French & Russian trolls wrestle for influence in Africa, FB says / China suspected of spying via Caribbean phone networks / Scope of Russian hack becomes clear: Multiple U.S. agencies were hit
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Rival French and Russian disinformation campaigns have sought to deceive Internet users -- and unmask each other -- in the Central African Republic (CAR) ahead of a Dec. 27 presidential and parliamentary election, Facebook said on Tuesday. Reuters
China appears to have used mobile phone networks in the Caribbean to surveil US mobile phone subscribers as part of its espionage campaign against Americans, according to a mobile network security expert who has analysed sensitive signals data. The Guardian
The Pentagon, intelligence agencies, nuclear labs and Fortune 500 companies use software that was found to have been compromised by Russian hackers. The sweep of stolen data is still being assessed. The New York Times
ASPI ICPC
Data-Driven: How COVID-19 and cyberspace are changing spycraft
Australian Foreign Affairs
@DaniellesCave
Danielle Cave probes how data and technology have shaped espionage in a time of crisis and beyond.
Australia
ASD leaves TikTok ban decisions in departmental hands
ZDNet
@dobes
The Australian Signals Directorate (ASD) has said even though it provides technical advice on cybersecurity matters to the Australian government, it does not impose bans on apps or technology.
China
Uighur repression ‘turbocharged by technology,’ confidential documents show
International Consortium of Investigative Journalists
@shirafu
Researchers uncover new details on how apps and tech companies like Zapya, Huawei and Megvii contribute to China’s surveillance and mass internment program in Xinjiang.
USA
Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit
The New York Times
@SangerNYT @nicoleperlroth @Eric_Schmitt
The Pentagon, intelligence agencies, nuclear labs and Fortune 500 companies use software that was found to have been compromised by Russian hackers. The sweep of stolen data is still being assessed.. About 18,000 private and government users downloaded a Russian tainted software update — a Trojan horse of sorts — that gave its hackers a foothold into victims’ systems, according to SolarWinds, the company whose software was compromised.. The National Security Agency — the premier U.S. intelligence organization that both hacks into foreign networks and defends national security agencies from attacks — apparently did not know of the breach in the network-monitoring software made by SolarWinds until it was notified last week by FireEye. The N.S.A. itself uses SolarWinds software.
Suspected Russian Cyberattack Began With Ubiquitous Software Company
Wall Street Journal
@bobmcmillan
The widespread and monthslong hack of the U.S. government and some of America’s biggest corporations was enabled by an unlikely source: a little-known Austin, Texas, software company called SolarWinds Corp. SWI -7.95% that until this week was a household name only to computer network administrators.
DHS, State and NIH join list of federal agencies — now five — hacked in major Russian cyberespionage campaign
The Washington Post
@nakashimae @craigtimberg
The Department of Homeland Security is the third federal agency to have fallen victim to a major cyberespionage campaign by the Russian government, joining the Treasury and Commerce departments as targets that have been compromised, officials said Monday.
Chinese professor, despite no remorse, to return home after guilty plea in Huawei theft case
Reuters
@jonathanstempel
A Chinese professor accused of stealing American technology to benefit China's Huawei Technologies Co plans to return to his home country after being sentenced on Monday for lying to the FBI.
Tech Companies Shift Their Posture on a Legal Shield, Wary of Being Left Behind
The New York Times
For more than two decades, the tech industry had a cohesive message to Congress about a law that shields internet platforms from lawsuits: Don’t touch it. But now, as tech companies face intensifying attacks from political leaders, more of them are saying something else: Let’s work something out. Numerous industry leaders have said in recent weeks that they are open to changes to the law, Section 230 of the Communications Decency Act.
Voting technology company sends legal notices to Fox News and other right-wing media outlets over 'disinformation campaign'
CNN
A voting technology company swept up in baseless conspiracy theories about the 2020 election said on Monday that it had sent legal notices to Fox News and two other right-wing media companies for participating in a "disinformation campaign" aimed at damaging it.
North Asia
Pound for Pound, Taiwan Is the Most Important Place in the World
The New York Times
@ruchirsharma_1
Its excellence in the computer chip market puts it at the center of the battle for global technological supremacy.
South and Central Asia
Apple's Globalization Plans Meet a Baton Charge in India
Bloomberg
@tculpan
For more than a decade, companies like Apple Inc. have entertained the idea of evolving away from China-based supply chains to have their devices made in lower-cost locales like India, Vietnam and Mexico. The challenge of such decentralization became brutally evident last weekend with an uprising at a factory operated by Taiwan’s Wistron Corp. that makes iPhones in India.. Apple Chief Executive Officer Tim Cook and Taiwan President Tsai Ing-wen ought to be worried.
