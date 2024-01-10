Good morning. It's [[Wednesday 10th January]].

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Twitter and LinkedIn.

The US Securities and Exchange Commission said it had not yet granted approval of spot-Bitcoin exchange-traded funds, and that a post that appeared on the regulator’s official X account was untrue. The New York Times

A U.S. congressional committee has asked the Commerce Department to look into whether a giant technology company controlled by the ruling family of the United Arab Emirates should be put under trade restrictions because of its ties to China. The New York Times

After years of wrangling, a global minimum corporate tax rate of 15 per cent is finally in effect. These groundbreaking new rules were driven by the desire to prevent big companies, often in the tech sector, from flocking to tax havens or jurisdiction shopping. There are a host of public policy solutions that the anticipated $220bn in annual collection can help address. But even though the ink on the treaty is barely dry, it is time to start talking about a new one: targeted at artificial intelligence companies. The Financial Times

World

Journalism, media, and technology trends and predictions 2024

Reuters Institute for the Study of Journalism

Nic Newman

The disruptive power of artificial intelligence (AI) will sweep through the information space this year at a time of intense political and economic volatility around the world. The implications for the reliability of information, and the sustainability of the mainstream media are likely to be profound in a year that sees critical elections due in more than 40 democracies, with wars continuing to rage in Europe and the Middle East. Against that background – and with one forecast suggesting that the vast majority of all internet content will be synthetically produced by 2026 – journalists and news organisations will need to rethink their role and purpose with some urgency.

Top 10 Cyberattacks of 2023

MSSP Alert and CyberRisk Alliance

Jim Masters

These incursions into business and government’s most sensitive and critical information and data foreshadow a new year when we can expect even more ransomware, malware, phishing — you name it — attacks. More than ever, MSSPs, MSPs and all cybersecurity providers will need to raise their game to protect their customers, themselves included, from the endpoint and beyond. Here are the top 10 cyberattacks MSSP Alert covered in 2023, including some (dis) honourable mentions.

Australia

Thousands of fake online stores impersonating prominent brands luring unsuspecting shoppers

News.com.au

Shannon Molloy

Australian bargain-hunters are being warned to take care when splashing their cash online, with a surge in the number of dodgy shops swiping credit card details and personal information. A sweep by a top online security firm has uncovered several thousand fake storefronts for countless iconic retailers, from shoemaker Doc Martens to uber-chic fashion house Loewe and high-end designer Prada.

The Iconic promises refunds after a spate of fraudulent transactions on customer accounts

ABC News

Kate Ainsworth

Online retailer The Iconic has vowed to refund customers who have been left out of pocket by thousands of dollars after their accounts were compromised and fraudulent orders were made without their permission.

China

China says it cracked Apple AirDrop to identify message sources

Bloomberg

Bloomberg News

As part of broader efforts to root out undesirable content, Beijing's government claims a Chinese state-backed institution has devised a way to identify users who send messages via Apple Inc.’s popular AirDrop feature.

China seeks to ease video game industry’s fears of another crackdown

Financial Times

Qianer Liu

Beijing is acting quickly to ease fears of another regulatory crackdown on China’s video game industry, including firing a prominent official and convening consultations on new measures at short notice, according to people familiar with the matter. Shares in the leading online gaming companies Tencent and NetEase fell sharply last month after the National Press and Publication Administration proposed guidelines that suggested much tighter controls on the world’s largest gaming market.

Asia’s data centre landscape is red hot but increasingly complex

Financial Times

Cissy Zhou

The rise of artificial intelligence is fuelling massive demand for data centres in Asia, but multinational companies face a dilemma when it comes to settling on their locations. It makes economic sense to build a consolidated facility in one country that can serve multiple markets, but governments in the region are increasingly restricting cross-border data flows. China and Vietnam in particular have tightened their data regulations in the name of national security.

USA

How a hack of the S.E.C.’s social media account caused a Bitcoin frenzy, briefly

The New York Times

The US Securities and Exchange Commission said it had not yet granted approval of spot-Bitcoin exchange-traded funds, and that a post that appeared on the regulator’s official X account was untrue. The post, which included a fake comment purporting to be from SEC Chair Gary Gensler, briefly fueled a jump in the price of Bitcoin. Traders have been speculating for weeks that the agency could approve several of the products as soon as Wednesday. Gensler said from his own X account that the regulator’s account had been “compromised,” an unauthorized statement was posted and that the agency hadn’t taken action.

