Calling out China a fraught but necessary step | French President identified in leaked Pegasus data | White House exposes Facebook misinformation blind spot
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Australia’s strategic environment is changing rapidly. Once shaped exclusively by traditional security concerns where what mattered most was our military alliances, the state of our kinetic armed forces and diplomacy, today’s environment is increasingly shaped by new domains. Chief among them: cyberspace, technology and our online information landscape. The Sydney Morning Herald
The leaked database at the heart of the Pegasus project includes the mobile phone numbers of the French president, Emmanuel Macron, and 13 other heads of state and heads of government, the Guardian can reveal. The Guardian
The White House and other federal agencies have pressed Facebook to hand over data about how anti-vaccine narratives spread online, and have accused the company of withholding key information. President Biden on Friday accused the company of “killing people” by allowing false information to circulate widely. On Monday, he walked that back slightly, instead directing blame at people who originate falsehoods. The New York Times
ASPI ICPC
Calling out China a fraught but necessary step
The Sydney Morning Herald
@DaniellesCave
Australia’s strategic environment is changing rapidly. Once shaped exclusively by traditional security concerns where what mattered most was our military alliances, the state of our kinetic armed forces and diplomacy, today’s environment is increasingly shaped by new domains. Chief among them: cyberspace, technology and our online information landscape.
China was blamed for the Microsoft Exchange hack, but the consequences might end there
ABC News
@stephendziedzic
Australia has joined a US-led coalition of countries blaming China for orchestrating a massive hack of the Microsoft Exchange mail server back in January. The hack exposed tens of thousands of organisations across the world and allowed both Chinese security agencies — as well as criminal groups allegedly working with them — to access vast troves of valuable data and intellectual property. The EU certainly denounced the attack in strong language but it did not directly blame the Chinese government. Cyber security expert Bart Hoogeveen from the Australian Strategic Policy Institute (ASPI) said the carefully worded EU statement showed there were clear divisions in the bloc, with some members "not prepared to go as far" as the US.
Australia
Australia buying Digicel hits two birds with one stone
Australian Financial Review
@jonathan_pryke @ShaneMcLeod
On top of staving off a China telco monopoly, underwriting the purchase would show the government is putting big money on the table to get ‘blue chip’ companies to invest in the Pacific.
Amid China's rising influence, Telstra looks to buy the largest telecommunications company in the Pacific with government help
ABC News
@marianfaa @wayne_hilda
Telstra this week confirmed it was in talks to buy the Pacific arm of Digicel with financial support from the Australian government, in a move largely seen to counter China's influence in the region.
Labor presses for national ransomware strategy, mandatory reporting of ransom payments
ABC News
@LindaMottram
As Australia joins key allies attributing to China a massive hack against Microsoft earlier this year, Labor says the government needs a national ransomware strategy. Cyber spokesman Tim Watts says ransomware attacks cost Australia $1 billion a year but the government's goals remain unclear. He tabled a bill in Parliament earlier this year to make notification mandatory where companies facing hacks decide to pay a ransom. He says the government, and other agencies and experts are unanimous on the value of mandatory notification, to allow authorities to gather intelligence on the cybercriminals.
‘Show of force’: Why Australia fears China’s Microsoft hacking ‘ecosystem’ may escalate
The New Daily
@JoshButler
Allegations that Beijing was behind a massive hack of Microsoft data put China in “rogue state” territory, cyber security experts say. China has angrily denied Australian claims it was responsible for the attack on Microsoft Exchange email servers or the theft of corporate secrets, with the federal government admitting it risked “serious implications” by calling out the rising superpower.
More explanation needed on Australia’s naming and shaming of cyber attackers
The Sydney Morning Herald
@Gallo_Ways
The average Australian would be rightly confused about Australia’s policy in calling out countries behind malicious cyber attacks. The Australian government has not explicitly said why it named China in this instance but not on previous occasions. When asked about this at a press conference on Tuesday morning Home Affairs Minister Karen Andrews said the government’s level of confidence has to be “very high” for it to name a state actor.
