China training Taiwanese influencers in new propaganda tactics | US Treasury watchdog warns of Government's use of cellphone data without warrants | Myanmar's internet shutdown: What you need to know

Feb 22, 2021

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

The Chinese Communist Party (CCP) has embarked on a campaign to cultivate online streamers and anchors from Taiwan to sway public opinion in its favor, reported CNA, citing sources familiar with national security matters. Taiwan News
A new Treasury Department watchdog report warns that law enforcement agencies may not be on firm legal footing when they use cellphone GPS data drawn from mobile apps without obtaining a warrant first. The Wall Street Journal
Myanmar has endured several internet blackouts since a military coup earlier this month. Internet in the country has been shut off every night for the past week, NetBlocks, an internet monitoring group, said on Sunday, while social media sites including Twitter, Instagram and Facebook have been blocked. "The regime of shutdowns and filters has produced an information vacuum that now severely limits news coverage and reporting of human rights violations," Thomson Reuters Foundation

ASPI ICPC

Beyond the China Initiative
Lawfare
Karman Lucero
According to research conducted by the Australian Strategic Policy Institute, the PRC also relies on some 600 “recruitment stations” across the world. Requiring institutions that work with these organizations, such as universities, to be as transparent as possible regarding sources of funding would help combat the PRC party-state’s tendency to obfuscate connections.

Read the ASPI ICPC Report 'Hunting the phoenix: The Chinese Communist Party’s global search for technology and talent' here.

Marika Katanuma @MarikaKatanuma

Japanese firms seek to end business deals with Chinese companies linked to Uighur forced labor, Kyodo reports, citing their investigation. Kyodo had reached out to 14 Japanese companies listed by @ASPI_org as benefiting from the use of Uighur labor.

日本の12社、ウイグル弾圧企業との取引停止へ－報道日本の主要小売り・製造業12社が、中国の新疆ウイグル自治区などでの少数民族ウイグル族に対する強制労働への関与が確認された中国企業との取引を停止する方針を固めたと共同通信が21日夜報じた。bloomberg.co.jp

Tim Watts MP @TimWattsMP

During the COVID-19 roll out, we need to be particularly careful to consider the source of information we come across online, and the motivations of the people who are sharing it.

Covid-19 Disinformation & Social Media ManipulationA range of actors are manipulating the information environment to exploit the COVID-19 crisis for strategic gain. ASPI’s International Cyber Policy Centre is tracking many of these state and non-state actors online, and will occasionally publish investigative, data-driven reporting that will focus o…aspi.org.au

World

RIPE NCC discloses failed brute-force attack on its SSO service
ZDNet
@campuscodi
RIPE NCC, the organization that manages and assigns IPv4 and IPv6 addresses for Europe, the Middle East, and the former Soviet space, has disclosed today a failed cyber-attack against its infrastructure.

The war between nation states and big tech is just getting started
The Australian Financial Review
@grantswilson
Big tech collided with democracy this past week in Australia, India and the UK. At the heart of the problem is that the platforms continue to prioritise the interests of shareholders, rather than a broader concept of stakeholders.

Australia

Fit for purpose or 'shameless'? Critics divided over Facebook and friends' new code to fight disinformation
ABC News
@JamesPurtill
Tech companies including Facebook and Google have released the final version of a long-awaited industry code to address the spread of misinformation on their services in Australia. The release comes only days after Facebook blocked Australians from viewing and sharing "news content" on its platform, leading experts to predict that misinformation would spread more rapidly in the news vacuum.

Why Facebook’s news ban was a predictable move
The Sydney Morning Herald
@oz_f
Facebook’s decision to pull the plug on news was not only entirely consistent with the logic embraced by both the government and media companies who have been advocating for the code, but was predictable.
How Australia May Have Just Saved Journalism From Big Tech
TIME
Robert Whitehead
Australia started this audacious attempt to rescue the free press from Big Tech in 2017 after regulators said companies like Facebook and Google exerted an outsized control of the flow of news to the public. With unusual bipartisan support, the government introduced a law last summer to force Big Tech companies to pay publishers for the use of their content in news feeds, summaries and search engines.
Mogul vs Mogul: Australia's tech law pits Murdoch against Zuckerberg
Tech Xplore
Andrew Beatty
Australia's push to regulate tech giants has become a power struggle between two of the world's most powerful men, with Rupert Murdoch and Mark Zuckerberg locked in a generational battle for media dominance.

