China’s antigraft watchdog probes party leaders in Alibaba | Hackers release data trove from Belarus in bid to overthrow Lukashenko regime | Report finds NSO Group's spyware used on Bahraini activists

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • China’s anticorruption watchdog is investigating top government officials in the eastern Chinese city of Hangzhou, where Alibaba Group Holding Ltd and Ant Group Co. are based, raising questions about close ties between local top-level Communist Party officials and the private sector. The Wall Street Journal

  • Opponents of the Belarus government said they have pulled off an audacious hack that has compromised dozens of police and interior ministry databases as part of a broad effort to overthrow President Alexander Lukashenko’s regime. Bloomberg

  • Nine activists from Bahrain had their iPhones hacked by advanced spyware made by the Israeli company NSO Group, the world’s most infamous hacker-for-hire firm, a cybersecurity watchdog reported on Tuesday. Associated Press

ASPI ICPC

Crisis in Afghanistan, disinformation in Asia-Pacific & funding far right extremists
Policy, Guns & Money
Governments across the globe are grappling with how to deal with disinformation-for-hire operations and cyber-enabled foreign interference. The challenges posed by disinformation operations in the Asia-Pacific are explored in the new ASPI report ‘Influence for Hire: The Asia-Pacific’s online shadow economy.' Dr Jake Wallis, Ariel Bogle and Albert Zhang discuss the dangers of a manipulated information environment in the region and how policymakers should respond. Dr Teagan Westendorf speaks to Ariel Bogle about her new report ‘Buying and Selling Extremism: New funding opportunities in the right-wing extremist online ecosystem.’ They discuss de-platforming trends and the different platforms being used to fundraise.

Nazis and incels are using Gotye and MGMT to evade TikTok's auto-moderators, report finds
ABC News
@cog_ink
While it's hardly surprising fringe groups have used social media platforms to post hateful material, experts say TikTok has birthed creative ways to distribute the content and dodge auto-takedowns. These evasions have included something as simple as changing the soundtrack — but it remains unclear what exactly works."TikTok is notoriously quite a difficult platform to study, for one thing it's kind of new and there isn't much of a methodology," said Ariel Bogle, an analyst at the International Cyber Policy Centre (ICPC). “It's also driven by an algorithm, which has remained very opaque."

World

Data and knowledge must be protected against cyber attack
Financial Times
When two Amsterdam-based universities accepted funding for research on artificial intelligence and internet search from network technology group Huawei last year, the decision raised eyebrows. While the US government was pointing to security risks and pressing European allies to join its decoupling efforts, Chinese companies continued offering enticing research and development investment deals, seen as part of the country’s soft power arsenal.

Resistance is futile - The War on Terror supercharged state power
Foreign Affairs
Thomas Hegghammer
Spectacular though the 9/11 attacks were, they did not, as many feared, indicate that large and powerful terrorist organizations had laid down roots in the West and threatened the foundations of its social order. Meanwhile, the persistent fear of that outcome—which was never likely—has blinded many to an opposing trend: the steadily growing coercive power of the technocratic state. With artificial intelligence already entrenching this advantage, the threat of a major armed rebellion, in developed countries at least, is becoming virtually nonexistent.

How data brokers sell access to the backbone of the internet
VICE
Joseph Cox
Team Cymru, one threat intelligence firm, works with ISPs to access that netflow data, three sources said. Keith Chu, communications director for the office of Senator Ron Wyden which has been conducting its own investigations into the sale of sensitive data, added that Team Cymru told the office "it obtains netflow data from third parties in exchange for threat intelligence."

Australia

‘I was petrified’: Scammers impersonate federal agents in bid to rob Australians
Sydney Morning Herald
@Laura_R_Chung
Angela is one of many Australians who have been contacted by scammers impersonating federal agents from the AFP and the Australian Tax Office. In many cases, the scammers make it appear that the number they are dialling from is that of an official government agency, also known as spoofing.

Australian businesses stop reporting ransomware attacks over exfiltration doubts
iTnews
@rycrozier
Australian businesses are incorrectly relying on what they think is a loophole in notifiable data breach laws to avoid reporting ransomware infections.

Govt to give ‘clarity’ on data sovereignty in two years
Innovation Aus
@joseph_brookes
Home Affairs is leading the development of a data security “Action Plan” to provide more clarity to governments and industry on the Commonwealth’s approach to data sovereignty and security, amid concerns about cyber security and digital supply chains.

China

China’s antigraft watchdog probes party leaders in Alibaba, Ant’s backyard
The Wall Street Journal
@shashamimi
China’s anticorruption watchdog is investigating top government officials in the eastern Chinese city of Hangzhou, where Alibaba Group Holding Ltd and Ant Group Co. are based, raising questions about close ties between local top-level Communist Party officials and the private sector.