Country behind cyber attack on ANU unlikely to be named, analyst says
The Canberra Times
@sbasfordcanales
Analysts consider it unlikely the culprit behind a major cyber attack at Australian National University three years ago will ever be publicly named. The sophisticated cyber attack, which occurred in late 2018, was publicly revealed in mid-2019 after Vice-Chancellor Brian Schmidt emailed students and staff about the breach.
China
The Failure of China’s Microchip Giant Tests Beijing’s Tech Ambitions
The New York Times
@paulmozur
Tsinghua Unigroup, a would-be microchip champion, is facing bankruptcy, a setback in China’s quest for semiconductor self-reliance. Tsinghua Unigroup’s flagging financial fortunes are an uncomfortable failure for Chinese officials, who sought to use state-guided funds and plans to pull even with the United States in an ever more pugnacious competition over the future of technology.
Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims
WIRED
@a_greenberg
When news hit earlier this week that Chinese hackers were actively targeting Microsoft Exchange servers, the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it's becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium breached as many victims they could find across the global internet, leaving behind backdoors to return to later.
China’s and Russia’s Spying Sprees Will Take Years to Unpack
WIRED
@brbarrett
First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak into victims’ email inboxes and beyond. The collective toll of these espionage sprees is still being uncovered. It may never be fully known.China hits back at US-led accusations over cyber attacks
Financial Times
@edwardwhitenz @cdcshepherd
China has challenged US-led accusations that Beijing was at the heart of a wave of global cyber attacks including an offensive against a Microsoft email application that affected tens of thousands of organisations.
Beijing bristles at West’s cyber claims
The Australian
@bennpackham
Beijing has accused the US, Australia and 38 other nations of “pouring dirty water on China” as it bristled at joint criticism of the Xi administration’s state-sponsored cyber hacking.
The US and its allies may not stop China's 'web of hackers', but it can 'deeply embarrass' Beijing
ABC News
@billbirtles
Monday night's announcement that China was behind large-scale cyber hacking activities worldwide was unprecedented for the size of the coalition that jointly made it. Three Australian ministers —Karen Andrews, Marise Payne and Peter Dutton — jointly issued a statement coordinated with the White House, NATO, the European Union, the UK, Canada, New Zealand and Japan.
China has the most restrictions on cross-border data flows, says Washington think tank
South China Morning Post
@shenxinmei @mashaborak
China, with 29 data localisation policies, is the most restrictive country when it comes to cross-border data flows, according to a report by Washington-based think tank Information Technology and Innovation Foundation (ITIF).
How China's Hacking Entered a Reckless New Phase
WIRED
@a_greenberg
For years, China seemed to operate at the quieter end of the state-sponsored hacking spectrum. While Russia and North Korea carried out hack-and-leak operations, launched massively disruptive cyberattacks, and blurred the line between cybercriminals and intelligence agencies, China quietly focused on more traditional—if prolific—espionage and intellectual property theft. But a collective message today from dozens of countries calls out a shift in China's online behavior—and how its primary cyber-intelligence agency's trail of chaos increasingly rivals that of the Kim Regime or the Kremlin.
USA
White House Dispute Exposes Facebook Blind Spot on Misinformation
The New York Times
@sheeraf
The White House and other federal agencies have pressed the company to hand over data about how anti-vaccine narratives spread online, and have accused Facebook of withholding key information. President Biden on Friday accused the company of “killing people” by allowing false information to circulate widely. On Monday, he walked that back slightly, instead directing blame at people who originate falsehoods.
China Compromised U.S. Pipelines in Decade-Old Cyberattack, U.S. Says
The Wall Street Journal
@Dnvolz
Hackers working for the Chinese government compromised more than a dozen U.S. pipeline operators nearly a decade ago, the Biden administration revealed Tuesday while also issuing first-of-its-kind cybersecurity requirements on the pipeline industry.
TSA is about to announce new ransomware protection requirements for pipelines
The Washington Post
@Joseph_Marks_
The Transportation Security Administration is today mandating that pipelines implement protections against ransomware and other cyberattacks, according to a statement shared with The Cybersecurity 202.