Coronavirus scammers prepare to target Australians over vaccine rollout, experts warn
The New Daily
George Roberts
There are thousands of fraudsters preparing to exploit the COVID-19 vaccine program, experts say, warning the scams will look legitimate and the people behind them may even know your name, phone number and email.

Qantas urges govt to chip in for cyber incident interventions
IT News
@justinrhendry
Qantas has joined other sectors in asking the government to at least partially cover the cost of complying with proposed laws aimed at better defending the country’s critical infrastructure networks and systems from cyber attacks.

Science calls for $2.4b research translation fund
InnovationAus
@888riley
The nation's peak science lobby has called on government to use the expected $2.4 billion in savings from changes to the Research and Development Tax Incentive to fund the creation of a new research translation and commercialisation fund.

China

Yaqiu Wang 王亚秋 @Yaqiu

Very interesting (and outrageous) case. The Chinese govt "criminally detained" a 19-year-old man *residing overseas* who "smeared" "heroic officials and soldiers" (in the Galwan clash) on Weibo and is carrying out so-called "online pursuit" of him.

USA

US Treasury Watchdog Warns of Government's Use of Cellphone Data Without Warrants
The Wall Street Journal
@ByronTau
A new Treasury Department watchdog report warns that law enforcement agencies may not be on firm legal footing when they use cellphone GPS data drawn from mobile apps without obtaining a warrant first.

FBI seized congressional cellphone records related to capitol attack
The Intercept
@kenklippenstein @EricLichtblau
Within hours of the storming of the Capitol on January 6, the FBI began securing thousands of phone and electronic records connected to people at the scene of the rioting — including some related to members of Congress, raising potentially thorny legal questions.

Chinese hackers stole another NSA-linked hacking tool, research finds
CyberScoop
@shanvav
According to new research from Israeli security firm Check Point published Monday, a group of Chinese hackers known as APT31 appear to have copied an exploit developed by Equation Group, a hacking group broadly believed to be associated with the NSA, more than two years before the Shadow Brokers leaked the trove of NSA tools.

SolarWinds CEO talks hack, remaining questions before Capitol Hill hearings
CyberScoop
@timstarks
The chief executive of SolarWinds on Monday said his company is still seeking a fuller understanding of the scope of the hack on its Orion software — and laying the groundwork for what SolarWinds, as well as the federal government, should be doing next.

We would not survive a true first strike cyberattack
The Hill
@RepMikeRogers
If a full on “turn the lights off” cyber war were to happen today, we would lose. Think about that. We would lose a cyber war. With a few clicks of the mouse, and in just a few seconds, hackers in Beijing or Moscow could turn off our electricity, millions would lose heat, groceries would spoil, banking machines would not work, and people could not get gasoline. It would be what we have seen down in Texas, but on national scale and with no end in sight. That we have escaped a digital catastrophe thus far is not due to skill. It is due to blind luck and restraint from our adversaries.

North Asia

China training Taiwanese influencers in new propaganda tactics
Taiwan News
Huang Tzu-ti
The Chinese Communist Party (CCP) has embarked on a campaign to cultivate online streamers and anchors from Taiwan to sway public opinion in its favor, reported CNA, citing sources familiar with national security matters.

Southeast Asia

Myanmar's internet shutdown: What you need to know
Thomson Reuters Foundation
@behlihyi
The military has imposed information blackouts as people turn to VPN and encrypted messaging apps to skirt restrictions

Make in Vietnam': the way to stop doing outsourcing and increase participation in global value chains
Ministry of Information and Communications
Investing in technology and innovation is extremely important for Vietnam to bring products to a new height and escape the status of doing outsourcing for foreigners which the country has been clinging to for decades.

OU P. Narith @phannarith

Cambodia Internet Gateway clarification from Ministry of Post and Telecommunications of Cambodia

New Zealand & The Pacific

Facebook block hits region hard
Cook Island News
@esamoglou
As an Australia-wide ban on news content by Facebook continues, it is emerging just how prominent the social media platform has become for Cook Islands residents and people throughout the Pacific region.

UK

MPs want China and Russia barred from defence chain
The Telegraph
@batsub1
An investigation of foreign involvement in the military supply chain by the defence select committee found stronger safeguards around foreign investment are required. The MPs recommend a ‘whitelist’ of friendly countries as “most investments are from close allies and are to be welcomed”. But they add: “Countries falling outside this list should be barred from investing in the UK’s defence supply chain, including China and Russia.”

