supplanting terrorism as ASIO’s main concern in the next five years.

Champions of Change unveil 12 steps to boost women tech leaders
Australian Financial Review
@eyersj
The CEOs of Telstra and Microsoft are encouraging 252 fellow members of the Champions of Change Coalition to step up the co-ordination of programs that reduce gender discrimination in the digital economy. The coalition, which dropped “male” from its original title last year to reflect more women being involved in its campaigns, has announced 12 commitments to promote female leadership in the information technology sector, traditionally one of the most blokey. These include ensuring artificial intelligence algorithms avoid harmful gender stereotypes, targeting training on digital skills and hiring, protecting women during restructuring processes, and making gender equality expectations clear to contractors supplying contingent labour.

China

Apple Will Face Pressure to Store More Customer Data in China Under New Laws
The Information
@waynema
Apple could be the next target of new Chinese government rules forcing U.S. companies to store more user data in the country, analysts and legal experts say.

China Cuts Caixin From Approved Media, Curbing Influence
Bloomberg
China has expelled Caixin Media from an official list of news outlets that can be republished, a move that curtails the influence of one of the nation’s most liberal sources of information. The Cyberspace Administration of China announced an approved list of some 1,300 domestic media outlets, social media accounts and government agencies, banning internet news providers from using anything else.

China: The patriotic 'ziganwu' bloggers who attack the West
BBC
@tessa_wong
Guyanmuchan is among a new crop of bloggers known as the "ziganwu", whose rise in fame on Chinese social media has been inextricably linked with the ascendancy of Chinese nationalism. Their name refers to the infamous "wumao" army of trolls who are paid to spread state propaganda - but the difference is that the "ziganwu" do it for free. Their scathing posts and videos, shared by tens of thousands of fans, often criticise Western countries and media outlets. Issues like feminism, human rights, multiculturalism, democracy which are deemed as Western influence "corrupting" Chinese society have also been scrutinised.

Universal Electronics  ended relationship with agency linked to Uyghur workers
Reuters
Universal Electronics Inc said on Wednesday it had ended its relationship with a staffing agency that hired Uyghur workers who were transported from China's Xinjiang province to a plant in southern China.

China is pushing a new Covid origin theory: Maine lobsters
NBC News
@oliviasolon @keirsimmons @amyperrettenbc
In mid-September, Marcel Schliebs, a disinformation researcher at the University of Oxford, spotted the emergence of a surprising coronavirus origin theory.

Huawei should dissolve, disperse and seed China’s high-tech future
The Economist
It is too prominent to be able to reinvent itself.

USA

Pranksters have already defaced Trump’s new social network
The Washington Post
@drewharwell
Former president Donald Trump and his team declared Wednesday night that they would soon launch a “media powerhouse” that would help them triumph in their long-running war against Big Tech. But within hours, pranksters found what appeared to be an unreleased test version and posted a picture of a defecating pig to the “donaldjtrump” account.

Oversight board condemns Facebook for withholding information on how it moderates VIPs
CNBC
@lauren_feiner
Facebook’s oversight board condemned the platform on Thursday for withholding relevant information about its content moderation system that was revealed by The Wall Street Journal through leaked documents.

How Many Users Does Facebook Have? The Company Struggles to Figure It Out
The Wall Street Journal
@samschech @JeffHorwitz
Internal research finds that new users with multiple accounts are undercounted, ‘very prevalent’; some are unintentional.

US Government warns of BlackMatter ransomware attacks against critical infrastructure
TripWire
@gcluley
The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group.

Huawei, SMIC suppliers received billions worth of licenses for U.S. goods -documents
Reuters
Suppliers to Chinese telecoms giant Huawei and China's top chipmaker SMIC got billions of dollars worth of licenses from November through April to sell them goods and technology despite their being on a U.S. trade blacklist, documents seen by Reuters showed on Thursday.

FTC Staff Report Finds Many Internet Service Providers Collect Troves of Personal Data, Users Have Few Options to Restrict Use
Federal Trade Commission
Many internet service providers (ISPs) collect and share far more data about their customers than many consumers may expect—including access to all of their Internet traffic and real-time location data—while failing to offer consumers meaningful choices about how this data can be used, according to an FTC staff report on ISPs’ data collection and use practices.

Ransomware Gang Masquerades as Real Company to Recruit Tech Talent
The Wall Street Journal
@bobmcmillan
A criminal organization believed to have built the software that shut down a U.S. fuel pipeline has set up a fake company to recruit potential employees.

Seven years later, DHS set to roll out dramatic changes to system for hiring cyber pros
CyberScoop
@timstarks
The Cyber Talent Management System dispenses with traditional federal job classifications in place since 1949, changes how applicants prove themselves, ties pay increases to something other than longevity of service and much more. At a time when private sector organizations and government agencies struggle to recruit and retain cyber personnel, DHS officials and outside observers alike are hopeful the system will deliver results.

North-East Asia

Taiwan’s digital minister on China’s “digital authoritarianism”
Global Insider
@PoliticoRyan
Imagine a world in which middle schoolers fact check presidential debates and public officials publish transcripts of every conversation they have. That’s the world that Audrey Tang, Taiwan’s digital minister, has helped create, thereby fortifying Taiwan’s democracy even as it faces increasing threats from China. Tang tells POLITICO’s Ryan Heath what it’s like to govern and live in the shadow of China.

South Korean spy agency to support university program on counterespionage
North Korea News
@
chaewonjrn
South Korea’s state intelligence agency has agreed to work with a local university to support education programs in counterespionage and security, as the country continues to address cyber and other security threats from North Korea.

South & Central Asia

Security meet discusses cyberattacks from China
The Hindu
The rising cyberattacks from China on critical installations was discussed at the National Security Strategies Conference chaired by Home Minister Amit Shah on Monday.

Africa

New documents shed light on Amazon’s controversial Africa headquarters
Rest of World
@lmatsakis @PatrickEgwu6
The Cape Town development may not have met Amazon's requirements. So why was it chosen?

Misc

Seeking Secure, Private Conversations? Here Are Your Best Bets for Encrypted Communication.
New America
Pronoma Debnath
So which apps and services offer the strongest protection? Which messaging apps fall short by offering less than full end-to-end encryption? With so many tools for encrypted communications, which are the most important features? What security protections should users be looking for when deciding how they would like to communicate? When should users choose certain tools over others? Although these are complicated questions, there are a few basic factors that could help an average user choose one tool over another.

Sam Altman’s Worldcoin wants to scan eyeballs in exchange for crypto
TechCrunch
@lucasmtny
The startup, founded by OpenAI CEO Sam Altman and Alex Blania, wants to put a crypto wallet (and some of their currency) onto every human’s smartphone, but in order to do so they have to build a way to determine whether someone is a unique human. Worldcoin is aiming to make their proof-of-personhood network in the least dystopian way possible. That being said, it still requires scanning a billion people’s eyeballs with a five-pound chromatic sphere called “The Orb”.

Events

Research

Ill Advice: A Case Study in Facebook’s Failure to Tackle COVID-19 Disinformation
ISD
Aoife Gallagher, Mackenzie Hart and Ciarán O’Connor
This report looks at Facebook’s efforts to tackle COVID-19 misinformation by analysing the online presence of a group called the World Doctors Alliance.

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.

