ASD boss says China ‘propped the doors open’ for criminals in Microsoft hack | Combating ransomware’s a top priority for the US Senate | China’s Big Tech crackdown to protect the Communist Party
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The head of the nation’s cyber spy agency says China crossed a line in its wave of cyber attacks against Microsoft Exchange servers by allowing criminal groups and other malicious hackers to get into the networks. The Sydney Morning Herald
Leaders of the Senate Homeland Security Committee are poised to introduce legislation aimed at combatting damaging ransomware attacks and launching a probe to thwart criminal hackers who use cryptocurrency to demand and receive multimilllion-dollar ransoms. The Washington Post
The move to rein in Chinese tech giants also comes after the U.S. passed a law that bars foreign companies from trading on U.S. exchanges unless they surrender to audits. That law, the “Holding Foreign Companies Accountable Act,” could stoke the Chinese government’s fears that data on its citizens could end up in the hands of its biggest political rival. Yahoo!
ASPI ICPC
Australian Cyber Security Centre joins forces with US and UK to combat online hacking attacks
ABC Radio
@ThomasOriti
Australia has joined the United States and other allies in accusing China of engaging in "malicious cyber activities". Cyber experts have issued a worldwide warning to businesses about the danger of online hacking attacks. Fergus Hanson is the Director of the International Cyber Policy Centre at the Australian Strategic Policy Institute and he spoke to ABC NewsRadio’s Thomas Oriti.
Australia
China ‘found faulty locks and propped open the doors’ in Microsoft attack: ASD
The Sydney Morning Herald
@Gallo_Ways
The head of the nation’s cyber spy agency says China crossed a line in its wave of cyber attacks against Microsoft Exchange servers by allowing criminal groups and other malicious hackers to get into the networks.
China ‘propped the doors open’ for criminals in Microsoft hack, Australian spy agency boss says
The Guardian
@danielhurstbne
Australia’s top cyber spy says China’s actions in the hack of Microsoft Exchange email server software were akin to propping open the doors of thousands of homes and leaving them ajar for criminals to get inside.
Laws to protect critical infrastructure are attack on workers: ACTU
The Sydney Morning Herald
@Gallo_Ways
Australia’s biggest unions have joined with business groups to oppose the federal government’s new laws overhauling the management of critical infrastructure, saying the bill in its current form is poorly designed and will cost jobs.
Australia joins star wars
Cosmos Magazine
@ToryShepherd
In the face of emerging space threats, the Australian government is looking for a new ground-based Space Electronic Warfare capability.
China
China’s Big Tech crackdown is about protecting the Communist Party
Yahoo!
@DanielHowley
The move to rein in Chinese tech giants also comes after the U.S. passed a law that bars foreign companies from trading on U.S. exchanges unless they surrender to audits. That law, the “Holding Foreign Companies Accountable Act,” could stoke the Chinese government’s fears that data on its citizens could end up in the hands of its biggest political rival.
Chinese tech giants are snapping up gaming studios around the world
CNBC
@Sam_L_Shead
Questions are being asked about whether the Chinese owners of U.S. and European studios will try to influence the games they make, or indeed use them to promote Chinese values.
China targets mobile pop-ups in latest tech crackdown
The Sydney Morning Herald
@selinaxuxinyue Chika Mizuta
China ordered Tencent Holdings and 13 other developers to rectify problems related to pop-ups within their apps, adding to a wide-ranging crackdown on the country’s tech sector.
China’s Sputnik Moment?
Foreign Affairs
@danwwang
China has had a Sputnik moment in recent years—but it wasn’t prompted by AlphaGo’s victory. Rather, since 2018, tightening U.S. trade restrictions have threatened the viability of some of China’s biggest firms, fueling anxiety in Beijing and forcing Chinese companies to reinvent the U.S. technologies they can no longer access.
After the Floods, China Found a Target for Its Pain: Foreign Media
The New York Times
@LiYuan6
After extreme flooding in central China last week destroyed homes, engulfed subways and killed at least 73, the ruling Communist Party found a convenient outlet for the public’s pent-up emotions: the foreign news media.
