Facebook setting up DC lobbying group | US Gov released details of North Korean hacking tools | Twitter allows indefinite work from home

May 12, 2020

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

Facebook is working behind the scenes to help launch a new political advocacy group that would combat U.S. lawmakers and regulators trying to rein in the tech industry. The Washington Post
The FBI and the Department of Homeland Security are preparing to jointly expose North Korean government-backed hacking this week, CyberScoop has learned. CyberScoop
Twitter CEO Jack Dorsey emailed employees on Tuesday telling them that they’d be allowed to work from home permanently, even after the coronavirus pandemic lockdown passes. Buzzfeed News

ASPI ICPC

ASPI Cyber Policy @ASPI_ICPC

Want to stay cyber safe & secure when working from home? Watch below 👇👇

Australia

COVID tracing app needs a makeover, not new laws to keep privacy safe
Sydney Morning Herald
The solution to privacy concerns lies not in laws but in a major makeover to keep personal data private. Such a makeover would also fix the major flaw that has marred the app from the start.

China

Welcome to the New Era of Chinese Government Disinformation
The Diplomat
@Sarah_G_Cook
The coronavirus fallout is hastening Beijing’s shift toward covert, Russian-style tactics.

Huawei Struggles to Get Along Without Google
The Wall Street Journal
@DanStrumpf
China’s Huawei Technologies Co., barred by the U.S. from buying American technology, has found a lot of workarounds—but is having a hard time replacing Google, on which it has relied for a decade. Without the search-and-software giant’s apps, smartphone fixtures around the world, the once-relentless march of Huawei’s phones is faltering.

USA

Facebook is quietly helping to set up a new pro-tech advocacy group to battle Washington
Washington Post
@tonyromm
Facebook is working behind the scenes to help launch a new political advocacy group that would combat U.S. lawmakers and regulators trying to rein in the tech industry.

Cyber Command Needs New Acquisition Authorities
Lawfare
@eborghard
Congress should accept the recommendation in the Cyberspace Solarium Commission’s March 2020 report to create a major force program (MFP) category for cyberspace as part of the fiscal 2021 National Defense Authorization Act (NDAA).

Elsa Kania on How the U.S. Can Mitigate Risk Responsibly
The Wire China
@EBKania
The analyst discusses tech transfer and avoiding profiling in countermeasures.

NSO Group Pitched Phone Hacking Tech to American Police
Vice News
@josephfcox
NSO Group, the surveillance vendor best known for selling hacking technology to authoritarian governments, including Saudi Arabia, also tried to sell its products to local U.S. police.

John Scott-Railton @jsrailton

Big news day for NSO. A raft of ex-officials who brought Pegasus spyware to Ghana were just jailed, incl. fmr. Director-Gen. of their National Communications Authority, and fmr. National Security Coordinator. ghanabusinessnews.com/2020/05/12/cou…

Reddit’s QAnon Casualties is a home for survivors of the conspiracy
The Daily Dot
@rothschildmd
There are now so many people who have lost someone they care about to the Tom Clancy-meets-Dan Brown militia fantasy of QAnon that they’ve formed their own community on Reddit.

The White House @WhiteHouse

To protect government systems from untrusted IT vendors—including those from China—@StateDept "will begin requiring a 'clean path' for all 5G network traffic between U.S. diplomatic facilities and the United States." West Wing Reads: 45.wh.gov/qPpLTE

North-East Asia

FBI, DHS to go public with suspected North Korean hacking tools
CyberScoop
@shanvav
The FBI and the Department of Homeland Security are preparing to jointly expose North Korean government-backed hacking this week, CyberScoop has learned. Threat data meant to help companies fend off hackers has already been shared with the private sector in an effort to boost cyber-defenses in critical infrastructure sectors.

North Korean Malicious Cyber Activity
CISA
On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released three Malware Analysis Reports (MARs) on malware variants used by the North Korean government.

Europe

The global rush for standards in blockchain.
EU Directions Blog
@annamaria_osula
The European Union aspires to become a leader in producing, adopting and governing new digital technologies. One strategically important step to achieving this goal is taking a leading role in shaping the rules and standards governing these technologies.

