Facebook staff fret over China’s ads of happy Muslims in Xinjiang | Suspected NK hackers set up fake company to target researchers | Arm says its chip architecture could be made available to Huawei
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Some Facebook staff are raising concerns on internal message boards and in other employee discussions that the company is being used as a conduit for state propaganda, highlighting sponsored posts from Chinese organizations that purport to show Muslim ethnic minority Uyghurs thriving in China’s Xinjiang region, according to people familiar with the matter…The Journal on Tuesday reported that Xinjiang-related activity by Chinese state media and diplomats on Facebook and Twitter hit a new high last year, according to new research, as Beijing defended its policies in the region. The Wall Street Journal
North Korean-linked hackers have set up a fake security company and social media accounts as part of a broad campaign targeting cybersecurity researchers with malware, according to Google research published Wednesday. Hackers have leveraged at least two fake accounts on LinkedIn that impersonate recruiters appearing to be from antivirus software and security companies, Google said. CyberScoop
U.K. semiconductor design giant Arm Ltd. says its cutting-edge new chip architecture isn’t subject to U.S. export restrictions, and therefore could be licensed to Chinese firms on Washington’s trade blacklists such as Huawei. Caixin Global
ASPI ICPC
BBC Correspondent Leaves China, Citing Growing Risks
The New York Times
@amyyqin
The Chinese Communist Party-run propaganda machine began to focus its efforts on the BBC earlier this year, according to a report last month by researchers at the International Cyber Policy Center of the Australian Strategic Policy Institute. The targeting of the BBC began after it published a report detailing allegations of systematic rape in internment camps where Muslims have been detained in Xinjiang, according to the institute’s researchers, Albert Zhang and Dr. Jacob Wallis…What ensued was what Mr. Zhang and Dr. Wallis called an ongoing “coordinated information campaign and propaganda” against the BBC waged by a pro-Chinese Communist Party network across multiple social media platforms, including YouTube, Twitter and Facebook, which are all blocked in China. The campaign sought to push the idea that the BBC was biased and that its reporting on China was instigated by foreign actors and intelligence agencies, according to the researchers.
The grim reality of reporting in China that pushed me out’
BBC News
@TheJohnSudworth
The irony is, of course, that at the same time that the space for foreign journalism is shrinking in China, the Communist Party has been investing heavily in its media strategy overseas, taking full advantage of the easy access to a free and open media. Its "wolf-warrior" diplomats unleash furious tweet-storms, lambasting foreign reporting - while denying their own citizens access to those very same foreign platforms - in an intensive, co-ordinated strategy across multiple platforms, as documented by this report by researchers from the International Cyber Policy Centre at the Australian Strategic Policy Institute.
Read our report 'Trigger warning. The CCP’s coordinated information effort to discredit the BBC' here.
China Tries to Counter Xinjiang Backlash With … a Musical?
The New York Times
@amyyqin
Chinese officials and state media have pushed the government’s narrative about its policies in Xinjiang in part by spreading alternative narratives — including disinformation — on American social networks like Twitter and Facebook. This approach reached an all-time high last year, according to a report published last week by researchers at the International Cyber Policy Center of the Australian Strategic Policy Institute, or ASPI. In a statement, Twitter said it had suspended a number of the accounts cited by the ASPI researchers. Facebook said in a statement that it had recently removed a malicious hacker group that had been targeting the Uyghur diaspora. Both companies began labeling the accounts of state-affiliated media outlets last year.
China’s disinformation on Xinjiang is political warfare, not diplomacy
The Strategist
@JakeWallis_ASPI @AlbertYZhang
The CCP’s information operations are growing in scale and reach. We have previously analysed its large-scale covert information operations on US social media platforms that focused on the Hong Kong protests, the Taiwanese presidential election and Covid-19. Like the CCP’s nascent digital diplomacy, these initial efforts were limited in their capacity to shape opinion on an open internet unconstrained by CCP censorship. But they were persistent and managed to retain a large on-platform presence. They’ve improved and become increasingly agile, as demonstrated when they pivoted to capitalise on domestic protests and politics in the US.
Was the Nine cyber attack ransomware? - Technology with Ariel Bogle
ABC RN Breakfast
@frankelly08
Earlier this week, media company Nine Entertainment was forced off air in Sydney by a malicious cyber attack. The sophisticated assault bears all the hallmarks of ransomware, where hackers demand payment to reverse their malicious damage, but as far as we know, no demands have been sent. Guest: Ariel Bogle, analyst with the Australian Strategic Policy Institute.
How to tell reality from a deepfake?
World Economic Forum
@letzing
“A propaganda Pandora’s box in the palm of every hand.” Deepfake efforts remain relatively easily detected, according to this piece – but soon the same effects that once required hundreds of technicians and millions of dollars will be possible with a mobile phone.