Western investors are 'road kill' in China's war against its own tech giants
The Telegraph
Ambrose Evans-Pritchard
Xi Jingping's sole aim is to bring all centres of rival power under tight control and reassert the political monopoly of the Communist Party.
China Moves to Reassure Global Banks and Investors After Market Rout
The Wall Street Journal
@QiZHAI @qtwebb
China moved to ease investor concerns about crackdowns on listed companies, with a top regulator privately telling global financial firms that Beijing will consider the market impact before introducing future policies, people familiar with the matter said… After the meeting, and following a series of upbeat articles in state media, Chinese technology stocks listed in New York and Hong Kong jumped, helping pull broader markets higher and clawing back some of their recent steep declines.
Didi Global Considers Going Private to Placate China and Compensate Investors
The Wall Street Journal
@jingyanghk
ide-hailing giant Didi Global Inc. is considering going private in order to placate authorities in China and compensate investors for losses incurred since the company listed in the U.S. in late June, according to people familiar with the matter.
USA
The Cybersecurity 202: Combating ransomware’s a top priority for the Senate Homeland Security Committee
The Wall Street Journal
@aaronjschaffer
Leaders of the Senate Homeland Security Committee are poised to introduce legislation aimed at combatting damaging ransomware attacks and launching a probe to thwart criminal hackers who use cryptocurrency to demand and receive multimilllion-dollar ransoms.
U.S. senators urge barring Huawei, ZTE from $1.9 trillion gov't funding measure
Reuters
@davidshepardson
Two U.S. senators on Wednesday said they are introducing a measure to prohibit funds in a $1.9 trillion government funding measure from being used to purchase Chinese telecommunications equipment from Huawei, ZTE and other companies deemed U.S. security threats.
White House calls on America's most critical companies to improve cyber defences
itnews
@Bing_Chris @nanditab1
The White House is signalling to US critical infrastructure companies, such as energy providers that they must improve their cyber defenses because additional potential regulation is on the horizon.
Tony Podesta is hired to lobby by Huawei and a Bulgarian energy company.
The New York Times
@kenvogel
The Chinese telecommunications giant Huawei has hired the veteran Democratic lobbyist Tony Podesta as part of an expanded campaign to improve relations with the Biden administration. Mr. Podesta has deep connections inside the White House, including to President Biden and his close counselor Steve Ricchetti.
U.S. congressmen reach back into Cold War armory to respond to China
Reuters
@davidbrunnstrom
US President Joseph Biden signed a national security memorandum, launching a new public-private initiative that creates "performance controls" for cyber security at America's most critical companies, including water treatment and electrical power plants.
PsiQuantum Raises $450 Million to Build Its Quantum Computer
The Wall Street Journal
@SCastellWSJ
Quantum computing startup PsiQuantum Corp. has landed a $450 million investment led by funds and accounts managed by BlackRock Inc., amid increased investor interest in the next-generation computing technique.
Ticketmaster and Eventbrite are making money off a conference organized by a QAnon supporter coordinating with a QAnon militia
Media Matters for America
@AlKapDC
The event management and ticketing platforms Ticketmaster and Eventbrite are profiting from selling tickets to an upcoming conference organized by a supporter of the QAnon conspiracy theory who also has ties to a QAnon militia group. Multiple other QAnon and anti-vaccine influencers are also scheduled to attend the conference, which seemingly violates the rules of both platforms.
Meet Paragon: An American-Funded, Super-Secretive Israeli Surveillance Startup That ‘Hacks WhatsApp And Signal’
Forbes
@iblametom
Paragon Solutions doesn’t have a website. There’s very little information at all about them online, even if the Tel Aviv-based smartphone surveillance startup’s employees are all over LinkedIn, more than 50 of them. That’s not a bad headcount for a company that’s still in stealth mode.
South and Central Asia
In spats with Twitter, India's government begins messaging shift to rival Koo
Reuters
@sankalp_sp @adityakalra
Twitter Inc is fast losing its sheen as a favoured communications tool for many Indian government departments and ministers keen to promote home-grown rival Koo while the U.S. firm comes under fire for non-compliance with India's laws. The most high-profile example has been India's new IT minister Ashwini Vaishnaw. Taking office this month, he opened a new Koo account and soon after announced a review of social media firms' compliance with strict new rules - information not posted to his 258,000 Twitter followers.
