Global semiconductor shortage getting worse | Australian spy chiefs in ‘full court press’ to sell AUKUS | U.S. audit watchdog adopts rule to help implement new China trading ban
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The global semiconductor shortage that has paralyzed automakers for nearly a year shows signs of worsening, as new coronavirus infections halt chip assembly lines in Southeast Asia. The Washington Post
All of Australia’s spy chiefs are in Washington, joining Prime Minister Scott Morrison in a “full-court press” to entrench the new security partnership with the United States and the United Kingdom. Australian Financial Review
The SEC intends to delist roughly 270 Chinese companies listed on U.S. exchanges by early 2024 unless they allow their auditors to be inspected, Chairman Gary Gensler said last week. The Wall Street Journal
ASPI ICPC
Covid tech glitches
ABC Radio
Bridget Fitzgerald
Australians are using QR codes to track trips to the supermarket and there are facial recognition apps being used to monitor quarantine. But the technology is not perfect, glitches are missing important tracking information. And some experts say there are examples of unnecessary technology being used in place of existing, simpler methods. Karly Winkler, Senior Analyst, International Cyber Policy Institute, ASPI.
Muslim groups boycott Hilton over bulldozed Xinjiang mosque
Washington Post
Joseph Hammond
According to analysis of satellite images and other data, some 65% of the province’s mosques — roughly 16,000 — have been severely damaged or destroyed by Chinese authorities since 2017, according to analysis conducted by the Australian Strategic Policy Institute.
World
Semiconductor shortage that has hobbled manufacturing worldwide is getting worse
The Washington Post
@JeanneWhalen
The global semiconductor shortage that has paralyzed automakers for nearly a year shows signs of worsening, as new coronavirus infections halt chip assembly lines in Southeast Asia, forcing more car companies and electronics manufacturers to suspend production. A wave of delta-variant cases in Malaysia, Vietnam and the Philippines is causing production delays at factories that cut and package semiconductors, creating new bottlenecks on top of those caused by soaring demand for chips.
5 things to know about Biden's Quad summit with leaders of India, Australia and Japan
NPR
@akuhnNPRnews
This time, they're expected to survey progress on vaccine exports and discuss further cooperation on 5G telecommunications technology, cyber security, maritime exercises and intelligence sharing.
Foreign businesses say they feel effects from China's turn inward
The Wall Street Journal
@lizalinwsj
Multinationals are grappling with closed borders and favouritism toward local companies, business lobbies say
Australia
Australian spy chiefs in ‘full court press’ to sell AUKUS
Australian Financial Review
@mcranston1 @CUhlmann
All of Australia’s spy chiefs are in Washington, joining Prime Minister Scott Morrison in a “full-court press” to entrench the new security partnership with the United States and the United Kingdom. With Foreign Minister Marise Payne and Defence Minister Peter Dutton also in America, the unprecedented delegation shows the intention for the pact goes far deeper than buying nuclear submarines. It is aimed at underpinning the rapid evolution of Australia’s defences to include space, missiles, quantum computing, artificial intelligence and grey warfare on the internet. And in a sign that Canberra’s response to Beijing’s aggression is more broadly based than the Anglosphere AUKUS, Australia’s intelligence bosses have been joined in Washington by their counterparts from India and Japan for a spy chiefs meeting of the strategic dialogue known as the Quad.
The AUKUS agenda: domestic and international partnership implications beyond submarines
The Mandarin
@michael_ASPI
Now the systemic challenge China poses to our security and that of our partners has created the new AUKUS partnership, which involves decades of research, development and deployment of technologies, concepts and methods across the cyber, artificial intelligence, quantum and undersea domains for national security purposes at paces much faster than in recent decades. That’s a new agenda that lets us turn the difficult relationship between Australia’s universities and the commonwealth government into its opposite: a close working partnership for the common purpose of our national security. Australia’s corporate world, not simply the traditional defence industry, is crucial here too, as it’s this trilateral — government, research and corporate — that can be built around the technology menu the three leaders set out.
Danielle Cave & Fergus Hanson argue in The Strategist and the Sydney Morning Herald that the real potential of AUKUS is about far more than submarines.
Cyber self defence is no longer adequate protection for boards
The Australian
Tony Davis
Until recently, many organisations believed they had adequate walls around their data and tech assets to protect them from bad actors. But this one dimensional thinking has been found to be totally inadequate against increasing cyber risks to their operations, confidentiality and ultimately their brand reputation.
China
China lays out new guidelines intended to better protect IP
Bloomberg
@PhilipGlamann
China has announced plans to improve protection of intellectual property, including boosting compensation for losses resulting from violations, addressing a broad area area where it often comes into conflict with the U.S.
