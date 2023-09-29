Good morning. It's Friday 29th September.

Hackers targeted a Middle Eastern telecom organization and an Asian government in a recent spying operation, according to a report published Thursday. The hacking group Budworm, also known as Emissary Panda and APT27, is believed to be based in China. Last year, it attacked a U.S. state legislature using a Log4j vulnerability. In its most recent campaign in August, Budworm used a previously unseen version of its custom backdoor called SysUpdate to spy on the unnamed telecom company Asian government body, as reported by Symantec researchers.

The federal government has committed to overhauling Australia's privacy laws following the recommendations of a major review first initiated by the former administration. At the core of the proposed changes the government has agreed to is an overhaul of how our data is collected, used and stored. The government says companies should be required to obtain informed consent when asking people to agree to their privacy policy, meaning companies won't be able to just throw up a wall of legalistic text that users typically ignore.

The industry association representing tech giants has called on Labor to amend its proposed laws to combat online misinformation to limit its scope to disinformation, and for the penalty to be lowered to avoid “incentivising” platforms to censor speech that might be considered contrary to government positions. The Digital Industry Group – which includes Google, Meta, TikTok and X – is also pushing for stronger safeguards to be included in the bill to protect free speech, warning it could “discourage” media diversity.

China’s cyberspace regulator, which imposed tough cross-border data security requirements a year ago creating uncertainties for multinationals, made a concession on Thursday by waiving security assessments for the bulk of day-to-day business activities involving these data flows. According to the latest proposed regulation on cross-border data flows published by the Cyberspace Administration of China, the vast bulk of business and personal activity involving sending Chinese data abroad will no longer go through a security assessment by the cyberspace regulator, a move that is set to make life easier for multinationals with China operations.

Investment companies linked to some of China's biggest automakers have formed an alliance to bolster their supply chain for semiconductor devices and other core components of electric vehicles. The new alliance's members include GAC Group and Zhejiang Geely Holding Group investment companies.

A sharply divided U.S. government panel has recommended Congress impose substantial restrictions on a powerful spying program that collects vast amounts of intercepted emails, texts and other electronic data, arguing the tool threatens Americans’ privacy. The findings, to be released Thursday in a report reviewed by The Wall Street Journal, are a blow to the Biden administration’s efforts to cajole lawmakers to renew with minimal changes the expiring portion of the Foreign Intelligence Surveillance Act, known as FISA, that lapses at the end of the year. Doing so, officials have said, is a top national security priority.

Hackers linked to the Chinese government stole around 60,000 emails from the unclassified inboxes of 10 State Department employees as part of a high-profile hack earlier this summer, according to a readout from a Senate staff briefing on Wednesday. The new details of the previously known hacking incident, which also impacted Commerce Secretary Gina Raimondo, are likely to only exacerbate concerns on Capitol Hill about Chinese hacking efforts, which have ramped up this year.

The State Department accused China on Thursday of using “deceptive and coercive methods” to shape the global information environment, by acquiring stakes in foreign newspapers and television networks, using major social media platforms to promote its views and exerting pressure on international organizations and media outlets to silence critics of Beijing.

An endless blitz of automated deepfakes, disinformation and cyberattacks from America’s adversaries: this is what keeps the CIA’s director for artificial intelligence up at night. “What AI sometimes enables in these spaces is the ability to do it at a scale and speed that hasn’t been possible,” Lakshmi Raman said at the POLITICO AI & Tech Summit on Wednesday. “It’s much more available, and much easier for people.”

After a recent theft of emails from top U.S. officials raised alarms about the country’s increasing dependence on the biggest cloud computing companies, Amazon, Google and Microsoft have begun to explain more of the work they do to secure the data of tens of millions of online customers. Cybersecurity experts in and out of government say that email, word processing and other software running on computer networks owned by those big companies remain more secure than the equivalent programs running on government-owned machines. But federal officials and legislators nevertheless have been stepping up their demands that the cloud giants do more, part of a strategy that also includes more cybersecurity rules for critical infrastructure.

PsiQuantum is aiming to deliver its first commercial quantum computing system in under six years, its CEO said as the startup announced a partnership with the U.S. Department of Energy to develop advanced fridges for its machines. Chief Executive Jeremy O'Brien said the timeline has been made possible by the company's breakthroughs, including its work with chip manufacturing partner GlobalFoundries.

Latin American tech isn’t really known for innovation; what it’s good at is spotting trends that have worked overseas and bringing them to the region. It’s why Latin America has such a vibrant startup ecosystem, full of proven ideas (albeit proven elsewhere). It’s been so successful that even Latin America’s most traditional and innovation-weary companies have started to pay attention. As the startup ecosystem steadies itself after the collapse of SVB and the funding winter, bigger and more established local corporations have looked to fill the breach.

U.S. National Security Agency, Federal Bureau of Investigation and Japanese police jointly warned multinational companies of China-linked hacker group BlackTech in a cybersecurity advisory late on Wednesday. The joint advisory, which also came from the U.S. Cybersecurity and Infrastructure Security Agency and its Japanese counterpart, urged firms to review the internet routers at their subsidiaries to minimise the risk of potential attack from the group.

Dutch chip equipment-maker ASML Holding will establish an office in Hokkaido in the fourth quarter of 2024, a spokesperson said Wednesday, making it the latest semiconductor business to expand operations in Japan. ASML is the world’s only maker of very high-end semiconductor lithography equipment and is one of Europe’s most valuable technology companies.

