Facebook's dangerous individuals and organizations policy revealed | Australia launches ransomware action plan | Wickr received funds from nonprofit firm started by the CIA
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
To ward off accusations that it helps terrorists spread propaganda, Facebook has for many years barred users from speaking freely about people and groups it says promote violence. The restrictions appear to trace back to 2012, when… Facebook added to its Community Standards a ban on “organizations with a record of terrorist or violent criminal activity.” This modest rule has since ballooned into what’s known as the Dangerous Individuals and Organizations policy, a sweeping set of restrictions on what Facebook’s nearly 3 billion users can say about an enormous and ever-growing roster of entities deemed beyond the pale. The Intercept
Businesses will be forced to inform the federal government when they have been hit by a ransomware attack under a major change to Australia’s cyber security regime. The Sydney Morning Herald
In-Q-Tel, a nonprofit investment firm started by the Central Intelligence Agency (CIA), recently poured more than $1.6 million into encrypted messaging platform Wickr, according to public disclosure records reviewed by Motherboard. VICE
ASPI ICPC
Companies will be required to report cyber ransom attacks
The Sydney Morning Herald
@Gallo_Ways
Businesses will be forced to inform the federal government when they have been hit by a ransomware attack under a major change to Australia’s cyber security regime. Home Affairs Minister Karen Andrews will on Wednesday release a ransomware plan that includes mandatory reporting requirements for companies with turnover of $10 million or more a year... An Australian Strategic Policy Institute report in July warned Australian organisations were “soft targets” for ransomware attackers and called on the government to establish a mandatory reporting regime.
Read our report Exfiltrate, encrypt, extort: The global rise of ransomware and Australia’s policy options
Australia
Social media must take the lead in protecting the community
The Sydney Morning Herald
@lisazdavies
Facebook says it is already taking down lots of inappropriate material, including 30 million posts about terrorism and 19 million posts that incited hatred last year. But it should devote more resources to curating its websites to comply with community standards.
How Australia’s laws are silencing cyber researchers
Australian Financial Review
@DLLabs
An Australian cyber security researcher whose discovery of gaping security flaws at airports, shopping centres and government buildings was silenced by legal threats, is backing moves to provide legal safeguards to researchers who responsibly disclose security vulnerabilities.
SA Health holding QR code check-in data indefinitely, report finds, as risk of breach revealed
ABC News
@IsabelDayman
The South Australian Premier's department has been deleting QR check-in data after 28 days, but SA Health has been holding onto the information it receives for contact tracing indefinitely, according to a report by the state's auditor-general.
China
The China-U.S. 5G Battle Upends a Telecom Industry Consortium
The Wall Street Journal
@stuwoo @lizalinwsj
The competition between the U.S. and China is roiling the previously humdrum process of setting technical specifications for wireless communications.
How China Is Planning For a Tech Decoupling
Defense One
Alex Stone @peterwsinger
Rising tensions between the U.S. and China and the recognition of a new kind of race for technological advantage has led Washington to tighten restrictions on Chinese companies’ access to critical technologies and to reevaluate the China-U.S. STEM talent pipeline. China is responding with preparations for a lengthy tech competition and decoupling (what it terms 中美科技脱钩). A notable set of recommendations by Chinese military strategists sheds light on possible policy countermoves.
New China-Korea semiconductor industrial complex starts construction amid Beijing’s push for tech self-reliance
South China Morning Post
Tracy Qu
The municipal government of Wuxi, a city in eastern Jiangsu province, has partnered with South Korean memory chip giant SK Hynix to develop the China-Korea Integrated Circuit Industrial Park amid Beijing’s push to develop an advanced and self-sufficient semiconductor supply chain in the country.
China’s network security spending set to double in first half of 2021
The Record by Recorded Future
@NPRDina
China is set to increase its spending on network security by 110 percent in the first half of the year to $1.1 billion when compared with 2020 — that’s a year-on-year increase of 38 percent compared with 2019, according to a new report by the marketing intelligence firm, IDC.