Business group: China's tech self-reliance plans hurt growth
ABC News
Joe McDonald
The ruling Communist Party’s campaign to tighten control over China’s industries and use less foreign technology is slashing economic growth, a foreign business group warned Thursday. The European Union Chamber of Commerce in China appealed to Beijing to reverse course and open state-dominated markets wider.
Experts say China’s low-level cyberwar is becoming severe threat
The Guardian
@dansabbagh
Chinese state-sponsored hacking is at record levels, western experts say, accusing Beijing of engaging in a form of low-level warfare that is escalating despite US, British and other political efforts to bring it to a halt. There are accusations too that the clandestine activity, which has a focus on stealing intellectual property, has become more overt and more reckless
Xiaomi says its devices do not censor users following Lithuania report
Reuters
@andrius_sytas
China’s Xiaomi Corp said on Wednesday that its devices do not censor users’ communications, a day after Lithuania’s Defence Ministry recommended that consumers avoid Chinese phones due to a censoring feature in the smartphone giant’s flagship phone.
The China-Lithuania rift Is a wake-up call for Europe
Foreign Policy
Franklin D. Kramer & Hans Binnendijk
China has put NATO ally Lithuania in the crosshairs over that nation’s relationship with Taiwan and its challenge to China’s efforts to gain a political foothold in Central and Eastern Europe.
Huawei’s under-the-radar Brussels blitz
POLITICO
@markscott82
When Huawei needed a friend in Brussels, it found one in EU Reporter. As the geopolitical winds began to turn against it last year, the Chinese telecommunications giant wanted to rehabilitate its reputation in the halls of power in the European Union. It turned to an outlet with a long association with Beijing and a business model that allows clients to publish pay-for-play lobbying while making it look like independent news.
USA
U.S. audit watchdog adopts rule to help implement new trading ban
The Wall Street Journal
@markgmaurer
The SEC intends to delist roughly 270 Chinese companies listed on U.S. exchanges by early 2024 unless they allow their auditors to be inspected, Chairman Gary Gensler said last week. “I don’t believe China-related companies currently are providing adequate information about the risks they face—and thus the risks that American investors in these businesses face,” Mr. Gensler wrote in a Wall Street Journal op-ed. China, meanwhile, is cracking down on certain companies as it seeks to reduce income inequality and trim corporate debt. Regulators over the past year have tightened rules on technology firms, real-estate developers and other sectors.
Quad leaders to deliver on vaccines, infrastructure, tech -U.S. official
Reuters
@davidbrunnstrom Michael Martina
The official said Biden would announce on Friday an "elite" privately funded Quad fellowship program for 100 students – 25 from each of the four countries – to pursue STEM (science, technology, engineering and mathematics) masters and doctoral programs in the United States. Comparing it to Britain's Rhodes scholarship program, the official said the fellowship would be administered by the Schmidt Futures philanthropic initiative, founded by former Google chief executive officer Eric Schmidt.
Facebook to testify on kids' safety as lawmakers probe a whistleblower’s revelations
The Washington Post
@viaCristiano
A trove of documents reviewed by the Wall Street Journal exposing how Facebook’s own research found its products are harming users is rocking Silicon Valley and Washington alike, particularly a report suggesting the company downplayed how toxic Instagram is for teen girls.
U.S. court orders Facebook to release records of anti-Rohingya content for genocide case
Reuters
@poppymcp
A U.S. federal judge has ordered Facebook to release records of accounts connected to anti-Rohingya violence in Myanmar that the social media giant had shut down, rejecting its argument about protecting privacy as "rich with irony".
How Google spies on its employees
The Information
Sarah Krouse
Looking up COBRA health insurance costs. Screenshotting and using encrypted messaging apps at the same time. Google employees can attract scrutiny from the company’s corporate security team through ordinary actions. Now a new trial is calling attention to the search giant’s surveillance of staffers.
New Google documents reveal just how involved a top executive was in the ousting of a right-wing engineer championed by Trump
Business Insider
@mattdrange @HughLangley
One of Google's most senior executives was at the center of a politically-charged altercation with an engineer several years ago, in an incident that federal regulators have said violated labor laws and whose ripples continue to affect the company today.
Federal agencies warn companies to be on guard against prolific ransomware strain
The Hill
@MagMill95
The FBI, the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a warning to U.S. organizations to be aware of a specific type of ransomware that has already wreaked havoc on hundreds of groups.
Senior cyber officials back new, mandatory reporting of breaches
The Record
@martinmatishak
Two of the U.S. government’s top cybersecurity officials on Thursday endorsed the idea of new legislation that would mandate certain private sector companies report when they have been hacked.
The NSA and CIA ese ad blockers because online advertising is so dangerous
VICE
Joseph Cox
The Intelligence Community has deployed ad-blocking technology, according to a letter sent by Congress and shared with Motherboard.