Lawmakers push U.S. to consider trade limits with A.I. giant tied to China

The New York Times

Edward Wong, Mark Mazzetti and Paul Mozur

A U.S. congressional committee has asked the Commerce Department to look into whether a giant technology company controlled by the ruling family of the United Arab Emirates should be put under trade restrictions because of its ties to China..It has signed recent agreements with prominent American technology companies, including Microsoft, Dell and OpenAI. A Silicon Valley chip firm, Cerebras, is building a supercomputer for G42 to create and power A.I. products..The congressional committee said it had reviewed documents showing that the chief executive of G42, Peng Xiao, “operates and is affiliated with an expansive network of companies that materially support” the Chinese military’s technological advancement as well as human rights abuses.

Age-old problems to sharing cyber threat info remain, IG report finds

CyberScoop

Christian Vasquez

Over-classification, a lack of policy guidance and tensions between private sector cybersecurity firms are continuing to hamper federal government efforts to share cybersecurity threat information, according to a report released Friday by the U.S. intelligence community’s top watch dog.Friday’s report, released by the Office of the Inspector General of the Intelligence Community, concludes that while federal agencies have broadly improved their ability to share threat information and defensive mitigations long-standing policy and technical concerns are providing barriers to rapid information sharing.

Elections and disinformation are colliding like never before in 2024

The New York Times

Tiffany Hsu, Stuart A. Thompson and Steven Lee Myers

A wave of elections coincides with state influence operations, a surge of extremism, A.I. advances and a pullback in social media protections.

Iowa school shooter appeared to be active on Discord and discussed ‘gearing up’ in moments before the attack

NBC News

Ben Goggin

Dylan Butler, who killed one and injured seven, also appeared to have been a part of a now-shuttered chatroom dedicated to discussing school shootings.

Congress focuses on China risk at U.S. colleges and universities

Reuters

Matthew A. Goldstein

Last year ended with a flurry of Congressional reports focused on China's state-sponsored influence and technology transfers at U.S. colleges and universities. Various recommendations made in the reports and pending measures reflect concerns with the Chinese Government's use of open research environments in the United States to circumvent export controls and other national security laws. Accordingly, Congressional proposals seek to limit access to research, expand U.S. Government oversight of partnerships with Chinese research institutions, and increase enforcement efforts. These measures raise the potential for changes that may significantly impact colleges and universities in the new year.

Kemba Walden to helm new Paladin cyber research and advocacy institute

The Record by Recorded Future

Suzanne Smalley

Kemba Walden, the former acting national cyber director, has joined a newly formed cybersecurity research and advocacy institute launched by the cyber-focused venture firm Paladin Capital Group. Walden will serve as president of the new Paladin Global Institute, an organization Paladin said in a press release is designed to operate as a “global convening force” that will drive cybersecurity research and advocacy while establishing partnerships meant to identify and confront risks in cyber, artificial intelligence and deep tech.

South Americas

Tech Roundup: Brazil has a new cybersecurity policy

The Brazilian Report

Fabiane Ziolla Menezes

Brazil’s new national cybersecurity policy comes under military governance The day after Christmas, the Brazilian government published a decree laying out the tenets of a national cybersecurity policy and creating a committee to oversee the issue.

North Asia

S. Korea to strengthen border surveillance with AI technology

Yonhap News Agency

Chae Yun-hwan

South Korea plans to introduce artificial intelligence (AI)-powered surveillance technology in some front-line outposts to replace outdated systems and better detect threats along the border with North Korea, the state arms agency said Tuesday. The new system with enhanced monitoring capabilities will be introduced in eastern front-line general outposts (GOPs) and coastline units by the end of this year, according to the Defense Acquisition Program Administration (DAPA).

Chinese launches satellite, triggers emergency alert in Taiwan

Focus Taiwan

Taiwan's military on Tuesday afternoon sent a nationwide emergency alert message informing the public that China's government had just launched a satellite with its trajectory passing through airspace over southern Taiwan at 3:04 p.m. Tuesday. Though the message said "satellite" in Chinese, the English translation of the message was: "Missile flyover Taiwan airspace, be aware." The Ministry of National Defense later said the English version was mistaken.