Australia
Australia wants to work with China to ensure peace in Indo-Pacific, says Dutton
The Sydney Morning Herald
Rob Harris
Defence Minister Peter Dutton says the federal government wants to work “collaboratively” with China to ensure ongoing peace in the Indo-Pacific, while warning Beijing that it will not stand for the militarisation of ports in the region or any country exerting influence via cyberattacks.
Cyber attacks new war frontier: Dutton
The West Australian
@brinny56
New Defence Minister Peter Dutton believes cyber attacks are the new war frontier faced by countries around the world.
Global silicon chip shortage hits supply of phones, TVs, cars and Australia's NBN
The Guardian
@joshgnosis
A global shortage of one crucial piece of technology is causing delays in everything from cars and televisions to video game consoles and Australia’s National Broadband Network rollout.
Banks look for shared effort in escalating cyber war
Financial Review
@SaysSmithy
Chief information security officers at two of Australia’s big four banks believe improvements in real-time intelligence sharing and assistance for smaller businesses to beef up their cyber security would help the industry navigate increasingly dangerous waters, after Australian Prudential Regulation Authority chairman Wayne Byers last week said a material breach at a major institution was inevitable.
Australia’s a soft cyber target
Financial Review
@lesleyseebeck
Australia is proving to be a softer cyber target than we had expected. It’s not simply that a major news organisation, Nine (publisher of The Australian Financial Review), has been breached, its systems rendered unavailable, with journalists relying on alternative arrangements while hard-pressed IT staff work to restore normal operations. Or that someone has tried to break into the Australian Parliament’s systems.. The intelligence agencies should not be the only place in government where deep technical expertise and practice reside. Rather, we need a technology and data authority that is tasked with strengthening democracy, not simply viewing the problem as a technical issue or through the lens of national security.
China
Facebook Staff Fret Over China’s Ads Portraying Happy Muslims in Xinjiang
The Wall Street Journal
@newley
Some Facebook staff are raising concerns on internal message boards and in other employee discussions that the company is being used as a conduit for state propaganda, highlighting sponsored posts from Chinese organizations that purport to show Muslim ethnic minority Uyghurs thriving in China’s Xinjiang region, according to people familiar with the matter…The Journal on Tuesday reported that Xinjiang-related activity by Chinese state media and diplomats on Facebook and Twitter hit a new high last year, according to new research, as Beijing defended its policies in the region.
Read our report 'Strange bedfellows on Xinjiang: The CCP, fringe media and US social media platforms' here.
Value of TikTok maker ByteDance approaches US$400 billion for new investors, sources say
South China Morning Post
@xinzhou @CocoF1026
The valuation of ByteDance is approaching US$400 billion for private-equity investors, a source told the South China Morning Post, as the Chinese owner of short video-sharing app TikTok cements its leading position among global tech unicorns.
China Creates its Own Digital Currency, a First for Major Economy
The Wall Street Journal
@jamestareddy
A cyber yuan stands to give Beijing power to track spending in real time, plus money that isn’t linked to the dollar-dominated global financial system.
Read our report 'The flipside of China’s central bank digital currency' here.
New Age of Chinese Nationalism Threatens Supply Chains
The Wall Street Journal
@nate_taplin
The most likely scenario is still that the catastrophic potential downsides of any armed conflict keeps minds focused. Even “gray zone” tactics like a blockade of Taiwan would be hugely risky for Beijing—Taipei might respond, for example, by cutting off China from all semiconductor sales. U.S. and allied trade and financial sanctions would multiply the impact. Taiwan alone supplies around a third of China’s semiconductors, including some exclusively produced by Taiwan Semiconductor Manufacturing Co. , the world’s largest contract chip maker.
Did China cross a new red line in cyberspace?
Sunday Guardian Live
Mark Montgomery, Trevor Logan
Did China cause the blackouts in Mumbai last year? Nearly six months later, the answer is still unclear, but if recent reports that a Chinese cyber operation bears partial responsibility are accurate, Beijing just signalled a willingness to use its cyber power to target civilian lifeline infrastructure during a crisis. Even more worrying, the hackers used hard-to-control cyberattack tools in a destructive manner against a nuclear-armed country, India.
USA
Microsoft wins $21 billion Army contract for augmented reality headsets
The Washington Post
@Post_AG @greene
The U.S. Army has awarded Microsoft a contract worth up to $21 billion for augmented reality headsets that are supposed to help soldiers map the battlefield, select targets and stay aware of possible threats by overlaying intelligence information directly onto their field of vision.
Google's bad week: YouTube loses millions as advertising row reaches US
The Guardian
@oliviasolon
Major brands including Verizon and Walmart pulled their ads after they were found to be appearing next to videos promoting extremist views or hate speech.
