Australia to promote Cybersecurity role to Cabinet level | Brazil's president affected in COVID-related dataleak of 16 million patients | TikTok granted additional week to resolve concerns

Nov 26, 2020

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

Scott Morrison will create a cyber security role in cabinet as part of a ministerial reshuffle next month, as the Prime Minister prioritises responsibilities in line with the government’s COVID-19 economic and security commitments. The special cyber security role would be added to the Home Affairs portfolio, which has oversight of cyber security legislation and the roll out of the decade-long Cyber Security Strategy, and comes as the government ramps up its defences against state-based and criminal actors. The Australian
The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among those affected by the leak are Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors. ZDNet
The Trump administration has given TikTok’s Chinese owner another week to complete a sale of its popular video-sharing app in order to resolve U.S. national security concerns. Bloomberg

ASPI ICPC

Which practices help us maintain a secure cyberspace in the Asia Pacific?
APNIC Blog
@BartHoogeveen
Cyber norms or rather ‘norms of international cooperation around cybersecurity’ constitute a key component in today’s efforts to foster a safe and secure cyberspace.. In this post, I will focus on the 11 norms of responsible state behaviour in cyberspace that the 193 member states of the UN endorsed in 2015 and look at the role the Internet community can play.

APNIC @apnic

How does the UN shape #cybersecurity norms? @BartHoogeveen with the deep dive on the blog. #cybernorms blog.apnic.net/2020/11/26/whi…

How India-Australia's New Partnership Could Lead To AI Initiatives
Analytics India Magazine
@raibagikashyap
A recent report by the Observer Research Foundation argues that the governments of India and Australia should invest in the construction of a new India-Australia partnership, with critical technology at its centre. The report, published in collaboration with the International Cyber Policy Centre of the Australian Strategic Policy Institute, states that ‘the foundation for such a partnership already exists, and that further investment areas of complementary interest could stimulate regional momentum.’

Read our new report ‘Critical technologies and the Indo-Pacific: A new India-Australia partnership’.

Australia

Cyber security promoted to cabinet
The Australian
Scott Morrison will create a cyber security role in cabinet as part of a ministerial reshuffle next month, as the Prime Minister prioritises responsibilities in line with the government’s COVID-19 economic and security commitments. The special cyber security role would be added to the Home Affairs portfolio, which has oversight of cyber security legislation and the roll out of the decade-long Cyber Security Strategy, and comes as the government ramps up its defences against state-based and criminal actors.

Telstra faces fine of up to $50 million over unconscionable conduct
The Sydney Morning Herald
@zoesam93 @zoesam93
Telstra will face court and penalties of up to $50 million for selling more than 100 Indigenous consumers phone contracts they didn't understand they couldn't afford.

Joint press release: EU-Australia Leaders' virtual meeting
Council of the European Union
Australia and the EU have initiated a digital economy and technology dialogue and agreed to cooperate on artificial intelligence, blockchain, the use of digital tools to address climate change and disaster resilience, quantum technology and the role of platforms.

China

Chinese media step up campaign to muddy probe into Covid origins
The Financial Times
Communist party newspaper tries to undermine belief virus jumped to humans within the country.

USA

Patients of a Vermont Hospital Are Left 'in the Dark' After Cyberattack
The New York Times
@EllenBarryNYT @nicoleperlroth
A wave of damaging attacks on hospitals upended the lives of patients with cancer and other ailments. “I have no idea what to do,” one said.

John Sipher @john_sipher

I think this year displayed the large and growing gap between the seriousness of our politics and politicians, and our institutions and professionals. The election showed that our institutions still work - courts, election boards, cyber defenders etc. 1/ https://t.co/OjQ5iDoQIZ

Chris Krebs @C_C_Krebs

The transition starts now. And as a reminder, still no evidence that election systems and votes were manipulated. All Americans should have confidence in the security of their vote. But the #disinfo likely won’t stop. Keep on the lookout and don’t fall for it. #WeArePerseus

North-East Asia

Suspected North Korean hackers who targeted job applicants prove more ambitious than first believed
CyberScoop
@timstarks
A possible North Korean government-connected cyber-espionage campaign that targeted the defense industry stretched further than originally known when it was inititally uncovered this summer, researchers said. “Operation North Star” went beyond targeting South Korea to include Australia, India, Israel and Russia.

