China to launch initiative to set global data-security rules | Service NSW reveals hackers stole 738GB of data in email compromise | FBI sweep of China researchers leads to cat-and-mouse tactics
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
China is launching its own initiative to set global standards on data security, countering U.S. efforts to persuade like-minded countries to ringfence their networks from Chinese technology. Chinese Foreign Minister Wang Yi is scheduled to announce the initiative on Tuesday at a seminar in Beijing on global digital governance, according to people briefed on the matter. The Wall Street Journal
Service NSW has revealed that hackers behind an email compromise attack against 47 staff members earlier this year stole 738GB of data, encompassing 3.8 million documents. In an update on Monday, the one-stop-shop for NSW government services confirmed the data loss, which included the personal information of 186,000 customers. IT News
A search by U.S. authorities for Chinese researchers with ties to China's military is leading to intensifying cat-and-mouse tactics involving what prosecutors say are foiled escapes, evidence tossed into a dumpster and a chase through an airport. In one case, a researcher at the University of California, Los Angeles studying artificial intelligence is accused by federal prosecutors of destroying evidence sought by the FBI in an investigation into potential technology theft. The researcher, Guan Lei, threw a damaged computer hard drive in a dumpster days after he was stopped from leaving the U.S. at Los Angeles International Airport, prosecutors allege. The Wall Street Journal
ASPI ICPC
Norway once felt China's wrath – what can Australia learn from them?
ABC
In the view of ASPI, Australia shouldn't necessarily be looking to return to an unfavourable status quo with China. In their report, they've recommended countries facing pressure from China band together through multilateral forums and form coalitions where they can call out China's behaviour. "Repairing the relationship doesn't guarantee it won't happen in the future," Ms Currey said. "It seems to be something that the CCP kind of escalates and deescalates at will, so there's no guarantee that if Australia does work on fixing the relationship that it's actually going to benefit Australia in the long-run."
Read the ASPI ICPC report The Chinese Communist Party’s coercive diplomacy here.
Australia
Service NSW reveals hackers stole 738GB of data in email compromise
@justinrhendry
IT News
Service NSW has revealed that hackers behind an email compromise attack against 47 staff members earlier this year stole 738GB of data, encompassing 3.8 million documents. In an update on Monday, the one-stop-shop for NSW government services confirmed the data loss, which included the personal information of 186,000 customers.
Morrison warns Facebook and Google he won’t respond well to any threats over news code
@Paul_Karp
The Guardian
Scott Morrison has warned big tech companies against employing “coercion” in their arm wrestle with the Australian government over paying for the use of news content. The Australian prime minister warned he does not respond well to threats on Monday, commenting on an escalating campaign against a proposed media industry code, including high-profile ads on Google and YouTube and a threat from Facebook to block all Australians from sharing news on its platform.
Our way of life facing cyber security threats
The Australian Financial Review
Since the nation emerged from a catastrophic bushfire season early this year, we have been hit with a huge number of malicious cyber attacks and that number has continued to grow during the coronavirus pandemic.
Govt unveils code of practice to boost IoT security
Technology Decisions
The Australian Government has released a code of practice for IoT devices like smart televisions and security cameras to protect consumers from cyber threats.
China
China to Launch Initiative to Set Global Data-Security Rules
@ByChunHan
The Wall Street Journal
China is launching its own initiative to set global standards on data security, countering U.S. efforts to persuade like-minded countries to ringfence their networks from Chinese technology. Chinese Foreign Minister Wang Yi is scheduled to announce the initiative on Tuesday at a seminar in Beijing on global digital governance, according to people briefed on the matter.
Google says Street View maps algorithm error blurred out Hong Kong protest graffiti aimed at Xi Jinping
Hong Kong Free Press
@creery_j
Google has told HKFP that an algorithm error led to some protest graffiti in Hong Kong being blurred out its updated Street View Map. The graffiti, which read “[Chinese leader] Xi Jinping must die for the sake of the world,” was spray-painted onto plant pots separating sections of Nathan Road in Yau Ma Tei – a regular flashpoint during last year’s pro-democracy protests.
China bans Scratch, MIT's programming language for kids
TechCrunch
@ritacyliao
China’s enthusiasm for teaching children to code is facing a new roadblock as organizations and students lose an essential tool: the Scratch programming language developed by the Lifelong Kindergarten Group at the MIT Media Lab.