Share

US Commerce Department announces new rule aimed at stemming sale of hacking tools | China updates official news sources list to tighten oversight | US and UK AI research labs collaborate on army tech

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • The Commerce Department on Wednesday announced a long-awaited rule that officials hope will help stem the export or resale of hacking tools to China and Russia while still enabling cybersecurity collaboration across borders. The rule, which will take effect in 90 days, would cover software such as Pegasus, a potent spyware product sold by the Israeli firm NSO Group to governments that have used it to spy on dissidents and journalists. The Washington Post

  • The Cyberspace Administration of China (CAC), the country's top internet regulator, published an updated list on Wednesday of 1,358 internet news services, stating that information service providers can only reprint news from these sources. Reuters

  • A new US and UK collaboration has integrated artificial intelligence and machine learning to support combat forces. For the first time, the Air Force Research Laboratory worked with the UK’s Defence Science and Technology Laboratory to develop, select, train, and deploy state-of-the-art ML algorithms to support armies. Digit

ASPI ICPC

The architecture of repression: Unpacking Xinjiang's governance
ASPI ICPC
For accountability, it is necessary to investigate how China’s campaign against the Uyghurs has been implemented and which offices and individuals have played a leading part. The current knowledge gap has exposed international companies and organisations to inadvertent engagement with Chinese officials who have facilitated the atrocities in Xinjiang. It has also prevented foreign governments from making targeted policy responses. This project maps and analyses the governance mechanisms employed by the Chinese party-state in Xinjiang from 2014 to 2021 within the context of the region’s ongoing human rights crisis. The authors have located and scrutinised thousands of Chinese-language sources including leaked police records and government budget documents never before published. This archive of sources is made publicly available for the use of others. In addition to a detailed policy report, this project includes an interactive organisational chart which profiles over 170 offices that have participated in Xinjiang governance in the last 7 years. Within the chart, guided tours can take the viewer through five key sets of Xinjiang’s repressive policies: mass internment, forced labour, at-home surveillance and indoctrination, coercive birth control, and ubiquitous propaganda.

Exposing the Chinese government’s oppression of Xinjiang’s Uyghurs
The Strategist
@xu_xiuzhong
Since the spring of 2017, it has been widely accepted that between several hundred thousand and a million Uyghurs and other indigenous people in Xinjiang have been rounded up and interned in what Chinese authorities call ‘vocational education and training centres’. Yet these re-education camps are only the most visible components of a vast architecture of repression in the region.

The Chinese Tech Industry Adjusts to Beijing’s New Reality
Bloomberg
Chinese regulators aren’t interested in controlling the daily operations of private corporations, according to Fergus Ryan, a senior analyst at the Australian Strategic Policy Institute’s International Cyber Policy Centre, but they are looking to ensure that companies operate in line with Beijing’s industrial policies. Tech companies are under new pressure to share valuable data and shift away from internet commerce in favor of core technologies that could help insulate China from being cut off from U.S. suppliers. “The direction we’re moving toward is a new type of Chinese company that is neither state-owned nor private,” Ryan says. “They’re becoming hybrid entities that are effectively state-controlled.”

Australia

Crypto experts say Australia risks brain drain if new senate report not acted on
ABC
@rhianawhitson
A senate inquiry has recommended changes to taxation laws, licensing and regulatory regimes to encourage digital and crypto-asset businesses to set up in Australia.

China

China updates official news sources list to tighten information oversight
Reuters
@horwitzjosh @brendagoh_
The Cyberspace Administration of China (CAC), the country's top internet regulator, published an updated list on Wednesday of 1,358 internet news services, stating that information service providers can only reprint news from these sources.

As Evergrande Teeters, Chinese Media Walks a Fine Line
The New York Times
@vwang3
Officials want to avert public panic about the property developer’s financial woes. But they also want to send a message to spendthrift corporations.

China presses McDonald’s to expand e-currency system before Olympics
The Financial Times
China has told McDonald’s to expand a digital renminbi payments system at restaurants across the country before the Beijing Winter Olympics, as the country prepares to launch the world’s first major e-currency. Three people familiar with the situation said China was pushing some US companies to install systems to allow consumers to pay for their products in digital renminbi by the opening of the Beijing Games in February.

At least 13 phone firms hit by suspected Chinese hackers since 2019, say experts
The Guardian
@dansabbagh
The roaming hackers – known as LightBasin – were able to “search and find” individual mobile phones and “target accordingly”, according to CrowdStrike, a group regularly cited by western intelligence.

How Jack Ma treatment prompted Cathie Wood to quit China
Australian Financial Review
@mcranston1
Ms Wood, the flamboyant founder and chief executive of $US45 billion ($61 billion) asset manager Ark Invest, said she started pulling out money when the founder of e-commerce giant Alibaba and former national hero Jack Ma was chastised last year.

Jack Ma Leaves China for the First Time Since Regulatory Woes Began
The Wall Street Journal
@qizhai
Alibaba co-founder Jack Ma is traveling outside of China for the first time since his business empire came under regulatory scrutiny about a year ago, according to people familiar with the matter.

China’s test of hypersonic vehicle is part of a program to rapidly expand strategic and nuclear systems
The Washington Post
@nakashimae
China is in the midst of a rapid expansion of its strategic and nuclear weapons systems, and its progress has alarmed U.S. national security officials.

Alibaba: new chip could end up costing an Arm and a leg
The Financial Times
UK and US links risk exposing Chinese group’s core computer systems to political disputes.

USA

Commerce Department announces new rule aimed at stemming sale of hacking tools to Russia and China
The Washington Post
@nakashimae
The Commerce Department on Wednesday announced a long-awaited rule that officials hope will help stem the export or resale of hacking tools to China and Russia while still enabling cybersecurity collaboration across borders. The rule, which will take effect in 90 days, would cover software such as Pegasus, a potent spyware product sold by the Israeli firm NSO Group to governments that have used it to spy on dissidents and journalists.

Adam Schiff asks intelligence agencies for information about CIA's targeting of WikiLeaks
Yahoo! News
@Isikoff
The House Intelligence Committee is seeking information about a report that CIA officials plotted to kidnap Julian Assange from the Ecuadorean Embassy in London in 2017 after WikiLeaks published documents describing the spy agency’s hacking tools.

US and UK AI Research Labs Collaborate on Army Support Tech
Digit
@ThKnackeredChef
A new US and UK collaboration has integrated artificial intelligence and machine learning to support combat forces. For the first time, the Air Force Research Laboratory worked with the UK’s Defence Science and Technology Laboratory to develop, select, train, and deploy state-of-the-art ML algorithms to support armies.

Why the United States Should Have Invited Russia to Join Counter-Ransomware Initiative
The Council on Foreign Relations
@shakirov2036
Last week, the United States hosted a virtual international meeting of the initiative that included European Union partners, members of the Quad, South Africa, Nigeria, Kenya, Republic of Korea, Singapore, United Arab Emirates, Ukraine, and others.

The tech billionaire aiding the Facebook whistleblower
POLITICO
@birnbaum_e
Support from eBay-founder-turned-tech-critic Pierre Omidyar is helping Frances Haugen take on one of the world's most powerful companies.

North-East Asia

Taiwan chip giants set terms for investment
Telegraph India
Sources said govt is in talks with Taiwan Semiconductor Manufacturing Company, which has a 50% share in the global market, and other companies to set up units.

South-East Asia

Why Indonesia’s Youth Hold the Key to its Tech Sector Progress
The Council on Foreign Relations
To capitalize on the promise of its burgeoning tech industry, Indonesia needs a greater focusing on developing the human talent that powers innovation and allows pioneering companies to grow.

UK

UK competition watchdog has music streaming in its sights
Reuters
@kholtonreuters
Britain's competition regulator plans to launch an examination of the music streaming market to see whether a sector dominated by platforms such as Spotify and Apple works for consumers.

Britain fines Facebook $70 mln for breaching order in Giphy deal
Reuters
@sachinr27
Britain's competition regulator has fined Facebook 50.5 million pounds ($69.6 million) for breaching an order imposed during its investigation into the U.S. social media giant's purchase of GIF platform Giphy, the agency said on Wednesday.

Britain Outlines Energy Plans Amid Dimming Prospects for Climate Summit
The New York Times
@_StephenCastle @MarkLandler
In an effort to recapture momentum, Prime Minister Boris Johnson announced a host of measures, including plans for a big expansion of electric vehicles, more offshore wind power and greater use of hydrogen.

Russia

Russian Corruption Makes It Harder to Crack Down on Ransomware
DefenceOne
@DefTechPat
Hackers who learned skills in government service are branching out “for their own personal enrichment,” Pentagon cyber leader says.

