Australia, US and Japan strike missile agreement to deter China | Apple drops term 'state-sponsored' attacks from its threat notification policy | Zambia uncovers Chinese cybercrime syndicate
Good morning. It's Friday 12th April.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
Australia, the United States and Japan will launch a new air defence strategy, US President Joe Biden announced today. The partnership is aimed at bolstering defence and security cooperation throughout the Indo-Pacific region, at a time when China is growing increasingly assertive in the region. 9News
Apple Inc has warned its users in India and 91 other countries that they were possible victims of a "mercenary spyware attack," dropping the word "state-sponsored" it used in its previous alerts to refer to such malware attacks. Reuters
A "sophisticated internet fraud syndicate" has been uncovered in Zambia, leading to the arrest of 77 people, including 22 Chinese nationals. BBC
ASPI
Other countries keen to join AUKUS
SBS News
Dr Euan Graham is a senior analyst with the Australian Strategic Policy Institute. He says there could be a downside to having too many nations in AUKUS. "I think weighing against that is the basic arithmetic of if you have open up a small focus partnership to broader participations, there is always going to be penalty you pay in terms of process. And just the general unwieldiness of having to deal with more than three parties will inevitably slow it down. I think the question needs to be thrown back: What does New Zealand and Canada have to offer. It is really for them to present a value proposition that is of interest to the AUKUS partners. And to do so in a way that doesn't appear to jeopardise the focus on Pillar One. From an Australian perspective, that is the bottom line. That is why AUKUS originated. Australia's concern and increasingly urgent desire to acquire a higher level of submarine capability. And the longer that gets delayed, the more angst there will be in Canberra."
World
Australia, US and Japan strike missile agreement to deter China
9News
Richard Wood
Australia, the United States and Japan will launch a new air defence strategy, US President Joe Biden announced today. The partnership, announced during a joint press conference between Biden and the Japanese Prime Minister, Kishida at the White House in Washington, brings closer military ties between the three nations in a move aimed at deterring China. The partnership is aimed at bolstering defence and security cooperation throughout the Indo-Pacific region, at a time when China is growing increasingly assertive in the region.
Australia
Chinese social media platform claims it contributes $1.1bn to Australia’s economy
The Australian
Joseph Lam
Controversial Chinese-owned social media giant TikTok contributes $1.1bn to the Australian economy each year, the platform’s local boss claims. As its use comes under scrutiny in other countries, Brett Armstrong says new research commissioned by TikTok shows the social media app has become a “critical part of the Australian economy”. The report comes as TikTok faces a controversial ban in the US, one that if passed would require the company’s US arm to be sold to an American business. It’s a move that Prime Minister Anthony Albanese has ruled out taking in Australia despite the government banning the use of the TikTok app on devices used by its staff.
Meta ‘publishing the content of criminals’, says Andrews Forrest ahead of US legal battle
The Australian
Jared Lynch
Mining billionaire Andrew Forrest has accused Facebook owner Meta of “knowingly advertising the content of criminals” as he prepares to confront the tech giant in Californian and Perth courts over the proliferation of scams on its social network. Dr Forrest said the Mark Zuckerberg-led company repeatedly snubbed his requests to remove scam ads featuring his likeness that have fleeced some Australians of their life savings. In court documents, Dr Forrest said at least five new scam ads featuring his likeness are published on Facebook every day. He said he was suing the tech giant in California because the company claims it’s not subject to Australian law, despite having about 11.5 million users here and raking in between $4.7bn and $5.1bn in Australian advertising revenue a year.
China
AI chips for China face additional US restrictions
Observer Research Foundation
Rajeswari Pillai Rajagopalan
In late March, the Biden administration released revised rules that will further tighten China’s access to U.S. artificial intelligence (AI) chips and chip-making tools. The U.S. imposed a series of export control measures first in October 2022 with the goal of restricting China’s access to advanced AI chips made with U.S. inputs. A year later in October 2023, the U.S. Department of Commerce’s Bureau of Industry and Security came up with updated rules with the goal “to maintain the effectiveness of these controls, close loopholes, and ensure they remain durable.” The October 2023 rules were revised further on March 31, 2024. According to a Reuters report, the revised rules will come into effect within a week. The Commerce Department, which administers export controls, reportedly said that “it plans to continue updating its restrictions on technology shipments to China as it seeks to bolster and fine-tune the measures.”
