A deep dive into Russia's Sandworm cyberwarfare | Disinfo efforts around US election kicking into gear | Dive into the invisible seafaring industry that fixes undersea cables
Good morning. It's Thursday April 18th.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
Sponsored by Russian military intelligence, APT44 is a dynamic and operationally mature threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations. Google Mandiant
“Messaging regarding Ukraine — via traditional media and social media — picked up steam over the last two months with a mix of covert and overt campaigns from at least 70 Russia-affiliated activity sets we track,” Microsoft’s Threat Analysis Center (MTAC) explained in the new report. The Record by Recorded Future
There is enough redundancy in the world’s cables to make it nearly impossible for a well-connected country to be cut off, but cable breaks do happen. On average, they happen every other day, about 200 times a year. The reason websites continue to load, bank transfers go through, and civilization persists is because of the thousand or so people living aboard 20-some ships stationed around the world, who race to fix each cable as soon as it breaks. The Verge
ASPI
ASPI was targeted by Chinese hackers. Even if you dislike us, it's gravely concerning
The Canberra Times
Justin Bassi
This is a major authoritarian power trying to intimidate, and interfere in, Australia's capacity to have open enquiry and debate about the most important of issues-our national security. It is an attack on fundamental principles that underpin a healthy democracy.
Who are the AI pimps pushing porn?
Triple J's Hack
John Coyne
An Australian man has been unmasked as an influential player in a new AI industry that harvests the content of real women to create fake influencers who push porn.
World
The invisible seafaring industry that keeps the internet afloat
The Verge
Josh Dzieza
Fortunately, there is enough redundancy in the world’s cables to make it nearly impossible for a well-connected country to be cut off, but cable breaks do happen. On average, they happen every other day, about 200 times a year. The reason websites continue to load, bank transfers go through, and civilization persists is because of the thousand or so people living aboard 20-some ships stationed around the world, who race to fix each cable as soon as it breaks.
Australia
Artificial intelligence is being used to create child abuse material, and police are worried about its spread
ABC News
Jessica Moran
Artificial intelligence is being used to generate child exploitation material. Last month, a Tasmanian man was jailed for two years for uploading and downloading child abuse material that was generated by AI. Police are hopeful of developing their own AI tools to help eliminate child abuse material.
A fake AI-generated Dr Karl is scamming Australians and the real Dr Karl can't stop it
ABC News
James Purtill
When the ABC investigated the companies behind the fake Dr Karl ads, it found a murky world of AI content, affiliated advertising, and elusive company directors with a string of companies to their names.
China
U.S. Races to secure Taiwan’s AI chips as fears of China invasion loom
The Wall Street Journal
Derek Cai
Nvidia’s AI chips are crucial to technology from smartphones to chatbots. Their production is outsourced to just one company in Taiwan. With growing fears that China may stage an invasion of the island, the U.S. is racing to secure the supply chain.
USA
Russian disinformation efforts around US elections ‘kicked into gear over the last 45 days’: Microsoft
The Record by Recorded Future
Jonathan Greig
“Messaging regarding Ukraine — via traditional media and social media — picked up steam over the last two months with a mix of covert and overt campaigns from at least 70 Russia-affiliated activity sets we track,” Microsoft’s Threat Analysis Center (MTAC) explained in the new report.
Push to crack down on TikTok gains momentum in US Congress
Financial Times
Demetri Sevastopulo
If the Senate passed the bill in the coming days, ByteDance would have to divest TikTok before the US presidential election in November. If Biden extended the deadline, it would be pushed back into the next administration.
Chinese diplomats are quietly meeting with Hill staffers about TikTok
POLITICO
Hailey Fuchs
The Chinese Embassy has held meetings with congressional staff to lobby against the legislation that would force a sale of TikTok, according to two of the Capitol Hill staffers. The meetings with Hill staff were initiated by the Chinese Embassy in outreach that did not initially mention TikTok.
TikTok Mishandled The Data Of Hundreds Of Top American Advertisers
Forbes
Alexandra S. Levine
Sensitive business information from advertisers like Amazon, Disney and the New York Times was widely available to ByteDance staff across the U.S. and China, Forbes has learned.
A Cyberattack could make N.Y. state’s late budget even later
The New York Times
Grace Ashford and Claire Fahy
The early-morning attack affected the New York State Bill Drafting Commission, a little-known legislative agency responsible for writing and printing bills — temporarily disabling a critical system as the Legislature and the governor move closer to a full agreement on the state budget, now 16 days late.
Election data is vital to voting rights. So why is it so hard to track down?
Bolts Magazine
Dara Gold
Analysts spend countless hours and resources compiling the precinct-level results they need for litigation and research. They want legislation to force states to make it all accessible.
Americas
Ecuador president Noboa shuts down nation on electricity crisis
Bloomberg
Stephan Kueffner
The energy crisis comes on the heels of a security crisis and a fiscal crisis that’s sent it seeking help from the International Monetary Fund.
North Asia
Benefits and risks: AUKUS looks to take gamble on Japan
Japan Times
Gabriel Dominguez
Tokyo has made significant strides recently to bolster defense cooperation with all three AUKUS countries, including through joint military exercises, force posture agreements, industrial integration, as well as defense tech projects for counterhypersonics, next-generation air combat capabilities and unmanned systems.
