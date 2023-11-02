Good morning. It's Friday 3rd November.

Unknown hackers are targeting users in Saudi Arabia, Yemen and Azerbaijan with spying malware distributed through user-created WhatsApp mods that customize or add new features to the service. The Record by Recorded Future

The British Prime Minister Rishi Sunak on Thursday said that under a new agreement “like-minded governments” would be able to test eight leading tech companies’ AI models before they are released. POLITICO

Science and Industry Minister Ed Husic has signed a new national co-operation statement with his United Kingdom counterpart, to facilitate more investment, research exchange and expertise sharing in the rapidly growing field of quantum computing. Australian Financial Review

ASPI

China critic says he’s the target of deepfake ’spamouflage’ attack by Beijing

Vancouver Sun

Pauline Macaraeg

An undated still image shows a scene from what the Australian Security Policy Institute think-tank says is a deepfake video made to resemble Liu Xin, a prominent online critic of China's government who is based in Burnaby, B.C. Global Affairs Canada says it's part of a "spamouflage" misinformation campaign that is likely connected to China.

Australia

Australia and UK sign quantum computing accord

Australian Financial Review

Paul Smith

Science and Industry Minister Ed Husic has signed a new national co-operation statement with his United Kingdom counterpart, to facilitate more investment, research exchange and expertise sharing in the rapidly growing field of quantum computing. In an agreement announced alongside the ongoing international artificial intelligence summit in the UK, Mr Husic and UK Secretary of State for science, innovation and technology Michelle Donelan released the statement they said would support joint activities under the Australia-UK Cyber and Critical Technology Partnership and the Australia-UK Free Trade Agreement.

Australian academics apologise for false AI-generated allegations against big four consultancy firms

The Guardian

Henry Belot

A group of academics has offered an unreserved apology to the big four consultancy firms after admitting they used artificial intelligence to make false allegations of serious wrongdoing in a submission to a parliamentary inquiry. The accusations have been met with scorn by the firms, concerned that inaccurate information has been given parliamentary privilege to unfairly tarnish the reputation of its staff.

Cyber criminals to target small business

The Australian

Jess Malcolm

Small to medium businesses are facing an increased risk of cyber attacks as larger organisations harden their defences against malicious data breaches, prompting cyber criminals to look for softer targets. A new report by CyberCX has sounded the alarm on a growing threat of cyber attacks facing small businesses as larger companies acquire more sophisticated defences against cyber attacks.

Actor and Sydney peace prize winner Nazanin Boniadi urges Australia to sanction key Iranian officials

The Guardian

Tory Shepherd

An Australian-educated Iranian government minister behind internet shutdowns in Iran should be sanctioned, the winner of the 2023 Sydney peace prize, Nazanin Boniadi, says. She says Australia should sanction Iran’s communications minister, Eisa Zarepour, who did his PhD at the University of New South Wales. He has already been sanctioned by the United States and the European Union. Parts of the internet have been shut off during Iran’s protest movement, and that allows the regime to “kill in the dark”, Boniadi says.

Australian intelligence needs a better strategy to meet its recruiting challenge

The Strategist

Meg Tapia

Australia relies on the professional workforce of its national intelligence agencies to collect, assess and disseminate the intelligence critical to Australia’s interests. They need the right professionals—and enough of them—to run the intelligence effort effectively. But imagine having the most interesting job in the world, yet when you applied you didn’t know what you were applying for. And then once you were hired, you couldn’t tell anyone what you did for a living.

China

Chinese scientists create chip that can perform AI task 3,000 times faster than Nvidia’s A100

South China Morning Post

Zhang Tong

Chinese scientists have produced a chip that is significantly faster and more energy efficient than current high-performance AI chips when it comes to performing some tasks such as image recognition and autonomous driving, according to a new study. Although the new chip cannot immediately replace those used in devices such as computers or smartphones, it may soon be used in wearable devices, electric cars or smart factories and help boost China’s competitiveness in the mass application of artificial intelligence.

USA

DOJ and Pentagon email breach impacted around 632,000 federal employees

Clearance Jobs

Peter Suciu

Russian hackers compromised the email addresses of about 632,000 employees from the United States Department of Defense and Department of Justice. Bloomberg first reported the news of the breach on Monday. The breach occurred on May 28 and 29 according to a new report obtained through the Freedom of Information Act – and it has been classified as a “major incident,” yet the exposed material was not classified and has been described as “generally of low sensitivity.”

US hospital groups sue Biden administration to block ban on web trackers

Reuters

Diana Novak Jones

The biggest U.S. hospital lobbying group on Thursday sued the Biden administration over new guidance barring hospitals and other medical providers from using trackers to monitor users on their websites. The American Hospital Association, along with the Texas Hospital Association and two nonprofit Texas health systems, filed a lawsuit against the U.S. Department of Health and Human Services in federal court in Fort Worth, Texas. The lawsuit accuses the agency of overstepping its authority when it issued the guidance in December.