UK
Online Harms White Paper: Full government response to the consultation
UK Gov
Presented to Parliament by the Secretary of State for Digital, Culture, Media and Sport and by the Secretary of State for the Home Department by Command of Her Majesty on 15 December 2020
GCHQ chief warns internet is at risk of 'splintering' due to increasing Chinese control
The Telegraph
Jeremy Fleming, the Director of Britain’s cyber spy agency, said the future would be characterised by “fundamental strategic competition for Western liberal democracies”. Speaking at Chatham House the Director of GCHQ said the increasing willingness of authoritarian states to seek confrontation in cyberspace through the theft of intellectual property, denial of information and dissemination of misinformation could see a global splintering regarding use of the internet.. The UK is playing a fundamental role in setting the rules for the next generation of technology, but “there's a lot to play for in that space” Mr Fleming said. “The UK wants a secure and profitable relationship with China, but equally, at times our security interests are in play. “We want to have the sort of relationship where they understand that [stealing intellectual property and data] is not acceptable.”
Europe
EU warns that it may break up Big Tech companies
Financial Times
@JavierespFT
The EU will threaten on Tuesday to break up Big Tech companies if they repeatedly engage in anti-competitive behaviour. The warning comes as Brussels publishes its drafts of two major new pieces of tech regulation. A Digital Markets Act will aim to tackle unfair competition in the sector, and a Digital Services Act will force tech companies to take more responsibility for illegal behaviour on their platforms.
Twitter fined ~$550K over a data breach in Ireland’s first major GDPR decision
TechCrunch
@riptari
Ireland’s Data Protection Commission (DPC) has issued Twitter with a fine of €450,000 (~$547,000) for failing to promptly declare and properly document a data breach under Europe’s General Data Protection Regulation (GDPR).
Lisbon eyes undersea cable investment to bolster EU tech infrastructure
POLITICO
Portugal is pushing for a pan-European investment plan to roll out a network of undersea cables and upgrade the Continent’s digital infrastructure. Lisbon plans to present a strategy to shore up and secure Europe’s submarine cable network when it takes over the presidency of the Council of the European Union next month.
The Americas
Revealed: China suspected of spying on Americans via Caribbean phone networks
The Guardian
@skirchy
China appears to have used mobile phone networks in the Caribbean to surveil US mobile phone subscribers as part of its espionage campaign against Americans, according to a mobile network security expert who has analysed sensitive signals data.. At the heart of the allegations are claims that China, using a state-controlled mobile phone operator, is directing signalling messages to US subscribers, usually while they are travelling abroad.
Africa
French and Russian trolls duke it out in Central Africa election, Facebook says
Reuters
@jc_stubbs
Rival French and Russian disinformation campaigns have sought to deceive Internet users -- and unmask each other -- in the Central African Republic (CAR) ahead of a Dec. 27 presidential and parliamentary election, Facebook said on Tuesday.
Misc
Facebook Is a Doomsday Machine
The Atlantic
@AdrienneLaF
The doomsday machine was never supposed to exist. It was meant to be a thought experiment that went like this: Imagine a device built with the sole purpose of destroying all human life. Now suppose that machine is buried deep underground but connected to a computer, which is, in turn, hooked up to sensors in cities and towns across the United States.
Research
From information laundering to influence: Russia's footprints in Germany - EU vs DISINFORMATION
EU vs DISINFORMATION
Fresh research by NATO’s Stratcom Centre of Excellence in Riga confirms that information laundering is conducted in Germany by the Kremlin and pro-Kremlin actors. These domestic and foreign actors aim to enable the spread of pro-Kremlin influence in Germany and disseminate a particular image about Germany to foreign groups of audiences while laundering German news stories.
Democracy by Design
CNAS
A global contest between democracies and autocracies is raging on the digital front. Technology stands to alter the balance between free, open societies and closed, repressive regimes. Nation states in direct competition with the United States seek to project global influence by shaping an existing digital order to their will. Impulses toward illiberal use of technology at home threaten to curtail individual liberties, constrict opportunity, and erode a truly open society. Democracies do not yet have a model for how to confront this.
ENISA Threat Landscape for 5G Networks Report
ENISA
This report is an update of the ENISA 5G Threat Landscape, published in its first edition in 2019. This document is a major update of the previous edition. It encompasses all novelties introduced, it captures developments in the 5G architecture and it summarizes information found in standardisation documents related to 5G. Moreover, the vulnerability and threat assessments found in this document introduce a significant advancement to the previous edition, by providing more comprehensive information about the exposure of assets of the updated 5G architecture.
One in three people exposed to Covid anti-vax messages
King’s College London
One in three people in the UK (34%) say they’ve seen or heard messages discouraging the public from getting a coronavirus vaccine, and anti-vax voices are using social media to amplify their messages, a new study has found.