1,500 businesses affected by US ransomware attack | China launches cybersecurity probe into more U.S.-listed firms | Facebook, Twitter, Google threaten to quit Hong Kong over proposed data laws
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday. Reuters
China's cyberspace watchdog said on Monday it is investigating online recruiter Zhipin.com, and truck-hailing apps Huochebang and Yunmanman, ramping up a crackdown on the mainland's tech companies amid tightened regulations on data security. Reuters
Beijing’s moves against Didi — halting new user sign-ups, then ordering it off app stores in a span of two days — stand out both for their speed and for coming so soon after the company’s initial public offering last week. They send a stark message to Chinese businesses about the government’s authority over them, even if they operate globally and their stock trades overseas. The Wall Street Journal
ASPI ICPC
China targets ride-sharing star Didi in data crackdown
Australian Financial Review
“Regulators have been emboldened to move on companies like Didi Chuxing because, as party documents and laws have made clear, the data they have collected is considered as not just for their commercial use but must also be accessible for the party state’s own use,” Fergus Ryan, an analyst with APSI’s International Cyber Policy Centre, said. “Overall, this action against Didi is consistent with the ongoing tech sector crackdown which is designed to rein in the tech giants and pressure them into more closely adhering to the goals of the CCP.”
World
Up to 1,500 businesses affected by ransomware attack, U.S. firm's CEO says
Reuters
@razhael
Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday.
The Kesaya Ransomware Attack is a Really Big Deal
Lawfare
@pwnallthethings
A successful ransomware attack on a single company has spread to at least 200 organizations and likely far more, according to cybersecurity firm Huntress Labs, making it one of the single largest criminal ransomware sprees in history.REvil gang asks for $70 million to decrypt systems locked in Kaseya attack
The Record
@campuscodi
A successful ransomware attack on a single company has spread to at least 200 organizations and likely far more, according to cybersecurity firm Huntress Labs, making it one of the single largest criminal ransomware sprees in history.Ransomware hackers lower demand to $US50m
The Canberra Times
@razhael
The hackers who have claimed responsibility for an international ransomware outbreak have lowered their asking price in a private conversation with a cybersecurity expert, something he says may be a sign the group is having trouble monetising their massive breach.
Australia
ACCC prepares second assault on Facebook, Google
Australian Financial Review
@apatrickafr
The failure of a landmark anti-monopoly case against Facebook by the US Federal Trade Commission will not stop global regulators from waging an aggressive campaign against the social media giant over the next two years, Australian Competition and Consumer Commission chairman Rod Sims has said.
Cyber agency confirms Australian firms hit by supply chain attack
Australian Financial Review
@Max Mason
Australian firms are among the thousands of businesses affected by the biggest global ransomware attack on record, suspected to have been executed by the same Russian-linked gang which hit Australia’s biggest meat and food processing company, JBS Foods.
Universities’ confusion over foreign veto scheme
The Sydney Morning Herald
@LisaVisentin
Universities were forced to seek legal advice, translate the governing documents of overseas universities, and interpret foreign legal systems in order to make a call on which of their thousands of research contracts the federal government wanted the power to tear up.
eSafety says tweeting commissioner will not qualify as a formal Online Safety Act request
ZDNet
@ashabeeeee
Australian eSafety Commissioner Julie Inman Grant is set to receive sweeping new powers in early 2022 as part of the Online Safety Act that passed Parliament last month. Among other things, the new Act extends the Commissioner's cyber takedown function to adults, giving the commissioner the power to issue takedown notices directly to the services hosting the content and end users responsible for the abusive content.
National Archives gets AU$67m from Canberra to digitise records and lift cybersecurity
ZDNet
@achanthadavong
Deteriorating historical records will get a new lease of life when they become digitised, following a AU$67 million funding boost for the National Archives of Australia.
China
After Didi, China launches cybersecurity probe into more U.S.-listed firms
Reuters
@Gabriel Crossley @yingzhi_yang @yilei000
China's cyberspace watchdog said on Monday it is investigating online recruiter Zhipin.com, and truck-hailing apps Huochebang and Yunmanman, ramping up a crackdown on the mainland's tech companies amid tightened regulations on data security.
Chinese Regulators Suggested Didi Delay Its U.S. IPO
The Wall Street Journal
@Lingling_Wei @QiZHAI
Weeks before Didi Global Inc. went public in the U.S., China’s cybersecurity watchdog suggested the Chinese ride-hailing giant delay its initial public offering and urged it to conduct a thorough self-examination of its network security, according to people with knowledge of the matter. But for Didi, waiting would be problematic. In the absence of an outright order to halt the IPO, it went ahead.
China’s Crackdown on Didi Is a Reminder That Beijing Is in Charge
The New York Times
@zhonggg
Beijing’s moves against Didi — halting new user sign-ups, then ordering it off app stores in a span of two days — stand out both for their speed and for coming so soon after the company’s initial public offering last week. They send a stark message to Chinese businesses about the government’s authority over them, even if they operate globally and their stock trades overseas.