Scarlett Johansson hits AI app with legal action for cloning her voice in an ad

The Verge

Emma Roth

Scarlett Johansson is taking legal action against an AI app developer for using her name and likeness in an online ad, according to a report from Variety. The ad was for an AI image editor, called Lisa AI: 90s Yearbook & Avatar, and featured an AI-generated version of Johansson’s voice.

North Asia

Japan to offer surveillance radars to Philippines

Japan Times

Japan plans to provide surveillance radars to the Philippines under Tokyo's official security assistance program, government sources said Wednesday. The Philippines is expected to become the first country to receive aid under the program, which was introduced in fiscal 2023.

Southeast Asia

How pro-China propaganda is seeded online in the Philippines

Rappler

Pauline Macaraeg

A pro-China network on Facebook has been spreading propaganda and disinformation for years. The actors in this community are getting away with it by claiming academic expertise and legitimacy. This story used findings from a study conducted by TheNerve for Internews.

South & Central Asia

‘Vague’ iPhone alert triggers serious accusations of spying in India

The New York Times

Alex Travelli and Suhasini Raj

More than a dozen iPhones across India buzzed with the same message earlier this week. Each notification sounded its own little alarm, but was amplified many times over when the targets identified themselves publicly. Most were prominent political opponents of Prime Minister Narendra Modi and his Bharatiya Janata Party. The warning on their phones, sent by Apple on Monday, seemed stark: “State-sponsored attackers may be targeting your iPhone,” it said in part. But these so-called threat notifications could, by Apple’s own admission, be a false alarm, and Mr. Modi’s government dismissed allegations that it was spying on the opposition, journalists and critics, as some speculated.

Europe

EU urged to drop new law that could allow member states to intercept and decrypt global web traffic

The Record by Recorded Future

Alexander Martin

More than 300 of the world’s most respected cybersecurity experts have written to European Union lawmakers to warn that a proposed legal reform that may soon become law could fundamentally undermine security online. A similar joint letter has been sent by industry organizations — including the Linux Foundation, Cloudflare, and Mozilla — telling the EU lawmakers that the proposed regulations are a “dangerous intervention” that risk breaking the fragile system of trust that underpins the use of cryptographic certificates on the web.

German startup to launch rockets from Norway in first for Europe

Bloomberg

Kate Duffy

German startup Isar Aerospace set plans to test-launch a rocket into space from Norway next year, a project which would give continental Europe its first spaceport for orbital missions. The initial flight is planned for Andoya Spaceport, on an island off of Norway, Isar and Andoya Space said Thursday in a statement. Isar plans to launch satellites from the facility, providing a regional counterbalance to US players like SpaceX.

Middle East

Arabic-speaking WhatsApp users targeted with spyware

The Record by Recorded Future

Daryna Antoniuk

Unknown hackers are targeting users in Saudi Arabia, Yemen and Azerbaijan with spying malware distributed through user-created WhatsApp mods that customize or add new features to the service. In the latest campaign, researchers at the cybersecurity firm Kaspersky discovered previously harmless WhatsApp mods that had been injected with malicious code designed to spy on Android users in Arabic and Azeri-speaking countries.

Adobe is selling fake AI images of the war in Israel-Gaza

Crikey

Cam Wilson

Adobe is selling artificially generated, realistic images of the Israel-Hamas war which have been used across the internet without any indication they are fake. As part of the company’s embrace of generative artificial intelligence, Adobe allows people to upload and sell AI images as part of its stock image subscription service, Adobe Stock. Adobe requires submitters to disclose whether they were generated with AI and clearly marks the image within its platform as “generated with AI”. Beyond this requirement, the guidelines for submission are the same as any other image, including prohibiting illegal or infringing content.

Israel-Gaza war sparks debate over TikTok’s role in setting public opinion

The Washington Post

Drew Harwell and Taylor Lorenz

The Israel-Gaza war has again placed TikTok at the center of a heated argument over the globally dominant social media app’s risks and power, with critics saying the popularity of pro-Palestinian videos on the app is more evidence that it should be banned across the United States.

TikTok denies pushing pro-Palestine content

Reuters

Sheila Dang

Short-form video app TikTok said on Thursday that a hashtag expressing support for Israel in its war against Hamas has received more views than a pro-Palestine hashtag, refuting accusations the platform has pushed content in support of Palestine. In a blog post, TikTok said U.S. views of the hashtag "standwithisrael" garnered 46 million views between Oct. 7 and Oct. 31, compared with 29 million views of the hashtag "standwithpalestine" over the same period.