South-East Asia

BRI Ventures Closes First Round of New Indonesian Tech Fund
Bloomberg
@yoolimleenews
BRI Ventures plans to use the new capital to make early-stage investments in education, agro-maritime, retail, transportation and health care in Indonesia, the largest internet market in Southeast Asia with almost 300 million people.

South and Central Asia

The Hills are Alive
Rest of the World
@AlizehKohari
Pakistan’s government uses the internet as a means of exerting control — and in a remote part of the country, citizens are starting to fight back.

Rod Hilton @AusDHCIndia

Australia is a trusted & reliable supplier of #criticalminerals to help India accelerate its tech revolution. Pleased to hold the first 🇦🇺🇮🇳 Joint Working Group on critical minerals, advancing outcomes from the June summit between Prime Ministers @narendramodi & @ScottMorrisonMP.

Europe

Thorsten Benner @thorstenbenner

EU parliament calls to ensure "timely implementation" of 5G cybersecurity toolbox & "to apply, where appropriate, relevant restrictions on high-risk suppliers for key assets defined as critical & sensitive". About time for Berlin to gets its act together.

Texts adopted - A New Industrial Strategy for Europe - Wednesday, 25 November 2020europarl.europa.eu

The Americas

Personal data of 16 million Brazilian COVID-19 patients exposed online
ZDNet
@campuscodi
The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among those affected by the leak are Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors.

Misc

TikTok Granted One-Week Extension of Forced-Sale Deadline
Bloomberg
@sbanjo
The Trump administration has given TikTok’s Chinese owner another week to complete a sale of its popular video-sharing app in order to resolve U.S. national security concerns.

Meet GPT-3. It Has Learned to Code (and Blog and Argue).
The New York Times
@CadeMetz
The latest natural-language system generates tweets, pens poetry, summarizes emails, answers trivia questions, translates languages and even writes its own computer programs.

Who Will Miss the Coins When They’re Gone?
The New York Times
@AlanYuhas
We used to carry and trade bits of metal everywhere, but a pandemic shortage and the rise of digital money are making jingly pockets a distant memory for many.

Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day
ZDNet
@campuscodi
A French security researcher has accidentally discovered a zero-day vulnerability that impacts the Windows 7 and Windows Server 2008 R2 operating systems while working on an update to a Windows security tool.

Nation states exerting power online - sharing data can guard against it
Twitter
@katyminshall @carljackmiller
Academics, journalists and civil society groups must all be strong voices in the debates related to information operations and how to respond to them. And to achieve this, one thing - above all - is needed: data.

Millions of Facebook Users Pass on $650 Million Privacy Jackpot
Bloomberg
Facebook will be making payouts to only about a quarter of the 6 million Illinois residents eligible for the biggest consumer privacy settlement in U.S. history.

Nicholas Iovino @NicholasIovino

Over 1.5 million people signed up to be part of a historic $650M privacy settlement over Facebook's alleged harvesting of users' facial data in violation of Illinois law. Class members will get $200 to $400 each. Deadline was Monday. Final approval hearing: Jan. 7 @CourthouseNews

Events

AustCyber @AustCyber

📢 BREAKING NEWS: Australia's #CyberSecurity Sector Competitiveness Plan 2020 is being launched on 30 Nov! NEW data has allowed us to uncover fresh insights (inc. the size & composition of the sector) & outline future potential. Register now for our event: bit.ly/3pPXRrL

Research

Pierre Dewitte @PiDewitte

After months of work, our interdisciplinary piece on Data Protection by Design is finally out. At the crossroads between #Law and #SoftwareEngineering, we present a modeling framework that integrates data protection within the development life cycle.

DPMF: A Modeling Framework for Data Protection by Design | Enterprise Modelling and Information Systems Architectures (EMISAJ)Enterprise Modelling and Information Systems Architectures – International Journal of Conceptual Modelingemisa-journal.org

Mapping China's Tech Giants website Feedback
ASPI ICPC
We will soon begin the next phase of "Mapping China's Technology Giants". Part of this project will include updating the website. To ensure the website remains as useful to you and your organisation as possible, we would like to invite you to give us feedback on your use of our website. Your feedback is an important part of this process as it allows us to know what is working well, what we can improve on and what really matters to you.

Daily Cyber Digest