US blacklists 27 companies to protect critical tech | EU Parliament votes for new restrictions on big tech's data-driven ad targeting | Coordinated influence operation impersonating Sikhs in India
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The US has placed a dozen Chinese groups involved in quantum computing and other advanced technologies on an export blacklist, saying they pose a risk of gaining access to critical American technologies for the People’s Liberation Army. The move, which makes it almost impossible for US companies to sell technologies to the listed companies, targeted a total of 27 entities. In addition to the Chinese groups targeted, Washington put 13 Pakistani firms on the “entity list” for activities related to nuclear and ballistic missile programmes. It added the Moscow Institute of Physics and Technology to a “military end-user” list that makes it more difficult to sell technology with military applications. The Financial Times
The Internal Market and Consumer Protection Committee (IMCO) today voted overwhelmingly to support beefed-up consent requirements on the use of personal data for ad targeting within the Digital Markets Act (DMA); and for a complete prohibition on the biggest platforms being able to process the personal data of minors for commercial purposes — such as marketing, profiling or behaviorally targeted ads — to be added to the draft legislation. TechCrunch
A network of fake social media profiles of people claiming to be Sikhs, and promoting divisive narratives, has been exposed. A new report shared exclusively with the BBC ahead of its publication on Wednesday identified 80 accounts in the network, which have now been suspended because they were fake. The influence operation used accounts across Twitter, Facebook and Instagram to promote Hindu nationalism and pro-Indian government narratives. The aim of the network appears to have been to "alter perceptions on important issues around Sikh independence, human rights and values". BBC
ASPI ICPC
India to ban private cryptocurrencies, bill to be tabled in parliament.
WION
The Narendra Modi-led government has listed a bill for the upcoming Parliament session that reportedly seeks to prohibit all private cryptocurrencies in India, but with certain exceptions. While addressing the Sydney Dialogue—a forum on emerging, critical and cyber technologies—Modi called upon all the countries to join hands to ensure that the cryptocurrency is not misused.
Crypto, not currency – Cryptocurrency: Ideal law will ban use as legal tender, allow it to be an asset
Times of India
Duvvuri Subbarao
Suddenly cryptocurrencies (cryptos) are all over – on social media, on our TV screens and on the frontpages of newspapers. At the Sydney Dialogue last week, the Prime Minister called on democracies to work together on cryptos so that ‘they do not fall into the wrong hands and spoil our youth.’ The RBI governor, for his part, has repeatedly expressed concerns about cryptos being a threat to our macroeconomic and financial stability.
Chaos in Canberra
Triple J Hack
Fergus Ryan joined Triple J Hack to talk about one of China’s most popular tennis players, Peng Shuai, after she levelled allegations of sexual assault against a top government official on social-media.
Policy, Guns and Money: COP26 debrief, regulating digital tech and India–China border tensions
The Strategist
ASPI Staff
ASPI’s Robert Glasser and Anastasia Kapetas break down the commitments made at COP26 climate summit. ASPI’s Teagan Westendorf speaks to Jeannie Paterson from the University of Melbourne about the need to regulate digital technology in a way that aligns with democratic values. ASPI’s Nathan Ruser and Baani Grewal discuss their recently released multimedia project looking at the increasing border tensions between China and India in the Doklam region.
Australia
Stronger human rights sanctions introduced
7NEWS
Dominic Giannini
Foreign Minister Marise Payne said it would allow the government to respond more directly to national security threats by targeting people proliferating weapons of mass destruction, committing human rights abuses or engaging in serious corruption. "Our reforms will deny access to our economy for the proceeds of egregious abuses and ensure our banking systems do not become a safe haven for these proceeds and any associated foreign influence," Senator Payne said. "Cyber sanctions serve as an important tool of statecraft. Rules apply online just as they do offline and perpetrators must be accountable."
Four universities to get $250m to commercialise new high-tech products
The Sydney Morning Herald
Jennifer Duke
Prime Minister Scott Morrison is giving almost $250 million to four universities to commercialise new high-tech innovations as part of a plan to boost the economic recovery from the coronavirus pandemic.
NSW government clamps down on apartment building defects using blockchain and AI
ZDNet
Aimee Chanthadavong
Apartment building defects are not uncommon these days, but the NSW government has been developing new solutions using AI and blockchain to crackdown on this. Speaking at the 2021 digital.NSW event, Office of the NSW Building Commissioner digital director Yin Man explained how the state government has worked with KPMG, Microsoft, Australian Securities Exchange (ASX), Western Sydney University, and Mirvac to build what is being referred to as a trustworthy index, within the state government's building assurance solution.