Hacker collectives take sides in the Mideast crisis

DFR Lab

Ruslan Trad

The intertwining of geopolitics and cyber warfare underscores the evolving nature of conflict, with Hamas-linked hacker activities serving as a testament to this shift. This includes attracting hacker collectives from around the world; whether motivated by ideology, personal convictions, or broader political agendas, hacktivists have sought to offer their support either directly to Hamas, or as a show of solidarity with Palestinians more broadly. To a lesser degree, there is also an element of “clout chasing,” with some groups engaging in cyber-related activity to generate greater visibility for themselves and expand their influence in the hacker community.

Big Tech

Microsoft upgrades security for signing keys in wake of Chinese breach

CyberScoop

Elias Groll and AJ Vicens

Microsoft announced on Thursday that it will update security protections for signing keys after coming under criticism from policymakers that deficient security controls allowed Chinese hackers to steal an encryption key, an incident that facilitated an espionage campaign targeting senior U.S. officials. To combat hacking campaigns targeting the identity of users, Microsoft said it would move signing keys into a so-called “hardware security module,” which is a specialized piece of equipment used to store sensitive encryption keys.

HBO boss admits using fake social media accounts to bash TV critics

Financial Times

Anna Nicolaou

The head of HBO has admitted to creating fictitious social media accounts to push back on criticism of the network’s shows, describing the move as a “very dumb idea to vent my frustration”. Bloys, a respected media executive who is credited for hits such as The White Lotus and Succession, came under fire this week after messages he sent were unearthed as part of a wrongful termination lawsuit filed against HBO by a former staffer.

Artificial Intelligence

British PM Rishi Sunak secures ‘landmark’ deal on AI testing

POLITICO

Vincent Manancourt

The British Prime Minister Rishi Sunak on Thursday said that under a new agreement “like-minded governments” would be able to test eight leading tech companies’ AI models before they are released. Closing out the two-day artificial intelligence summit in Bletchley Park on Thursday, Sunak announced the agreement signed by Australia, Canada, the European Union, France, Germany, Italy, Japan, Korea, Singapore, the U.S. and the U.K. to test leading companies’ AI models.

Education will blunt AI risk to jobs, says Rishi Sunak

BBC

Paul Seddon and Becky Morton

People should not be worried about the impact of AI on jobs because education reforms will boost skills, Rishi Sunak has said. Speaking after the UK's first AI safety summit, the prime minister said the technology would improve the economy in the long term. He added that new tools should be seen as a "co-pilot" to help people at work, rather than replacing them.

What will Elon Musk and Rishi Sunak talk about in their AI chat?

New Scientist

Chris Stokel-Walker

The UK’s AI Safety Summit closes today, with UK prime minister Rishi Sunak convening a small group of world and business leaders to discuss the risks of AI. But perhaps the most surprising development is a conversation due to take place this evening between Sunak and entrepreneur Elon Musk.

‘Existential to who?’ US VP Kamala Harris urges focus on near-term AI risks

POLITICO

Vincent Manancourt, Eugene Daniels and Brendan Bordelon

U.S. Vice President Kamala Harris urged the international community Wednesday to focus on the “full spectrum” of artificial intelligence risks, and not just far-off existential threats from the emerging tech. Speaking at the U.S. Embassy in London as British Prime Minister Rishi Sunak’s AI Safety Summit kicked off 50 miles away at Bletchley Park, Harris nodded to the existential risks such as AI being used to create bioweapons and launch cyberattacks that are the focus of Britain’s summit.

Governments used to lead innovation. On AI, they’re falling behind.

The Washington Post

Anthony Faiola and Cat Zakrzewski

As countries from six continents concluded a landmark summit on the risks of artificial intelligence at the same historic site as the British code breakers Thursday, they faced a vexing modern-day reality: Governments are no longer in control of strategic innovation, a fact that has them scrambling to contain one of the most powerful technologies the world has ever known.

AI facial recognition scanned millions of driver licences. Then an innocent man got locked up

ABC News

James Purtill

Robert Williams' arrest in January 2020 was the first documented US case of a person being wrongfully detained based on facial recognition technology. When the officers knocked on his door, police departments were in the midst of a technological revolution. A new kind of powerful AI was driving a rollout of facial recognition in law enforcement.

Misc

Do government sanctions against ransomware groups work?

TechCrunch

Carly Page

Earlier this year, the U.S. government imposed sanctions against Russian national Mikhail Matveev, an FBI most-wanted cybercriminal, who authorities accuse of being a “prolific ransomware affiliate” involved in cyberattacks in the United States and overseas. Authorities say Matveev played a major role in the development and deployment of the Hive, LockBit and Babuk ransomware variants, and is said to have ties to the notorious Conti hacking group. Matveev was allegedly involved in the high-profile ransomware attack on Costa Rica, which sought a $20 million ransom demand (and the overthrowing of the government), and claimed responsibility for a 2021 cyberattack on Washington, D.C.’s police department.

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.