USA
US warns agencies of possible breach via Microsoft hack
Bloomberg
Jamie Tarabay
US federal agencies were ordered to analyze emails, reset compromised credentials and work to secure Microsoft Corp. cloud accounts amid concerns that a Russian nation-state hacking group may have accessed some correspondence. The directive from the US Cybersecurity and Infrastructure Security Agency, known as CISA, came in response to breach of Microsoft that the tech giant disclosed in January. A Russian state-sponsored group called Midnight Blizzard was accused of exfiltrating data from Microsoft and using it to try compromise some of the company’s customers, according to the CISA alert. Microsoft and CISA have notified all federal agencies whose emails may have been compromised by the hacking group, according to the government directive.
The US had a chance to lead in chipmaking tech, and missed it
Bloomberg
Alex Webb and Ian King
It was a strategic misstep of epic proportions. The US took a crucial early role in developing the semiconductor technology that underpins today’s revolution in artificial intelligence. Yet it’s a Dutch firm that now holds a monopoly on the process, and Asian manufacturers that dominate production. The vast and multi-level computation performed by AI platforms such as OpenAI’s ChatGPT and Google’s Gemini accelerates a multitude of tasks usually performed by humans. That’s made access to EUV technology a matter of national economic security for the US and China.
Anonymous users are dominating right-wing discussions online. They also spread false information
Associated Press
Ali Swenson and Melissa Goldin
The reposts and expressions of shock from public figures followed quickly after a user on the social platform X who uses a pseudonym claimed that a government website had revealed “skyrocketing” rates of voters registering without a photo ID in three states this year — two of them crucial to the presidential contest. Actual voter registrations during the time period cited were much lower than the numbers being shared online. Stephen Richer, the recorder in Maricopa County, Arizona, which includes Phoenix, refuted the claim in multipleX posts while Jane Nelson, the secretary of state in Texas, issued a statement calling it “totally inaccurate.” Yet by the time they tried to correct the record, the false claim had spread widely. In three days, the pseudonymous user’s claim amassed more than 63 million views on X, according to the platform’s metrics.
Europe
EU Parliament votes to strengthen GDPR enforcement
EURACTIV
Julia Tar
Members of the European Parliament voted on Wednesday on amendments to strengthen the enforcement of the EU’s General Data Protection Regulation, however, stakeholders urged for further improvements, particularly regarding complainants’ rights and cross-border matters. The EU’s General Data Protection Regulation, enforced in 2018, is a data protection regulation that governs how personal data is handled by organisations in the European Union, prioritising individuals’ privacy rights. The amendments to the GDPR Enforcement Procedures Regulation aim to enhance complainants’ rights, clarify enforcement procedures, and address procedural concerns, which German MEP and rapporteur Sergey Lagodinsky of the Greens said will bring legal clarity.
‘I hope Ukraine will lose’: What MEPs told Russian propaganda channel
POLITICO
Eddy Wax, Elisa Braun and Clothilde Goujard
“If it is a war of civilization, well, I hope the civilization in Ukraine will lose,” said Marcel de Graaff, a Dutch far-right lawmaker, from a TV studio just inside the European Parliament last October. Another far-right politician jumped in.“Ukraine has to become a demilitarized buffer zone,” argued Maximilian Krah, a far-right politician from Germany, addressing the other four participants in the studio. The debate was organized by Voice of Europe, an outlet which Czech and Belgian authorities said in March was a front for Russian propaganda and disinformation.
UK
Big Tech’s ‘Interconnected Web’ of AI investments concerns UK’s CMA
Bloomberg
Tiffany Tsoi and Shona Ghosh
Britain’s antitrust watchdog warned that investments in artificial intelligence by the likes of Alphabet Inc.’s Google, Apple Inc., and Microsoft Corp. warrant deeper scrutiny over concerns they are being leveraged to further entrench their market power. The Competition and Markets Authority said Thursday it’s uncovered an “interconnected web” of partnerships and investments within AI involving a handful of the same tech firms, that may allow them “to shape these markets in their own interests.”
Africa
Zambia uncovers 'sophisticated' Chinese cybercrime syndicate
BBC
Wycliffe Muia
A "sophisticated internet fraud syndicate" has been uncovered in Zambia, leading to the arrest of 77 people, including 22 Chinese nationals. It was a "significant breakthrough in the fight against cybercrime", the authorities said after a multi-agency raid on a Chinese-run company. The firm employed Zambians who believed they were to be call-centre agents. Among equipment seized were devices allowing callers to disguise their location and thousands of Sim cards.