USA
Facebook’s court win could end up leading to trouble for tech giants
The Sydney Morning Herald
@Stephen Bartholomeusz
A court ruling in the US last week might appear to be a blow to anti-trust reformers’ desire to rein in and break up the power of Big Tech. Instead it might presage a far graver threat to the likes of Facebook, Google, Amazon and Apple.
Pro-Trump social media app hacked on launch day as half million sign up
Reuters
@andrea_shalal
A social media site launched on Sunday by Jason Miller, a senior adviser to former U.S. President Donald Trump, was briefly hacked, and more than 500,000 people have registered to use the site, Miller said.
The newest MAGA app is tied to a Bannon-allied Chinese billionaire
Politico
@tina_nguyen
GETTR has existed as a Chinese language social media network linked to Guo Wengui. It was unveiled as a new platform by Jason Miller on Thursday.
COVID vaccination cards to appear on Android in US
ZDNet
@dobes
Google says it will be storing any vaccination and test information on Android devices, and not on its infrastructure.
North-East Asia
Facebook, Twitter, Google Threaten to Quit Hong Kong Over Proposed Data Laws
The Wall Street Journal
@newley
Facebook Inc., Twitter Inc. and Alphabet Inc.’s Google have privately warned the Hong Kong government that they could stop offering their services in the city if authorities proceed with planned changes to data-protection laws that could make them liable for the malicious sharing of individuals’ information online.
South-East Asia
Myanmar’s junta bans senior telecom executives from leaving country
CNBC
Senior foreign executives of major telecommunications firms in Myanmar have been told by the junta that they must not leave the country without permission, a person with direct knowledge of the matter said.. A week later, telecom companies were sent a second letter telling them they had until Monday July 5 to fully implement intercept technology they had previously been asked to install to let authorities spy on calls, messages and web traffic and to track users by themselves, the source said. Reuters has not seen the orders. The directives follow pressure on the companies from the junta, which is facing daily protests from its opponents and a growing number of insurgencies to activate the spyware technology.
UK
Twitter must not buckle to Beijing’s pressure
The Times
@edwardlucas
The Chinese Communist Party does not just decide what its own subjects read and say. It determines your doings too. Yesterday it stopped someone in New Zealand communicating her thoughts to the rest of the world — including me.
Gender and Women in Cyber
Facebook, Google, TikTok, Twitter promise a safer space for women online
ZDNet
@ashabeeeee
Facebook, Google, TikTok, and Twitter have vowed to improve women's safety on their respective platforms, agreeing to a set of commitments during the United Nations Generation Equality Forum. The commitments focus on improving systems for reporting abuse and offering features that give women more control over their online experience.
Misc
ByteDance starts selling AI that powers TikTok to other companies
Financial Times
@tim
ByteDance is selling some of the artificial-intelligence technology that powers its viral video app TikTok to websites and apps outside China, as it broadens its revenue streams ahead of a long-anticipated initial public offering. A new division called BytePlus quietly launched in June and already lists customers all over the world, including in the US. According to its website, early customers include Goat, the US-based fashion app; WeGo, a travel booking site in Singapore; and Chilibeli, an Indonesian online shopping start-up. TikTok is also listed among its customers. BytePlus offers businesses the chance to tap some of TikTok’s secret ingredient: the algorithm that keeps users scrolling by recommending them videos that it thinks they will like. They can use this technology to personalise their apps and services for their customers.
Data Governance’s New Clothes
Centre for International Governance Innovation
@seanmmcdonald
When citizens, consumers and stakeholders can’t hold institutions accountable for their promises, there’s little reason to trust those promises.
Events
ASPI Webinar: In-conversation with Will Cathcart, Head of WhatsApp
ASPI
ASPI's International Cyber Policy Centre is delighted to invite you to the webinar 'In-conversation with Will Cathcart, Head of Whatsapp'. Join Fergus Hanson in a 'fireside chat' with the CEO of WhatsApp Will Cathcart as they discuss the big issues facing the world’s largest messaging service. This webinar will include Q&A with the online audience. How do we balance requirements for safety, privacy and security? Why does WhatsApp use end-to-end encryption and how has WhatsApp evolved to combat misinformation? Join us at 10am on Thursday, 8 July to take part in this important conversation.
Kate Crawford: Atlas of AI
UTS
Hear from Kate Crawford, Honorary Professor at the University of Sydney and one of the world's foremost scholars on the social and political implications of artificial intelligence, as she joins Sydney Ideas to provide insights at the cutting-edge. Join at 6pm on Tuesday, 6 July.
Jobs
ICPC Senior Analyst or Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive senior analyst or analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.
ICPC Analyst or Senior Analyst - Cyber & technology
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional cyber-security or technology focused analyst or senior analyst to join its centre in 2021. Please note that interviews have commenced for this position and will continue until the end of June. This role will focus on policy relevant cybersecurity analysis, informed public commentary and either original data-heavy research and/or technical analysis. Analysts usually have around 7-15 years work experience. Senior analysts usually have a minimum of 15 years relevant work experience and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.