Virginia research team selected to develop 5G smart warehouse for the Defense Department
WTKR
@ToddCorillo
A Virginia research team has landed a contract to develop a 5G-enabled "smart warehouse" for the Department of Defense. The Virginia-Tech Applied Research Corporation is working with the Commonwealth Cyber Initiative (CCI) on the project.
Statement from U.S. Secretary of Commerce Gina M. Raimondo on the Announced Candidacy of Doreen Bogdan-Martin for ITU Secretary-General
U.S. Department of Commerce
Following the announcement of ITU Telecommunication Development Bureau Director Doreen Bogdan-Martin’s candidacy for ITU Secretary-General, U.S. Secretary of Commerce Gina M. Raimondo released the following statement
Google beats Oracle in biggest programming copyright Supreme Court case ever
ZDNet
@sjvn
At long last, programming code's application programming interfaces are protected from Oracle's over-reaching claims.
Google, Facebook, Amazon, Apple and Microsoft. Call Them Tech Frenemies for Life.
The Wall Street Journal
@BowKnowsBiz @KatherineERiley
Big Tech’s critics say the industry’s giants wield too much power over the lives of internet users. The companies often argue in response that they face enormous competition, often from each other, and need to continue innovating to remain relevant. The reality, as these charts show, is an interplay of collaboration and competition that helps to shape the extent and nature of Big Tech’s clout. And that interplay is evolving, as the companies increasingly encroach on one another’s turf to build and protect their dynasties.
Mind the Gap: How the NSA might use SolarWinds campaign to do warrantless spying
Zero Day
@KimZetter
Officials have said the SolarWinds hacking campaign succeeded in part because of a gap in NSA surveillance power. But what exactly is the gap and how might the gov use it to gain domestic spy power?
North Asia
Suspected North Korean hackers set up fake company to target researchers, Google says
CyberScoop
@shanvav
North Korean-linked hackers have set up a fake security company and social media accounts as part of a broad campaign targeting cybersecurity researchers with malware, according to Google research published Wednesday. Hackers have leveraged at least two fake accounts on LinkedIn that impersonate recruiters appearing to be from antivirus software and security companies, Google said.
Update on campaign targeting security researchers
Google
We encourage anyone who discovers a Chrome vulnerability to report that activity through the Chrome Vulnerabilities Rewards Program submission process.
Japan investigates Chinese access to Line app servers
Taiwan News
Matthew Strong
Japanese investigators will visit messaging app Line’s Japanese offices in connection with allegations that China can look at private information on the company’s servers.. Since 2018, Z Holdings, the company managing Line in Japan, outsourced the handling of its servers to a Chinese company, CNA reported. As a result, Chinese engineers obtained permission to look at data about Line users as well as at the content of their messages.
After a decade of failure, LG officially quits the smartphone market
Ars Technica
@RonAmadeo
After 12 years of being an Android OEM, LG has had enough. The Korean company announced late last night that it is officially quitting the smartphone market; it plans to close up shop on the entire business by July 31, 2021.
NZ & Pacific Islands
Papua New Guinea minister raps Facebook for Covid-19 misinformation
The Straits Times
Papua New Guinea's Health Minister said misinformation shared on Facebook was the biggest threat to its Covid-19 vaccine plans, saying the social media giant must take steps to stop it.
South & Central Asia
Fresh BSNL 4G tender to keep Huawei, ZTE out with no-neighbour policy
The Economic Times
@MuntazirAbbas
India may take its first official step to bar Chinese gear makers Huawei and ZTE from the country’s telecom networks by including a clause toward this end in an upcoming Bharat Sanchar Nigam Ltd (BSNL) equipment tender.
UK
Arm Says Its Latest Chip Architecture Could Be Made Available to Huawei
Caixin Global
U.K. semiconductor design giant Arm Ltd. says its cutting-edge new chip architecture isn’t subject to U.S. export restrictions, and therefore could be licensed to Chinese firms on Washington’s trade blacklists such as Huawei.
British firm Arm says new chip tech could be licensed to Huawei, potentially easing the telecoms giant’s supply chain woes
South China Morning Post
Che Pan
Semiconductor design company Arm expects its latest v9 architecture to be potentially licensed to Huawei Technologies Co, as the latest chip innovation is of British origin and not subject to US export regulations.
UK 'must be clear-eyed' on China tech ambitions
BBC News
The new head of the UK's cyber-security agency has said the country must be "clear-eyed" about the potential technological threat posed by China. Lindy Cameron was making her first major speech as chief executive of the National Cyber Security Centre (NCSC) - part of GCHQ - at Queen's University…Ms Cameron said the UK was "most interested" in China's future role in technology and their presence in the market, as much as any potential threat. UK 'must be clear-eyed' on China tech ambitions.