US
FBI Sweep of China Researchers Leads to Cat-and-Mouse Tactics
The Wall Street Journal
@Kate_OKeeffe & @aviswanatha
A search by U.S. authorities for Chinese researchers with ties to China's military is leading to intensifying cat-and-mouse tactics involving what prosecutors say are foiled escapes, evidence tossed into a dumpster and a chase through an airport. In one case, a researcher at the University of California, Los Angeles studying artificial intelligence is accused by federal prosecutors of destroying evidence sought by the FBI in an investigation into potential technology theft. The researcher, Guan Lei, threw a damaged computer hard drive in a dumpster days after he was stopped from leaving the U.S. at Los Angeles International Airport, prosecutors allege.
Pentagon says Microsoft still deserves $10 billion JEDI cloud contract
Engadget
@stevetdent
After an internal investigation, the US Department of Defense (DoD) announced that is standing by its decision to award the $10 billion JEDI cloud computing contract to Microsoft and not Amazon. The probe was triggered after Amazon complained that the integrity of the bidding process was cast into doubt because of statements by President Trump.
Trump Emerges as Inspiration for Germany’s Far Right
The New York Times
@kbennhold
But his message of disruption — his unvarnished nationalism and tolerance of white supremacists coupled with his skepticism of the pandemic’s dangers — is spilling well beyond American shores, extremism watchers say. In a fast-expanding universe of disinformation, that message holds real risks for Western democracies, they say, blurring the lines between real and fake news, allowing far-right groups to extend their reach beyond traditional constituencies and seeding the potential for violent radicalization.
US Issues Cybersecurity Principles for Space Systems
Infosecurity Magazine
The White House has issued a new set of cybersecurity principles designed to protect its commercial and critical infrastructure investments in space. The Space Policy Directive-5 details a list of recommended best practices for securing the information systems, networks and “radio-frequency-dependent wireless communication channels” that together power US space systems.
Trump deploys YouTube as his secret weapon in 2020
Politico
In 2016, Donald Trump’s campaign cracked the code on Facebook as a campaign tool — gaining an advantage over Hillary Clinton that was little noticed at the time but helped propel him to victory. This time, the president is betting big on YouTube.
Europe
Switzerland’s new cybersecurity centre is a step in the right direction
SwissInfo
Two Swiss cybersecurity experts argue that a newly created national organisation is a good platform for addressing online attacks, amid increasing threats to business, government and private citizens.
Russia
How a Soviet Triple Agent Recruited New Spies in the West
DailyBeast
A KGB manual, published in English for the first time, reveals how Soviet spies infiltrated Western governments in an elaborate game of cat-and-mouse.
Misc
How my mother and I became Chinese propaganda
The New Yorker
@JiayangFan
At some point, I stop scrolling. The messages I dread the most come not from Internet strangers but from people who know me—my aunt, my uncle, my mother’s childhood best friend. On WeChat, they link to various Chinese-language articles about me and ask, “Have you read this?” The next question would be almost funny if it weren’t so painfully earnest: “Do you know this Jiayang Fan?” I do not presume to know this character, but countless social-media posts, video blogs, and comments describe her as a creature driven by self-loathing. I find a story about my mother and me in the Global Times, a state-controlled Chinese newspaper with twenty-eight million followers on Weibo.
She Was Tricked by Russian Trolls—and It Derailed Her Life
The Daily Beast
For a time, it seemed like a great gig. Jacinda Chan’s job working for the website Peace Data was everything she’d been looking for. It was paid work writing about her favorite subject—human rights and Latin America—and her editors paid on time. Chan, who was born with spinal muscular atrophy and is a quadriplegic, hadn’t been able to get many good jobs in journalism. “I have difficulty finding employment in the USA because people look at me and wonder how I can work if I'm on a respirator,” she wrote to an editor at the site in July. “That is why I like this job. Nobody questioned my ability because I'm disabled. I just got the money.”
How to boost WhatsApp’s privacy and better protect your data
Wired
@mattburgess1
In the summer of 2016, WhatsApp made an unprecedented change. The Facebook-owned company turned on end-to-end encryption by default for all of the billion-plus people using it and in the process became the world's biggest encrypted messenger.
Events
Australian OSINT Symposium
OSINT Combine
7 - 10 September 2020
The Australian OSINT Symposium is a conference for government groups, corporations & the public to come together and collaborate on open source intelligence techniques & share experiences to foster greater efficiencies and effectiveness within Australian & global organizations. ICPC’s Elise Thomas and Nathan Ruser are speaking at this event.
Register here.
Real talk: Dismantling white supremacy in tech
General Assembly
8 September 2020
Join us with Yassmin Abdel-Magied and her all-star panel, diving deep into how to dismantle white supremacy in your tech organisation.
Register here.