Biden warns Putin against cyberattacks on US critical infrastructure | Ukraine, South Korea and US law enforcement arrest suspected ransomware gang | Facebook removes network based in Ethiopia
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
President Biden said he warned Vladimir Putin in their meeting in Geneva on Wednesday that Russia will face stiff consequences if it conducts cyberattacks on critical U.S. infrastructure or allows opposition leader Alexei Navalny to die. On cybersecurity, Biden said he presented Putin with what the U.S. considers the critical elements of its infrastructure and told him the U.S. would respond forcefully — with cyber means of its own — if they were targeted. "We'll find out whether we have a cybersecurity arrangement that begins to bring some order," he said. Axios
Multiple suspects believed to be linked to the Clop ransomware gang have been detained in Ukraine after a joint operation from law enforcement agencies in Ukraine, South Korea, and the United States. The Cyber Police Department of the National Police of Ukraine confirmed that six arrests were made after searches at 21 residences in the capital Kyiv and nearby regions. While it’s unclear whether the defendants are affiliates or core developers of the ransomware operation, they are accused of running a “double extortion” scheme, in which victims who refuse to pay the ransom are threatened with the leak of data stolen from their networks prior to their files being encrypted. TechCrunch
Facebook removed 65 Facebook accounts, 52 Pages, 27 Groups, and 32 accounts on Instagram for violating our policy against coordinated inauthentic behavior. This network originated in and focused on domestic audiences in Ethiopia. Facebook
ASPI ICPC
Is ANOM an anomaly?
ABC Radio National
We dive into the weird world of the ANOM app and the role it played in what is shaping up to be one of the biggest crime stories of the year. Also - dozens of the world’s most popular websites like the New York Times, Twitch and Spotify disappeared offline last week…and it’s all thanks to one company that underpins a huge part of the internet we experience. Guests: Ariel Bogle, Analyst at the Australian Strategic Policy Institute
Slave Uighur labour may be involved in Vic train build, Opposition claims
ABC Radio National
The Victorian Opposition has obtained documents under Freedom of Information laws which show bureaucrats advised the state government to accept the assurances of a Chinese state owned company that it wasn't using slave Uighur labour to make components for Victoria's new trains. But Professor James Leibold, a senior fellow from the Australian Strategic Policy Institute, is warning those assurances shouldn't be trusted without an independent investigation.
China’s digital renminbi initiative is a network, not a currency
The Strategist
Matthew D. Johnson
Publicly revealed by the People’s Bank of China (PBOC) in 2019, China’s central bank digital currency (CBDC) project—the Digital Currency Electronic Payment, or DCEP—is an early-stage endeavour to rewire the global economic system using emerging financial technology. DCEP is a massive payment- and data-processing network. Over time, its CBDC, the e-CNY, is expected to completely replace physical cash. So far, public policy debates on the future of DCEP have focused on its implications for internationalisation of China’s currency. Yet, the most consequential developments relate to how DCEP appears to be emerging as a leading financial technology. With the global expansion of China’s technology giants like Ant Group and Huawei, DCEP has the potential to transform the global financial system independently of external use of the RMB.
The World
Uyghurs outside China are traumatized. Now they’re starting to talk about it
MIT Technology Review
@AndrewMcCormck
As loved ones disappear in their homeland, community members in other countries feel helpless and afraid. Telehealth and social media are helping.
At Biden-Putin Meeting, Cyberweapons Are at Top of the Agenda
The New York Times
@SangerNYT
For 70 years, meetings between American presidents and Soviet or Russian leaders were dominated by one looming threat: the vast nuclear arsenals that the two nations started amassing in the 1940s, as instruments of intimidation and, if deterrence failed, mutual annihilation. Now, as President Biden prepares to meet with President Vladimir V. Putin here in Geneva on Wednesday, for the first time cyberweapons are being elevated to the top of the agenda.
Australia
Police would not agree to stop accessing COVID SafeWA app data, Premier Mark McGowan says
ABC News
@kenithpng
The WA government was forced to introduce legislation after failing to reach an agreement with police over the use of information collected from the SafeWA app, Premier Mark McGowan says. QR code check-in data gathered from the app on two occasions during investigations into the high-profile murder of former Rebels bikie boss Nick Martin.
