Alibaba hit with record $2.8 billion antitrust fine in China | There's another Facebook phone number database online | India seeks U.S. help as China-backed hacks threaten military
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
China’s antitrust regulator imposed a fine equivalent to $2.8 billion against Alibaba Group Holding Ltd. for abusing its dominant position over rivals and merchants on its e-commerce platforms, a record penalty in the country that comes amid a wave of scrutiny on the business empire of company founder Jack Ma. The Wall Street Journal
An online tool lets customers pay to unmask the phone numbers of Facebook users that liked a specific Page, and the underlying dataset appears to be separate from the 500 million account database that made headlines this week, signifying another data breach or large scale scraping of Facebook users' data, Motherboard has found. VICE
India’s top military official says the country plans to seek help from the U.S. and other countries to shore up its defense infrastructure that is vulnerable to China-backed cyber-attacks. India is racing to develop capabilities, but even so, its critical and military systems remain highly vulnerable to breaches, Defense Chief General Bipin Rawat said at a seminar in New Delhi Wednesday. The matter was discussed during Secretary of Defense Lloyd Austin’s visit last month and it was decided to seek cooperation in the spheres of cybersecurity and artificial intelligence. Bloomberg
ASPI ICPC
The new world of ‘deep fake’: How cyber attackers impersonated senior ministers, diplomats
The Sydney Morning Herald
@Gallo_Ways
Hanson says it should be a wake-up call for a world we’re about to enter where “deep fakes” will only increase and get more sophisticated. “The way we typically verify identities is going to have to change. We just take it for granted that I can recognise your voice,” he says. “We need to be looking at an extra layer of authentication – especially for phone calls that involve commercial dealings and political dealings.
Read more about ASPI ICPC’s work on weaponised deep fakes here.
World
There's Another Facebook Phone Number Database Online
VICE
@josephfcox
An online tool lets customers pay to unmask the phone numbers of Facebook users that liked a specific Page, and the underlying dataset appears to be separate from the 500 million account database that made headlines this week, signifying another data breach or large scale scraping of Facebook users' data, Motherboard has found.
China
Alibaba Hit With Record $2.8 Billion Antitrust Fine in China
The Wall Street Journal
@QiZHAI
China’s antitrust regulator imposed a fine equivalent to $2.8 billion against Alibaba Group Holding Ltd. for abusing its dominant position over rivals and merchants on its e-commerce platforms, a record penalty in the country that comes amid a wave of scrutiny on the business empire of company founder Jack Ma.
The quiet war to become China’s next WeChat
Protocol
@shenlulushen
It's clear that the young Douyin is not content to be just an entertainment app, however lucrative that may be. Instead, it's one of several Chinese apps engaged in a quiet, high-stakes battle to become the next WeChat, a mega app that now has 1.1 billion monthly active users, 80% of China's total population.
Chinese Big Tech's shadiest practices
Protocol
@shenlulushen
The "good old days" are over. For years, Chinese authorities took what they called a "tolerant and cautious" approach to Big Tech, hoping a light touch would enable innovation and entrepreneurship. It worked for nurturing Chinese tech companies like Tencent and Alibaba, but with a huge downside: They've become behemoths that crush smaller competitors using the power of big data, algorithms and a series of unfair rules.
China launches hotline for netizens to report 'illegal' history comments
Reuters
@catecadell
China's cyber regulator has launched a hotline to report online comments that defame the ruling Communist Party and its history, vowing to crack down on "historical nihilists" ahead of the Party's 100th anniversary in July. The tip line allows people to report fellow netizens who "distort" the Party's history, attack its leadership and policies, defame national heroes and "deny the excellence of advanced socialist culture" online, said a notice posted by an arm of the Cyberspace Administration of China (CAC) on Friday.
Don’t Let China Mint the Money of the Future
Bloomberg
@nfergus
U.S. policy makers need to wake up to the potential of digital currency and electronic payments and the peril of allowing China to dominate them.