Cambodia’s government says it will not permit the screening of a hit Chinese action film based on the region’s cyber-scam industry, claiming that it would damage the country’s international reputation.

With data being considered the new oil, India, the world’s second-largest internet market after China, is looking to establish a dedicated entity to manage the data it generates and set up rules and regulations for non-personal and anonymized personal data. The Indian government plans to propose setting up of a body, called the National Data Management Office, according to a draft Digital India Bill seen by TechCrunch.

A group of pro-India hackers on Wednesday claimed responsibility for bringing down the website of the Canadian Armed Forces for two hours. In the last few days, the group had temporarily taken down the websites of Canada’s election authority Elections and Democracy and an Ottawa-based public hospital. It allegedly stole the private financial data of thousands of Canadians and shared it on social media platform ‘X’.

A Russian flight booking system was hit by a cyberattack on Thursday, causing delays at airports. A "massive" distributed denial-of-service attack on the local airline booking system Leonardo was carried out by "foreign hackers," reported one of the system’s developers, Russian state defense company Rostec.

Norway’s data protection authority has asked a European Union regulator to take a binding decision on whether its emergency sanction on Facebook and Instagram tracking and profiling users for ad targeting without their consent should be made permanent and applied across the EU single market, not just locally. The move could lead to a blanket ban on Meta running tracking ads without consent across the EU single market if the European Data Protection Board agrees the action is merited. Meta may also switch to asking users for their permission to run “personalized ads” before any Board action, as it has claimed it intends to.

The United States is backing a new undersea internet cable connecting several Pacific islands, according to a plan for the project seen by Reuters, boosting Washington's interests in a region where it is vying for influence with China. The Central Pacific Cable would connect American Samoa with Guam - two U.S. territories - and extend to up to 12 more Pacific islands, according to a document showing the cable route. Guam is home to a key U.S. military base.

In November 2020, executives at Huawei, the Chinese telecom-equipment maker, exchanged messages about holding a meeting with a “friend” and an “adviser” in Greece. The contacts, identified as Greek government advisers, were set to provide Huawei with something valuable: a document outlining government contracts and “first priority projects” that the company might want to work on in the country. Huawei managers discussed giving the advisers a Huawei Mate XS smartphone, the company’s GT 2 smartwatch and wine, according to internal text messages and other documents reviewed by The New York Times. The plans are “strictly confidential among us,” a Huawei manager wrote in a group chat named after Greece’s digital ministry. The exchange was part of more than 120 messages and summaries of internal Huawei communications provided to The Times by a person working for a European government that investigated the company.

Elon Musk’s X, formerly known as Twitter, is cutting around half of the global team devoted to limiting disinformation and election fraud on the platform, including the head of the group, according to three people familiar with the situation. The cuts come less than a month after the company said it would expand the team and as X faces renewed criticism from the European Commission over the volume of misinformation on its platform. Meantime, other social media companies are gearing up to deal with disinformation and artificial intelligence during next year’s presidential elections in the U.S.

Thousands of Apple customers have complained that the latest iPhone models are overheating, a week after they debuted with cutting-edge chips. Some buyers of the new iPhone 15 Pro and its larger Pro Max sibling have vented on online forums — including Apple’s customer support pages, Reddit and other social media platforms — that their devices are too hot to touch.

Plenty of companies are experimenting with the technology, called generative A.I., but they are worried about how confidential data will be handled, the accuracy of A.I.-generated answers and potential legal liability. IBM on Thursday announced its campaign to ease customers’ qualms. The company said it would indemnify companies against copyright or other intellectual property claims for using its generative A.I. systems. IBM will also publish its data sets — the underlying data that is used to build or “train” the A.I. system — which is not standard practice among commercial providers of generative A.I. technology.

OpenAI, the Microsoft-backed creator of ChatGPT, has confirmed the chatbot can now browse the internet to provide users with current information. The artificial intelligence-powered system was previously trained only using data up to September 2021. The move means some premium users will be able to ask the chatbot questions about current affairs, and access news.

It’s just as well Facebook’s owner, Meta, isn’t offering to pay John Marsden for using 27 of his novels without his permission to train its AI. The award-winning author of Tomorrow, When the War Began, The Rabbits and dozens more novels, which are among the 191,000 pirated ebooks allegedly used by Meta to train its LLaMa AI model, wouldn’t take the money anyway. “I think it would be extremely tainted money,” he said. Training generative AI to write like famous authors is going to unleash on the world a “frightening and a horrifying kind of tsunami of imitations which would do incredible, incalculable damage to the creative powers and efforts of human beings”, he told The Australian Financial Review in an interview, and he wanted no part of that.

Jim Ryan, who leads Sony’s PlayStation video game console business, will retire next year, Sony said on Wednesday. Sony has long been one of the most dominant companies in the lucrative video game industry, publishing popular franchises like Spider-Man and The Last of Us.

On the Exponentially podcast, Azeem Azhar explores the implications for privacy with Professor Nita Farahany, who urges legal protections for our thoughts.

ASPI Cyber, Technology & Security Centre has an outstanding early career role for a talented and proactive individual to support senior staff on program and research coordination and strategic engagement. We are looking for a highly organised, team-oriented, enthusiastic individual to join a dynamic and proactive team. The person we seek will be practical and able to use their initiative to create opportunities and solve problems. This role will suit candidates with experience in events coordination and project management, and an interest in foreign policy and/or national security.