China Isn't the AI Juggernaut the West Fears
Bloomberg
@tculpan
The nation excels in computer vision and facial recognition, but practical applications are limited to surveillance. The U.S. has much broader expertise.
The covid tech that is intimately tied to China’s surveillance state
MIT Technology Review
@dtbyler
Heat-sensing cameras and face recognition systems may help fight covid-19—but they also make us complicit in the high-tech oppression of Uyghurs.
Chinese hackers use Windows zero-day to attack defense, IT firms
BleepingComputer
@serghei
A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT). The malware, known as MysterySnail, was found by Kaspersky security researchers on multiple Microsoft Servers between late August and early September 2021.
LinkedIn's unanswered questions about China censorship
AXIOS
@BethanyAllenEbr
After blocking the profiles of several U.S. journalists, including mine, from its China-based website, LinkedIn has repeatedly avoided answering key questions about the censorship.
JPMorgan’s Deal With Alipay Will Put the PLA in Your Pocket
Foreign Policy
@elisabethbraw
Chinese mobile payment apps are a national security threat—but Western financial firms are misguidedly rushing to embrace them.
Chinese Testing Experimental Armed Drone Ships at Secret Naval Base
USNI News
@CovertShores
In front of scenic cliffs and an ornamental European-style windmill is a secret People’s Liberation Army Navy pier. Here, at a former tourist resort on China’s northern coast, is where the PLAN is developing some of its most secretive, and previously unreported, naval programs, USNI News has learned.
S02 Episode 2: Press F to Review Bomb
Chaoyang Trap
@tianyuf
China’s relationship with video games is complex. On the regulatory side, there are strict restrictions on what games are released domestically and who gets to publish them; authorities have also enforced real-name policies in online games and prevented minors from gaming on weekdays. Yet it’s also home to the world’s largest gaming market and major game publishers. Beneath the headlines, gaming and indie game development is... thriving.
After video game ban, Chinese kids turn to Douyin and livestreaming gamers
SupChina
@jenny_f1014
The Chinese government has restricted under 18s to only three hours of video games per week, and gaming companies are enforcing the rules. So instead of playing games, kids are watching other people play them.
USA
Facebook's secret blacklits of "dangerous individuals and organizations"
The Intercept
@samfbiddle
To ward off accusations that it helps terrorists spread propaganda, Facebook has for many years barred users from speaking freely about people and groups it says promote violence. The restrictions appear to trace back to 2012, when… Facebook added to its Community Standards a ban on “organizations with a record of terrorist or violent criminal activity.” This modest rule has since ballooned into what’s known as the Dangerous Individuals and Organizations policy, a sweeping set of restrictions on what Facebook’s nearly 3 billion users can say about an enormous and ever-growing roster of entities deemed beyond the pale.
CIA Funding Arm Gave Encrypted App Wickr $1.6 Million
VICE
@josephfcox
In-Q-Tel, a nonprofit investment firm started by the Central Intelligence Agency (CIA), recently poured more than $1.6 million into encrypted messaging platform Wickr, according to public disclosure records reviewed by Motherboard.
Peanut butter and ProtonMail: US charges underscore evolution of espionage in digital age
CyberScoop
@jeffstone500
Like the Russian government’s weaponization of social media to influence American voters, and Chinese spies’ reliance on LinkedIn to recruit sources in the U.S., the case is the latest representation of how traditional espionage tactics — dead drops and undercover identities — are upended by innocuous tools that are part of daily life.
Microsoft said it mitigated a 2.4 Tbps DDoS attack, the largest ever
The Record by Recorded Future
@campuscodi
Microsoft said its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) distributed denial of service attack this year, at the end of August, representing the largest DDoS attack recorded to date.
A Pentagon official said he resigned because US cybersecurity is no match for China, calling it ‘kindergarten level’
Business Insider
@billbostockUK
A senior cybersecurity official at the Pentagon said he quit because he thinks it’s impossible for the US to compete with China on AI.