Could the Coronavirus Crisis Strengthen Due Diligence in Cyberspace?
Council on Foreign Relations
@SicovanderMeer
The European Union recently called upon countries to exercise due diligence with regard to cyberattacks targeting health organizations. Could the coronavirus crisis present an unanticipated opportunity for increasing international agreement on how due diligence applies in cyberspace?

Middle East

Foreign intelligence officials say attempted cyberattack on Israeli water utilities linked to Iran
Washington Post
@jobywarrick @nakashimae
Iran is being linked to an attempted cyberattack last month that authorities believe was aimed at disrupting water supplies in at least two locations in Israel as that country was seeking to contain a covid-19 outbreak, according to foreign intelligence officials familiar with the matter.

Misc

Twitter Will Allow Employees To Work At Home Forever
Buzzfeed News
@Kantrowitz
Twitter CEO Jack Dorsey emailed employees on Tuesday telling them that they’d be allowed to work from home permanently, even after the coronavirus pandemic lockdown passes.

Google removed 813 creepware apps from the Android Play Store
ZDNet
@campuscodi
The applications were discovered with a new algorithm called CreepRank, developed by a team of academics.

Facebook will pay $52 million in settlement with moderators who developed PTSD on the job
The Verge
@CaseyNewton
In a landmark acknowledgment of the toll that content moderation takes on its workforce, Facebook has agreed to pay $52 million to current and former moderators to compensate them for mental health issues developed on the job.

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet
Wired
@a_greenberg
At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story.

Andy Greenberg @a_greenberg

Three years ago today, Marcus Hutchins stopped WannaCry, an $8 billion cyberattack. Then the FBI arrested him. Today we're publishing a 14,000-word cover story that finally tells his full, untold tale, from 15yo criminal to hero to convict to redemption.

The Confessions of the Hacker Who Saved the InternetAt 22, Marcus Hutchins put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story.wired.com

Research

Who Controls Huawei? Implications for Europe
Swedish Institute of International Affairs
@ruehlig
A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huawei’s market share.

Seizing the commanding heights: the PLA Strategic Support Force in Chinese military power
Journal of Strategic Studies
@EBKania
The People’s Liberation Army Strategic Support Force (PLASSF) will enhance the Chinese military’s future deterrence and war-fighting capabilities. Established in December 2015, this new force is poised to leverage synergies and the integration of critical capabilities across space, cyberspace, and the electromagnetic spectrum.

A National Security Research Agenda for Cybersecurity and Artificial Intelligence
Center for Security and Emerging Technology
@BuchananBen
A national security-driven research agenda is informed by technical evidence, but not limited by it. It considers how the balance of technical facts shapes questions likely to matter to national security policymakers and scholars who would otherwise overlook the technology.

Jobs

Alliance for Securing Democracy @SecureDemocracy

We're hiring! We're looking for a China expert to conduct cutting-edge research on China’s efforts to interfere in democracies and democratic institutions. Apply here: Expert on China Affairs Alliance for Securing Democracy, Careers At The German Marshall Fund of the United StatesDepartmentProgram Summary The Alliance for Securing Democracy a bipartisan transatlantic initiative housed at The German Marshall Fund of the United States GMF develops comprehensive strategies for government the private sector and civil society to defend against deter and raise the costs on foreign…gmfus.hrmdirect.com

Events

Internet Governance with and for the Citizens June 2020 – Stakeholders’ Dialogue
On June 5th and 6th, we invite stakeholders worldwide to discuss the future of Internet Governance. How should we shape the future of Digital Cooperation? Who should decide what in order to leverage opportunities brought by the use of digital technologies and mitigate the risks they bring. The Stakeholders’ Dialogue aims at evaluating the three scenarios for the future of Internet governance that have been proposed in the Report of the High-Level Panel. Results will feed the process of the “High Level Panel on Digital Cooperation” organized by the UN Secretary General Antonio Guterres.

Implementing Cyber Norms: National Experiences and Emerging Good Practices
The United Nations Institute for Disarmament Research (UNIDIR) is pleased to invite you to a webinar series on implementing cyber norms. How do States implement norms of responsible behaviour in cyberspace? What good practices are emerging in the field?

Daily Cyber Digest