Pentagon drones ‘8 to 14 times’ costlier than banned Chinese craft
The Financial Times
@kiranstacey
Camera drones developed by the Pentagon are more expensive and less capable than the Chinese-made models they were designed to replace, according to an internal US government memo seen by the Financial Times.
SIA And USA National Security Threat Hikvision Co-Present Cybersecurity Webinar
IPVM
John Honovich
The US Security Industry Association worked with US national security threat Hikvision on a cybersecurity webinar. After questioning by IPVM, SIA canceled the webinar and refused to comment on the record.
The NSO Group, BlastDoor and Software Bugs, Apple’s Response
Stratechery
@benthompson
The NSO Group's exploits — and Apple's vulnerabilities — are interesting in what they say about the nature of software
Reading the Zoom Tea Leaves
The New York Times
@ShiraOvide
Zoom Video, the company whose video conferencing service has become a verb in the past 18 months, said on Sunday that it would spend roughly $15 billion to buy a company called Five9 that makes software for businesses’ customer service call centers. As my DealBook newsletter colleagues put it, Zoom is making a $15 billion bet on phone calls.
Ransomware hearing in Congress hones in on cybersecurity spending and state actors
The Block
@the_postman_
A House of Representatives subcommittee held a hearing focused on ransomware on Tuesday, honing in on a growing policy issue in recent months. Contrary to recurring fears among some industry observers, talk of a clampdown on cryptocurrency activities was fairly muted before the Oversight and Investigations subcommittee of the House Energy and Commerce Committee. Indeed, multiple witnesses noted the importance of good actors in the crypto space.
Senate to Investigate Crypto’s Role in Cybercrime
Coin Desk
@realDannyNelson
The U.S. Senate is set to investigate crypto’s use in ransomware on multiple fronts as regulators globally continue to scrutinize digital assets.
Ohio Lawmakers Consider Data Privacy, Cybersecurity Bills
Government Technology
Michael D Pittman @LynnHulseyDDN
Last week, the Ohio House of Representatives introduced a bill that would give Ohioans data privacy rights. Lawmakers point out, however, that another bill is needed to deflect future cyber attacks.
Top U.S. Catholic Church official resigns after cellphone data used to track him on Grindr and to gay bars
The Washington Post
@mboorstein @marisa_iati @AnnysWaPo
The top administrator of the U.S. Conference of Catholic Bishops resigned after a Catholic media site told the conference it had access to cellphone data that appeared to show he was a regular user of Grindr, the queer dating app, and frequented gay bars.
North Asia
Two Tokyo Olympics Show the Long Arc of Japan’s Tech Decline
Bloomberg
@IsabelRTokyo @pashakun
As Tokyo again prepares to host the Games this week, Japan is in a technological funk. Its heyday of setting the pace in televisions, recording devices and computers is far behind it. While Japan can claim credit for the Walkman, Apple Inc. came up with the iPhone. More humiliating yet, regional rival South Korea and its tech giant Samsung Electronics Co. have overtaken Japan in smartphones and memory chips.
Protecting the Tokyo games from cybercriminals
Intelligent CIO
Mark Bowen
Ever since the 2004 Athens Olympic Games, cybersecurity has been a growing concern for the host nations and the International Olympic Committee (IOC). The growing reliance on IT infrastructure has resulted in increased cybersecurity requirements to plan for and mitigate possible cyber-attacks.
UK
China cyberattack on British MPs exposed
The Age
@latikambourke
British MPs pushing to take a tougher stance on Beijing have been told that a cyberattack had been launched against them, a day after Five Eyes nations and allies accused China’s Ministry of State Security of carrying out a fresh cyber intrusion.
Smartphone Directions May Put Novice Hikers in Danger, Experts Say
The New York Times
@AlyssaLukpat
For inexperienced hikers, smartphones are a multipurpose tool: a flashlight, an emergency beacon and a GPS, all in one device. But it can be ill-advised, and possibly life-threatening, for hikers to rely solely on their phones as they head into the wilderness, experts say.
