Aus: Federal ministers, premiers and independent MPs use burner phones as TikTok ban nears | Millions in Punjab without mobile internet | Meta manager was hacked with spyware and wiretapped in Greece
Good morning. It's Tuesday 21st March.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Have feedback? Let us know at icpc@aspi.org.au.
Follow us on Twitter and on LinkedIn.
In Australia, Federal cabinet ministers, premiers and independent MPs are using burner phones to use the Chinese-owned app TikTok, which a review is expected to recommend banning from all official government devices. The Australian
Tens of millions of people in India’s Punjab state remain without mobile internet on Monday, as the provincial government says a shutdown will last into a fourth day. On Saturday, the state government ordered a suspension of SMS and internet services on mobile devices as police searched for the leader of a Sikh separatist movement. Some 27 million people in the northern state are affected by the blackout, which has not impacted non-mobile internet service. The Record by Recorded Future
A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case. The New York Times
ASPI
For female journalists, covering China comes at a cost
Radio Free Asia
Amelia Loi and Mary Zhao
A report released in 2022 by the Australian Strategic Policy Institute (ASPI), a Canberra-based think tank, said the harassment of female journalists of Asian descent who report critically on China can be particularly aggressive — and appears to be increasing.
Musk’s Twitter takeover comes as the CCP steps up its targeting of smart Asian women
The Strategist
Danielle Cave and Albert Zhang
Graphic online depictions of sexual assault, homophobia and racist imagery (sometimes involving Australian lawmakers) and life-threatening intimidation (including calling for targets to kill themselves) are a growing part of the Chinese Communist Party’s toolkit of digital transnational repression. Such imagery, and associated threats, characterise ongoing coordinated information operations the CCP is running online against women of Asian descent living in democracies around the world, including in Australia, the UK and the US.
Australia
Federal ministers, premiers and independent MPs use burner phones as TikTok ban nears and Clare O’Neil handed security review
The Australian
Simon Benson and Jenna Clarke
Federal cabinet ministers, premiers and independent MPs are using burner phones to use the Chinese-owned app TikTok, which a review is expected to recommend banning from all official government devices.
Pressure mounts for clarity on TikTok ban in government
The Mandarin
Julian Bajkowski
Minister for home affairs and cybersecurity Clare O’Neil is coming under increasing pressure to more quickly clarify the federal government’s position on a widely anticipated ban on Chinese social media platform TikTok on public sector devices.TikTok’s Aussie boss says it could survive government bans
Australian Financial Review
Josh TaylorTikTok’s most senior operations executive, Australian expat V Pappas, has said the ByteDance-owned app could survive a US ban and warned that plans to force Chinese investors to divest its shares were a symptom of a dangerous “fractionalisation” of the internet.
Cybersecurity funds should go towards beefing up Centrelink voice authentication, Greens say
The Guardian
Jessica Sier
The federal government should be using some of the $10bn allocated in the budget to cybersecurity defences to combat people using AI to bypass biometric securities including voice authentication, a Greens senator has said.
Finance company warns customers that scale of data breach may widen
9 News
Richard Wood
Australian company Latitude Financial has today warned the amount of customer details stolen during a cyber attack may grow. In an update on the data breach, the non-bank lender confirmed that driver's licences, passports and Medicare numbers have been hacked.
China
Chinese-linked hackers deployed the most zero-day vulnerabilities in 2022, researchers say
CyberScoop
Elias Groll
Researchers at the threat intelligence firm Mandiant observed the use of 55 zero-day vulnerabilities in 2022. That’s a decrease from 2021 — when researchers recorded a whopping 81 — but a figure that nonetheless represents an overall rise in recent years of hackers exploiting previously unknown software vulnerabilities, which are a potent tool for digital spies and cybercriminals.
Tencent, ByteDance roll out new apps as China’s Big Tech firms return to quest for growth
South China Morning Post
Iris Deng
ByteDance and Tencent Holdings both released new apps recently, as China’s Big Tech firms gun for new growth after nearly two years of business retreat and consolidation under Beijing’s tightened regulatory scrutiny.
Former head of Google China joins ChatGPT frenzy by starting own venture
South China Morning Post
Lilian Zhang
Lee Kai-fu, a prominent Chinese venture capitalist and former president of Google China, is the latest high-profile tech executive to jump on the ChatGPT bandwagon, with plans to establish an artificial intelligence company that goes beyond “a Chinese version of ChatGPT”.
State-sponsored matchmaking app launched in China
The Guardian
Amy Hawkins
Guixi, a city of about 640,000 people, has launched an app that uses data on single residents to build a matchmaking platform. The app is known as “Palm Guixi” and includes a platform for organising blind dates, according to China Youth Daily, a state-run newspaper.
Chinese tech feels the SVB effect
The Wire
Katrina Northrop
When tech-sector focused Silicon Valley Bank collapsed last week, among those left in the lurch were several prominent Chinese startups that had come to rely on the bank as a connector between the U.S. and their domestic financial system.
USA
All social media platforms have TikTok-like risks, transparency group says
Bloomberg
Anna Edgerton
The national-security and mental-health risks posed by TikTok are shared by other social media platforms, according to an advocacy group that’s urging Congress to also hold US companies accountable ahead of high-profile testimony from TikTok’s chief executive officer.
School districts sue tech giants over youth mental health crisis
Axios
Ivana Saric
A slew of school districts across the country are suing social media companies, alleging that the tech giants are contributing to a youth mental health crisis.
North Asia
Taiwan financial regulator says will oversee crypto currencies
Reuters
Emily Chan
Taiwan's Financial Supervisory Commission will be the main overseer of crypto currencies on the island, the head of the regulator said on Monday.