How China’s top internet regulator became Chinese tech giants’ worst enemy
Quartz
@Jane_Li911
The CAC had already become a powerful agency under Lu’s watch—but it has grown even more important and centralized in recent years. Its expansive powers mean it has few analogs in the world, especially in the west, where tighter regulation of Big Tech is also underway.

Unpacking China’s game-changing data law
Protocol
@shenlulushen
China's National Congress passed the highly anticipated Personal Information Protection Law on Friday, a significant piece of legislation that will provide Chinese citizens significant privacy protections while also bolstering Beijing's ambitions to set international norms in data protection.

The world’s hottest smartphone brand is Chinese—and it isn’t Huawei
The Wall Street Journal
@DanStrumpf
U.S. sanctions have pummelled Huawei Technologies Co.’s smartphone business. A different Chinese tech company is reaping the benefits. Xiaomi Corp. has filled the gap left by Huawei in markets from Europe to Southeast Asia to China. It is doing so with a playbook familiar to many Chinese consumer brands: offering functional gadgets comparable to upscale rivals at prices that often undercut them.

Huawei phone spinoff Honor stages big comeback in China
Nikkei Asia
Takashi Kawakami
Company rides on bold handset drive, but possible US sanctions loom as a threat.

Wealthy Chinese exile Guo Wengui, tied to misinformation campaigns, sued by investors in media company
CNBC
@schwartzbCNBC
The Graphika report claims that the businesses and foundations tied to Guo comprise a network that "acts as a prolific producer and amplifier of mis- and disinformation, including claims of voter fraud in the U.S., false information about Covid-19, and QAnon narratives." A representative for Guo has previously denied that the Chinese businessman controls content on GTV.

Uber rival Didi Chuxing suspends plans for UK and Europe launch
The Guardian
@jjpjolly
Chinese Uber rival Didi Chuxing has reportedly suspended plans to launch in the UK and Europe, as the ride-hailing company faces pressure from authorities in its home market.

USA

Timeline: Rep. Jim Jordan, a systematic disinformation campaign, and January 6
Just Security
@justinhendrix @nicktonckens Sruthi Venkatachalam
Over the course of the past year, congressman Jim Jordan (R-OH), the ranking member of the House Judiciary Committee, has engaged in a systematic effort to cast doubt on the integrity of the 2020 U.S. presidential election.

Telling conservatives it’s a shot to ‘restore our freedoms’: How online ads are promoting coronavirus vaccination
The Washington Post
@jeremybmerrill @drewharwell
At least 35 government agencies, nonprofit entities, corporations and public figures have purchased ads with different pro-vaccination messages, each set to reach — and hopefully persuade — Americans based on characteristics such as political affiliation, cultural identity and hobbies, a Washington Post analysis of Facebook ad data has found. The practice, known as microtargeted advertising, is one of the Internet’s biggest boogeymen and has long been criticized as invasive, discriminatory and divisive. But the ad technique — in which marketers use tech companies’ data to show certain messages only to people with specific interests or traits — has also become an important tool in the battle to boost vaccination rates across the United States.

China Is organizing the VR industry and the United States could do the same
RAND Corporation
Will Shumate Timothy Marler
The United States may have unrealized opportunities to accelerate broad benefits from virtual reality (VR) technology. Especially when viewed through the lens of international competition, U.S. efforts to organize and stimulate the VR industry have been relatively small. Moreover, the lack of concentrated support and attention could risk enabling various threats from competing nations.

New CISA director wants to spend less time cleaning up after big hacks, more time preparing for them
CyberScoop
@snlyngaas
U.S. cybersecurity officials have scrambled to respond to one major hacking incident after another over the past nine months, from the alleged Russian intrusions into federal networks using bugged SolarWinds software, to the extortion of Colonial Pipeline, which controls the East Coast’s biggest fuel artery. Jen Easterly, the new director of the U.S. Cybersecurity and Infrastructure Security Agency.(CISA), wants to break that cycle, and spend less time putting out fires and more time preparing for incidents in an attempt to reduce their impact

Apple and Google’s fight in Seoul tests Biden in Washington
The New York Times
David McCabe Yu Young Jin
A proposal in the South Korean legislature is an early test of how forcefully the Biden administration will defend the companies abroad while trying to trim their power at home.

Infamous Capitol Hill attacker was allegedly posting inside neo-Nazi chatroom
VICE
Ben Makuch
The woman accused of stealing a laptop used by House Speaker Nancy Pelosi’s staff during the January 6 Capitol Hill mob-attack appears to have also been posting in a notorious neo-Nazi chatroom.