Robots, drones and satellites: NSW to research new bushfire fighting technology
The Sydney Morning Herald
@Rabe9
The $28 million in state funding will be directed into research and development of bushfire technology over the next four years, including the potential of using robots to aid responders, aggregating satellite imagery to predict fire fronts and drones to assist with escape routes.
China
Alibaba Falls Victim to Chinese Web Crawler in Large Data Leak
The Wall Street Journal
Yang Jie @lizalinwsj
A Chinese software developer trawled Alibaba Group Holding Ltd. ’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information before Alibaba noticed the scraping, a Chinese court verdict said. The software developer began using web-crawling software he designed on Taobao’s site starting in November 2019, gathering information including user IDs, mobile-phone numbers and customer comments, according to a verdict released this month by a district court in China’s central Henan province.
Sprawling cyber-espionage campaign linked to Chinese military unit
The Record
@campuscodi
Cybersecurity experts have uncovered evidence that interconnects several multi-year and sprawling cyber-espionage campaigns to a Chinese military unit operating out of the city of Ürümqi in China’s western province of Xinjiang. According to a report released today by Recorded Future’s Insikt Group, the People’s Liberation Army (PLA) Unit 69010 is believed to have been behind a series of cyber-espionage campaigns dating back to 2014 that have focused on gathering military intelligence from neighboring countries.
Critical entities targeted in suspected Chinese cyber spying
Associated Press
@AlanSuderman
A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities. The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear.
Talents from top Chinese universities arrested for cyber scams
Global Times
China's cyber police arrested a gang of three engaged in cyber investment scams in December 2020, who turned out to be postgraduates majored in computer science at the top Chinese universities, according to a recent release by the cybersecurity bureau of China's Ministry of Public Security.
Cotton to iPhones: Xinjiang labor casts shadow over electronics
Nikkei Asia
Takashi Kawakami
The plant was one of the most important for Ofilm. But it was forced to sell the facility after reportedly losing business with Apple because of allegations that members of China's Uyghur Muslim minority were used as forced labor at its plants. Just as many leading apparel manufacturers have stopped using cotton from China's Xinjiang region - amid allegations of Uyghur forced labor - the sale of the Ofilm plant suggests similar dynamics at play in the electronics sector.
Billionaire Alibaba founder Jack Ma spending his time painting
CNBC
@jbursz
Alibaba founder Jack Ma is staying out of the limelight, focusing his efforts on hobbies and philanthropy, according to a company executive. The billionaire founder has had a rocky year with the Chinese government, leading to time out of the public eye. In October, Ma made negative comments about Chinese financial regulators just days ahead of the initial public offering of Ant Group in Shanghai and Hong Kong, which would have been the world’s biggest. However, regulators effectively pulled the plug on the IPO two days before it was set to take place.
USA
Biden says he warned Putin on cyberattacks, Navalny's health
Axios
@JacKnutson
President Biden said he warned Vladimir Putin in their meeting in Geneva on Wednesday that Russia will face stiff consequences if it conducts cyberattacks on critical U.S. infrastructure or allows opposition leader Alexei Navalny to die. On cybersecurity, Biden said he presented Putin with what the U.S. considers the critical elements of its infrastructure and told him the U.S. would respond forcefully — with cyber means of its own — if they were targeted. "We'll find out whether we have a cybersecurity arrangement that begins to bring some order," he said.
Biden says he gave Putin list of 16 sectors that should be off-limits to hacking
CyberScoop
@snlyngaas
The two heads of state also agreed to task cybersecurity experts from each government “to work on specific understandings about what’s off-limits and to follow up on specific [cyber incidents] that originate in either of our countries,” Biden said at press conference after a roughly four-hour meeting with Putin.
Critical Infrastructure Sectors
CISA
There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.
Biden-Putin Meeting: U.S. President Should Be Bold on Cyber Warfare
Bloomberg
@TimOBrien
Biden should swap ritual for realpolitik after the two leaders meet in Geneva on Wednesday to review the framework and the friction circumscribing their countries’ relationship — particularly when it comes to cyber warfare. Putin has outmaneuvered all of Biden’s predecessors on an array of pivotal issues, and there’s little evidence that coddling him serves the strategic interests of Western democracies.
