US seeks to prevent China from benefiting from $52 billion chips funding | Scamwatch warns Australians of myGov scams | Islamic extremists infiltrate ASEAN, eyeing Indonesia's 2024 polls
Good morning. It's Wednesday 22nd March.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Have feedback? Let us know at icpc@aspi.org.au.
Follow us on Twitter and on LinkedIn.
Australians have been warned to watch out for text messages from scammers claiming to be from Services Australia. Scamwatch has warned it had seen a sharp increase in reported cases of scammers targeting myGov accounts. 7 News
The US Commerce Department on Tuesday released proposed rules to prevent $52 billion in semiconductor manufacturing and research funding from being used by China and other countries deemed of concern. Reuters
Four years after the fall of the Islamic State caliphate in Syria where it lost territories and followers, the extremist group's ideology remains entrenched in Southeast Asia, particularly in Indonesia and the Philippines, where risks of attacks are looming. Nikkei Asia
Australia
Scamwatch warns Australians as reports of myGov scams rise
7 News
Rhiannon Lewin
Australians have been warned to watch out for text messages from scammers claiming to be from Services Australia. Scamwatch warned it had seen a sharp increase in reported cases of scammers targeting those with myGov accounts. In the texts, the scammer claims changes have been made to the individual’s security information on their account.
Home Affairs' Marc Ablong destined for new national security role
iTnews
Ry Crozier
Home Affairs’ deputy secretary for strategic iniatives Marc Ablong is set to shift to a new 'national security role', prompting a reshuffle that also affects the Cyber and Infrastructure Security Centre (CISC). A recent update to the department’s org chart named Hamish Hansford, the inaugural head of the CISC, as acting in Ablong’s current position.
Latitude expects much more data was stolen in recent breach
Cyber Security Connect
Daniel Croft
The Latitude Financial cyber attack is set to worsen, with the company saying that it expects to uncover even more stolen data. The financial services organisation, which is responsible for offering individuals and businesses a range of services, including digital payment services, loans, credit cards and insurance, announced on 16 March 2023 that it was the victim of a cyber attack that saw customer data stolen.
ByteDance executive resigns from TikTok Australia board
The Australian Financial Review
Max Mason
A senior ByteDance executive has resigned from the Australian board of TikTok, amid the viral video platform’s efforts to distance itself from its Chinese parent company and as Canberra weighs a ban of the app on government-issued devices over security concerns.
China
China gives chipmakers new powers to guide industry recovery
Financial Times
Qianer Liu
China is giving a handful of its most successful chip companies easier access to subsidies and more control over state-backed research, as tightening US controls on access to advanced technology force a major rethink in Beijing’s approach to supporting the sector. The nurturing of closer co-operation with a select group of companies comes after the government shook up its tech strategy this month with the creation of a new Communist party science commission and a reinvigorated Ministry of Science and Technology.
Zhao Weiguo: Chinese regulator accuses chip tycoon of corruption
BBC
Annabelle Liang
China's anti-fraud watchdog has accused chip tycoon Zhao Weiguo of corruption, in the latest sign of trouble faced by the country's semiconductor industry. Mr Zhao is the former chairman of computer chipmaker Tsinghua Unigroup. Key players in the sector were investigated for corruption last year after the government poured billions of dollars into projects which stalled or failed.
USA
CEO says TikTok at pivotal moment as some US lawmakers seek ban
Nikkei Asia
TikTiok CEO Shou Zi Chew said the Chinese-owned short video app company faces a pivotal moment as a growing number of US lawmakers seek to ban the popular app over national security concerns. Chew said in a video posted on TikTok early Tuesday the app now has more than 150 million active monthly US users.
Shou Zi Chew’s ‘death wish’ mission: defend TikTok on Capitol Hill
The Washington Post
Shou Zi Chew’s charm offensive has run up against a heavily polarized and surprisingly bipartisan resistance in Washington, where tensions with the Chinese government — and broader anxieties about social media and American children — have made TikTok into a political punching bag.TikTok CEO to focus on technical data security in US congressional testimony
South China Morning Post
Coco Feng and Tracy Qu
CEO Chew Shou Zi is scheduled to face questions from US lawmakers at a Congressional hearing on Thursday. Internal comments by Chew indicate he will focus on data security measures in his testimony to House Energy and Commerce Committee.
US state-government websites use TikTok trackers, review finds
The Wall Street Journal
Byron Tau and Dustin Volz
More than two dozen state governments have placed web-tracking code made by TikTok parent ByteDance Ltd. on official websites, according to a new report from a cybersecurity company, illustrating the difficulties U.S. regulators face in curtailing data-collection efforts by the popular Chinese-owned app.
US seeks to prevent China from benefiting from $52 billion chips funding
Reuters
David Shepardson
The US Commerce Department on Tuesday released proposed rules to prevent $52 billion in semiconductor manufacturing and research funding from being used by China and other countries deemed of concern. The proposal limits recipients of US funding from investing in the expansion of semiconductor manufacturing in foreign countries of concern such as China and Russia, and limits recipients of incentive funds from engaging in joint research or technology licensing efforts with a foreign entity of concern.
Hacker tied to DC Health Link breach says attack ‘born out of Russian patriotism’
CyberScoop
AJ Vicens
The data beach that has exposed sensitive health care information of nearly two dozen members of Congress and their families — putting them along with tens of thousands of Washington area residents at risk of identity theft and additional cyberattacks — is apparently the work of a patriotic Russian hacker seeking to inflict damage on US politicians.