Middle East
Israel accused of using AI to target thousands in Gaza, as killer algorithms outpace international law
The Conversation
Natasha Karner
The Israeli army used a new artificial intelligence system to generate lists of tens of thousands of human targets for potential airstrikes in Gaza, according to a report published last week. The report comes from the nonprofit outlet +972 Magazine, which is run by Israeli and Palestinian journalists. The report cites interviews with six unnamed sources in Israeli intelligence. The sources claim the system, known as Lavender, was used with other AI systems to target and assassinate suspected militants – many in their own homes – causing large numbers of civilian casualties.
IDF colonel discusses ‘data science magic powder’ for locating terrorists
The Guardian
Harry Davies and Bethan McKernan
A video has surfaced of a senior official at Israel’s cyber intelligence agency, Unit 8200, talking last year about the use of machine learning “magic powder” to help identify Hamas targets in Gaza. The footage raises questions about the accuracy of a recent statement about use of artificial intelligence (AI) by the Israeli Defense Forces (IDF), which said it “does not use an artificial intelligence system that identifies terrorist operatives or tries to predict whether a person is a terrorist”.
Big Tech
Apple drops term 'state-sponsored' attacks from its threat notification policy
Reuters
Apple Inc has warned its users in India and 91 other countries that they were possible victims of a "mercenary spyware attack," dropping the word "state-sponsored" it used in its previous alerts to refer to such malware attacks. Apple discovered that attackers tried to "remotely compromise the iPhone," it said in a notification email that was sent to targeted users and seen by Reuters. The company had previously said on its website that its threat notifications were designed to inform and assist users who might have been targeted by "state-sponsored attackers."
YouTube prioritises news to combat misinformation, while Meta turns it off
The Australian
Jared Lynch
YouTube is removing “thousands and thousands” of accounts each day as it combats misinformation in what is the biggest election year in history, according to Google-owned cybersecurity firm Mandiant. As it removes “harmful” content, YouTube – which Google acquired for $US1.65bn in 2006 – is prioritising videos from “authoritative” sources, such as media companies as it attempts to strike the balance between halting misinformation, while not stifling free speech ahead of the elections. It is a different approach to Facebook owner Meta, which this month removed its news tab in Australia after abandoning media content deals worth about $70m a year, sparking fears its platform will become a hotbed for fake news.
Artificial Intelligence
Speed of development making it hard for firms to invest wisely in AI
The Australian Financial Review
George Hammond
The increasing power of the latest artificial intelligence systems is stretching traditional evaluation methods to breaking point, posing a challenge to businesses and public bodies over how best to work with the fast-evolving technology. Flaws in the evaluation criteria commonly used to gauge performance, accuracy and safety are being exposed as more models come to market, according to people who build, test and invest in AI tools.
How cloud hopping has become the hidden battlefront in the AI arms race
The Australian
Jared Lynch
Finder earns its living helping Australians find a better deal. So it’s no surprise that the comparison website used its own expertise to do what many companies consider is cost-prohibitive: switch cloud providers. Cloud computing exploded during the pandemic to support remote working – allowing employees to access troves of company data from any location. It has now emerged as the hidden battlefield in the artificial intelligence arms race. AI relies on data, which is stored in powerful computer warehouses that house the cloud, sparking strong demand and hot competition.
Misc
Instagram begins blurring nudity in messages to protect teens and fight sexual extortion
Associated Press
Kelvin Chan
Instagram says it’s deploying new tools to protect young people and combat sexual extortion, including a feature that will automatically blur nudity in direct messages. The social media platform said in a blog post Thursday that it’s testing out the features as part of its campaign to fight sexual scams and other forms of “image abuse,” and to make it tougher for criminals to contact teens. Sexual extortion, or sextortion, involves persuading a person to send explicit photos online and then threatening to make the images public unless the victim pays money or engages in sexual favors.
Events & Podcasts
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
Jobs
Data Scientist
ASPI
ASPI is looking for an inquisitive and problem-solving open-source data scientist who will be responsible for developing and implementing automated techniques for a variety of open-source data collection requirements. We are open to experienced data scientists and those beginning their career. Role equivalency would be between levels 3 – 7 of Data Science category of SFIA 8. The closing date for applications is 15 April 2024– an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
Director of Cyber, Technology & Security (CTS)
ASPI
ASPI is looking for an exceptional and experienced leader to lead our largest team focused on emerging security challenges, particularly in cyberspace and the information domain. Director CTS leads ASPI’s largest team to develop and deliver a range of applied research projects on existing and emerging security challenges. CTS’ projects range across cyber and critical infrastructure security, critical and emerging technologies, national resilience and social cohesion, and hybrid threats. The closing date for applications is 22 April 2024 – an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work. The closing date for applications is 10 May 2024– an early application is advised as we reserve the right to close the vacancy early if suitable applications are received.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.