U.S. announces cyber deals with Singapore as Washington looks to counter Beijing
The Record
@martinmatishak
The Biden administration on Monday unveiled a series of agreements with Singapore, including three meant to bolster cybersecurity ties and combat digital threats.

Apple’s Tim Cook, Microsoft’s Satya Nadella plan to visit White House
Bloomberg
Rebecca Kern @markgurman @spencersoper
The chief executive officers of Apple Inc., Microsoft Corp. and Amazon.com Inc. plan to attend a White House meeting with President Joe Biden this week to discuss efforts by private companies to improve cybersecurity following a dramatic uptick in ransomware and online attacks over the past year.

FBI sends its first-ever alert about a 'ransomware affiliate'
The Record
@campuscodi
The US Federal Bureau of Investigations has published today its first-ever public advisory detailing the modus operandi of a “ransomware affiliate.” A relatively new term, a ransomware affiliate refers to a person or group who rents access to Ransomware-as-a-Service (RaaS) platforms, orchestrates intrusions into corporate networks, encrypt files with the “rented ransomware,” and then earn a commission from successful extortions.

Far-right extremists in United States applaud Taliban’s takeover of Afghanistan
Medium
@jaredlholt
Andrew Torba, who operates alternative social media platform Gab, published a post on his platform likening the Taliban’s takeover of Afghanistan to what he believes is possible in the United States, writing “there’s no reason we can’t too.” New users to Gab are subscribed to Torba’s account by default.

The US Army is using a controversial facial-recognition technology that uses images from social media to identify people, documents show
Business Insider
@caro1inehaskins
The US Army has a contract with Clearview AI, according to documents that reveal the controversial facial-recognition startup making bold claims to the military about capabilities such as "criminal network discovery" and "force protection and area security."

South-East Asia

Singapore and US to work more closely on cyber security; three agreements signed
The Straits Times
Hariz Baharudin
Singapore and the United States will work more closely to share information on cyber threats and coordinate their response to online security incidents, as part of improving cyber-security cooperation and deepening ties between the two nations. A new agreement for the countries to share digital information relating to the financial sector was among three memorandums of understanding (MOUs) that were signed to deepen cyber-security partnerships.

South and Central Asia

The Taliban, not the West, won Afghanistan’s technological war
MIT Technology Review
@ProfAnkersen @ThreshedThought
The US-led coalition had more firepower, more equipment, and more money. But it was the Taliban that gained most from technological progress. 'The Taliban, meanwhile, made some huge leaps. They began this war with AK-47s and other simple, conventional weapons, but today they have harnessed mobile telephony and the internet—not just to improve their weapons and their command-and-control systems, but even more crucially, to carry out their strategic communications and their influence operations.'

The Taliban takeover is forcing Afghans to delete their photos and posts—it’s a free expression tragedy
PEN America
Matt Bailey
Along with civil society and world governments, the tech giants are providing emergency support to those most at risk of censorship or reprisal by the Taliban. But there are two additional aspects of this tragedy that demand recognition. First, the problem is societal in scale, not individual; it is not only activists and artists that need support but an entire society and culture. Second, the choice between safety and erasure is one no society should ever have to make.

UK

Didi suspends UK launch plans amid China crackdown on tech firms - Telegraph
Reuters
@EvaMathews99
Chinese ride-hailing giant Didi Global Inc has suspended its plans to launch in Britain and continental Europe, The Telegraph reported on Monday, against the backdrop of a regulatory backlash at home over data privacy.

PayPal to allow UK users to buy and sell cryptocurrencies
The Guardian
PayPal is to allow users in the UK to buy, hold and sell cryptocurrencies through the payment platform for the first time.The firm said it would allow customers to choose from four types of cryptocurrency – bitcoin, ethereum, litecoin and bitcoin cash – and that the service would be available via the PayPal app and its website.

NSO iPhone spyware hacks Bahrain activists in The U.K., report claims
Forbes
@iblametom
Nine Bahraini activists have had their iPhones hacked by malware allegedly created by $1 billion-valued Israeli spyware giant NSO Group, according to research released Tuesday. The hacks hit two United Kingdom-based activists, with at least one device breached while it was in the country, according to surveillance tracking nonprofit Citizen Lab. One of the activists in exile said he now fears for his safety, while raising concerns that British hacking laws have been broken.