China
Hong Kong broadcaster RTHK deletes report on Peng Shuai, China tennis star who accused ex-official of sexual assault
Hong Kong Free Press HKFP
Selina Cheng
Hong Kong’s government-funded broadcaster RTHK has removed from its website a news report about Chinese tennis star Peng Shuai, who accused a former top Chinese official of sexual assault. The move by the tax-payer funded outlet reflects treatment of the story in mainland China, where it has been censored.
China’s Disappeared: How Beijing Silences Critics
Council on Foreign Relations
Jerome A. Cohen
The stunning protests by the Women’s Tennis Association against the Chinese government’s secret restrictions on tennis star Peng Shuai have belatedly focused international attention on Beijing’s practice of disappearing nonconforming citizens. Although many countries have experienced mysterious and sometimes fatal disappearances, the Chinese government has developed this technique for silencing people into an art form.
How China’s Huawei technology is being used to censor news halfway across the world
Committee to Protect Journalists
Madeline Earp
Valentin Weber and Vasilis Ververis, PhD candidates at the University of Oxford and Humboldt University of Berlin respectively, told CPJ in a recent video call about their research tracking Huawei equipment known as middleboxes to internet networks in 72 countries, 18 of which were using the devices to block news or other websites.
China backs UN pledge to ban (its own) social scoring
POLITICO
Melissa Heikkilä
Oh, the AI-rony. China on Tuesday signed off on a United Nations pledge to stop artificial intelligence from wreaking havoc on societies, including by banning the use of AI for "social scoring" systems — a practice Beijing itself has popularized in recent years and currently uses to score Chinese citizens based on their perceived trustworthiness.
USA
US blacklists Chinese quantum computing companies
The Financial Times
Demetri Sevastopulo
The US has placed a dozen Chinese groups involved in quantum computing and other advanced technologies on an export blacklist, saying they pose a risk of gaining access to critical American technologies for the People’s Liberation Army. The move, which makes it almost impossible for US companies to sell technologies to the listed companies, targeted a total of 27 entities, including 12 in China and two affiliated firms in Japan and Singapore. In addition to quantum computing, the list included companies in the semiconductor and aerospace industries.
Commerce Lists Entities Involved in the Support of PRC Military Quantum Computing Applications, Pakistani Nuclear and Missile Proliferation, and Russia’s Military
U.S. Department of Commerce
Eight technology entities based in the PRC are being added to the list as part of the Department of Commerce’s efforts to prevent U.S. emerging technologies from being used for the PRC’s quantum computing efforts that support military applications, such as counter-stealth and counter-submarine applications, and the ability to break encryption or develop unbreakable encryption. These PRC-based technology entities support the military modernization of the People’s Liberation Army and/or acquire and attempt to acquire U.S. origin-items in support of military applications. Today’s action will also restrict exports to PRC producers of electronics that the support the People’s Liberation Army’s military modernization efforts.
Samsung plans to build a $17 billion chip plant in Texas
CNBC
Sam Shead
Samsung is planning to build a $17 billion semiconductor factory in Taylor near Austin, Texas, over the next three years as part of an effort to increase its manufacturing capacity and alleviate the global chip shortage. The South Korean tech giant announced the 5 million square meter facility Tuesday, a day after The Wall Street Journal broke the news. The factory will aim to help boost production of advanced logic semiconductors, which are used in phones and computers.
Samsung to Choose Taylor, Texas, for $17 Billion Chip-Making Factory
The Wall Street Journal
Jiyoung Sohn
Samsung Electronics Co. plans to build a roughly $17 billion chip-making plant in Taylor, Texas, according to people familiar with the matter, a mega investment by the South Korean tech giant, as the Biden administration pushes for an expansion of U.S. semiconductor production.Samsung says it will build $17B chip factory in Texas
NPR
Samsung said it plans to build a $17 billion semiconductor factory outside of Austin, Texas, amid a global shortage of chips used in phones, cars and other electronic devices. "This is the largest foreign direct investment in the state of Texas, ever," Texas Gov. Greg Abbott said in announcing the project Tuesday. Samsung said it will start building the Texas plant next year and hopes to begin operations in the second half of 2024.Statement by NEC Director Brian Deese and National Security Advisor Jake Sullivan on Samsung Announcement of New Semiconductor Facility in Texas
The White House
Securing America’s supply chains is a top priority for President Biden and his Administration. We welcome Samsung’s announcement today that it will build a new semiconductor facility in Texas, helping protect our supply chains, revitalizing our manufacturing base, and creating good jobs right here at home.