Jan. 6 video suggests 'Russia Insider' entered Capitol
Southern Povery Law Centre
Michael Edison Hayden
Russia Insider founder Charles Bausman breached the walls of the U.S. Capitol building on Jan. 6, according to research conducted by a Europe-based open-source intelligence (OSINT) group into video captured during the insurrection.
ExpressVPN employees question company about exec working for UAE spy unit
VICE
Joseph Cox
Questions submitted as part of a company meeting give some insight to the response from ExpressVPN employees on the Project Raven news.
ShadowDragon: Inside the social media surveillence software that can watch your every move
The Intercept
@Michael_Kwet
The software, put out by a Wyoming company called ShadowDragon, allows police to suck in data from social media and other internet sources, including Amazon, dating apps, and the dark web, so they can identify persons of interest and map out their networks during investigations. By providing powerful searches of more than 120 different online platforms and a decade’s worth of archives, the company claims to speed up profiling work from months to minutes. ShadowDragon even claims its software can automatically adjust its monitoring and help predict violence and unrest.
When you ‘Ask app not to track,’ some iPhone apps keep snooping anyway
The Washington Post
@geoffreyfowler @Tatum_Hunter_
Our investigation found the iPhone’s tracking protections are nowhere nearly as comprehensive as Apple’s advertising might suggest. We found at least three popular iPhone games share a substantial amount of identifying information with ad companies, even after being asked not to track.
New York passes sweeping bills to improve conditions for delivery workers
The New York Times
Jeffery C. Mays
On Thursday, the city became the first in the nation to take aggressive steps to improve those employees’ working conditions, approving a groundbreaking package of legislation that will set minimum pay and address the plight of couriers employed by app-based food delivery services like Grubhub, DoorDash and Uber Eats.
Private eyes in the sky
Foreign Affairs
@MilonopoulosT @eriklg
As the number of private satellites grows, so, too, will the amount of information available to nongovernment users. Government control over intelligence will diminish. And as new technologies continue to shrink the “backstage” where governments can hide activities from public view, policymakers will be forced to become more effective stage managers. Sometimes, they will be compelled to change government policies because of detection—or fear of it. Other times, they will need to find ways to exploit this new reality and reap the strategic benefits of nongovernment disclosures. Regardless of what they do, however, governments will find it increasingly hard to hide their activities from the growing number of private eyes in the sky.
He escaped the dark web's biggest bust. Now he's back
WIRED
@a_greenberg
DeSnake apparently eluded the DOJ's takedown of AlphaBay. The admin talked to WIRED about his return—and the resurrection of the notorious underground marketplace.
Fossil fuel companies say hydrogen made from natural gas is a climate solution. But the tech may not be very green
TIME
@AlexSdelaGarza
As a committee of climate scientists and environmental officials deliberated over how to drastically cut New York State’s carbon footprint last summer, natural gas industry representatives were putting forward a counterintuitive pitch: hydrogen, made from fossil fuels.
Twitter accelerates again with Bitcoin tips, NFTs, recorded Spaces, creator fund and more
TechCrunch
@sarahintampa
Twitter’s slate of new product announcements is not slowing down. The company today introduced a number of new initiatives aimed at better serving the conversations and community using its platform, including support for tipping with crypto, NFT authentication and plans for other experiments designed to provide more context about a conversation to those just joining in. The company also said it’s preparing to launch its own creator fund in a few weeks to provide audio creators with access to financial, technical and marketing support.
Learn to use data or risk dying in battle, new army project teaches
Defense One
@DefTechPat
Soldiers aren’t rushing to use the artificial-intelligence tools that Pentagon leaders are rushing to develop, so Army leaders at Fort Bragg are launching a training program meant to convince commanders that trusting data, algorithms, and AI will keep them alive in battle.
South and Central Asia
UK
Stop using Chinese smartphones over hidden censorship software, consumers warned
The Telegraph
Matthew Field @niccijsmith
Hundreds of thousands of British consumers are using Chinese smartphones embedded with software capable of detecting pro-democracy phrases such as “Free Tibet” and “long live Taiwan independence”, it has emerged. Alan Woodward, a computer science expert at the University of Surrey and former consultant for GCHQ, said: “Absolutely [consumers] should be concerned. Censorship technology may be standard in some jurisdictions, but unless those vendors are transparent about what is included then buyers simply cannot make an informed choice.”
Europe
Microsoft is heading for a new antitrust showdown
WIRED
@Gmvolpi
While Microsoft has been largely absent from heated discussions about Big Tech’s anticompetitive practices for nearly a decade, new entrants are increasingly worried – if not necessarily vocal – about the company’s dominance in both the enterprise software and cloud domains. Regulators in the UK and Europe might soon start taking notice of that, too.
An experiment to stop online abuse falls short in Germany
The New York Times
@satariano
Despite having one of the world’s toughest laws against online hate speech and harassment, Germany has struggled to contain toxic content ahead of its Sept. 26 election.
