Five Eyes warn Russia-backed hackers targeting critical infrastructure globally | UN coordinator calls for focus on North Korean cybercrime | AI industry profits from economic catastrophe
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders. Bleeping Computer
The coordinator for the U.N. body monitoring enforcement of sanctions on North Korea said on Wednesday a stepped up focus was needed on cybercrime, which had become fundamental to Pyongyang's ability to finance its banned weapons programs. Reuters
As the demand for data labeling exploded, an economic catastrophe turned Venezuela into ground zero for a new model of labor exploitation. MIT Technology Review
ASPI ICPC
Indonesian views on Ukraine conflict, Russian disinformation and digital development
Policy, Guns and Money
ASPI’s Bart Hogeveen speaks to Trisha Ray, associate fellow with the Observer Research Foundation’s Centre for Security, Strategy and Technology, about Australia and India’s engagement with Southeast Asia and opportunities to support inclusive digital development in the region.
AlbertYZhang @AlbertYZhang
1/ New ASPI Strategist article: A coordinated network of pro-CCP inauthentic social media accounts is seeking to interfere in the Quad partnership 🇦🇺🇺🇸🇯🇵🇮🇳 and oppose 🇯🇵 plans to deploy missile units on Ishigaki island https://t.co/6wdPVXugPaThe World
US and allies warn of Russian hacking threat to critical infrastructure
Bleeping Computer
Sergiu Gatlan
Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders.
CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capabilities of Russian State-Sponsored and Cyber Criminal Actors
National Security Agency
The United States and allied cybersecurity authorities issued a joint Cybersecurity Advisory today on the increased threat of Russian cyber groups targeting critical infrastructure that could impact organizations both within and beyond the Ukraine region.
NATO cyber exercise proceeds against backdrop of Ukraine War
The Wall Street Journal
Catherine Stupp
This year’s ‘Locked Shields’ war game has participants fighting off simulated hacks on power grids and financial-messaging systems.
Ukraine - Russia
U.S. Treasury sanctions Russian bitcoin miners as war enters its third month
CNBC
MacKenzie Sigalos
For the first time ever, the U.S. Department of the Treasury is taking aim at bitcoin miners operating in Russia as the country’s war on Ukraine approaches its third month.
Russia’s QAnon followers can’t make up their minds about Ukraine
Bellingcat
Aiganysh Aidarbekova
Some prominent Russian QAnon channels seen by Bellingcat do also appear to have been echoing the same themes as their global counterparts and continue to post seemingly in favour of the war, while others seem indifferent. But others have been seen dismissing many of the most widely-held QAnon-related conspiracies related to the invasion itself, revealing a split in how the topic is viewed in the small but active Russian QAnon community.
For Russian tech firms, Putin’s crackdown ended their global ambitions
The Washington Post
Joseph Menn
Yandex, VKontakte and Kaspersky all ran afoul of the Kremlin’s need to control Internet access, despite the efforts of their founders.
Australia
AUSTRAC works with businesses to target ransomware and criminal use of digital currencies
AUSTRAC
AUSTRAC has released two new financial crime guides to help businesses stop ransomware attack payments and the criminal abuse of digital currencies.
Encrypted messages should be kept as gov records, committee says
iTnews
Justin Hendry
Public servants ought to retain all records about government decisions, including any messages sent to ministers via encrypted messaging and social media apps, according to a new parliamentary report.
White House calls Australia a hallmark for cyber defence
Australian Financial Review
Matthew Cranston
The Biden administration called Australia’s response to cyber threats a hallmark among allies, and said more co-ordination was needed globally to respond to state-sponsored cyberattacks, especially around cryptocurrencies.
China
China internet censors scramble as lockdown frustration sparks ‘creative’ wave of dissent
The Guardian
Helen Davidson
Experts say volume of dissent from Shanghai over zero-Covid measures challenging attempts to control information.