Google faces a fine of up to 20% of Russian revenue this month
Reuters
Russia said on Tuesday it would this month seek to fine U.S. tech giant Google a percentage of its annual Russian turnover for repeatedly failing to delete content deemed illegal, Moscow's strongest effort yet to rein in foreign tech firms.

Russia allows methane leaks at planet’s peril
The Washington Post
@StevenMufson @ikhurshudyan
On the morning of Friday, June 4, an underground gas pipeline running through the ancient state of Tatarstan sprang a leak. And not a small one. In a different era, the massive leak might have gone unnoticed.

Misc

The Technopolar Moment
Foreign Affairs
@ianbremmer
How digital powers will reshape the global order.

Facebook Grew Marketplace to 1 Billion Users. Now Scammers Are Using It to Target People Around the World.
ProPublica
@CraigSilverman @acinvestigates @peterelkind
ProPublica identified thousands of Marketplace listings and profiles that broke the company’s rules, revealing how Facebook failed to safeguard users.

Facebook is planning to rebrand the company with a new name
The Verge
@alexeheath
The coming name change, which CEO Mark Zuckerberg plans to talk about at the company’s annual Connect conference on October 28th, but could unveil sooner, is meant to signal the tech giant’s ambition to be known for more than social media and all the ills that entail.

Facebook to pay more than $14 million in Justice Dept. settlement over discrimination against American workers
The Washington Post
@davidnakamura @Cat_Zakrzewski
Facebook has agreed to pay penalties totaling more than $14 million under a settlement with the Justice Department over findings that the company’s hiring practices intentionally discriminated against U.S. workers in favor of foreign workers, U.S. officials said Tuesday.

Senators to Zuckerberg, Facebook Cannot be Trusted to Manage Crypto-Currency
Sherrod Brown
Today, U.S. Senatos voiced their opposition to Facebook’s revived effort to launch a cryptocurrency (“Diem”) and digital wallet (“Novi”). In light of yet another scandal involving Facebook’s failure to protect its users, the senators urged Facebook CEO Mark Zuckerberg to immediately discontinue the company’s pilot of Novi, announced this morning, and to commit not to bring Diem to market.

Mark Zuckerberg will be added to a Facebook privacy lawsuit.
The New York Times
@ceciliakang
The attorney general for the District of Columbia on Wednesday added Facebook’s chief executive, Mark Zuckerberg, to a consumer protection lawsuit, in one of the first efforts by a regulator to expose him personally to potential financial and other penalties.

AI can see through you: CEOs' language under machine microscope
Reuters
CEOs and other managers are increasingly under the microscope as some investors use artificial intelligence to learn and analyse their language patterns and tone, opening up a new frontier of opportunities to slip up.

ITU gives nod to non-cellular 5G standard
Mobile World Live
@Kavitm
European standards member group ETSI noted the development eliminated network infrastructure and single point failure, while enabling companies to operate without middlemen or subscription fees, as well as store and consume the data generated in the best way “they see fit for them”

Events

Bellingcat Workshops
Bellingcat
This workshop is a beginning & advanced verification course and a beginning & advanced course in social media & individual-focused research

International cyber landscape and Australia’s place in it
AllEvents
The internet is critical infrastructure, relied upon by businesses, governments, individuals and civil society to conduct business and engagement activities both domestically and internationally. The use of digital communications technology has increased exponentially over the last decade in developed and developing economies. Stemming from this significant growth have been concerns about trans-border data flows and data and cyber.This session will look at Australia’s cyber security approach and where we sit in the international cyber landscape.

Encryption Q&A - Global Encryption Day
Digital Rights Watch
Digital security is becoming increasingly undermined both at home in Australia and around the world. It’s important to explain and celebrate the important role encryption plays in keeping us safe and secure online. Join Executive Director of Digital Rights Watch, Lucie Krahulcova, and CTO of Oxen Privacy Tech Foundation, Kee Jefferys, on Global Encryption Day for a live Q&A about encryption. Thursday, October 21, 2021 • 6:00 PM • Australian Eastern Daylight Time (GMT+11:00)

Confronting Disinformation in Asia
IREX
Disinformation and propaganda are spreading like wildfire all across the globe. Asian countries are not immune to manipulation, which can all too often lead to violence.

A Conversation with Chris Inglis and Anne Neuberger
CSIS
Please join CSIS for a virtual conversation with Chris Inglis, National Cyber Director and Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology. The discussion will focus on opportunities to advance U.S. cybersecurity.

Research

Operation Secondary Infektion Targets Pfizer Vaccine
Recorded Future
The following report is an update to Insikt Group’s August 2021 publication “Operation Secondary Infektion Continues Targeting Democratic Institutions and Regional Geopolitics”, an investigation into the likely Russian state-sponsored information operation “Secondary Infektion.” This report examines a newly discovered campaign of Operation Secondary Infektion, aimed at discrediting the Pfizer-BioNTech COVID-19 vaccine.

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.

Share

Japan’s economic security minister warns on chip industry survival | U.S. lawmakers step up pressure to adopt tougher tech laws | NEW REPORT: The architecture of repression

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • Japan’s semiconductor industry is doomed to irrelevance unless the government matches the long-term strategic visions being laid out in the US and China, the country’s newly created minister for economic security has warned. Takayuki Kobayashi told the Financial Times that Japan had historically failed to identify the essential technologies that the country’s broad-based industrial economy should protect and promote to ensure it remained “indispensable” to the wider world. Financial Times

  • Legislation to curb the influence of big technology companies, including putting new restrictions on online content, is starting to gain traction in Congress as lawmakers narrow their targets and seek to build on public attention. The Wall Street Journal

  • For accountability, it is necessary to investigate how China’s campaign against the Uyghurs has been implemented and which offices and individuals have played a leading part. The current knowledge gap has exposed international companies and organisations to inadvertent engagement with Chinese officials who have facilitated the atrocities in Xinjiang. It has also prevented foreign governments from making targeted policy responses. This project maps and analyses the governance mechanisms employed by the Chinese party-state in Xinjiang from 2014 to 2021 within the context of the region’s ongoing human rights crisis. ASPI ICPC

ASPI ICPC

The architecture of repression: Unpacking Xinjiang's governance
ASPI ICPC
For accountability, it is necessary to investigate how China’s campaign against the Uyghurs has been implemented and which offices and individuals have played a leading part. The current knowledge gap has exposed international companies and organisations to inadvertent engagement with Chinese officials who have facilitated the atrocities in Xinjiang. It has also prevented foreign governments from making targeted policy responses. This project maps and analyses the governance mechanisms employed by the Chinese party-state in Xinjiang from 2014 to 2021 within the context of the region’s ongoing human rights crisis. The authors have located and scrutinised thousands of Chinese-language sources including leaked police records and government budget documents never before published. This archive of sources is made publicly available for the use of others. In addition to a detailed policy report, this project includes an interactive organisational chart which profiles over 170 offices that have participated in Xinjiang governance in the last 7 years. Within the chart, guided tours can take the viewer through five key sets of Xinjiang’s repressive policies: mass internment, forced labour, at-home surveillance and indoctrination, coercive birth control, and ubiquitous propaganda.

  • Mapping repression in Xinjiang
    Axios
    @BethanyAllenEbr
    A sweeping new report released today by an Australian research organization reveals new details about how the Chinese Communist Party — and specifically who within the party — is carrying out its campaign of repression in Xinjiang…Why it matters: Uncovering the actual offices and individuals implementing the Chinese government's genocide and forced labor policies in Xinjiang can bring accountability and help international companies delink supply chains in compliance with U.S. and EU forced labor laws…"Through long and complicated supply chains, this is the first time liberal democracies have found themselves consuming the outputs of China’s mass political campaigns, such as products made with forced labour," report co-author Vicky Xiuzhong Xu said in a statement.

United Australia party spent $1.2m on YouTube ads in two months since Craig Kelly named leader
The Guardian
@joshgnosis
Clive Palmer’s United Australia party has spent close to $1.2m on YouTube ads in less than two months, as it racks up millions of views on its videos criticising lockdowns and government responses to the Covid-19 pandemic...The increased ad spend was first highlighted on Twitter by Ariel Bogle, a journalist and analyst at the Australian Strategic Policy Institute.