Europe
Who’s Coming to Huawei’s Support? Its Biggest European Competitor
The Wall Street Journal
@stuwoo
Few companies have gained more from the U.S.-led campaign against China’s Huawei Technologies Co. than Ericsson AB. The Swedish business, in a tailspin a few years ago, now surpasses Huawei in selling cellular equipment in much of the world. Yet over the past few months, Ericsson Chief Executive Börje Ekholm has gone on a lobbying campaign—on Huawei’s behalf.
Booking.com fined €475,000 for reporting data breach too late
The Record
@campuscodi
The Dutch Data Protection Authority has fined hotel booking website Booking.com €475,000 ($560,000) for reporting a security incident 22 days after it happened, in breach of EU GDPR regulations that dictate that all breaches must be disclosed within 72 hours.
Enlarging NATO’s toolbox to counter hybrid threats
Nato Review
Michael Rühle, Clare Roberts
Threats to stability and security are increasingly taking place in the “grey zone”, where state and non-state actors employ hybrid tactics, such as disinformation or cyber attack. How is NATO responding to these challenges?
Russia
Russia’s propaganda agency quits ‘hostile’ nation
The Times
@greigcameron
Russian officials confirmed yesterday that they will close the Edinburgh and London operations of the state news outlet Sputnik, regarded by Nato as one of President Putin’s “disinformation weapons”.
Misc
Facebook Data on 533 Million Users Reemerges Online for Free
Bloomberg
@KurtWagner8
The personal data of more than half a billion Facebook Inc. users reemerged online for free on Saturday, a reminder of the company’s ability to collect mountains of information and its struggles to protect these sensitive assets.
How to find out if your data was exposed in an online breach - and how to protect yourself
Business Insider
@aaronpholmes
Here’s how you can find out if your data has been leaked online and protect yourself.
Ubiquiti confirms it was the target of an extortion attempt, but nothing more
The Record
@campuscodi
Networking equipment and IoT device vendor Ubiquiti Networks released a statement late last night confirming some of the details exposed earlier this week by a whistleblower related to a 2020 data breach, but avoided confirming others.
A Dozen Misguided Influencers Spread Most of the Anti-Vaccination Content on Social Media
McGill
@crackedscience
The Disinformation Dozen generates two thirds of anti-vaccination content on Facebook and Twitter
How Bellingcat Unmasked Putin’s Assassins
The New Yorker
@yaffaesque
The collective’s innovation has been to recognize that the digital-age panopticon actually works in two directions. “Data is the great equalizer between an individual and the state,” Grozev told me. “It’s far more symmetrical than people in the secret services imagine: they think they benefit from all this information in terms of their ability to surveil and control, but they have yet to understand how much it exposes them.”
Error-riddled data sets are warping our sense of how good AI really is
MIT Technology Review
@_KarenHao
Our understanding of progress in machine learning has been colored by flawed testing data.
Can fintech open new doors for infrastructure financing in Asia?
East Asia Forum
@KensukeTanaka17
As the infrastructure investment needs of emerging Asian countries continue to grow, obtaining financing is becoming increasingly difficult. The COVID-19 pandemic has exacerbated issues and highlighted the importance of broadening infrastructure financing options in Asia. Fintech is presenting itself as one potential solution.
Google Is Testing Its Controversial New Ad Targeting Tech in Millions of Browsers. Here’s What We Know.
EFF
Bennett Cyphers
Today, Google launched an “origin trial” of Federated Learning of Cohorts (aka FLoC), its experimental new technology for targeting ads.
When the Mob Comes
Men Yell at Me
@lyzl
An interview with author Talia Lavin about online harassment and what you can do about it
Give Facebook our passport? It won’t fix the problem
The Guardian
@manjusrii
Online anonymity is essential for at-risk social media users, but there are some things that can be done now to stem the flow of online abuse.
Research
A model for global data regulation
Gateway House
Kartik Ashta
The Hiranandani Group’s recent Rs. 8,500 crore deal to set up a data centre in West Bengal, the notification of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, and the adoption of the News Media Bargaining Code in Australia, which will require Google and Facebook to pay local media houses for news they source from them, all have brought the issue of Big Tech and big data regulation back into focus.
Events
Securing America's Networks Against Chinese Security Threats
CSIS
Join FCC Commissioner Brendan Carr as he highlight's key steps the U.S. has taken to secure America's networks and hear his thoughts on the path ahead, including additional actions he says the FCC should take to secure our 5G networks and address the use of Uyghur forced labor in the telecom supply chain. After providing keynote remarks, Commissioner Carr will join a panel of experts for an in-depth discussion of these issues.