China’s discourse power operations in the Global South
Atlantic Council
Kenton Thibaut
As China’s military and economic power has grown, so too has its investment in propaganda and influence operations. Following Xi Jinping’s rise to power and China’s adoption of a more confrontational foreign policy, the country saw a need to sway global public opinion in its favor. Beijing refers to this as “discourse power,” a strategy to increase China’s standing on the world stage by promoting pro-China narratives while criticizing geopolitical rivals. The end goal is to shape a world that is more amenable to China’s expressions, and expansion, of power.
Beijing to establish a 32000 square meter metaverse art zone in Tongzhou
Ping West
Zijing Fu
Beijing’s Tongzhou District announced the launch of a special project, DAGAO Metaverse Digital Art District, on April 19, in partnership with the Zhongguancun Digital Media Industry Alliance and DAGAO International Art Zone.
China’s ‘Whole Nation’ effort to advance the tech industry
The Diplomat
Xiao Tan and Yao Song
The re-emergence of China’s “whole nation” system seems to mark a new era, where the government’s role in the tech industry is raised to a new level.
USA
Brokers' sales of U.S. military personnel data overseas stir national security fears
CyberScoop
Suzanne Smalley
The multibillion-dollar data brokerage industry is virtually unregulated and poses a grave national security threat by advertising and selling information it has culled on military personnel, cybersecurity experts and a U.S. senator say.
U.S. lawmakers urge Facebook to do more to fight Russia propaganda in Spanish
Reuters
Diane Bartz
A group of 21 U.S. lawmakers sent a letter to Facebook chief executive Mark Zuckerberg on Wednesday voicing concern about what they called disinformation on the platform aimed at Spanish speakers about Russia's invasion of Ukraine.
Growing US chip output an 'expensive exercise in futility', warns TSMC founder
The Register
Brandon Vigliarolo
TSMC founder Morris Chang, a key player in the semiconductor industry since its inception, thinks America's attempt to grow its domestic chip production will be "a wasteful, expensive exercise in futility."
North Asia
U.N. panel coordinator urges stepped up focus on North Korea cyber crime
Reuters
David Brunnstrom
The coordinator for the U.N. body monitoring enforcement of sanctions on North Korea said on Wednesday a stepped up focus was needed on cybercrime, which had become fundamental to Pyongyang's ability to finance its banned weapons programs.
Americas
How the AI industry profits from catastrophe
MIT Technology Review
Karen Hao and Andrea Paola Hernández
As the demand for data labeling exploded, an economic catastrophe turned Venezuela into ground zero for a new model of labor exploitation.
Big Tech
Elon Musk’s talks of a Twitter takeover mask Tesla’s troubles in China
The Washington Post
Faiz Siddiqui
Some are concerned the Tesla CEO may be stretching himself too thin.
YouTube blocks account of Hong Kong's sole leadership candidate
Reuters
Josh Ye and Clare Jim
YouTube blocked the account of Hong Kong's sole leadership candidate John Lee on Wednesday because of U.S. sanctions against him, while Facebook owner Meta said he could keep his account but not use payment services.
Misc
Disinformation and democracy reading list
Medium
Barack Obama
Below is some of what I’ve read that offers useful context, solutions we can learn from, and interesting perspectives.
Google Project Zero detects a record number of zero-day exploits in 2021
The Hacker News
Ravie Lakshmanan
Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year.
Events and Podcasts
Jobs
ICPC Data Scientist/Data Analyst
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for talented Data Scientists or Data Analysts to join its growing centre. The role is suitable for applicants with between 1- and 4-years professional experience. Candidates with less than 1-year professional experience are encouraged to emphasise non-technical skills that they would bring to the role. For example, include evidence of well-developed communication skills, team collaboration abilities, or policy experience.
The Sydney Dialogue - Senior Events Coordinator
ASPI ICPC
The Australian Strategic Policy Institute (ASPI) is currently recruiting for an experienced events professional to coordinate the planning and logistics of the second iteration of ASPI’s Sydney Dialogue - the world’s premier summit on emerging, critical and cyber technologies.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
Bellingcat Tech Fellow
Bellingcat
We are looking for motivated, independent technologists with the skills to develop a tool of their interest for the open source investigator community. Send us a proposal for a tool that you would like and are able to develop by May 10, 2022.