How Australian AI will benefit from AUKUS
The Strategist
@HuonCurtis
The media coverage of the AUKUS pact has mostly focused on the nuclear-powered submarine announcement, but the agreement also emphasises the importance of AI to defence and national security. Australia’s innovation ecosystem will need to take on board developments in the US and the UK.

Australia

Foreign spies a bigger threat to Australia than terrorism in coming years, ASIO warns
ABC News
@MattDoran91
ASIO's director-general says while the threat of terrorism should not be understated, foreign actors trying to interfere in Australia's affairs is the country's most pressing threat going forward.

Why companies will ignore the government and pay hackers’ ransoms
Australian Financial Review
Michelle Price Marcus Thompson
Home Affairs Minister Karen Andrews’ insistence that the government does not condone paying hackers to unlock systems ignores the reality of businesses trying to survive.

How your phone, and tech giants Google and Facebook, helped shape NSW's pandemic response
ABC News
Catherine Hanrahan
Researchers have detailed how movement information logged by Facebook and Google helped predict pandemic peaks. The data was fed into models developed by researchers at the University of NSW, which informed the state government’s roadmap out of lockdown.

WA leak reveals targets on academics, directions to leverage positions
WAtoday
@ajastyles
The University of Western Australia’s detailed preparation in targeting specific staff to axe from its School of Molecular Sciences and the predicted impact of its cuts was exposed in a huge public leak on Monday. In a move reminiscent of the Panama Papers drop, about 409 pages of confidential documents produced by UWA’s executive have been publicly disseminated via a QR code posted in the Molecular Sciences building elevator.

China

China culls unprofitable 5G use cases as it narrows focus
Light Reading
Robert Clark
After throwing resources at thousands of industry use cases in the past two years, the China 5G industry has abandoned most of them to narrow its focus.

Foreign stakes in VPN services now allowed in Beijing
South China Morning Post
@CocoF1026
A policy update now permits foreign investors to own up to half of each virtual private network service provider in Beijing.

China Weighs Opening Tencent, ByteDance Content to Search, Sources Say
Bloomberg
Pei Li Zheping Huang
China is considering asking media companies from Tencent Holdings Ltd. to ByteDance Ltd. to let rivals access and display their content in search results, a move that could further eradicate online barriers and shake up the internet advertising arena.

A China-aligned espionage group is targeting global telecoms, sweeping up call data dating back years
CyberScoop
AJ Vicens
An advanced network of digital spies with a nexus to Chinese interests has successfully compromised parts of the global telecommunications network, in some cases allowing access to subscriber information, call metadata, text messages and other data, according to research released Tuesday by CrowdStrike.

Alibaba Faces New Threat: an Evolving Chinese Shopper
The Wall Street Journal
@StephanieAYang
Already under regulatory scrutiny, Alibaba is losing market share as Chinese consumers shift from targeted product searches to browsing and interaction.

WeChat blocks China Evergrande messaging groups as protests grow
The Sydney Morning Herald
David Kirton
Tencent Holdings’ WeChat platform has blocked at least eight instant messaging groups used by people in China owed money by cash-strapped property giant Evergrande Group.

USA

U.S. Lawmakers Step Up Pressure to Adopt Tougher Tech Laws
The Wall Street Journal
@johndmckinnon
Legislation to curb the influence of big technology companies, including putting new restrictions on online content, is starting to gain traction in Congress as lawmakers narrow their targets and seek to build on public attention.

Cyber Private Eyes Go After Hackers, Without Counterattacking
The Wall Street Journal
@JimRundle
Some companies work within the confines of a federal law against invading someone’s computer to take action against attackers, stopping short of hacking back.

Facebook settles claims it discriminated against U.S. workers for some jobs in favor of temporary visa holders
CNBC
@LAUREN_FEINER
Facebook settled claims that it refused to recruit or hire U.S. workers for positions it set aside for temporary visa holders, the Department of Justice announced Tuesday.

Members of Congressional Committee Question Whether Amazon Executives Misled Congress
The Wall Street Journal
@DanaMattioli
In a letter to Amazon CEO Andy Jassy, five members of Congress asked for “exculpatory evidence” to corroborate the sworn testimony offered by several company leaders, including founder Jeff Bezos.

NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million
CyberScoop
@timstarks
A government advisory published Monday warned that BlackMatter ransomware attackers are going after U.S. critical infrastructure, including food and agriculture organizations, and demanding exorbitant payouts.

Crypto Learns to Play the DC Influence Game
CoinDesk
Rob Garver
The infrastructure bill was the first shot in a long battle on Capitol Hill. But do lobbyists in Washington really understand crypto?

YouTube Sued Over Animal Abuse Videos, Accused of Not Enforcing Ban
The New York Times
@daiwaka
The videos are now the subject of a lawsuit filed on Monday in California Superior Court in Santa Clara. Lady Freethinker, an animal rights nonprofit, sued YouTube, accusing it of breach of contract. The suit claims that the platform failed to live up to its agreement with users by allowing animal abuse videos to be uploaded and failing to take action when alerted about the content.

North-East Asia

Japan economic security minister warns on chip industry survival
Financial Times
Japan’s semiconductor industry is doomed to irrelevance unless the government matches the long-term strategic visions being laid out in the US and China, the country’s newly created minister for economic security has warned. Takayuki Kobayashi told the Financial Times that Japan had historically failed to identify the essential technologies that the country’s broad-based industrial economy should protect and promote to ensure it remained “indispensable” to the wider world.

TSMC in Japan: 5 things to know about its chip factory plans
Nikkei Asia
Cheng Ting-Fang Lauly Li
The world's biggest chipmaker is gearing up to build its first-ever chip plant in Japan, a major win for a country that is attempting to rebuild its semiconductor industry after years of decline.

UK

Boris Johnson Says U.K. Doesn’t Want to Turn Away Chinese Investment
Bloomberg
@kitty_donaldson
Prime Minister Boris Johnson said he is not about to “pitchfork away” offers of Chinese investment despite the concerns of some of his own lawmakers.

Europe

Ban on Uyghur imports becomes EU’s hot potato
POLITICO
@SarahAnneAarup
European Commission President Ursula von der Leyen last month promised a ban on goods made with forced labor — a move that would target products made by persecuted Uyghur Muslims in China — but her top officials aren’t aligned on which department will have to take on this explosive file and incur the wrath of Chinese President Xi Jinping..The most immediate problem is that the fate of the due diligence file is still up in the air. The EU’s future rules on supply chains are coming under intense lobbying pressure from companies, countries and NGOs. The Commission also bombed through several self-imposed deadlines on the file. Brussels is now shooting for a December deadline, six months later than initially planned.

Ireland’s Facebook decision triggers argument over limits of GDPR
POLITICO
@vmanancourt
EU officials are gearing up for a fight over how much leeway companies should have to process personal data after a decision targeting Facebook from Ireland’s privacy regulator prompted pushback from campaigners.

The Americas

Facebook’s Novi Taps Paxos, Coinbase Ahead of Diem Rollout
CoinDesk
@nikhileshde
Novi, Facebook’s digital wallet subsidiary, will go live in the U.S. and Guatemala in a pilot program, allowing users to start trading the Paxos Dollar (USDP), the social media giant announced Tuesday. Crypto exchange Coinbase will provide custody services for the program.

Misc

Teen Girls Are Developing Tics. Doctors Say TikTok Could Be a Factor.
The Wall Street Journal
@juliejargon
Teenage girls are seeking medical care for the sudden onset of tics, such as jerking motions and verbal outbursts, that specialists in pediatric movement disorders say are linked to watching TikTok videos that purport to show people with Tourette syndrome.

Google Quietly Tweaks Image Search for Racially Diverse Results
Bloomberg
@NicoAGrant
Google updated its algorithms in an effort to promote more racially diverse results in image searches -- the tech giant’s latest attempt to excise biases from the world’s most popular search engine.

