Alex Joske on Chinese spy defection | How the Marcoses are using social media | What do we know about cyber escalation?
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
It was early October when Alex Joske picked up the phone to learn that a Chinese spy had decided to defect. Over the next few weeks, he played a small role working with 60 Minutes to help verify and analyse Wang Liqiang’s claims – and eventually meet Wang himself. SMH.
Massive amounts of propaganda and targeted disinformation produced and amplified by an extensive network of websites, Facebook pages and groups, YouTube channels, and social media influencers appear to be part of a systematic campaign to burnish the image of the Marcoses and pave the way for their further rise in Philippine politics. Rappler.
Do cyber operations alter how states respond to international crises in a way that creates incentives for decision makers to cross the Rubicon and use military force to settle disputes? The answer is surprising: no. Based on the evidence, cyber operations offer a valuable escalatory offramp. Atlantic Council.
ASPI ICPC
Defections are messy and we may never know the full story
SMH
@alexjoske
But as I dug further into his statement, it was possible to find support for some claims. Wang claims that Xiang Xin, a wealthy businessman he worked for, is at the centre of a military intelligence network and was sent to Hong Kong by a defence technology agency called COSTIND ahead of the 1997 handover. COSTIND is a now-defunct defence agency that was tasked with modernising China’s military technology. It sought to strengthen China’s defence innovation system, and also played a central role in the pilfering and collection of foreign defence technology.
Event: Launch of China Defence Universities Tracker
ASPI's International Cyber Policy Centre invites you to attend the launch of the 'China Defence Universities Tracker’ on November 26. The tracker is a comprehensive resource on the defence and security links of over 160 Chinese universities and research institutions. The tracker will take the form of a publicly available website accompanied by a report that explains the database’s findings and recommends policies in response to them. The project aims to improve the ability of governments, universities and researchers to understand collaboration with the PRC and raise the standard of risk-management and due-diligence work carried out by universities.
Wang Liqiang is believed to be the first operative from the country to blow his cover, and is seeking urgent protection (Credit: Steven Siewert). Source.
Banning Huawei may not be enough, warns Japanese strategist
SMH
@daniellescave @chrizap
Australian Strategic Policy Institute cyber policy analyst Danielle Cave said Australia’s ban reflected the strategic outlook of the nation. “Other states might be more comfortable taking on larger chunks of risk to work with high-risk vendors in 5G (and in other technologies like smart cities), but given Australia’s place in the world and its strategic outlook in the Indo-Pacific, Australia’s risk calculus will not be exactly the same as all countries in Europe, for example. “This ban means the government has put itself in the best position to protect Australia’s critical national infrastructure, regardless of the decisions made by other governments around the world,” she said.
Fear of Internet Censorship Hangs Over Hong Kong Protests
IEEE Spectrum
@elisethoma5 @jeremyhsu
“Short-term blocking of specific websites would be unlikely to have a massive impact; an Internet shut-down, however short, would presumably be catastrophic for business confidence,” says Elise Thomas, a cybersecurity researcher at the Australian Strategic Policy Institute. “A long-term Great Firewall would force other parts of the network in the region to adapt and move away from Hong Kong.”
World
What do we know about cyber escalation? Observations from simulations and surveys
Atlantic Council
Do cyber operations alter how states respond to international crises in a way that creates incentives for decision makers to cross the Rubicon and use military force to settle disputes? This question is central to current cyber strategy debates and the idea of persistent engagement and defending forward in cyberspace. The answer is surprising: no. Based on the evidence, cyber operations offer a valuable escalatory offramp.
Australia
Why SA made its single govt website more like taste.com.au
IT News
@justinrhendry
While some jurisdictions have moved away from the concept of a single, whole-of-government website in recent years, the South Australian government is doubling down on its offering, sa.gov.au.
China
Exposed: China’s Operating Manuals for Mass Internment and Arrest by Algorithm
ICIJ
@BethanyAllenEbr
A new leak of highly classified Chinese government documents has uncovered the operations manual for running the mass detention camps in Xinjiang and exposed the mechanics of the region’s Orwellian system of mass surveillance and “predictive policing.”
Data leak reveals how China 'brainwashes' Uighurs in prison camps
BBC
Leaked documents detail for the first time China's systematic brainwashing of hundreds of thousands of Muslims in a network of high-security prison camps.
[Podcast] Mustang Panda leverages Windows shortcut files — Research Saturday
The CyberWire
Researchers at Anomali have been tracking China-based threat group, Mustang Panda, believing them to be responsible for attacks making clever use of Windows shortcut files.
