Facial recognition firm Clearview AI breached Australians' privacy | US sanctions companies selling hacking tools | Information combat': Inside the fight for Myanmar's soul
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
On Wednesday, the information and privacy commissioner determined Clearview AI had breached the privacy of Australians by collecting images of them online, and ordered the company to delete all images of people in Australia within 90 days and not collect any more. The Guardian
The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. US officials said the four companies engaged in “activities that are contrary to the national security or foreign policy interests of the United States. The Record
As Myanmar's military seeks to put down protest on the streets, a parallel battle is playing out on social media, with the junta using fake accounts to denounce opponents and press its message that it seized power to save the nation from election fraud, eight people with knowledge of the tactics said. Reuters
ASPI ICPC
A brief history of online influence operations
Lawfare Blog
Jacob N. Shapiro & Jacob T. Rob
The last significant development in this period was the growth of organizations that systematically documented various influence efforts. "This new ecosystem had academic research centers such as the CSMap Lab at New York University, Clemson University’s Social Media Listening Center, and Cardiff University’s OSCAR Center, as well as think tanks that combined research with policy advocacy, including the German Marshall Fund’s Alliance for Securing Democracy and the Australian Strategic Policy Institute’s Cyber Policy Centre.
World
‘Super polluters’: the top 10 publishers denying the climate crisis on Facebook
The Guardian
@kari_paul
Ten publishers are responsible for 69% of digital climate change denial content on Facebook, a new study from the Center for Countering Digital Hate (CCDH) has found. The outlets, which the report labels the “toxic ten”, include several conservative websites in the US, as well as Russian state media.
Australia
Facial recognition firm Clearview AI to appeal order to stop collecting images of Australians
The Guardian
@joshgnosis
On Wednesday, the information and privacy commissioner determined Clearview AI had breached the privacy of Australians by collecting images of them online, and ordered the company to delete all images of people in Australia within 90 days and not collect any more. Clearview AI is a facial recognition service that claims to have built up enormous databases – containing more than 3bn labelled faces – through the controversial practice of scraping photos from Facebook and other social media sites.
Clearview AI breached Australians’ privacy
Office of the Australian Information Commissioner
Australian Information Commissioner and Privacy Commissioner Angelene Falk has found that Clearview AI, Inc. breached Australians’ privacy by scraping their biometric information from the web and disclosing it through a facial recognition tool.
Australia's CBA offers crypto trading, breaks ranks with industry
Reuters
Paulina Duran
Commonwealth Bank of Australia (CBA.AX) will become the country's first main-street bank to offer a platform for retail customers to trade cryptocurrencies, breaking industry ranks as it looks to match offerings from rival fintech firms.
China
Shutting down historical debate, China makes it a crime to mock heroes
The New York Times
@stevenleemyers
The Cyberspace Administration of China, which polices the country’s internet, has created telephone and online hotlines to encourage citizens to report violations. It has even published a list of 10 “rumors” that are forbidden to discuss.
Language learning app emphasisng linguistic diversity deletes Tibetan and Uygur languages
China Digital Times
Oliver Young
Minority languages in China are increasingly under threat. Over the past week, the language learning app Talkmate and the online video streaming site Bilibili appeared to remove Tibetan and Uyghur languages from their platforms as a result of government policy, while continuing to allow Mandarin Chinese and numerous foreign languages. The move reflects the CCP’s shift toward a more assimilationist stance on linguistic and ethnic diversity.
ByteDance founder Zhang Yiming steps down as chairman - source
Reuters
@yingzhi_yang & Bhargav Acharya
ByteDance founder Zhang Yiming has stepped down as chairman of the TikTok owner, after saying in May he would step down as CEO, a person with direct knowledge of the matter told Reuters, in the latest shake up at the tech giant.
China stock pickers reshape portfolios on Xi's 'common prosperity'
Reuters
Samuel Shen & @VidyaReuters
Chinese stock market investors are swapping big tech names for "small giants" and luxury brands for mass market companies, aiming to cash in on President Xi Jinping's "common prosperity" plan for the economy.
China gaming ban: why is Fortnite shutting down service in China?
South China Morning Post
@therealjoshye
Epic’s decision to end testing in China and Nexon’s move to skip the market - for now - mean that Tencent, the world’s biggest gaming company by revenue, may have just lost two of its most anticipated – and likely profitable – titles as Beijing ups its regulatory pressure on the industry. China’s gaming regulator has not issued a single new game approval since the end of July, leaving many gaming companies in limbo.
Chinese tennis star’s sexual assault allegation against former top leader prompts online blackout
The Washington Post
@yingyuchen9 & @evadou
A rare #MeToo allegation against a retired top Chinese official has sent shock waves through China, with censors scrambling to delete even vague online references.