UK
Ofcom appoints online safety head to take on big tech
BBC News
Regulator Ofcom has announced Anna-Sophie Harling will be its online safety principal, dealing with how the tech giants regulate harmful speech. She will be in charge of implementing the Online Safety Bill, due to come into effect later this year if approved by Parliament.
Europe
Huawei 5G: European countries playing 'politics' with network bans, Chinese company says
Euro News
@AnnabelCMurphy @jackeparrock
The decision by some EU countries to ban Huawei from supplying 5G infrastructure is based on "political motivation", the Chinese company has said, as it defended its legacy and ongoing investments in the region.
Call for Hungarian ministers to resign in wake of Pegasus revelations
The Guardian
Hungary’s opposition has called for ministerial resignations from Viktor Orbán’s far-right government over allegations it selected journalists, media owners and opposition political figures as potential targets for invasive Pegasus spyware.
Russia
Russia, US launch cybersecurity dialogue, three rounds already held, says diplomat
Tass News Agency
Russia and the US have launched bilateral cybersecurity dialogue, with three formal rounds already held, Russian Deputy Foreign Minister Sergey Ryabkov told reporters on Wednesday.
Middle East
Israeli defense minister in France with Pegasus spyware on the agenda
The Washington Post
@Rubin @michaelbirnbaum @drewharwell
Israeli Defense Minister Benny Gantz met with his French counterpart on Wednesday as Israel ramped up its investigation of a spyware firm accused of facilitating surveillance against human rights activists, dissidents, as well as world leaders, including France's Emmanuel Macron.
Misc
Criminals are using call centers to spread ransomware in a crafty scheme
CyberScoop
An ongoing ransomware campaign that employs phony call centers to trick victims into downloading malware may be more dangerous than previously thought, Microsoft researchers say.
GDPR essentials for OSINT research
Blockint
@ludoblock
In almost all OSINT activities, personal data are processed (e.g., collected, stored, analysed, reproduce) such as names, DoBs, addresses, user names, phone numbers, IP addresses, pictures etc. Data protection legislation introduced in the European Union in May 2018, the General Data Protection Regulation (GDPR) regulates the processing of personal data. And even though OSINT researchers by definition collect their data from publicly available sources, they still should comply with the GDPR where applicable. And the GDPR is applicable to OSINT research if the researcher is a) located in the EU, or b) processes personal data related to EU citizens.
Research
I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona
Proofpoint
@Joshua Miller @Michael Raggi Crista Giering
TA456, an Iranian-state aligned actor, spent years masquerading as the persona “Marcella Flores” in an attempt to infect the machine of an employee of an aerospace defense contractor with malware.
New Telegram Research Shows QAnon 'Largest Extremist Group' Online
Logically
@whoisernie
A new report from Logically and the Global Network on Extremism and Technology finds 135,000+ active QAnon members on Telegram.
From Plan to Action
Center for a New American Security
@CostelloJK @MartijnRasser @megan_lamberth
The first report in this initiative, “Taking the Helm,” makes the case for a national technology strategy and lays out what such a modern-day strategy should be.1 Its chief argument is that the United States is in a long-term, multifaceted geostrategic competition with China, one that has technology at its core.
Events
Jobs
ICPC Deputy Director – 12 month parental leave cover
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) is currently recruiting for a one-year parental leave cover for its Deputy Director position. This is an exceptional opportunity for a talented and experienced individual to contribute to the work of Australia's leading think-tank on cyber, information, technology and other national security issues in a unique leadership role.
ICPC Senior Analyst & Program Manager
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) potentially has an outstanding opportunity for a proactive, efficient and talented senior analyst & program manager to join its centre..We are looking for a senior individual with a minimum of 10-15 years of demonstrated relevant work experience who possesses excellent project management, stakeholder engagement and staff management skills. They must also possess strong knowledge - either as a generalist or a specialist - of some of the topics ICPC works across, and feel comfortable engaging with politicians, senior policymakers, business representatives and preferably also the media.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.