Merkel’s departure and Russian disinformation weigh on German election
The Strategist
@VanessaGeidel
As with Baerbock, Merkel has been targeted with disinformation intended to discredit her personally. Covid-19 has also provided fertile ground for disinformation, with the Russian government attempting to discredit the Pfizer vaccine while promoting the Russian-made Sputnik V shot and claiming (incorrectly) that Germany tops the list of countries with Covid infections).
Polish gene project moves to drop Chinese tech on data concerns
Reuters
Joanna Plucinska
A European Union-funded project to build a genomic map of Poland plans to drop gene-sequencing technology from China’s BGI Group over concerns about data security, one of the project’s leaders told Reuters.
How the Mafia is pivoting to Cybercrime
VICE
@lorenzofb
Investigators from Spanish and Italian police explan how organised crime is going online and expanding into cybercrime.
IMEC offers neutral ground amid chip rivalries
The Economist
IMEC, as it is better known, does not design chips (like America’s Intel), manufacture them (like TSMC of Taiwan) or make any of the complicated gear in its basement (like ASML, a Dutch firm). Instead, it creates knowledge used by everyone in the the $550bn chip business. Given chips’ centrality to the modern economy—highlighted by the havoc wrought by current shortages—and increasingly to modern geopolitics, too, that makes it one of the most essential industrial research-and-development (R&D) centres on the planet.
EU proposes mandatory USB-C on all devices, including iPhones
The Verge
@JonPorty
The European Commission, the executive arm of the European Union, has announced plans to force smartphone and other electronics manufacturers to fit a common USB-C charging port on their devices. The proposal is likely to have the biggest impact on Apple, which continues to use its proprietary Lightning connector rather than the USB-C connector adopted by most of its competitors.
In a setback for Apple, the European Union seeks a common charger for all phones.
The New York Times
Elian Peltier
The European Union unveiled plans on Thursday to make USB-C connectors the standard charging port for all smartphones, tablets and other electronic devices sold across the bloc, an initiative that it says will reduce environmental waste but that is likely to hit Apple the hardest.
Russia
Russian disinformation campaigns change tack to get around western defences
Financial Times
@marthamuir25
Online sites test new methods as social media platforms try to scrub their platforms of propaganda
The Americas
‘The world is looking at our talent’: How will Canada fare in the global competition for tech workers?
The Logic
@muradhem
This is part one of The Logic’s in-depth series exploring how Canada is faring in the global competition for tech talent, as economies reopen and companies and governments jockey for advantage in a remote-work world.
Misc
Hackers leak LinkedIn 700 million data scrape
The Record
@campuscodi
A collection containing data about more than 700 million users, believed to have been scraped from LinkedIn, was leaked online this week after hackers previously tried to sell it earlier this year in June.
2021 has broken the record for zero-day hacking attacks
MIT Technology Review
Patrick Howell O'Neill
But the reasons why are complicated—and not all bad news.
Research
The Business of Hate: Bankrolling Bigotry in Germany and the Online Funding of Hate Groups
Institute for Strategic Dialogue
The Global Disinformation Index (GDI) and Institute for Strategic Dialogue (ISD) have published a new study which shows how 17 known German far right groups and actors allegedly use 20 different online funding services to fund their activities.
Measuring the Efficacy of Influence Operations Countermeasures: Key Findings and Gaps from Empirical Research
Carnegie Endowment for International Peace
@JonKBateman Elonnai Hickok Jacob N. Shapiro @lacourchesne
Research shows that fact-checking can reduce the harmful impacts of false information. But beyond that, we know relatively little about the efficacy of counter-influence measures being implemented or considered by platforms, governments, and civil society.
How China harnesses data fusion to make sense of surveillance data
Brookings
@dahlialpeterson
Relatively little attention has been paid to how Chinese authorities are making use of the data it collects. As countries and companies consider how to respond to China’s surveillance regime, policymakers need to understand data fusion’s crucial role in monitoring the country’s population in order to craft effective responses.
International Cyber Capacity Building: Global Trends and Scenarios
European Commission
@TheRobCollett @nayiabarmpaliou
Commissioned by the Service for Foreign Policy Instruments of the European Commission, this report identifies four trends in cyber capacity building and extrapolates their development to explore four potential scenarios that can inform capacity builders’ strategic decision making.
Study: Effectiveness of Apple's App Tracking Transparency
Transparency Matters
Johnny Lin Sean Halloran
Using the open source Lockdown Privacy app and manual testing, we found that App Tracking Transparency made no difference in the total number of active third-party trackers, and had a minimal impact on the total number of third-party tracking connection attempts. We further confirmed that detailed personal or device data was being sent to trackers in almost all cases. ATT was functionally useless in stopping third-party tracking, even when users explicitly choose “Ask App Not To Track”.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.