Read more about this topic in ASPI ICPC’s ‘The flipside of China’s central bank digital currency’, here.
USA
Tech Giants Won’t Name Foreign Companies They Give US ‘Bidstream’ Data To
VICE
@josephfcox
Tech giants and ad companies are likely divulging sensitive data on U.S. web users that can sometimes include their precise GPS location, browsing history, and device identifiers, as part of how the ad industry works. These companies have refused to say which foreign companies it provides the data to.
Minnesota GOP gubernatorial candidate removed from TikTok
Axios
@toreyvanoot
A Republican running for Minnesota governor was removed from TikTok following complaints that he violated the platform’s misinformation policies in his viral posts about the pandemic.
A $2 Billion Government Surveillance Lab Created Tech That Guesses Your Name By Simply Looking At Your Face
Forbes
@iblametom
It was created and patented by one of the U.S. government’s most trusted surveillance labs, the nonprofit research center Mitre Corp. The organization is like James Bond’s Q lab but for the whole of the federal government. The Virginia-based Skunk Works has in the past churned out autonomous surveillance drones, smartwatch hacking tech and tools to take fingerprints from social media images. And Forbes has found a previously unreported patent that seeks to boost facial recognition technology by guessing someone’s name by just looking at their face’s characteristics.
Truth matters: What happens when Facebook replaces local newspapers
MSNBC
@SRuhle
More than five million Americans across 200 counties don't have a local newspaper at all and Facebook groups are filling the void. NBC Senior Reporter Brandy Zadrozny shares what she found in Beaver County, PA, where a quarter of the population gets local news from one of these groups.
US arrests suspect who wanted to blow up AWS data center
The Record
@campuscodi
The FBI has arrested on Thursday a Texas man who planned to blow up one of the Amazon Web Services (AWS) data centers in an attempt to "kill of about 70% of the internet."
Rob Joyce begins as NSA’s Director of Cybersecurity
NSA
Rob Joyce started as the National Security Agency’s new Director of Cybersecurity last week. As the new Cybersecurity director, he oversees NSA’s Cybersecurity Directorate, which was established in October 2019 to prevent and eradicate cyber threats to the Department of Defense, National Security Systems, and the Defense Industrial Base.
Four Members Of Militia Group Identifying With “Boogaloo” Movement Charged With Conspiracy To Obstruct Justice By Destroying Records And Destruction Of Records
US Department of Justice
A federal grand jury has indicted four members of a militia group associated with the “boogaloo” movement in connection with a scheme to obstruct justice and destroy records to thwart the investigation and proceedings involving the May 29, 2020 shooting of federal Protective Services Officers
YouTube’s Assault on Covid Accountability
The Wall Street Journal
To hold elected representatives responsible for decisions they make, Americans need to know what those officials and their advisers are saying. That’s an essential democratic principle, and it’s as true for coronavirus response as any other policy challenge. So it’s chilling that Google’s YouTube, through its “medical misinformation policy,” appears to be systematically undermining the ability to access material in the public interest.
South-East Asia
The Milk Tea Alliance is now sweeping Asia. But what is it all about?
ABC News
@wing_kuang @erinahandley
What began as a Twitter spat over China, Hong Kong and Taiwan has evolved into a global solidarity movement against authoritarianism.
South and Central Asia
India Seeks U.S. Help as China-Backed Hacks Threaten Military
Bloomberg
@sudhiranjansen
India’s top military official says the country plans to seek help from the U.S. and other countries to shore up its defense infrastructure that is vulnerable to China-backed cyber-attacks. India is racing to develop capabilities, but even so, its critical and military systems remain highly vulnerable to breaches, Defense Chief General Bipin Rawat said at a seminar in New Delhi Wednesday. The matter was discussed during Secretary of Defense Lloyd Austin’s visit last month and it was decided to seek cooperation in the spheres of cybersecurity and artificial intelligence.