I attended a top surveillance conference in Washington, a bizarre experience in which industry insiders lamented being under attack
Business Insider
@caro1inehaskins
Attendees saw themselves as conscripts drafted into an information war being unfairly waged against facial recognition and biometric technology.

Gaggle Surveils Millions of Kids in the Name of Safety. Targeted Families Argue it’s ‘Not That Smart’
The 74 Million
Mark Keierleber
The classroom assignment was one of thousands of Minneapolis student communications that got flagged by Gaggle, a digital surveillance company that saw rapid growth after the pandemic forced schools into remote learning. In an earlier investigation, The 74 analyzed nearly 1,300 public records from Minneapolis Public Schools to expose how Gaggle subjects students to relentless digital surveillance 24 hours a day, seven days a week, raising significant privacy concerns for more than 5 million young people across the country who are monitored by the company’s digital algorithm and human content moderators.

Instagram Is Punishing Users by Taking Away Their Link Stickers
VICE
@samleecole
Many Instagram users saw a notification that if they have violated the platform's Community Guidelines in the past, they will no longer be allowed to use links in Stories.

A massive ‘stalkerware’ leak puts the phone data of thousands at risk
TechCrunch
@zackwhittaker
The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person’s phone because of a security issue in widely used consumer-grade spyware.

The Simmering Cybersecurity Risk of Employee Burnout
Dark Reading
Dr. Margaret Cunningham
When people are burned out, they function in ""power-save mode,"" where effort is rationed to avoid complete shutdown. As effort is rationed, performance on lower-priority tasks suffers. While the power-save mode analogy is overly simplistic, understanding what people trade off to continue making progress on their prioritized goals is critical for understanding how burnout and fatigue affect cybersecurity.

Events

Encryption Q&A - Global Encryption Day
Digital Rights Watch
Digital security is becoming increasingly undermined both at home in Australia and around the world. It’s important to explain and celebrate the important role encryption plays in keeping us safe and secure online. Join Executive Director of Digital Rights Watch, Lucie Krahulcova, and CTO of Oxen Privacy Tech Foundation, Kee Jefferys, on Global Encryption Day for a live Q&A about encryption. Thursday, October 21, 2021 • 6:00 PM • Australian Eastern Daylight Time (GMT+11:00)

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.

Share

Australia considers world-first laws to stop China attack | Another Facebook whistleblower just testified in British parliament | Hacker steals government ID database for Argentina’s entire population

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • Legislation is being fast-tracked to give the Australian Signals Directorate (ASD) the power to take over the computer systems of any critical infrastructure business which is unable or unwilling to defend itself against a crippling cyber attack. Herald Sun

  • While appearing before a committee of lawmakers in the British parliament on Monday, Facebook whistleblower Sophie Zhang, a former data scientist for the company, testified that the social media site is allowing authoritarian governments to manipulate political discourse. Time

  • A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The Record

ASPI ICPC

Australia considers world-first laws to stop China attack
Herald Sun
@ellenwhinnett
Director of think tank ASPI’s International Cyber Policy Centre, Fergus Hanson, said the powers contained within the bill were “a big deal’’. “It gives the Government the ability to send people into an organisation and demand, under pain of a sizeable penalty, that they must run a piece of software or do a certain thing to protect their systems,’’ he said. “In practise, I don’t think it means you’re going to be seeing ASD ordering major technology companies around about what they should and shouldn’t be doing with their very complicated systems. “But for sectors that haven’t really thought about cyber security but are really vulnerable to cyber risks and will be increasingly vulnerable, I think it’s really useful. Australia will be in the vanguard of a small group of countries that are really at the forefront of creating these sorts of powers for critical infrastructure.’’ Mr Hanson said he believed cyber criminals such as ransomware gangs were the most urgent threat to Australia’s critical infrastructure network, but said “several states are certainly burrowing into critical infrastructure systems around the world and laying in wait basically to deploy and exploit if needed.’’

World

Nato to expand focus to counter rising China
Financial Times
@khalafroula @HenryJFoy
Countering the security threat from the rise of China will be an important part of Nato’s future rationale, the alliance’s chief has said, marking a significant rethink of the western alliance’s objectives that reflects the US’s geostrategic pivot to Asia.

Australia

Australia signs up to White House counter ransomware agenda
The Mandarin
@Coadem
A virtual government-to-government event attended by Australia’s home affairs secretary has underscored the escalating threat ransomware poses to the global community.

Facebook says Craig Kelly’s content on United Australia party page OK after banning MP
The Guardian
@murpharoo
Social media giant says Craig Kelly was banned for ‘violations’ on his page, but the UAP account differs as it covers the ‘party more generally’.

China

West eyes China’s playbook as Big Tech revs up finance ambitions
POLITICO
@bsmithmey
It’s not often that the West looks to Beijing for policy solutions, especially since diplomatic ties have soured amid alleged human rights abuses among China's Uyghur Muslims, trade dumping and a military build-up in the South China Sea. But a looming monetary crisis at the hands of Big Tech has made strange bedfellows.

LinkedIn's unsustainable compromise in China
Financial Times
There is something inevitable about the decision by LinkedIn to “sunset” its global site in China. As the last of the large western social media sites to operate there, a tension would always exist for a US tech company that espoused free speech and yet censored the content of journalists and activists critical of the Chinese Communist party. Despite this inevitability — and the lamentable corporate guff and mixed messages used by LinkedIn to describe it — the professional-networking site’s departure from the Chinese market, in its current form at least, is a significant moment.

Chinese military newspaper calls for ‘people’s war’ to counter US spies after CIA sets up new China unit
South China Morning Post
Shi Jiangtao
A Chinese military newspaper has called for a “people’s war” to defeat American espionage after the CIA set up a new unit dedicated to China. The launch of China Mission Centre on October 7, which CIA Director William Burns said was aimed at countering “the most important geopolitical threat” of the century, has gone viral on Chinese social media.

China is watching you
The Atlantic
@HillmanJE
Even if you have never set foot in China, Hikvision’s cameras have likely seen you. By 2017, Hikvision had captured 12 percent of the North American market. Its cameras watched over apartment buildings in New York City, public recreation centers in Philadelphia, and hotels in Los Angeles. Police departments used them to monitor streets in Memphis, Tennessee, and in Lawrence, Massachusetts. London and more than half of Britain’s 20 next-largest cities have deployed them.

Axis rise and fall inside PRC China
IPVM
@CharlesRollet1
Today, Axis' PRC China sales are tiny, but for years Axis considered the PRC the "market with the greatest potential" due to its strong growth and supplied many high-profile PRC enterprise projects, including police.

Windows 10, Linux, iOS, Chrome and many others at hacked Tianfu Cup 2021
The Hacker News
Ravie Lakshmanan
Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China.

China ‘fires hypersonic missile that circles globe to hit target’
The Independent
@emily_yilena
China tested a nuclear-capable hypersonic missile that flew round the earth before speeding towards its target, catching US intelligence services by surprise, it was reported.The technology demonstrates an advanced space capability showing China’s progress on hypersonic weaponry to be far more developed than US officials realised, according to the Financial Times.

China’s claim that its fractional orbital bombardment system was a spaceplane test doesn’t add up
The Drive
@FranticGoat
The system could give China the ability to strike any target on Earth unpredictably, but so far Beijing is acting like the test didn't happen.

USA

Five U.S. lawmakers accuse Amazon of possibly lying to Congress following Reuters report
Reuters
@stecklow @adityakalra @JLDastin
Five members of the U.S. House Judiciary committee wrote to Amazon.com Inc's chief executive Sunday, and accused the company's top executives, including founder Jeff Bezos, of either misleading Congress or possibly lying to it about Amazon's business practices.