Europe

Hackers release data trove from Belarus in bid to overthrow Lukashenko regime
Bloomberg
@rj_gallagher
Opponents of the Belarus government said they have pulled off an audacious hack that has compromised dozens of police and interior ministry databases as part of a broad effort to overthrow President Alexander Lukashenko’s regime. The Belarusian Cyber Partisans, as the hackers call themselves, have in recent weeks released portions of a huge data trove they say includes some of the country’s most secret police and government databases. The information contains lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centers and secret recordings of phone calls from a government wiretapping system, according to interviews with the hackers and documents reviewed by Bloomberg News.

EXCLUSIVE EU considers help for rare earth magnet production - sources
Reuters
@Eric Onstad
The EU is working on proposals to jump-start home output of a type of specialist magnet vital in electric car motors by offering support to local producers so they can compete with Chinese rivals, sources close to the situation said.

Middle East

Report finds NSO Group's spyware used on Bahraini activists
Associated Press
@AlanSuderman
Nine activists from Bahrain had their iPhones hacked by advanced spyware made by the Israeli company NSO Group, the world’s most infamous hacker-for-hire firm, a cybersecurity watchdog reported on Tuesday.

Hackers leak surveillance camera videos purportedly taken from inside Iran's Evin Prison
Zetter
@KimZetter
A hacking group calling itself Adalat Ali (Justice of Ali) claims it has broken into computer systems belonging to Iran’s notorious Evin prison, where Iranian and foreign political detainees are housed, and stolen hundreds of gigabytes of documents and images, including video taken from the prison’s CCTV cameras.

Misc

Did overuse cause Zoom to go down across the world?
Tech Wire Asia
@thecrystalcrown
Has video collaboration software reached the pinnacle of its growth curve already, as the world slowly transitions to a post-pandemic ‘new normal’ – one with perhaps greatly reduced need for virtual meetings? Or are these creeping Zoom outage issues a sign of bigger troubles brewing?

A hacker stole and then returned $600 million
VICE
@lorenzofb
The bizarre saga of the Poly Network heist is seemingly over after the company recovered all the stolen funds and is now in the process of returning them to its customers.

Influencers are taking desperate measures to recover their Instagram accounts
BuzzFeed News
@laurenstrapa @tanyachen
People who operate on the fringes of Instagram’s community guidelines say they’ve resorted to desperate measures after losing their accounts, turning to dealers who say they have a back door to the platform.

We need to reclaim our lives from our phones and 'reset,' says CBC Massey lecturer Ron Deibert
CBC Radio
Renowned tech expert Ron Deibert exposes the disturbing impact of the 'always-connected mega-machine'. Deibert says these problems aren't ones that individuals can resolve on their own — they form a web of inter-related issues. He points to the structures of social media technology, how they are addictive by design, and how our constant engagement is part of a business model that works more for social media giants than for their users.

Events

The 2021 Innovations Dialogue: Deepfakes, Trust and International Security
United Nations Institute for Disarmament Research
The United Nations Institute for Disarmament Research (UNIDIR) welcomes you to the 2021 Innovations Dialogue: Deepfakes, Trust and International Security. This one-day convening will explore the importance of trust for international security and stability and shed light on how the growing deepfake phenomenon could undermine this trust.

Research

Dueling information campaigns: The war over the narrative in Tigray
Media Manipulation Casebook
@claireLwilmot Ellen Tveteraas @CyberAlex
This case study focuses on competing information campaigns related to the active military conflict in the Tigray region of Ethiopia, which began in November, 2020. Amid the information and access constraints during the ongoing crisis, contesting narratives designed to influence international understanding of the conflict played out largely on Twitter.

Hatescape: An in-depth analysis of extremism and hate Speech on TikTok
Institute for Strategic Dialogue
@ciaranoconnor
This research examined how TikTok is used to promote white supremacist conspiracy theories, produce weapons manufacturing advice, glorify extremists, terrorists, fascists and dictators, direct targeted harassment against minorities and produce content that denies that violent events like genocides ever happened. Furthermore, the report includes analysis of how users seek to evade takedowns by TikTok.

The Technology 202: Study finds sites that mislead, not flat-out lie, attract record share of Facebook engagements
The Washington Post
@aaronjschaffer
As overall engagement on Facebook dropped this year, sites that share news misleadingly are attracting a record-level share of the platform’s audience, according to a study shared exclusively with The Technology 202.

From Pearl to Pegasus: Bahraini government hacks activists with NSO Group Zero-Click iPhone exploits
Citizen Lab
@billmarczak Ali Abdulemam Noura Al-Jizawi Siena Anstis
The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society). At least four of the activists were hacked by LULU, a Pegasus operator that we attribute with high confidence to the government of Bahrain, a well-known abuser of spyware.

Jobs

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.