Taiwan presidential candidate accuses China of election interference

Financial Times

Kathrin Hille

Lai Ching-te, the presidential candidate of Taiwan’s ruling Democratic Progressive party, has accused China of unprecedented interference in his country’s elections, in a reflection of the charged atmosphere in which voters will head to the polls on Saturday. “China meddles every time Taiwan holds elections, but this time it is the most serious we have ever seen,” Lai, who is currently Taiwan’s vice-president, told international media on Tuesday. “No matter if it is propaganda or military intimidation, cognitive warfare or fake news, they are employing it all.”

Taiwan’s early warning for the future of tech

Council on Foreign Relations

Moira Whelan

Taiwan faces online threats in the run up to its January 13 election. Companies, governments, and civil society need to work together to defend against the growing influence of digital authoritarianism in Taiwan and worldwide.

Southeast Asia

New $20m project by British and Singapore researchers to improve healthcare cyber security

The Straits Times

Lee Li Ying

Hackers targeting life-saving healthcare devices like pacemakers is not just science fiction, but could become reality in the not-so-distant future as medical devices become more connected. To prepare for such scenarios and more, scientists from Imperial College London and Nanyang Technological University (NTU) will embark on a $20 million programme to improve the cyber security of medical devices.

Ukraine - Russia

Exclusive: Russian hackers were inside Ukraine telecoms giant for months

Reuters

Tom Balmforth

Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a "big warning" to the West, Ukraine's cyber spy chief told Reuters. The hack, one of the most dramatic since Russia's full-scale invasion nearly two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from Dec. 12.

Ukraine is on the front lines of global cyber security

Atlantic Council

Joshua Stein

Ukraine is currently on the front lines of global cyber security and the primary target for groundbreaking new cyber attacks. While identifying the exact sources of these attacks is necessarily difficult, few doubt that what we are witnessing is the cyber dimension of Russia’s ongoing invasion of Ukraine.

UK

MoD has weakest IT security in Whitehall with 11 ‘red-rated’ systems

The Telegraph

Dominic Penna

The Ministry of Defence (MoD) has the most vulnerable IT security in Whitehall, it can be revealed, with 11 “red-rated” systems exposed to “critical” levels of risk. New figures have shown that a total of 34 systems currently in operation across government departments have been given the worst-possible score. The “red rating” is the highest-possible score given by experts to equipment that is exposed to critical levels of risk, including potential security breaches, as well as being operationally inefficient and unsuitable for day-to-day business needs.

British library cyber clean-up cost may be 10x the ransom it refused to pay

Cyber Daily

Daniel Croft

The London-based library is responsible for storing over 150 million items, 13.5 million of which are printed books, making it one of the largest libraries in the world. The attack was claimed by the Rhysida ransomware group last year, which gave the library just a week to pay £600,000 (roughly A$1.14 million); otherwise, it said it would sell the data, which included passports and employment documents, to a third party.

Ofcom poaches Big Tech staff in push to enforce new internet curbs

Financial Times

Cristina Criddle

Ofcom has been poaching staff from Big Tech companies as the UK media watchdog prepares to enforce one of the world’s toughest new regulatory regimes for the internet. The regulator has created a new team of nearly 350 people dedicated to tackling online safety, including new hires from senior jobs at Meta, Microsoft and Google. Ofcom also aims to hire another 100 this year, it said.

NZ & Pacific Islands

PNG ICT minister Timothy Masiu reflects on pivotal year, charts vision for 2024

Papua New Guinea today

Minister Masiu lauded the significant milestones achieved in 2023, notably the enactment of the Digital Government Act 2022, paving the way for the creation of the Government Technology Stack. This groundbreaking initiative facilitated a remarkable 40% adoption rate of government cloud-based shared services, revolutionizing administrative processes.

Big Tech

YouTube is cracking down on AI-generated true crime deepfakes

The Verge

Mia Sato

YouTube is updating its cyberbullying and harassment policies and will no longer allow content that “realistically simulates” minors and other victims of crimes narrating their deaths or the violence they experienced.