Washington hears echoes of the ’50s and worries: is this a Cold War with China?
The New York Times
@SangerNYT
The constant background din of cyberconflict and technology theft was one factor behind the Central Intelligence Agency’s announcement this month that it had created a new China mission center to position the United States, in the words of its director, William J. Burns, to confront “the most important geopolitical threat we face in the 21st century, an increasingly adversarial Chinese government.”..The deep links between the two economies — the mutual dependencies on technology, trade and data that leaps the Pacific in milliseconds on American and Chinese-dominated networks — never existed in the more familiar Cold War.

Sinclair TV stations disrupted across the US in apparent ransomware attack
The Record
@campuscodi
TV broadcasts for Sinclair-owned channels have gone down today across the US in what the stations have described as technical issues, but which sources told The Record to be a ransomware attack.

Alphabet CEO Sundar Pichai calls for federal tech regulation, investments in cybersecurity
TechCrunch
@sarahintampa
In a wide-ranging interview at the WSJ Tech Live conference that touched on topics like the future of remote work, A.I. innovation, employee activism, and even misinformation on YouTube, Alphabet CEO Sundar Pichai also shared his thoughts on the state of tech innovation in the U.S. and the need for new regulations. Specifically, Pichai argued for the creation of a federal privacy standard in the U.S., similar to the GDPR in Europe. He also suggested it was important for the U.S. to stay ahead in areas like A.I., quantum computing, and cybersecurity, particularly as China’s tech ecosystem further separates itself from Western markets.

North-East Asia

Foxconn bullish on electric vehicle prospects as it shows off three prototypes
Reuters
@YimouLee
Taiwan’s Foxconn unveiled its first three electric vehicle prototypes on Monday, underscoring ambitious plans to diversify away from its role of building consumer electronics for Apple Inc (AAPL.O) and other tech firms. The vehicles - an SUV, a sedan and a bus - were made by Foxtron, a venture between Foxconn and Taiwanese car maker Yulon Motor Co Ltd.

UK

Another Facebook whistleblower just testified in British parliament. Here’s what to know about her allegations
TIME
@eloise_barry
While appearing before a committee of lawmakers in the British parliament on Monday, Facebook whistleblower Sophie Zhang, a former data scientist for the company, testified that the social media site is allowing authoritarian governments to manipulate political discourse.

PM urged to enact ‘David’s law’ against social media abuse after Amess’s death
The Guardian
@jessicaelgot
Boris Johnson is facing calls to enact “David’s law” to crack down on social media abuse of public figures and end online anonymity in the wake of the killing of Sir David Amess. Dozens of MPs paid tribute in the House of Commons on Monday to the veteran Conservative backbencher who was stabbed to death on Friday, shedding tears, sharing uproarious anecdotes and venting anger over his death.

UK emerges as Europe's top crypto hub with $170bn of deals
Yahoo
@latoyakharding
The UK has become the leading country in Europe for cryptocurrency transactions, with $170bn (£123bn) worth of deals.

Europe

Facebook plans to hire 10,000 in EU to build 'metaverse'
Reuters
Facebook Inc plans to create 10,000 jobs in the European Union over the next five years, the social media giant said on Monday, to help build the so-called metaverse - an online world where people can use different devices to move and communicate in a virtual environment. Chief Executive Mark Zuckerberg has been talking up metaverse since July and the buzzy word, first coined in a dystopian novel three decades earlier, has been referenced by other tech firms such as Microsoft.

Pope calls for tech and media reforms
Tech Policy
@justinhendrix
Speaking from the Vatican to the World Meeting of Popular Movements, which according to Reuters is “a grouping of grassroots organizations and social movements which bring attention to inequality in labour, land ownership, health care and other social issues in the developing world,” Pope Francis called on tech firms and the media to make reforms in the name of human rights.

The Americas

Hacker steals government ID database for Argentina’s entire population
The Record
@campuscodi
A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles.

Middle East

Hacker defaces Donald Trump's website
VICE
@josephfcox
Hackers allegedly from Turkey have defaced a section of Donald Trump's website.

Misc

I get abuse and threats online - why can't it be stopped?
BBC
@mariannaspring
I'm the BBC's first specialist disinformation reporter - and I receive abusive messages on social media daily. Most are too offensive to share unedited. The trigger? My coverage of the impact of online conspiracies and fake news. I expect to be challenged and criticised - but misogynistic hate directed at me has become a very regular occurrence.

A hacker warns: Give up trying to keep me out — and focus on your data
Financial Times
@angus_tx
Adversaries have found ammunition in the complex mazes organisations have built around security

Automating data analysis is a must for mid-sized businesses
Harvard Business Review
@RobertSher
As midsize companies grow, they develop data flows and data lakes (repositories for both structured and unstructured data) that are too big for one person, or even a team, to manipulate and use effectively. And even if a company is currently deriving value from its data, the people doing the work might move on, leaving the business tasked with having to find, attract, and hire expensive data analysts in a hurry.

Events

Research

‘Climate Lockdown’ and the culture wars: How COVID-19 sparked a new narrative against climate action
Institute for Strategic Dialogue
Eisha Maharasingam-Shah Pierre Vaux
This report details the chronological growth and evolution of the ‘climate lockdown’ conspiracy narrative. The report is divided into two sections: the first outlines how the narrative emerged and was repurposed by malign actors, making its way onto different social media platforms. The second illustrates how liberal media missteps in early 2021 reignited the narrative, causing it to merge with other, pre-existing conspiracies and ultimately become centred in wider anti-elite discourse.

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.

Share

Cambridge University halts £400m deal with UAE over Pegasus spyware claims | Cybersecurity experts sound alarm on Apple and E.U. phone scanning plans | Apple takes down Quran app in China

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • The University of Cambridge has broken off talks with the United Arab Emirates over a record £400m collaboration after claims about the Gulf state’s use of controversial Pegasus hacking software, the university’s vice-chancellor has said. The Guardian

  • More than a dozen prominent cybersecurity experts on Thursday criticized plans by Apple and the European Union to monitor people’s phones for illicit material, calling the efforts ineffective and dangerous strategies that would embolden government surveillance. The New York Times

  • Apple has taken down one of the world's most popular Quran apps in China, following a request from officials. Quran Majeed is available across the world on the App Store - and has nearly 150,000 reviews. It is used by millions of Muslims. The BBC understands that the app was removed for hosting illegal religious texts. BBC

ASPI ICPC

Twitter avatar for @ASPI_orgASPI @ASPI_org
We congratulate @rapplerdotcom CEO Maria Ressa on her 2021 Nobel Peace Prize We are delighted to have @mariaressa join this year’s Sydney Dialogue to discuss how governments & tech companies can reset their troubled relationship Register:
tsd.aspi.org.au

Rappler @rapplerdotcom

BREAKING. Rappler CEO Maria Ressa is among the winners of the 2021 Nobel Peace Prize. Ressa is the first woman in this year's roster of laureates. #NobelPrize https://t.co/Mek2PgKgxS

Australia

Cyber-crime: How police are rebooting methods for a new era
The Age
John Silvester
Assistant Commissioner Bob Hill and Commander Mick Frewen are traditional cops battling non-traditional crime. They are proving that in law enforcement old dogs can learn new tricks. Hill and Frewen have overseen a “root and branch” examination of how Victoria’s Crime Command works and are rolling out a new strategy, based more on software than hard interrogations. The most significant change relates to cyber-crime. Crooks no longer need to meet face to face, deals can be done without cash and state and international borders are about as relevant as a 30-year-old atlas.

China

China’s tech regulator says scrutiny of internet industry to deepen as targeted six-month campaign continues
South China Morning Post
@shenxinmei
China’s industry regulator plans to deepen scrutiny of the internet industry as it moves into the second half of a six-month campaign launched in July, the agency’s minister told Chinese media, prolonging a crackdown on the technology sector that has lasted for nearly a year. The Ministry of Industry and Information Technology (MIIT) will take “targeted measures” to foster a fair and orderly market environment, Minister Xiao Yaqing told state-run media outlet Economic Daily in an interview published on Sunday.