UK academics struggle with stricter security on China partnerships
Financial Times
@laurenscerulus @HankeVela
The most sensitive collaborations, highlighted by Civitas, involve “dual-use” technologies — such as facial recognition, drone or aerospace technology — which can have both civilian and military applications. The Foreign, Commonwealth and Development Office is due to tighten controls again, expanding from May the Academic Technology Approval Scheme checks for courses with military applications to researchers as well as students.

Europe

Europe looks to go it alone on microchips amid US-China clash
POLITICO
This week, European policymakers identified the chip shortages as a key strategic concern and presented plans to deal with it. “There is currently a game underway between the United States and China … and it is likely to continue to get tougher,” the EU’s Internal Market Commissioner Thierry Breton told reporters this week. “We in Europe intend to play our full part in this new geostrategic game of chess.”

Hikvision Cybersecurity Vulnerabilities Reported By Lithuania Government
IPVM
@ethanace
Nearly 100 vulnerabilities were found in Hikvision firmware by a new report from Lithuania's government. Hikvision refused to provide any response, despite being given 2 weeks time to respond.

China’s state broadcaster applies to France for right to air in Europe
Financial Times
CGTN was stripped of its licence by UK regulator Ofcom earlier this month.

Russia

How Investigative Journalism Flourished in Hostile Russia
The New York Times
@benyt
The boom in independent journalism and criticism of the government has reached a level “unseen in our country since the end of the 1990s,” Denis Volkov, the deputy director of the Levada Center, a Russian public opinion research group, wrote recently.

Middle East

In the Middle East, War Is Going Digital
Foreign Policy
@RoxaneFarma Jay Mens
The Gulf is rapidly becoming a laboratory for the ethics and practices of hybrid warfare. A new report (which one of us directed) from the Middle East and North Africa Forum at the University of Cambridge explores the drivers, and the direction, of the Gulf’s evolving strategy.

Misc

Apple Is Going to Make It Harder to Hack iPhones With Zero-Click Attacks
VICE
@lorenzofb
Apple is going to make one of the most powerful types of attacks on iPhones much harder to pull off in an upcoming update of iOS. The company quietly made a new change in the way it secures the code running in its mobile operating system.

Clubhouse Chats Are Breached, Raising Concerns Over Security
Bloomberg
@jamietarabay @KartikayM
A week after popular audio chatroom app Clubhouse said it was taking steps to ensure user data couldn’t be stolen by malicious hackers or spies, at least one attacker has proven the platform’s live audio can be siphoned.

This Website Made Clubhouse Conversations Public
VICE
@lorenzofb
A developer made a tool that scraped some conversations on Clubhouse and streamed them on a website, making them available to anyone—even people without an account—undermining the app's ephemeral, invitation-only nature.

Ericsson now boasts superior 5G radios to Huawei
Light Reading
Iain Morris
This is something of a breakthrough for Ericsson, and it might even negate one of the big advantages Chinese manufacturers have had over their European rivals.

Google fires top AI ethics researcher Margaret Mitchell
TechCrunch
@meganrosedickey
Google has fired Margaret Mitchell, the founder and former co-lead of the company’s ethical AI team. Mitchell announced the news via a tweet.

Events

ASPI Webinar: TikTok & WeChat, where to now?
ASPI ICPC
At this webinar, ASPI analyst Fergus Ryan will be joined by Lindsay Gorman from the German Marshall Fund’s Alliance for Securing Democracy; Jordan Schneider, host of the ChinaTalk podcast; Joanna Chiu, journalist and Dr Christopher Parsons from the Munk School's Citizen Lab, to examine and debate the challenges and threats posed by apps like TikTok and WeChat.

Research

Southeast Asia's Disinformation Crisis: Where the State is the Biggest Bad Actor and Regulation is a Bad Word
Items
@jonathan_c_ong
As Western democracies debate social media regulation, Jonathan Corpus Ong outlines the valuable lessons they can draw from Southeast Asian experiences. Governments in the region have weaponized regulation and hijacked moral panics about disinformation to consolidate control over the digital environment. The challenge facing the world, he argues, is to build a more precise language of responsibility to tackle this multidimensional issue.