Trend Micro says learning technical skills is just one part of becoming a cyber expert. Here’s how its skills program is training the next generation

Fortune

Preston Fore

The size of the workforce is about 5.5 million strong, predicts cybersecurity certification nonprofit, ISC2. But, in order to have a digital world that is sufficiently protected, the industry needs to nearly double, with ISC2 noting in its 2023 workforce study that 4 million cybersecurity experts are needed globally. Trend Micro is in part trying to alleviate the growing skills gap—as well as increase diversity in the field—through its Next-Gen Cyber Defenders program, a free 10-week, mostly in-person skills training experience.

Google faces $1.67 bln damages demand at AI-related patent trial

Reuters

Blake Brittain and Nate Raymond

Alphabet's Google went before a federal jury in Boston on Tuesday to argue against a computer scientist's claims that it should pay his company $1.67 billion for infringing patents that allegedly cover the processors used to power artificial intelligence technology in Google products.

TikTok owner ByteDance in talks with Tencent, others to sell gaming assets

Reuters

Josh Ye

TikTok owner ByteDance said on Tuesday it is in talks with multiple prospective buyers of its gaming assets, including the world's largest video games company, Tencent (0700.HK), as the Chinese social media firm retreats from the gaming industry.

How Google perfected the web

The Verge

The web is filled with content designed for Google, not humans.

Mayo Clinic pairs with Cerebras Systems to help develop AI for health care

Reuters

Stephen Nellis

The Mayo Clinic, a nonprofit medical center based in Rochester, Minnesota, on Monday said it will partner with Silicon Valley startup Cerebras Systems to develop artificial intelligence (AI) models for the health care industry. The Mayo Clinic, which has three major campuses in the U.S. in addition to locations in the U.K. and United Arab Emirates, will use computing chips and systems from Cerebras to tap into decades of anonymized medical records and data to develop its own AI models.

Artificial Intelligence

Artificial Intelligence’s threat to democracy

Foreign Affairs

Jen Easterly, Scott Schwab, and Cait Conley

US - Generative artificial intelligence—AI that can create new text, images, and other media out of existing data—is one of the most disruptive technologies in centuries. With this technology now more available and powerful than ever, its malicious use is poised to test the security of the United States’ electoral process by giving nefarious actors intent on undermining American democracy—including China, Iran, and Russia—the ability to supercharge their tactics. Specifically, generative AI will amplify cybersecurity risks and make it easier, faster, and cheaper to flood the country with fake content.

It’s already time to think about an AI tax

Financial Times

Marietje Schaake

Jobs will be displaced or erased by the next chapter of the tech revolution, and companies must share the social costs. Without intervention, the next chapter of the technological revolution risks once again privatising profits while pushing the costs of mitigating its harms onto the public. Paying for welfare and reskilling laid-off workers are not just economic downsides: they signal the kinds of societal shifts that easily lead to political unrest. For generations, work has been the foundation not just of family income but also of people’s routine and sense of purpose. Try imagining what you would do without your job. To rebalance the cost-benefit impacts of AI in favour of society — as well as to make sure the necessary response is affordable at all — taxing AI companies is the only logical step. I had not anticipated starting 2024 by agreeing with Bernie Sanders and Bill Gates, both of whom have proposed a tax on job-taking robots in the past, but here we are. An updated version of their plan, taking in generative AI’s progress, is needed.

In the race for AI supremacy, China and the US are travelling on entirely different tracks

The Guardian

Manya Koetse

Beijing set the goal of being the global AI leader by 2030, but that was before the emergence of ChatGPT. There seemed little doubt over who would win the tech race between the eagle and the dragon; but then came ChatGPT.

Algorithmic warfare: industry, government must share responsible AI burden

National Defense Industrial Association

Josh Luckenbaugh

A common question to Defense Department officials is how to ensure artificial intelligence is “responsible” enough to deploy on the battlefield. Companies developing AI systems for the military need to ask themselves this question as well. The government is realizing and reconciling itself to the fact that it is no longer the only national security stakeholder.

The state of AI regulation around the world

Tech Monitor

Livia Giannotti

With AI presenting increasingly real threats, the need for regulation is growing – but how? The potential impact of AI and tech companies on the world is growing, but policies and strategies to keep it under control differ from one area of the world to another. While the main government efforts to regulate AI are still a work in progress, here is a breakdown of the most fully-fledged regulations around the world.

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director

TechCrunch

Zack Whittaker

Nation-state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official.

Jobs

Cyber, Technology & Security Program Coordinator

ASPI CTS



Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.