Chinese tech workers disclose working hours in criticism of '996'
Reuters
@horwitzjosh
A campaign calling on workers at Chinese tech companies and other high-profile firms to log their working hours on a public internet page has gone viral, in the latest backlash against a culture of overtime. Organised by four anonymous creators who described themselves as recent graduates, the "Worker Lives Matter" campaign calls on employees at tech firms to enter their company name, position, and working hours in a spreadsheet posted on GitHub.

Apple takes down Quran app in China
BBC News
@JamesClayton5
Apple has taken down one of the world's most popular Quran apps in China, following a request from officials. Quran Majeed is available across the world on the App Store - and has nearly 150,000 reviews. It is used by millions of Muslims. The BBC understands that the app was removed for hosting illegal religious texts.

China's Self-Destructive Tech Takedown
Project Syndicate
William R. Rhodes @StuartG30
China’s leaders think that they can crack down on the country’s private technology sector and still deliver material progress as state-owned companies take over. But by reversing the policies that enabled decades of rapid growth, they risk imperiling the unique economic model they seek to sustain.

Biotech’s Borders
The Wire
@carrierana22
Chinese biotech companies have made enormous progress in recent years, but they still need one thing: the United States.

The “Phone Disaster”
Rest of World
@dtbyler
In 2017, in Xinjiang, the state awarded an estimated $65 billion in private contracts to build infrastructure and $160 billion more to government entities in the region — an increase of 50% from 2016.While some of this increase in construction spending was centered on non-security-related projects, significant portions of state spending in Xinjiang centered on the building of detention facilities and related infrastructure. State contractors also used these funds to develop new tools in the region’s surveillance system and the Muslim “re-education” campaign.

USA

Cybersecurity Experts Sound Alarm on Apple and E.U. Phone Scanning Plans
The New York Times
@Kellen_Browning
More than a dozen prominent cybersecurity experts on Thursday criticized plans by Apple and the European Union to monitor people’s phones for illicit material, calling the efforts ineffective and dangerous strategies that would embolden government surveillance.

Twitter is being sued for letting Saudi spies inside the company
Protocol
@anna_c_kramer
A prominent human rights activist and Saudi dissident is suing Twitter for allegedly hiring two men who acted as spies for the Saudi government. The suit accuses Twitter of negligence in its failure to detect the two spies inside the company — who are currently under indictment from U.S. federal prosecutors — and prevent them from stealing personal information for the Saudi government.

US links $5.2 billion worth of Bitcoin transactions to ransomware
Bleeping Computer
@serghei
The U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN) has identified roughly $5.2 billion worth of outgoing Bitcoin transactions likely tied to the top 10 most commonly reported ransomware variants.

We ‘Blew It’ On Battling COVID Disinfo, Say Army's Pandemic Response Leaders
Defense One
@ECBHowe
The U.S. Army’s COVID-19 response leaders had plenty to say about its successes in the face of the pandemic, but also readily identified one facet of the operation where they failed. “We blew it in a lot of ways. And the biggest lesson learned is the value of strategic communications,” Paul Ostrowski said during the U.S. Army Association’s annual conference this week. Ostrowski, who recently retired as a three-star, served on Operation Warp Speed as director of supply, production and distribution for the program.

Sen. Marco Rubio: It's time to fire John Kerry, Biden's ethically challenged climate czar
Fox News
@marcorubio
For weeks, rumors have swirled in Washington about President Joe Biden’s climate czar John Kerry and his opposition to taking concrete action against the Chinese Communist Party’s use of slave labor. Now, we may have an answer about his reluctance to take action: according to a new report, Kerry and his wife have at least $1 million invested in a Chinese investment group called Hillhouse China Value Fund L.P.

The White House's Plan to Stop Government Employees From Getting Phished
VICE
@josephfcox
The White House has an ambitious plan to greatly reduce the risk of phishing to the U.S. government. Part of that is having agencies phase out the use of SMS and app-based multi-factor authentication, and replace them with phishing-resistant methods such as hardware security keys.

One of the world’s most popular iOS apps right now was developed by Chinese police
Quartz
@Jane_Li911
Developed by China’s ministry of public security, “the national anti-fraud center” was the second most downloaded iOS app in September after TikTok, according to Sensor Tower’s monthly report this week. The analytics firm didn’t reveal the number of downloads for the Chinese app, which helps citizens block suspicious phone numbers and report malware, but it exceeded interest in YouTube, WhatsApp, and Instagram.

Amazon-owned Twitch says source code exposed in last week's data breach
Reuters
@mehta_chavi @EvaMathews99
Amazon.com Inc-owned (Twitch said on Friday that last week's data breach at the live streaming e-sports platform contained documents from its source code.

U.S. pursues a unique solution to fight hackers. It revolves around esports.
The Washington Post
@VildeHaya
As the United States seeks to shore up its defenses against cyberattacks, the country is seeking to harness the skills of some of the country’s most promising young minds using a model that mirrors competitive video gaming, also known as esports. U.S. Cyber Games, a project founded in April and funded by the National Institute of Standards and Technology’s National Initiative for Cybersecurity Education, has assembled a team of 25 Americans, ages 18 to 26, who will compete against other countries in the inaugural International Cybersecurity Challenge, scheduled to be held in Greece in June 2022.

East Asia

South Korea targets Apple over new app store regulation
Reuters
Joyce Lee
Apple was on a collision course with South Korea on Friday over new requirements that it stop forcing app developers to use its payment systems, with a government official warning of a possible investigation into the iPhone maker's compliance.

South & Central Asia

India’s high-tech governance risks leaving behind its poorest citizens
The Economist
@TheEconomist
Given India’s immense scale and complexity, and with its deep pool of highly skilled workers, its governments have increasingly turned to high-tech solutions for all sorts of problems. Generally these have eased burdens on both rulers and the governed, despite some expected glitches. Yet precisely because of India’s size and poverty, tens of millions still are left out—because they are poor, illiterate, disabled, lack electricity, do not possess a smartphone or cannot connect to a mobile or Wi-Fi network.

Hindu group urges India to regulate platforms, cryptocurrency
Reuters
@shilpajay
A powerful right-wing Hindu group linked to India's ruling party has called for curbs on streaming platforms and cryptocurrencies, saying regulation was essential.

We need to talk about digital ID: why the World Bank must recognize the harm in Afghanistan and beyond
Access Now
@veroluiza @wentword
With two of the world’s most influential power brokers meeting this week, what they failed to put on the agenda speaks volumes. Every year the World Bank and International Monetary Fund holds an annual summit to discuss the challenges and choices that determine whether we will have a sustainable and inclusive world. This year, they chose not to discuss digital identity programs, even though the World Bank itself funds and promotes these “Big ID” systems — including the systems the Taliban reportedly seized in Afghanistan.

IT ministry notifies amended controversial social media rules
Dawn
@javidhussainjj
The Ministry of Information Technology and Telecommunication on Thursday notified the amended social media rules that stakeholders and digital rights activists have strongly criticised. In a statement, IT and Telecom Minister Aminul Haque said under the rules, social media companies would have to abide by Pakistani laws and the rights of social media users.

UK

Cambridge University halts £400m deal with UAE over Pegasus spyware claims
The Guardian
@RichardA @georgia__goble Nick Bartlett
The University of Cambridge has broken off talks with the United Arab Emirates over a record £400m collaboration after claims about the Gulf state’s use of controversial Pegasus hacking software, the university’s vice-chancellor has said.

Facial recognition cameras arrive in UK school canteens
Financial Times
@cynthiao
Facial recognition computers have found an unlikely new niche: scanning the faces of thousands of British pupils in school canteens. On Monday, nine schools in North Ayrshire will start taking payments for school lunches by scanning the faces of pupils, claiming that the new system speeds up queues and is more Covid-secure than the card payments and fingerprint scanners they used previously.

Europe

Looks Like Facebook Found a Way to Bypass Europe’s Privacy Rules
VICE
@daithaigilbert
When Europe introduced its General Data Protection Regulation (GDPR) privacy laws in 2018, they were held up across the globe as the gold standard for protecting consumers’ data, and a way to finally bring tech companies like Facebook to heel. But a draft ruling by Ireland’s Data Protection Commission (DPC), published on Wednesday, paves the way for Facebook to completely bypass the GDPR regulations and continue to collect and use its users’ data without their explicit consent.