US blacklists Chinese quantum computing companies
The Financial Times
Demetri Sevastopulo
The US has placed a dozen Chinese groups involved in quantum computing and other advanced technologies on an export blacklist, saying they pose a risk of gaining access to critical American technologies for the People’s Liberation Army. The move, which makes it almost impossible for US companies to sell technologies to the listed companies, targeted a total of 27 entities, including 12 in China and two affiliated firms in Japan and Singapore. In addition to quantum computing, the list included companies in the semiconductor and aerospace industries.
Commerce Lists Entities Involved in the Support of PRC Military Quantum Computing Applications, Pakistani Nuclear and Missile Proliferation, and Russia’s Military
U.S. Department of Commerce
Eight technology entities based in the PRC are being added to the list as part of the Department of Commerce’s efforts to prevent U.S. emerging technologies from being used for the PRC’s quantum computing efforts that support military applications, such as counter-stealth and counter-submarine applications, and the ability to break encryption or develop unbreakable encryption. These PRC-based technology entities support the military modernization of the People’s Liberation Army and/or acquire and attempt to acquire U.S. origin-items in support of military applications. Today’s action will also restrict exports to PRC producers of electronics that the support the People’s Liberation Army’s military modernization efforts.
Palantir CEO: companies working with U.S. adversaries should justify their position
CNBC
Samantha Subin
Technology companies doing business with China or U.S. adversaries need to justify their position, Palantir CEO Alex Karp told CNBC’s “Squawk Box” on Tuesday. If you want to work in China or in any other country that is adversarial … you should disclose it and defend it,” he said. Apple and many chip companies are among the major U.S. tech firms that continue to operate in China. The comments from Karp come as more tech companies pull out of the country amid harsher internet censorship.
Frustrated with CIA, Trump administration turned to Pentagon for shadow war with Iran
Yahoo News
Zach Dorfman
In the final month of his presidency, Donald Trump signed off on key parts of an extensive secret Pentagon campaign to conduct sabotage, propaganda and other psychological and information operations in Iran, according to former senior officials who served in his administration. The campaign, which was to be led by the military’s Special Operations forces, was designed to undermine the Iranian people’s faith in their government as well as shake the regime’s sense of competence and stability, according to those former officials.
Adam Mosseri, Instagram's Head, Agrees to Testify Before Congress
The New York Times
Ryan Mac, Cecilia Kang
Adam Mosseri, the head of Instagram, has agreed for the first time to testify before Congress, as bipartisan anger mounts over harms to young people from the app. Mr. Mosseri is expected to appear before a Senate panel during the week of Dec. 6 as part of a series of hearings on protecting children online, said Senator Richard Blumenthal, who will lead the hearing.
North-East Asia
Japan, Vietnam look to cyber defense against China
AP News
Mari Yamaguchi
Japan and Vietnam on Tuesday signed a cybersecurity agreement as the two Asian nations rapidly step up their military ties amid concerns over China’s growing assertiveness. Japan’s Defense Minister Nobuo Kishi told reporters that the cyberspace agreement aimed to address a “strong sense of urgency” over activities in the Indo-Pacific region that challenge the existing international order, indicating China without identifying any country by name. Kishi said talks with his Vietnamese counterpart, Phan Van Giang, had taken “defense cooperation between the two countries to a new level.”
South-East Asia
Apple warns Thai activists "state-sponsored attackers" may have targeted iPhones
Reuters
Panu Wongcha-um, Fanny Potkin
Apple Inc issued on Wednesday alert messages to at least six Thai activists and researchers who have been critical of the government, warning it believed their iPhones had been targeted by "state-sponsored attackers", according to activists and the alerts reviewed by Reuters.
South and Central Asia
Farm laws: Sikhs being targeted by fake social media profiles
BBC
Shruti Menon, Flora Carmichael
A network of fake social media profiles of people claiming to be Sikhs, and promoting divisive narratives, has been exposed. A new report shared exclusively with the BBC ahead of its publication on Wednesday identified 80 accounts in the network, which have now been suspended because they were fake. The influence operation used accounts across Twitter, Facebook and Instagram to promote Hindu nationalism and pro-Indian government narratives.
Revealed: "Real Sikh" influence network pushing Indian nationalism
Centre for Information Resilience
Ross Burley
A coordinated influence operation on Twitter, Facebook and Instagram is using fake personas acting as influencers within the Sikh community to discredit the push for Sikh independence, label Sikh political interests as extremist, stoke cultural tensions within India and international communities, and promote Indian Government content. The Centre for Information Resilience (CIR) investigation identified a core network of fake accounts that target other accounts supportive of Indian nationalism to spread and amplify the content and narratives generated by the core network. CIR’s report analyses the common profiles, content and tactics of the fake accounts which indicate their activity to be significantly coordinated.