USA
US sanctions four companies selling hacking tools, including NSO Group & Candiru
The Record
@campuscodi
The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. US officials said the four companies engaged in “activities that are contrary to the national security or foreign policy interests of the United States.”
Commerce adds NSO Group and other foreign companies to entity list for malicious cyber activities
US Department of Commerce
The Commerce Department’s Bureau of Industry and Security (BIS) has released a final rule adding four foreign companies to the Entity List for engaging in activities that are contrary to the national security or foreign policy interests of the United States. The four entities are located in Israel, Russia, and Singapore. NSO Group and Candiru (Israel) were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.
Biden Administration orders federal agencies to fix hundreds of cyber flaws
The Wall Street Journal
@dnvolz
The Biden administration on Wednesday issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems. The new requirement is one of the most wide-reaching cybersecurity mandates ever imposed on the federal government.
CIA director brings up Russian hackers at talks in Moscow - sources
Reuters
@m_tsvetkova @Anton Zverev
U.S. Central Intelligence Agency director William Burns raised the issue of Russian cyberattacks during a rare visit to Moscow, where he met high-ranking security officials, three sources told Reuters.
A ransomware gang shut down after Cybercom hijacked its site and it discovered it had been hacked
The Washington Post
@nakashimae @DDaltonBennett
A major overseas ransomware group shut down last month after a pair of operations by U.S. Cyber Command and a foreign government targeting the criminals’ servers left its leaders too frightened of identification and arrest to stay in business, according to several U.S. officials familiar with the matter. The foreign government hacked the servers of REvil this summer, but the Russian-speaking criminal group did not discover it was compromised until Cybercom last month blocked its website by hijacking its traffic, said the officials who spoke on the condition of anonymity because of the matter’s sensitivity.
BlackMatter ransomware says its shutting down due to pressure from local authorities
The Record
@campuscodi
The criminal group behind the BlackMatter ransomware have announced plans today to shut down their operation, citing pressure from local authorities. The group announced its plan in a message posted in the backend of their Ransomware-as-a-Service portal, where other criminal groups typically register in order to get access to the BlackMatter ransomware strain. This period of intense pressure on ransomware gangs comes after attacks have reached an all-time high this year, with some attacks causing major issues across the world.
Covid vaccines for children are coming. So is misinformation.
NBC News
@BrandyZadrozny
Burgert and many other doctors, public health experts and misinformation researchers are anticipating a flood of anti-vaccine propaganda featuring younger children following last week’s vote by a Food and Drug Administration advisory committee to authorize Pfizer-BioNTech’s lower-dose Covid vaccine for children ages 5 to 11.
Google wants to work with the Pentagon again, despite employee concerns
The New York Times
@daiwaka @kateconger
Three years after an employee revolt forced Google to abandon work on a Pentagon program that used artificial intelligence, the company is aggressively pursuing a major contract to provide its technology to the military.
Facebook is blocking access to data about how much misinformation it spreads and who is affected
NiemanLab
@ethanz
Leaked internal documents suggest Facebook — which recently renamed itself Meta — is doing far worse than it claims at minimizing Covid-19 vaccine misinformation on the Facebook social media platform.
Jeff Bezos pledges $2 billion toward combatting deforestation
Protocol
@nickstatt
Amazon founder Jeff Bezos pledged $2 billion toward an international deforestation effort to protect the Earth's natural habitats at the COP26 climate summit in Glasgow on Tuesday.
A closer look: How Senator Klobuchar’s bill would ban Amazon Prime
Medium
@adamkovac
There are several ways in which the language of her bill would impact Amazon Prime. 1.Section 2(a)1 would prevent Amazon from labeling certain products as Prime-eligible. 2.Section 2(b)2 would prevent Amazon from financing expedited Prime shipping through Fulfillment By Amazon merchant fees. 3.Section 2(b)6 would prevent Amazon from highlighting Prime-eligible products to Prime members in search results. 4.Section 2(a)1 could prevent Amazon from offering Fulfillment by Amazon.
Employee fired by Apple files NLRB charge alleging retaliation by iPhone maker
The Washington Post
@ReedAlbergotti
Janneke Parrish, who was a product manager on Apple Maps in Austin, helped launch #AppleToo, a movement aimed at improving working conditions at the company. While the company told her she was fired for deleting apps and files from a company phone during a company investigation, she thinks it’s because of her activism.
Tesla recalls nearly 12,000 U.S. vehicles over software communication error
Reuters
@davidshepardson
Tesla Inc is recalling nearly 12,000 U.S. vehicles sold since 2017 because a communication error may cause a false forward-collision warning or unexpected activation of the emergency brakes, the National Highway Traffic Safety Administration (NHTSA) said Tuesday.
Amazon to Launch First Two Internet Satellites in 2022
The New York Times
@joroulette
Competing with SpaceX, OneWeb and others, the e-commerce titan will rely on small rockets to get prototypes of its satellite constellation into space.