A QAnon influencer is organizing anti-mandate lawsuits in courts throughout the country
Media Matters
@AlKapDC
An online show host who is a prominent supporter of the QAnon conspiracy theory has been organizing an effort to use the courts to block mandates on masks and vaccines around the country. The effort has involved the widow of former Sen. Fred Thompson (R-TN), and it has been promoted by one of the biggest financial backers of the Arizona election “audit.”
We are Google and Amazon workers. We condemn Project Nimbus
The Guardian
We cannot support our employer’s decision to supply the Israeli military and government technology that is used to harm Palestinians
Facebook’s moral failure shows the need for competition and is a test for Congress, write Reps. Buck and Cicilline
CNBC
@RepCicilline @RepKenBuck
The latest evidence of Facebook’s moral failures is credible and damning, but these concerns are not new. Instead, this evidence confirms what we have known about Facebook for years — that it will always prioritize growth and profit over everything else.
Another Facebook whistleblower says she is willing to testify before Congress
CNN
@donie
Sophie Zhang, who said she felt like she had "blood on her hands" after working at Facebook, is willing to testify before Congress about her former employer, she told CNN Sunday. She said she had also passed on documentation about the company to a US law enforcement agency.
UK
Lindy Cameron at Cyber 2021, Chatham House
National Cyber Security Centre
In a Chatham House speech today (Monday, October 11), Lindy Cameron marked her first year as NCSC CEO by looking back on key learnings from the past year and warning that ransomware is the most immediate cyber security threat to UK business.
Professional Footballers threaten data firms with GDPR legal action
BBC News
@Nick_hartley2
Hundreds of footballers have threatened legal action against the data collection industry, which could change how information is handled.
Europe
Big Tech to be forced to hand over data on political ads
POLITICO
@clothildegouj @markscott82
Facebook and Google will have to provide reams of detailed information on how political groups target people via online ads or face steep fines, according to European Commission draft proposals seen by POLITICO. The proposals, which the Commission is expected to unveil on November 23, aim to protect elections from undisclosed political ads, stop political parties from misusing social media and combat the manipulation of voters through microtargeting — the practice at the heart of the Cambridge Analytica scandal in 2018.
EU, Ukraine to discuss military training and cyberthreats
The Associated Press
@sampetrequin
The European Union is considering providing a military training mission to Ukraine amid lingering tensions between Russia and its neighbor, officials said Monday. Acting on a request from Ukraine for help with “professional military education,” the EU sent a fact-finding mission to the country last month. The topic will be discussed during a summit Tuesday in Kyiv, the officials said on condition of anonymity in accordance with EU practices.
Americas
Canada needs a proper technology security strategy. Banning Huawei from 5G should be the first step
The Globe and Mail
@ritatrichur
Not only should Ottawa officially ban telecommunications equipment made by Huawei Technologies Co. Ltd. from Canada’s 5G wireless networks, the Trudeau government must also co-ordinate technology security with our democratic allies if we have any hope of keeping authoritarian countries such as China and Russia in check.
Cyberattack shuts down Ecuador's largest bank, Banco Pichincha
BleepingComputer
@LawrenceAbrams
Ecuador's largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline.
Middle East
Unraveling a Decade of Iran-Linked Information Operations Targeting Domestic Audiences and International Critics
Graphika
@jc_stubbs @Lea_Ronzaud @KyleDavidWeiss
On Oct. 11, Facebook said it had removed a network of 93 profiles, 15 groups, 14 pages and 194 Instagram accounts in September that originated in Iran and engaged in “coordinated inauthentic behaviour” to target domestic audiences in the country... The campaigns range from the targeting of domestic audiences with pro-regime propaganda, to criticism of geopolitical rivals such as Saudi Arabia and the United States, and sustained attempts to undermine and disrupt opposition groups. Additionally, two Instagram accounts posted in French about French political issues for a short period in 2019, but failed to attract an audience.