UK
The U.K. as a Responsible Cyber Power: Brilliant Branding or Empty Bluster?
Lawfare
James Shires, Max Smeets
The current U.K. Conservative government has an impressive record on one particular thing: punchy but highly malleable slogans. These range from “get Brexit done” to “levelling up,” not to mention the many COVID-19 mantras emblazoned on lecterns over the past two years. Now, the government is trying a similar tactic in foreign policy and international cybersecurity.
Europe
European Parliament’s IMCO backs limits on tech giants’ ability to run tracking ads
TechCrunch
Natasha Lomas
In what looks like bad news for adtech giants like Facebook and Google, MEPs in the European Parliament have voted for tougher restrictions on how internet users’ data can be combined for ad targeting purposes — backing a series of amendments to draft legislation that’s set to apply to the most powerful platforms on the web.
EU Passes Law Banning Ads-Targeting to Minors, Requiring Interoperable Messaging
Bloomberg
Jillian DeutschThe lead committee in the European Parliament writing new tech rules passed measures Tuesday that could impact major U.S. and European tech companies.
EU's Vestager cheers as lawmakers vote for tougher tech laws
Reuters
Foo Yun Chee
A key committee of EU lawmakers on Tuesday agreed to tougher laws targeting Amazon, Apple, Alphabet unit Google and Facebook, earning a thumbs-up from EU antitrust chief and architect of the idea Margrethe Vestager.
Digital Markets Act: ending unfair practices of big online platforms
European Parliament
The Internal Market and Consumer Protection Committee adopted this morning by 42 votes in favour, two against and one abstention its position on the Digital Markets Act (DMA) proposal, which sets rules on what companies with “gatekeeper” status will be allowed to do and not to do in the EU.
Italy's Draghi vetoes third Chinese takeover this year
Reuters
Giuseppe Fonte, Ella Cao
The decision was taken at a cabinet meeting on Nov. 18, two government sources told Reuters, adding Industry Minister Giancarlo Giorgetti had recommended the veto, arguing the takeover could have had consequences in the strategic semiconductor sector. Among Applied Materials' products are machines used to manufacture semiconductors and other high-tech components. The filing said the joint venture was also intended to take on Applied Materials' wafer equipment business in Singapore and its assets in China.
Government to exclude 'high-risk' companies from 5G network
Irish Examiner
Cormac O’Keeffe
The Government plans to introduce security legislation that will enable it to exclude “high-risk” telecom providers from being used in critical parts of Ireland's next-generation broadband network. The Cabinet has decided to give Communications Minister Eamon Ryan legal powers to conduct assessments of potential providers of 5G services – the replacement broadband mobile network for the 4G network – and to designate certain suppliers as “high-risk”.
Russia
Moscow tells 13 mostly U.S. tech firms they must set up in Russia by 2022
Reuters
Alexander Marrow, Gleb Stolyarov
Russia has demanded that 13 foreign and mostly U.S. technology companies be officially represented on Russian soil by the end of 2021 or face possible restrictions or outright bans. The demand, from state communications regulator Roskomnadzor late on Monday, gave few details of what exactly the companies were required to do and targeted some firms that already have Russian offices.
Moscow Court Extends Pretrial Detention For Cybersecurity Company Chief Accused Of Treason
Radio Free Europe / Radio Liberty
A court in Moscow has extended the pretrial detention of the chief executive of a leading Russian cybersecurity company who was arrested in September on charges of state treason. The Lefortovo district court on November 23 ruled that Ilya Sachkov must stay in pretrial detention until at least February 28, 2022. Sachkov is the founder of Group-IB, a company known for its work in tracking down hackers and fighting theft and cyberfraud. He is one in a series of prominent people, including scientists and cybersecurity officials, to be arrested in Russia on treason charges in recent years, while Moscow has faced numerous allegations of cyberattacks on Western countries -- which it has denied.
Russian cybersecurity executive appeals to Putin as detention for treason extended
Reuters
Ilya Sachkov, the head of a Russian cybersecurity firm, on Tuesday appealed to President Vladimir Putin to let him be moved to house arrest while he awaits trial on treason charges after his detention was extended until February. Sachkov, 35, who founded Group-IB, one of Russia's most prominent cybersecurity firms, was arrested in September and charged with divulging state secrets, allegations he denies.