South & Central Asia
Millions in Punjab still without mobile internet as shutdown extended to fourth day
The Record by Recorded Future
James Reddick
Tens of millions of people in India’s Punjab state remain without mobile internet on Monday, as the provincial government says a shutdown will last into a fourth day. On Saturday, the state government ordered a suspension of SMS and internet services on mobile devices as police searched for the leader of a Sikh separatist movement. Some 27 million people in the northern state are affected by the blackout, which has not impacted non-mobile internet service.
Ukraine - Russia
Kremlin tells officials to stop using iPhones - Kommersant newspaper
Reuters
Guy Faulconbridge
The Kremlin told officials involved in preparations for Russia's 2024 presidential election to stop using Apple iPhones because of concerns that the devices are vulnerable to Western intelligence agencies, the Kommersant newspaper reported.
This is the new leader of Russia’s infamous Sandworm hacking unit
WIRED
Andy Greenberg
For years, the hacking unit within Russia's GRU military intelligence agency known as Sandworm has carried out some of the worst cyberattacks in history—blackouts, fake ransomware, data-destroying worms—from behind a carefully maintained veil of anonymity. But after half a decade of the spy agency's botched operations, blown cover stories, and international indictments, perhaps it's no surprise that pulling the mask off the man leading that highly destructive hacking group today reveals a familiar face.
Europe
Meta manager was hacked with spyware and wiretapped in Greece
The New York Times
Matina Stevis-Gridneff
A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.
UK
TikTok should be banned from all mobile phones as it isn't safe, says Scots security expert
Scottish Daily Express
John Glover
A Scottish security expert has called for the World Security Council to ban TikTok from all public phones over fears it can be "weaponised" against the West. Dr Azeem Ibrahim has welcomed the UK Government's decision to ban the Chinese-owned social media app from Government phones but calls for it to go further.
Africa
How ending the government monopoly improved Ethiopia’s internet
Rest of World
Natalie Donback
The telecommunications industry in Ethiopia, Africa’s second-most populous country, was a monopoly of the state-owned Ethio Telecom until late last year. For the country’s nearly 30 million internet users — just 25% of the total population — this monopoly meant poor connectivity at high costs and low-quality support services. In 2022, the Ethiopian government opened the market to global private telecomms companies, and less than six months later, local entrepreneurs have already started seeing the benefits of this shift.
Meta faces third lawsuit in Kenya as moderators claim illegal sacking, blacklisting
TechCrunch
Annie Njanja
Social media giant Meta and its Kenya-based content moderation partners, Sama and Majorel, are facing a new lawsuit in Kenya. In a petition filed today, 43 content moderators allege “unlawful termination” by Sama, whose contract with Meta comes to an end this month after shutting down its content review arm in January. They are also contesting alleged discrimination by Meta’s new content moderation partner, Majorel, who they claim has blacklisted all of Sama’s previous employees.
Middle East
Fighting VPN criminalization should be Big Tech’s top priority, activists say
Bleeping Computer
Ashley Belanger
In response to Iran's ongoing protests—mostly led by women and young people—Iranian authorities have increasingly restricted Internet access. First, they temporarily blocked popular app stores and indefinitely blocked social media apps like WhatsApp and Instagram. They then implemented sporadic mobile shutdowns wherever protests flared up. Perhaps most extreme, authorities responded to protests in southeast Iran in February by blocking the Internet outright, Al Arabiya reported. Digital and human rights experts say motivations include controlling information, keeping protesters offline, and forcing protesters to use state services where their online activities can be more easily tracked—and sometimes trigger arrests.
Big Tech
These people avoid the TikTok App, not the TikTok videos
The Wall Street Journal
Ann-Marie Alcántara
Carla Birnbaum banned her two daughters from downloading the TikTok app. But she eventually discovered that the ban didn’t stop them from watching TikToks. Lots and lots of them. When her 12-year-old daughter’s iPhone wouldn’t update, she found that the device’s memory was nearly full. Friends had been sending the tween screen recordings of TikTok posts as a way to get around the Birnbaum household’s no-TikTok rule.
Artificial Intelligence
OpenAI research says 80% of U.S. workers' jobs will be impacted by GPT
VICE
Chloe Xiang
As large language models like OpenAI's GPT-4 become more advanced and able to write, code, and do math with more accuracy and consistency, it won’t be long before AI makes its way into the workplace as a daily-use tool. In fact, OpenAI itself is betting that a vast majority of workers will have at least part of their jobs automated by GPT models.
AI isn’t yet going to take your job — but you may have to work with it
The Washington Post
Danielle Abril
In a world of infallible artificial intelligence, computers could do most of our work for us. They could diagnose our illnesses in a second. Robots and autonomous vehicles could shop and deliver our groceries. Systems could ensure we don’t break our budgets. AI could operate our transit — planes, trains and cars — without human assistance, and even make our dinner.
Misc
Why you should opt out of sharing data with your mobile provider
Krebs on Security
Chris Krebs
A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how.
Events & Podcasts
FP Virtual Dialogue: Enhancing cyber nuclear security
Foreign Policy
Russia’s recent seizure of the Zaporizhzhia nuclear plant dramatically raised the stakes of the war in Ukraine, along with concerns over vulnerabilities of nuclear facilities and the ability to defend critical infrastructure. Additionally, cyber-attacks on critical infrastructure have escalated sharply, with countries including Iran, North Korea and China targeting financial services, transportation systems, and communication networks. How can stakeholders collaborate to mitigate risks and thwart advanced attacks from both state and non-state actors?
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
The Daily Cyber & Tech Digest is brought to you by the team at ASPI’s International Cyber Policy Centre.