The latest space race is all about improving Internet access. Here’s what you should know
The Washington Post
@chrisvelazco
Whether you knew it or not, the new space race that’s unfolding is about Internet access. Since 2019, Elon Musk’s SpaceX has put more than 1,000 of its Starlink satellites into low-earth orbit as part of a plan to provide broadband Internet to underserved communities around the world. And just this week, Amazon announced that it plans to put its first prototype Project Kuiper satellites in orbit by the end of 2022 with a similar goal in mind. (Amazon founder Jeff Bezos owns The Washington Post.)
Tune in to ASPI’s ‘Contested Space’ panel discussion on November 19 12pm - 1pm AEDT as part of our inaugural Sydney Dialogue. This session will convene space leaders from the US, Japan, India, and Australia. It will consider challenges and opportunities in a contested, congested, and competitive space domain. Register via the ‘Program’ page of Dialogue website here.
Ether firms following U.S. Fed, hits record high; bitcoin trails
Reuters
@jmccrank
Ether, the world's second-largest cryptocurrency, hit an all-time high on Wednesday, catching up with bitcoin's rally and riding on news of wider blockchain adoption.
South-East Asia
Information combat': Inside the fight for Myanmar's soul
Reuters
@f_potkin @walone4
As Myanmar's military seeks to put down protest on the streets, a parallel battle is playing out on social media, with the junta using fake accounts to denounce opponents and press its message that it seized power to save the nation from election fraud, eight people with knowledge of the tactics said. The army, which was banned by the country's dominant online platform Facebook after the Feb. 1 coup, has tasked thousands of soldiers with conducting what is widely referred to in the military as "information combat", according to the people, who include four military sources.
Netflix removes spy drama episodes after Philippines' complaint over China map
Reuters
Enrico Dela Cruz @sanjeevmiglani & Emelia Sithole-Matarise
Netflix Inc (NFLX.O) has removed two episodes of spy drama "Pine Gap" from its streaming service in the Philippines, after the Southeast Asian country rejected scenes involving a map used by China to assert its claims to the South China Sea.
Europe
Russia
Russia police catch, then release hacker wanted by U.S.
Bloomberg
@Rudnit
A Belarusian hacker wanted in the U.S. for his role in a hacking ring that stole credit card numbers said he was detained and released on an Interpol warrant in St. Petersburg, Russia.
Middle East
Egypt poised to expand security oowers of President and military
The New York Times
@VivianHYee Nada Rashwan
The state of emergency gave the government sweeping powers of surveillance, arrest, censorship and other tactics in the name of fighting terrorism, including the ability to quash protests, detain dissidents and control the everyday lives of Egyptians. Such rules, in one form or another, had been in place for most of the past 40 years.
Turkey: Hackers allegedly used streaming platform Twitch to launder $10m
Middle East Eye
@muhdansaglam
A group of Turkish live streamers have in recent weeks exposed an alleged fraud and money laundering ring that utilised the live streaming platform Twitch, reportedly netting hackers nearly $10m.
Events
The Sydney Dialogue
ASPI
@ASPI_ICPC
The Sydney Dialogue is a world-first summit for emerging, critical and cyber technologies. Launching virtually on 17 November, the inaugural Sydney Dialogue will have an Indo-Pacific focus, featuring keynote addresses from Australia’s Prime Minister, Scott Morrison; India’s Prime Minister, Narendra Modi; and former Japanese Prime Minister, Shinzo Abe - as well as a number of panel discussions with experts from around the world. You will hear from political, technology, business and civil society leaders and - as well as the world’s best strategic thinkers - as they generate new ideas, work towards common understandings and formulate possible solutions to maximise the opportunities and minimise the negative consequences of the next wave of new technologies. Head on over to our brand new website to check out the line-up of events and speakers, and register for the virtual sessions you’d like to attend.
Where to next for the Indigenous Procurement Policy?
ASPI
@HuonCurtis @DarkiesDesign
On Friday 5th November 2-pm, ASPI International Cyber Policy Centre’s IndigiCyber, Defence & Space Program will host an online roundtable ‘Where to next for the Indigenous Procurement Policy?’ This will provide an opportunity for attendees to discuss and explore the IPP, and potential opportunities for Indigenous businesses.
2021 Digital Publics Symposium – Information Disorders
QUT Digital Media Research Centre
The 2021 symposium of the Digital Publics programme presents the latest work by researchers in the QUT Digital Media Research Centre that tackles these information disorders: applying innovative mixed-methods research approaches to trace the dynamics of mis- and disinformation in online and social media; exploring the role of initiatives that seek to combat the spread of problematic information; examining the public discourse around ‘fake news’; and assessing regulatory approaches to mitigating the threat from mis- and disinformation. Wednesday 17 November 9am - 5.30pm AEDT.
Research
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.