Middle East
Cyber Scammer Confesses to Fraud Fueled by Cocaine, Whiskey
Bloomberg
Karin Matussek
An Israeli man confessed on Tuesday to helping to steal nearly $10 million from hundreds of victims of a sprawling cyber-trading scam headed by the so-called Wolf of Sofia, while under the influence of cocaine and whiskey. The 45-year-old, who can be identified only as Tal-Jacki Z.F., owned up to duping investors from Germany, Austria and other nations via call centers operating from Eastern European cities, on day one of a trial in Munich.
World Cup host Qatar used ex-CIA officer to spy on FIFA
AP News
Alan Suderman
The tiny Arab nation of Qatar has for years employed a former CIA officer to help spy on soccer officials as part of a no-expense-spared effort to win and hold on to the 2022 World Cup tournament, an investigation by The Associated Press has found. It’s part of a trend of former U.S. intelligence officers going to work for foreign governments with questionable human rights records that is worrying officials in Washington and prompting calls from some members of Congress for greater scrutiny of an opaque and lucrative market.
Africa
How the pandemic pulled Nigerian university students into cybercrime
The Record by Recorded Future
Olatunji Olaigbe
Around November 2020, Kayode said he was invited to a house party—the kind attended mostly by others involved in the country’s illicit digital economy. The college sophomore studying towards a hard sciences degree had reservations about attending a party during a global pandemic, but he didn’t have much other to do than spend time with other so-called “yahoo boys”—an archaic nickname that recalls when Nigerian cyber fraudsters were synonymous with Yahoo Mail and “Nigerian Prince” spam. The market has now graduated into more complex and targeted schemes, experts told The Record. And Kayode, who wanted to be identified only by this nickname due to security concerns, is one of many young Nigerians who turned to that market as the COVID-19 pandemic disrupted their education and left them with few options.
Misc
On legal demands and press freedoms
TechCrunch
Zack Whittaker
In August 2020, two FBI agents were standing on my doorstep, unannounced, wanting to ask me questions about a TechCrunch story we had published the year before. The story was about how a hacker took thousands of documents, including visas and diplomatic passports, from a server at Mexico’s Embassy in Guatemala.
The McDonald’s Ice Cream Machine Hacking Saga Has a New Twist
WIRED
Andy Greenberg
Six months ago, a tiny startup called Kytch sued Taylor, the billion-dollar manufacturer of McDonald's notoriously broken ice cream machines. For years Kytch had sold a small device that hacks those ice cream machines, letting McDonald's restaurant owners better diagnose their maladies and make them work more reliably—only to find, according to Kytch's legal complaint, that Taylor had conspired to copy its device and sabotage its business. Now Kytch's lawsuit has revealed another side to that story: the internal communications of Taylor itself. Recently released court documents appear to show that Taylor's executives did view Kytch as a business threat and worked to copy its device's features in a competing product—all while still failing to actually cure McDonald's ice cream headaches.
Events
China's Fintech Future
Protocol
China is where you’ll find ubiquitous payment via QR codes, credit ratings built from whole cloth by Big Tech using Big Data and a central bank digital currency with use cases well beyond China’s borders. How will China shape the future of fintech in the medium and long term — and what does that mean for the existing financial system? In this event, we’ll talk about Beijing’s latest moves to test the CBDC, what we know already about how the CBDC does (and doesn’t) work and in-country Fintech innovations we should adopt globally.
Research
Promoting open and inclusive connectivity: The case for digital development cooperation
ScienceDirect
Maaike Okano-Heijmansa, Wilhelm Vosse
A focus on digital development cooperation as a cornerstone in Europe’s digital connectivity agenda offers opportunities to act on long-term challenges and addresses several key priorities identified by the European Commission in third countries. This article develops an argument for strengthening Europe’s agenda on digital development cooperation, specifically in the Indo-Pacific region.
Toy Rabbits, Chemtrails and German QAnon Fanatics: How Not to Conduct Open Source Investigations
bellingcat
Johanna Wild
The posts boast of uncovering an incident of child abuse in southern Germany and the seemingly suspicious use of military aircraft in the north and west of the country. Others detail a conspiracy to manipulate significant weather events. Impressively, all that was required to reveal this malign activity was some creative thinking and access to open source investigative tools such as satellite mapping services and flight tracking sites. But a closer look begins to reveal some fundamental problems. The tools had been misused and the findings, eye-catching though they are, fail to stand up to even the most basic scrutiny. It’s a familiar theme when analysing “research” from the QAnon community.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Senior Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented and proactive senior analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.