I Thought My Job Was To Report On Technology In India. Instead, I Got A Front-Row Seat To The Decline Of My Democracy.
BuzzFeed News
@PranavDixit
For more than a year, India’s government first cut off and then throttled internet access to Muslim-majority Jammu and Kashmir after unilaterally withdrawing the disputed region’s autonomy. Facebook executives reportedly shielded members of India’s ruling party from the platform’s hate speech rules to protect the company’s business interests. Right-wing trolls have used social media platforms to harass women who they say offended their religious sensibility.
Europe
Italy Blocked Chinese Semiconductor Bid, Draghi Says
Bloomberg
@chiaraalbanese @JohnFollain
Prime Minister Mario Draghi said he backs an extension of state protection for Italian businesses, after revealing that his government recently blocked a Chinese takeover of a semiconductor company.
Africa
Why Do A Bunch Of Nigerian Twitter Influencers Want This Alleged Money Launderer To Go Free? They’re Being Paid.
BuzzFeed News
@CraigSilverman
As an alleged money launderer who worked with the Venezuelan government and is fighting an extradition order to the United States, Alex Saab has some unlikely allies.
Misc
Sudden New Warning Will Surprise Millions Of WhatsApp Users
Forbes
@UKZak
A nasty new surprise for WhatsApp’s 2 billion users today, with the discovery of an alarming security risk. Using just your phone number, a remote attacker can easily deactivate WhatsApp on your phone and then stop you getting back in. Even two-factor authentication will not stop this. Here’s how the attack works.
Remote code execution vulnerability uncovered in Starbucks mobile platform
ZDNet
@SecurityCharlie
A potential remote code execution (RCE) bug has been patched in one of Starbucks' mobile domains. The US coffee giant runs a bug bounty platform on HackerOne. A new vulnerability report submitted by Kamil "ko2sec" Onur Özkaleli, first submitted on November 5 and made public on December 9, describes an RCE issue found on mobile.starbucks.com.sg, a platform for Singaporean users.
Personal data of 1.3 million Clubhouse users has reportedly leaked online days after LinkedIn and Facebook also suffered data breaches
Business Insider
@KatieCanales1
The personal data of 1.3 million Clubhouse users has leaked online on a popular hacker forum, according to a Saturday report from Cyber News. The scraped data of Clubhouse users includes names, social media profile names, and other details.
Research
The case of the missing platform policies
Platformer
@CaseyNewton
There’s plenty that scientists don’t know about the long-term effects of COVID-19 on society, but a year in at least one thing seems clear. The pandemic has been terrible for our collective mental health — and a surprising number of tech platforms seem to have given the issue very little thought.. Issues related to suicide and self-harm touch nearly every digital platform in some way. The internet is increasingly where people search, discuss, and seek support for mental health issues. But according to new research from the Stanford Internet Observatory, in many cases platforms have no policies related to discussion of self-harm or suicide at all.
No Excuse for Abuse
PEN America
@PENamerica
PEN America recommends concrete changes social media companies can make now to protect people facing online abuse, while safeguarding free expression.
Facebook’s ad algorithms are still excluding women from seeing jobs
MIT Technology Review
@_KarenHao
An audit, conducted by independent researchers at the University of Southern California (USC), reveals that Facebook’s ad-delivery system shows different job ads to women and men even though the jobs require the same qualifications. This is considered sex-based discrimination under US equal employment opportunity law, which bans ad targeting based on protected characteristics. The findings come despite years of advocacy and lawsuits, and after promises from Facebook to overhaul how it delivers ads.
Chinese Companies Active in the Architecture of Open RAN
RWR Advisory Group
On April 1, 2021, RWR Advisory Group published its latest report, entitled, “Chinese Companies Active in the Architecture of Open RAN,” which highlights the role played by Chinese state-owned (and other higher risk, China-domiciled) companies in a new solution being pursued by wireless communication service providers to construct 5G wireless networks.