Banned Hidden Relabelled Hikvision Surveillance Purchased By US Embassy
IPVM
@healy_conor
A US Embassy is purchasing banned Hikvision OEMs, violating the NDAA ban. The embassy's contractor emailed IPVM asking us to sell them these products and was confused when IPVM alerted them to the fact that this was illegal.
Proud Boys and Oath Keepers, Forceful on Jan. 6, Privately Are in Turmoil
The Wall Street Journal
@rebeccaballhaus @khadeeja_safdar @shalini
The far-right group the Oath Keepers is splintering after board members accused the founder of spending its money on hair dye, steaks and guns. The leader of the Proud Boys, choked off from the financial system, is printing “Black Lives Matter” T-shirts to make money. The finances of the two most visible groups with members involved in the Jan. 6 riot at the U.S. Capitol are sputtering. Leaders are low on cash, struggling with defections and arguing with members over the future.
North Asia
TSMC tie-up puts spotlight on Japan's hidden chip champions
Nikkei Asia
Japan's semiconductor industry has attracted newfound attention as the race to build ever more powerful chips pushes development in a new direction: up. Japan's concentration of the technology needed to stack chip layers has drawn the world's biggest contract chipmaker, Taiwan Semiconductor Manufacturing Co., into a new research and development center in the country. TSMC will partner with some of the top semiconductor industry players here, including chip packaging provider Ibiden, materials supplier JSR and cutting device maker Disco.
Southeast Asia
Malaysia calls for cyber defence network in ASEAN
The Edge Markets
Malaysia has proposed that ASEAN member countries create a regional cyber defence network centre called ASEAN Cyber Defence Network (ACDN).
South Asia
Indian government launches trusted telecom portal
ET Telecom
@MuntazirAbbas
The government Tuesday launched a 'trusted telecom' portal as a part of the national security directive on the telecommunications sector.
UK
GCHQ on Twitter: Brand Management and Public Engagement
Exploring Digital Diplomacy
@Ilan_Manor
My analysis suggests that GCHQ uses Twitter towards five ends. First, GCHQ tweets portrayed the agency as a transparent government body willing to share information online and lift the veil of secrecy that has traditionally surrounded intelligence agencies.
Canada
Ensuring Robust Security in Federal Purchasing
House of Commons - Canada
This report discusses challenges with Nuctech and China, namely the link between Nuctech and the Chinese Communist Party, foreign government subsidies, the 2017 Chinese National Intelligence Law and Canada-China relations. It also looks at security concerns surrounding the standing offer awarded to Nuctech. Finally, it provides background on the federal integrity regime and on instruments designed to mitigate security risks in contracting such as supply chain integrity and the national security exception.
Cyberattack leads to computer system failure at Humber River Hospital, impacting patient care
Toronto Star
@Mariasarrouh @Megan_Ogilvie
A cyberattack at Humber River Hospital has triggered a Code Grey — or loss of essential services — leaving staff unable to access electronic patient records and diagnostic test results, and leading to long waits in the busy emergency department.
Europe
Ukrainian police arrest multiple Clop ransomware gang suspects
TechCrunch
@carlypage_
Multiple suspects believed to be linked to the Clop ransomware gang have been detained in Ukraine after a joint operation from law enforcement agencies in Ukraine, South Korea, and the United States. The Cyber Police Department of the National Police of Ukraine confirmed that six arrests were made after searches at 21 residences in the capital Kyiv and nearby regions. While it’s unclear whether the defendants are affiliates or core developers of the ransomware operation, they are accused of running a “double extortion” scheme, in which victims who refuse to pay the ransom are threatened with the leak of data stolen from their networks prior to their files being encrypted.
U.S.-EU Summit Statement
The White House
The European Union and the United States, met today to renew our Transatlantic partnership, set a Joint Transatlantic Agenda for the post-pandemic era, commit to regular dialogue to take stock of progress and establish a high-level U.S.-EU Trade and Technology Council (TTC).