Americas
Cartel Twitter use spiked after Musk takeover
The Hill
Ali Bradley and Katie Smith
Elon Musk’s reduced Twitter safety oversight has allowed Mexican cartel members to flaunt their lifestyles online, post violent content and recruit new members, according to a new study. Several previously banned accounts of known cartel members are again open and active on Musk’s Twitter, according to a report published last week by the Alliance to Counter Crime Online.
Only nine percent of Canadian firms are cyber mature
IT World Canada
Howard Solomon
Only nine per cent of companies in Canada and 13 per cent in the US have a mature level of preparedness to face cyber attacks, according to a Cisco Systems estimation. The numbers are part of Cisco’s Cybersecurity Readiness Index, which uses self-assessment responses from 6,700 companies in 27 jurisdictions to create a score.
Southeast Asia
Islamic extremists infiltrate ASEAN, eyeing Indonesia's 2024 polls
Nikkei Asia
Amy Chew
Four years after the fall of the Islamic State caliphate in Syria where it lost territories and followers, the extremist group's ideology remains entrenched in Southeast Asia, particularly in Indonesia and the Philippines, where risks of attacks are looming.
Europe
European ports brace for cybersecurity regulation
The Wall Street Journal
Catherine Stupp
Cybersecurity rules approved by the European Union for pharmaceuticals, transportation, energy and other critical infrastructure companies are set to take effect in 2024 and will require hundreds of firms that operate out of Europe’s big ports to use basic security measures and report hacks to cybersecurity authorities.
Beyond TikTok, Dutch tell government staff to uninstall Chinese, Russian apps
POLITICO
Pieter Haeck
The Dutch government issued new guidance Tuesday for its officials to uninstall apps from countries that wage an 'offensive cyber program' against the Netherlands, including China, Russia, North Korea and Iran. The move is a response to questions by Dutch lawmakers about whether the Chinese-owned video-sharing app TikTok should be banned from work phones.
Beijing envoy warns Dutch of retaliation for chip curbs
South China Morning Post
Finbarr Bermingham
The Netherlands will face consequences if it blocks the export of high-end semiconductor equipment to China, Beijing’s envoy to the country has warned. The Hague announced new curbs on the export of chip-making technology this month, in step with the United States in curtailing China’s access to cutting-edge chips.
UK
UK and Israel sign deal strengthening tech, trade and security ties
The Guardian
Patrick Wintour
The UK and Israel have signed a long-term agreement strengthening ties in the fields of defence, security and technology following plans announced last year to put relations between the two countries on an elevated footing. The timing is controversial given actions of Israel’s far-right government towards settlements and judiciary.
Middle East
The Scorched-Earth tactics of Iran’s cyber army
WIRED
Arian Khameneh
In the early hours of January 5, a popular anonymous Iranian dissident account called Jupiter announced on Twitter that his friends had killed Abolqasem Salavati, a maligned magistrate nicknamed the “Judge of Death.” The tweet went viral.
Big Tech
TikTok’s Chinese parent has another wildly popular app in the US
The Wall Street Journal
Raffaele Huang
One of the hottest apps in the U.S. right now is TikTok’s lesser-known sibling that is also owned by Chinese parent ByteDance Ltd. App trackers show that CapCut, a video-editing tool that helps people quickly create online videos and memes, has been downloaded more in recent weeks than TikTok, the short-video sharing app that has faced rigorous scrutiny in the U.S. over ByteDance’s access to user data.
Google suspends Pinduoduo after finding malware in versions
Bloomberg
Sarah Zheng and Vlad Savov
Google has suspended PDD Holdings Inc.’s main Chinese shopping app Pinduoduo after discovering malware in unsanctioned versions of the software, dealing a blow to one of the country’s biggest online retailers. The Mountain View, California-based company said on Tuesday it is investigating the matter and suspended downloads of the Play Store version of Pinduoduo as a security precaution.
Artificial Intelligence
Google releases Bard, its competitor in the race to create AI chatbots
The New York Times
Nico Grant and Cade Metz
The internet giant will grant users access to a chatbot after years of cautious development, chasing splashy debuts from rivals OpenAI and Microsoft. On Tuesday, Google tentatively stepped off the sidelines as it released a chatbot called Bard. The new AI chatbot will be available to a limited number of users in the United States and Britain and will accomodate additional users, countries and languages over time.
Will Google’s rush to join chatbot party with launch of Bard backfire?
The Guardian
Alex Hern
With Bard, Google has to walk a tightrope: offer users an experience that can compete with the AI-powered Bing Chat and ChatGPT without cannibalising its enormously profitable search business in the process. And it has to do all that under the sort of scrutiny an upstart competitor may be able to avoid, but a market leader has to tackle head-on.
Chatbots’ ‘alarming’ output prompts US Senator to query tech giants on safety
Bloomberg
Dina Bass
As Microsoft Corp., OpenAI, Google and other technology companies accelerate the release of chatbots and other artificial intelligence-based tools to the public, a US Senator is demanding answers about how they intend to protect kids from harm.
Misc
Notorious hacking forum shuts down after administrator gets arrested
TechCrunch
Lorenzo Franceschi-Bicchierai
Last week, the FBI arrested a man alleged to be “Pompompurin,” the administrator of the infamous and popular BreachForums. Days after the arrest, the cybercrime website’s new administrator announced that they are shutting down the forum for good. 'Please consider this the final update for Breached,' the new admin, known as 'Baphomet,' wrote in the official Telegram channel.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
Director of Washington DC
ASPI Washington DC
ASPI is seeking a highly experienced senior person to lead a small, dedicated team in Washington DC. The new Director is expected to have both experience and expertise in some of the topical issues covered by the team, particularly on Defence, as well as strong leadership, management, fundraising, and relationship building skills.
The Daily Cyber & Tech Digest is brought to you by the team at ASPI’s International Cyber Policy Centre.