Ukraine - Russia
Unearthing APT44: Russia’s notorious cyber sabotage unit Sandworm
Google Mandiant
Gabby Roncone et. al.
Sponsored by Russian military intelligence, APT44 is a dynamic and operationally mature threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations.
Ukrainian hacktivists claim to breach Russian drone developer
The Record by Recorded Future
Daryna Antoniuk
InformNapalm also claims that the Cyber Resistance leak unveils fresh details about Albatross operations, such as the identities of those engaged in assembling Russia-made Iranian drones, along with insights into the workings of the Russian special economic zone Alabuga — a purported hub of the Iran-supported effort to enhance Russia’s drone manufacturing capabilities.
Big, bold and unchecked: Russian influence operation thrives on Facebook
POLITICO
Clothilde Goujard
A well-known disinformation network is growing on Facebook by pushing pro-Kremlin narratives with ads purchased through fake accounts, just weeks ahead of Europe's major election in June, according to an investigation shared exclusively with POLITICO.
How Ukraine is keeping the power grid running amidst war with Russia
NPR
Jenna McLaughlin
An international team found a creative solution to help keep Ukraine's lights on amidst Russian attacks. That same solution could help everyone from the military to commercial pilots.
Cybersecurity investigators worry ransomware attacks may worsen as young, Western hackers work with Russians
CBS News
Bill Whitaker
Scattered Spider is one of the most sophisticated offshoots of "the Com." Their criminal exploits caught the attention of cybersecurity companies… and other hackers… including the most notorious Russian ransomware gang, BlackCat. They saw the young native English-speaking Westerners as a force multiplier. Both claimed credit for the MGM attack.
Europe
EU data protection body says Meta’s ‘pay or OK’ model is not OK
Euractiv
Julia Tar
Big online platforms will not be compliant with requirements of the EU’s data privacy regulation, the GDPR, for valid consent “if they confront users only with a binary choice” between paying for their personal data not to be processed or having this data processed, said the Board in its opinion.
The Paris Olympics’ one sure thing: cyberattacks
The New York Times
Tariq Panja
“We will be attacked,” the official responsible for fending off cyberthreats said. To prepare, organizers have been hosting war games and paying “bug bounties” to hackers.
German intel officer denies spying for Russia
DW
The former intelligence agent claimed prosecutors had it backward — he was not spying for Moscow but recruiting a Russian source to help Berlin. Carsten L. had refrained from commenting on his case until now.
Middle East
Israeli forces display power of AI, but it’s a double-edged sword
The Straits Times
Michael Raska
Integrating AI in defence is a complex issue that countries like Singapore must contend with. Israel’s recent operations show why.
Big Tech
SpaceX to shut off Starlink access for users outside availability areas
PC Magazine
Michael Kan
The decision is upsetting users based in Africa, where internet speeds are often slow. But SpaceX says it needs to crack down as it waits for regulatory approval in the affected countries.
Artificial Intelligence
AI computing is on pace to consume more energy than India, Arm says
Bloomberg
Ian King
By 2030, the world’s data centers are on course to use more electricity than India, the world’s most populous country, Haas said. Finding ways to head off that projected tripling of energy use is paramount if artificial intelligence is going to achieve its promise, he said.
So how does Tay Tay shake off digital pimps? Meet Nina Jankowicz, the digital deep-fake slayer
The Mandarin
Julian Bajkowski
“Misogyny has been normalised by politicians, by people in power, by influencers. And so when there’s no consequence for the people at the top who are doing it, we see kind of an open door for anybody else to engage in it as well,” she observes.
Misc
Human hair is the missing ingredient in the renewable energy transition
The Mandarin
Dan Holmes
By subjecting the hair to heat and pressure that simulates the geological processes that form graphite, researchers Amandeep Singh Pannu and Muhammad J A Shiddiky were able to use the carbon present in it to create battery-quality graphite.
Research
2024 AI elections tracker
Rest of World
As more than 2 billion people in 50 countries head to the polls this year, artificial intelligence-generated content is now widely being used to spread misinformation, as well as to confuse and entertain voters. Throughout 2024, Rest of World is tracking the most noteworthy incidents of AI-generated election content globally.
Events & Podcasts
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
JoiningFORCES
ASPI
The JoiningFORCES conference will explore ways to bridge national and international boundaries to deliver more joint, collective and effective defence. It will bring together government ministers, senior defence officials, leading industry figures, and international experts across the two-day event and formal dinner. We will also use collaborative wargaming and scenario exercise techniques to generate insights on enhancing regional deterrence. Our focus will be on strategic and operational level challenges and will consider the vital role of industry in delivering capability at the speed needed to meet the strategic threats Australia faces.
Jobs
Director of Cyber, Technology & Security (CTS)
ASPI
ASPI is looking for an exceptional and experienced leader to lead our largest team focused on emerging security challenges, particularly in cyberspace and the information domain. Director CTS leads ASPI’s largest team to develop and deliver a range of applied research projects on existing and emerging security challenges. CTS’ projects range across cyber and critical infrastructure security, critical and emerging technologies, national resilience and social cohesion, and hybrid threats. The closing date for applications is 22 April 2024 – an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work. The closing date for applications is 10 May 2024– an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.