USA
How a Facebook Employee Helped Trump Win—But Switched Sides for 2020
WSJ
@dseetharaman
James Barnes is now focused on using digital-ad strategies to try to get Trump out of office.
This is how the Trump administration has been quietly erasing LGBT issues
Pink News
@lilylwakefield
Researchers have revealed that under the Trump administration LGBT+ language, data, resource pages and anti-discrimination information has been disappearing from government websites.
Authorities Arrest Alleged Member of Group That Hacked Jack Dorsey
Vice
@josephfcox
Authorities have arrested an individual who is allegedly part of The Chuckling Squad, a hacker group that in August compromised the Twitter account of Twitter CEO Jack Dorsey, according to law enforcement and criminal sources. The group also claimed responsibility for hacks of other celebrities, including actress Chloë Grace Moretz.
110 Nursing Homes Cut Off from Health Records in Ransomware Attack
Krebs on Security
@briankrebs
A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this incident could soon lead not only to the closure of her business, but also to the untimely demise of some patients.
Asia
How the Marcoses are using social media to reclaim Malacañang
Rappler
@gemmabmendoza
Massive amounts of propaganda and targeted disinformation produced and amplified by an extensive network of websites, Facebook pages and groups, YouTube channels, and social media influencers appear to be part of a systematic campaign to burnish the image of the Marcoses and pave the way for their further rise in Philippine politics.
Central Asia
Extensive hacking operation discovered in Kazakhstan
ZD Net
@campuscodi
Researchers say an advanced hacking group has been using custom-developed hacking tools, expensive surveillance kits, mobile malware, and radio communications interception hardware to spy on Kazakhstan targets.
UK
The Brexit Party is going all out to attack Labour on Facebook
Wired UK
@Gmvolpi
While the factcheckUK Twitter debacle proved an alarmingly dystopian distraction, the biggest digital battleground of the past week was still Facebook: all the major parties significantly cranked up their ad outputs – in some cases by over 1,000 per cent. We worked with CrossCheck, a collaborative reporting network led by First Draft, to assess whatever is taking place in FacebookAd-land.
UK Conservatives turn fake news into a policy platform
FT
@robertshrimsley
The Conservatives have been hoaxing their way across the web in recent days in some jolly unsporting ways. First they renamed a party Twitter feed Factcheck UK and used it during the televised leaders’ debate to offer what was meant to look like independent verification on Boris Johnson and Jeremy Corbyn’s utterances. Then they created a fake website for those searching for Labour’s manifesto and paid for Google ads to put it at the top of search results.
Boris Johnson said the Twittersphere was 'not really my province' (AP). Source.
Boris Johnson left tongue-tied when quizzed on FactcheckUK as he insists Twitter is 'not really my province'
The Standard
Responding to the question after delivering the Conservative Party manifesto at an event in Telford, Mr Johnson said: "Well, I'm afraid, Rowena, the Twittersphere is not really my province." After some hesitation, he added: "I'm informed that Labour have some sort of operation which is, er, very similar to this but, um, what I, um, well I haven't followed this Twitter stuff with perhaps the attention that you would like Rowena."
An ex-Vote Leave staffer is running Facebook ads pushing the Greens
Wired UK
@Gmvolpi
Green Party activists in Cambridge have complained that a little-known campaigning group managed by Vote Leave’s former chief technology officer is “pretending” to be the Green Party by buying Facebook ads encouraging people to vote for the Greens.
Europe
EU countries back tough line on 5G suppliers in potential blow to Huawei
Reuters
@fooyunchee
EU countries on Friday endorsed a tough line for selecting 5G suppliers, including vetting the domestic legal framework to which they are subjected, potentially dealing a blow to telecoms equipment market leader Huawei Technologies.
Merkel’s Coalition Government Faces Test Over Huawei Dispute
WSJ
@bopanc
Chancellor Angela Merkel was handed a damaging defeat at her party’s annual convention over her plans to allow China’s Huawei Technologies Co. to build Germany’s next-generation 5G mobile network.
Misc.
Facebook built a facial recognition app for employees
CNet
@QWongSJ
The discontinued app could identify employees and their friends who had enabled facial recognition, Facebook said.
The Architect of Modern Algorithms
Quanta Magazine
Barbara Liskov pioneered the modern approach to writing code. She warns that the challenges facing computer science today can’t be overcome with good design alone.