Microsoft: Iran-linked hackers breached Office 365 customer accounts
The Record by Recorded Future
@campuscodi
Microsoft said today that a new Iran-linked hacking group has targeted more than 250 Office 365 tenants and compromised accounts for less than 20. The attacks, which the company disclosed today in a security alert, have been carried out via password spraying, a technique where hackers try the same password over and over again—while rotating the username.
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors
Microsoft Threat Intelligence Center
DEV-0343 is a new activity cluster that the Microsoft Threat Intelligence Center (MSTIC) first observed and began tracking in late July 2021. MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on US and Israeli defense technology companies, Persian Gulf ports of entry, or global maritime transportation companies with business presence in the Middle East.
Africa
Music streamers turn to telcos to make Africa pay
Reuters
@Nqobile_D @Tech_Correspond
Africa, with its internationally recognised musical talent - and growing mobile phone use - is central to Swedish music streamer Spotify's plans to extend its reach to a billion customers. The problem is payment on a continent where many people are more likely to have a mobile phone than a bank account. That means Spotify's first task as it implements a plan announced in February to almost double its footprint is to win over the telecom companies that often equate to banks.
Continent’s top fact-checkers awarded at eighth annual African Fact-Checking Awards
Africa Check
Fact-checkers from Nigeria, South Africa, Uganda and Senegal took the top honours in the 2021 African Fact-Checking Awards, held in a virtual ceremony on Tuesday 12 October 2021 as part of this year’s African Investigative Journalism Conference.
Gender and Women in Cyber
Does Instagram Harm Girls? No One Actually Knows.
The New York Times
@ldsteinberg
Amid the pillorying of Facebook that has dominated the latest news cycle there is an inconvenient fact that critics have overlooked: No research — by Facebook or anyone else — has demonstrated that exposure to Instagram, a Facebook app, harms teenage girls’ psychological well-being.
Misc
Google pulls ‘stalkerware’ ads that promoted phone spying apps
TechCrunch
@zackwhittaker
Google has pulled several “stalkerware” ads that violated its policies by promoting apps that encouraged prospective users to spy on their spouses’ phone. These consumer-grade spyware apps are often marketed to parents wishing to monitor their child’s calls, messages, apps, photos and location, often under the guise of protecting against predators.
We need to talk about how Apple is normalising surveillance
WIRED
@CarissaVeliz
Apple has taken a public stand on privacy, curtailing data abuses by apps and declaring it doesn’t exploit its users’ information. But it has also created comprehensive new ways to track us.
2022 Global Digital Trust Insights Survey
PwC
nvestments continue to pour into cybersecurity. Sixty-nine percent of organisations predict a rise in cyber spending in 2022 compared to 55% last year. More than a quarter (26%) predict cyber spending hikes of 10% or more; only 8% percent said that last year.
In Their Own Words: Lectures on Joint Campaign Information Operations
China Aerospace Studies Institute
Written by the PRC’s National Defense University (NDU) faculty, with assistance from the General Staff Operations Department and the Academy of Military Sciences, this text contains instructional material for NDU Commander’s Course, Staff Officer, and PLA-wide Information Operations Advanced Studies Courses. Forward looking, and deliberately very comprehensive on concepts of information operations at the campaign level in the joint form, the 2009 edition contains extensive review/revisions from its previous publications.
Events
Securing Cyberspace
The Washington Post
The Biden administration has made clear that cybersecurity is critical to our national security plan, and the role of the private sector is integral to national cybersecurity planning. Join Washington Post Live on Thursday, Oct. 14 at 4:00 p.m. ET for a series of conversations about the role of the private sector in charting a path forward to securing cyberspace and lessons learned from recent cyberattacks.
CYBERWARCON
CYBERWARCON is a one-day conference in the Washington D.C. area focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. CYBERWARCON is not a hacker conference, or an ICS conference, or an international policy conference. The central purpose of this conference is to identify and explore threats. Participants and attendees come from a spectrum of backgrounds including the military and government, academia, the media, and the private sector.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.