EU appeals to shared values to tempt Taiwan's chip firms
Reuters
Ben Blanchard
The European Union and Taiwan are democracies with shared values and are natural partners when it comes to semiconductors, a senior EU official said on Thursday, making a pitch for the island's key chip firms to invest in the bloc. Tech powerhouse Taiwan, home to companies like Taiwan Semiconductor Manufacturing Co Ltd, has become front and centre of efforts to resolve a shortage of chips that has shut some auto production lines around the world and whose impact is now being felt in consumer electronics too.

EU Must Be Speedy to Catch Tech Giants, Antitrust Watchdog Warns
Bloomberg
@aoifewhite101
The European Union’s top antitrust official warned that enforcers must move faster to tackle big tech’s bad behavior, hinting at how they may try to fix future problems. “We must intervene promptly” Olivier Guersent, director general of the European Commission’s competition unit, said at an online conference. If you are too slow, “you impose a very high fine but the damage is done and there’s nothing you can do to repair the harm” when tech giants take over a market.

Russia

Russia is pouring millions into Kremlin propaganda targeting the U.S.
OpenSecrets
@annalecta
Russian media outlets reported spending more than $146 million on foreign influence operations and propaganda in the U.S. since 2016, with over $16 million on propaganda targeting the U.S. in 2021, OpenSecrets’ analysis of new Foreign Agents Registration Act records shows.

Moscow says it is first to launch large-scale metro facial ID payment system
Reuters
@gabrielletf
Moscow's sprawling metro network on Friday launched a fare payment system using facial recognition technology at its more than 240 stations, an initiative the authorities said was the first of its kind in the world.

Americas

El Salvador sees greener crypto-currency mining in its future
Reuters
Nelson Renteria
El Salvador's unfolding experiment as a first-adopter of the crytocurrency bitcoin could be increasingly powered by new streams of renewable energy, the chief of the country's hydroelectric commission told reporters on Friday.

Cyberattack disrupts services at Ecuador’s largest bank
Associated Press
Customers of Ecuador’s largest bank continued to experience service disruptions on Friday following a cyberattack on the institution several days earlier. Long lines formed outside Pichincha bank branches and thousands of customers took their complaints to social media. People reported being unable to access services offered by the bank(s online and mobile app. ATMs worked somewhat regularly and branches remained open. The bank in a statement Monday acknowledged that it had “identified a cybersecurity incident in our systems that has partially disabled our services.”

Middle East

A Telegram Bot Told Iranian Hackers When They Got a Hit
WIRED
@brbarrett
When the Iranian hacking group APT35 wants to know if one of its digital lures has gotten a bite, all it has to do is check Telegram. Whenever someone visits one of the copycat sites they’ve set up, a notification appears in a public channel on the messaging service, detailing the potential victim’s IP address, location, device, browser, and more. It’s not a push notification; it’s a phish notification.

Countering threats from Iran
Google
Ajax Bash
Google’s Threat Analysis Group tracks actors involved in disinformation campaigns, government backed hacking, and financially motivated abuse. We have a long-standing policy to send you a warning if we detect that your account is a target of government-backed phishing or malware attempts. So far in 2021, we’ve sent over 50,000 warnings, a nearly 33% increase from this time in 2020.

Misc

After Wild West start, scooter providers chase scale to survive
Reuters
@nick_carey @reutersCarolynC
The era of breakneck growth for electric scooter firms is giving way to more selective expansion focused on profits as they face tougher regulations, more demanding customers and wary insurers.

The Fight for Sneakers
The New York Times
@daiwaka
Shoppers armed with specialized sneaker bots can deplete a store’s inventory in the time it takes a person to select a size and fill in shipping and payment information. For limited-release shoes, the time advantage afforded by a bot could mean the difference between disappointment and hundreds of dollars in instant profit.

A malware botnet has made more than $24.7 million since 2019
The Record by Recorded Future
@campuscodi
The operators of a malware botnet known as MyKings are believed to have made more than $24.7 million through what security researchers call a “clipboard hijacker.” First spotted in 2016, the MyKings botnet has been one of the most sprawling malware operations in recent years. Also known as the Smominru or the DarkCloud botnet, this gang operates by scanning the internet for internet-exposed Windows or Linux systems that run outdated software.

The dark side of wellness: the overlap between spiritual thinking and far-right conspiracies
The Guardian
@EvaWiseman
Extreme right-wing views and the wellness community are not an obvious pairing, but ‘conspirituality’ is increasingly pervasive. How did it all become so toxic?

Apple’s privacy changes create windfall for its own advertising business
Financial Times
@PatrickMcGee_
Apple’s advertising business has more than tripled its market share in the six months after it introduced privacy changes to iPhones that obstructed rivals, including Facebook, from targeting ads at consumers.

Firebreaks, firewalls, and ‘windows of opportunity’ in cyber norms
ORF
Moliehi Makumane
The Global South must amplify its ideas, perspectives, and positions on cybernorms as multilateral institutions like the UN work towards a framework for responsible state behaviour in cyberspace.

Research

Covid-19 vaccine misinformation and narratives surrounding Black communities on social media
First Draft
@kaylinthewriter @JacquieSMason Rory Smith
Over 75 per cent of US adults have received at least one Covid-19 vaccination. Yet vaccination rates vary widely across regions and demographics. Among those who have received at least one vaccine (percentages are relative to their total population), 68 per cent are Asian, 52 per cent are white, 48 per cent are Hispanic and 43 per cent are Black. In most states where data is available, Black people are receiving a smaller percentage of vaccines relative to their overall population, despite them accounting for a much larger share of Covid-19 deaths.

Bugs in Our Pockets: The Risks of Client-Side Scanning
Cornell University
Hal Abelson @rossjanderson @SteveBellovin Josh Benaloh
Our increasing reliance on digital technology for personal, economic, and government affairs has made it essential to secure the communications and devices of private citizens, businesses, and governments. This has led to pervasive use of cryptography across society. Despite its evident advantages, law enforcement and national security agencies have argued that the spread of cryptography has hindered access to evidence and intelligence. Some in industry and government now advocate a new technology to access targeted data: client-side scanning (CSS).

The 2020 Elections Oral History Project
Stanford Internet Observatory
@stanfordio
This oral history and corresponding policy paper attempts to capture their experiences and offer a path forward for healing the election community and protecting our democracy. By telling the on-the-ground story of election officials in their own voices, we seek to tell the story of those guardians of democracy who administered and secured this election, and, as a result, were the targets of unprecedented, baseless, and heinous attacks.

Events & Podcasts

CyFy 2021 - The Big Pause: Reclaiming our Tech Futures
Observer Research Foundation
@orfonline
The world is on an uneven path to recovery, with distinct divides along the lines of access, capacity, agenda-setting power and capital. Similarly, the metamorphosis of our relationship with technology during the Big Pause will result in deepening conflicts over technology flows and the regimes that shape their contours. The key question animating our digital debates this year is, who will own our tech futures?

Agree to Disagree: Cyber Wars
Intelligence Squared
@JohnDonvan
In this special edition of Intelligence Squared’s Agree-to-Disagree series, John Donvan sits down with David Sanger of The New York Times for a closer examination of ransomware attacks before launching into a much more specific debate with two cyber security experts. The debate: Should paying hacker ransoms be made illegal? Cyber Threat Alliance president and chief executive Michael Daniel and Rapid7 vice-president Jen Ellis square off in light of recent high-profile hackings.

Facebook Doesn’t Have to Be Terrible
WIRED
@GiladEdelman @snackfight @LaurenGoode
This week on Gadget Lab, we talk with WIRED politics writer Gilad Edelman about the overall impact of the whistleblower’s revelations, whether anything will change internally at Facebook, and how plausible it is that even big, sweeping changes to the platform here in the US could fix Facebook’s issues overseas.

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.

Share

Loading more posts…