Europe
Emmanuel Macron identified in leaked Pegasus project data
The Guardian
@achrisafis Dan Sabbagh @skirchy Michael Safi
The leaked database at the heart of the Pegasus project includes the mobile phone numbers of the French president, Emmanuel Macron, and 13 other heads of state and heads of government, the Guardian can reveal.
Biden official: ‘We don’t know exactly why’ ransomware gang vanished from the web
POLITICO
@nahaltoosi
The Biden administration does not know exactly why ransomware gang REvil, thought to be based in Russia, has vanished from the dark web, a senior official said Tuesday. The Biden administration official’s comments, given in an interview with POLITICO, were the clearest yet to suggest that the United States did not play a direct role in taking down REvil’s websites and other online infrastructure in recent days.
Middle East
Facebook Catches Iranian Spies Catfishing US Military Targets
WIRED
@a_greenberg
On Thursday, the social media giant revealed that it has tracked and at least partially disrupted a long-running Iranian hacking campaign that used Facebook accounts to pose as recruiters, reeling in US targets with convincing social engineering schemes before sending them malware-infected files or tricking them into submitting sensitive credentials to phishing sites.
The Rise and FAll of NSO Group
Forbidden Stories
@AudreyTravere Phineas Rueckert
Ever since the brazen assassination of Saudi journalist and dissident in Turkey five months earlier, the Israeli spyware company had been thrust into an uncomfortable spotlight. NSO Group had dealt with scandals before, but this time the accusations were of a different magnitude. The company had been accused by a friend of the murdered journalist of having sold its spyware tool to Saudi Arabia, which then used it to intercept messages between the two dissidents in the weeks and months leading up to Khashoggi’s assassination.
Gantz: Defense Ministry looking into NSO Group investigation
The Jerusalem Post
@AAhronheim
The Defense Ministry is studying the investigation into NSO Group, Defense Minister Benny Gantz said Tuesday after it was revealed that the Israeli cyber company has been selling spyware to foreign governments to target journalists and activists.
SA’s ICT sector urgently needs a backbone
CyberBRICS
@BricsCyber
The ICT sector is not an overall employment creator on its own, barring a few niche areas. Rather, it acts to displace jobs, shifting the profile of employment away from low-skilled, information-sparse jobs that are susceptible to automation and artificial intelligence (AI), towards high-skilled work, requiring digital skills.
Pegasus spyware: 'Time to regulate cyber surveillance market', says expert
Thomson Reuters Foundation
@UmbertoBacchi
Former EU lawmaker Marietje Schaake, who is international policy director at Stanford University's Cyber Policy Center, told the Thomson Reuters Foundation the reports should act as a wake-up call for democratic nations to regulate the spyware market.
Events
Indigenous Cyber and Digital Skills Conference
ASPI’s IndigiCyber, Defence and Space Program
This half-day conference will canvas a range of curriculum and engagement initiatives in cyber-security and STEM as well as government and industry responses to both support those already in work, and to attract diverse candidates. What can defence, and defence-related sectors, do to support the next generation of technology champions? 23 Jun 2021 9:00 am - 1:00 pm
ASPI Webinar: In-Conversation with Marietje Schaake
ASPI ICPC
SPI's International Cyber Policy Centre is delighted to invite you to an in-conversation with Marietje Schaake, President of the Cyber Peace Institute, the International Policy Director at Stanford's Cyber Policy Center and International Policy Fellow at Stanford’s Institute for Human-Centered Artificial Intelligence. Join Fergus Hanson for an online ‘fireside chat’ with Marietje focusing on technology, democracy and the question of accountability. They will discuss how democracies can cooperate amidst rising authoritarianism and the privatised governance of technologies. They will also consider the rule of law and how it relates to the oversight of existing and emerging technologies. 27 July 2021 5:00 pm - 6:00 pm
Jobs
ICPC Senior Analyst or Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive senior analyst or analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.