Dr. Konstantinos Komaitis/Κωνσταντίνος Κωμαϊτης @kkomaitis
These are the areas of focus of the #US-#EU #Tech Council expected to be launched later today! https://t.co/VW2XvNWms8Middle East
Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents
CyberScoop
@snlyngaas
Researchers from Kaspersky and other firms only recently pieced together the activity, showing the limits of the cyber industry’s knowledge of Tehran-linked hacking against those who often bear the brunt of it: Iranian citizens.
Africa
Removing Coordinated Inauthentic Behavior From Ethiopia
Facebook
Facebook removed 65 Facebook accounts, 52 Pages, 27 Groups, and 32 accounts on Instagram for violating our policy against coordinated inauthentic behavior. This network originated in and focused on domestic audiences in Ethiopia.
Misc
Ransomware Gang Turns to Revenge Porn
VICE
@josephfcox
At least one ransomware gang has taken a rare and highly invasive step in order to convince its victims to pay: leaking nude images allegedly uncovered as part of their hack of a target company. The news presents an escalation in the world of ransomware and digital extortion, and comes as the U.S. government and other countries discuss new measures to curb the spike in ransomware incidents.
Apple Says It's Time to Digitize Your ID, Ready or Not
WIRED
@lilyhnewman
If you've ever scanned a digital boarding pass directly from your phone at airport security, you can imagine how doing the same with your driver's license would make life a little easier. Beginning in iOS 15 this fall, Apple will enable just that, letting you store your state ID alongside your credit cards, loyalty programs, transit passes, and even door and car keys in Apple Wallet. By doing so, the company won't just introduce convenience; it may well be the tipping point that forces more states, the US government, and even Android to make digital driver's licenses the norm.
Inside the Market for Cookies That Lets Hackers Pretend to Be You
VICE
@josephfcox
A representative for the hackers who breached EA said they bought the cookie from a site called Genesis Market.
Can Disinformation Be Stopped?
Harvard Magazine
“What we saw on January 6 was not a young people’s revolution. This was an artifact, or an outcome, of the design of Facebook,” Donovan says. “The time is now for realizing that of course, we can’t walk back in time and do something different. But we surely can insist the future of the internet isn’t like the present.”
Research
Who is developing the chips of the future?
Harvard Magazine
An often overlooked aspect of the semiconductor industry is the amount of research & development (R&D) necessary to advance the cutting-edge. The chips industry has one of the highest R&D margins across all industries – semiconductor companies easily spend on average more than 18% of their revenue on R&D. Furthermore, the vast majority of R&D is done by just a handful of countries and they are at the center of this analysis.
Avoiding civilian harm during military cyber operations: six key takeaways
ICRC
@KuboMacak Ewan Lawson
If the risk of civilian harm from military cyber operations is to be reduced, it is necessary to consider how it can be assessed and measured. In this post, Kubo Mačák, ICRC Legal Adviser, and Ewan Lawson, ICRC Military Cyber Adviser, introduce the new ICRC report from an expert meeting convened by the ICRC in January 2020 to discuss these issues.
Events
Jobs
ICPC Analyst or Senior Analyst - Cyber & technology
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional cyber-security or technology focused analyst or senior analyst to join its centre in 2021. Please note that interviews have commenced for this position and will continue until the end of June. This role will focus on policy relevant cybersecurity analysis, informed public commentary and either original data-heavy research and/or technical analysis. Analysts usually have around 7-15 years work experience. Senior analysts usually have a minimum of 15 years relevant work experience and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.
Research Fellow- AI TEV&V
CSET
CSET is currently seeking a Research Fellow to focus on the safety and risk of deployed AI systems. Specifically, the Fellow would research real-world AI incidents and use these identified incidents with other analyses of AI systems to inform policy recommendations regarding AI safety, test, evaluation, verification and validation (TEV&V) processes, standards setting and management, and the appropriate employment and operation of AI systems by businesses and the US Government (including the military).
Create your profile
Only paid subscribers can comment on this post
Check your email
For your security, we need to re-authenticate you.
Click the link we sent to , or click here to sign in.