Google ‘partially’ misled consumers over collecting location data | China blocks US think tank CSIS website following critique of sanctions | Huawei was able to eavesdrop on Dutch mobile network KPN
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Google has been found to have “partially” misled Australian consumers about collecting their location data, according to a federal court ruling handed down on Friday. The court found that Google continued to collect “Location History” on some Android and Pixel phones, even for customers who ticked “No” or “Do not collect” on their settings. The Guardian
Beijing has blocked the Centre for Strategic and International Studies (CSIS) website in China, after the Washington-based group released a piece criticising the country’s sanctions on a European think tank. South China Morning Post
Chinese technology company Huawei would have had free access to KPN's mobile network in the past and could eavesdrop on all conversations. De Volkskrant writes this based on a secret report from 2010 which their editorial staff reviewed. According to the newspaper, Huawei was able to eavesdrop on mobile numbers from the telecom provider at that time. This also included the phones of the then Prime Minister Jan Peter Balkenende, various ministers, and Chinese dissidents. Huawei also knew which numbers were tapped by police and intelligence services. NL Times
ASPI ICPC
As Australia slams China’s Xinjiang policies, Uygur activists hope for ‘concrete action’
South China Morning Post
@John_F_Power
Nathan Attrill, a researcher with the Australian Strategic Policy Institute said there was a wider “gap between rhetoric and action” than might be assumed given the heightened state of political tensions between Canberra and Beijing.
Robots, worms and satellites: How do you fight a cyberwar?
The Sydney Morning Herald
@Sherryn_G
The internet may be the great connector but the access it opens up into each of our lives has long been exploited by hackers – be they spy, saboteur, thief, activist or bully. While this regular back and forth lends itself well to the war analogy, most of what goes on, even between nation states, still falls below the threshold of actual warfare. It lives in “the grey zone”, says Tom Uren, an ex-Defence cyber analyst now at the Australian Strategic Policy Institute (ASPI). “It’s not warfare but it’s definitely not peace either,” Uren says. “Some countries will push right up to the edge of that red line using covert, deniable methods … NotPetya is probably the closest we’ve come to real war.”
World
‘Smart’ Cities Are Surveilled Cities
Foreign Policy
@robmuggah @meta_lab
“Smart” is increasingly a euphemism for surveillance. Cities in at least 56 countries worldwide have deployed surveillance technologies powered by automatic data mining, facial recognition, and other forms of artificial intelligence. Urban surveillance is a multibillion-dollar industry, with Chinese and U.S.-based companies such as Axis, Dahua, Hikvision, Huawei, and ZTE leading the charge. Whether they are in China or elsewhere, smart cities are usually described in benign terms with the soothing promise of greener energy solutions, lower-friction mobility, and safer streets. Yet in a growing number of places from New York to Hong Kong, there are growing concerns about the ways in which supercharged surveillance is encroaching on free speech, privacy, and data protection.
Australia
Google ‘partially’ misled consumers over collecting location data, Australian court finds
The Guardian
@naamanzhou
Google has been found to have “partially” misled Australian consumers about collecting their location data, according to a federal court ruling handed down on Friday. The court found that Google continued to collect “Location History” on some Android and Pixel phones, even for customers who ticked “No” or “Do not collect” on their settings.
ACCC federal court case shows Google privacy settings are a mess
The Australian
@chris_griffith
The ACCC contended that neither was the case in 2017-2018 on Android phones, the period the commission homed in on, in its federal court action against Google. The judgment says around 6.3 million Australian users set up a new Google account on devices using the Android OS between January 2017 and August 2019.
Google location data: what does Australian court ruling mean and how can I turn off my tracking history?
The Guardian
@RoyceRk2 @naamanzhou
On Friday the Australian Competition and Consumer Commission (ACCC) won a legal action in the federal court, which ruled that, thanks to a peculiar set-up that required a user to check “No” or “Do Not Collect” to both “Location History” and “Web & App Activity” on some Android and Pixel phones, someone who ticked “No” to just one would still end up being tracked.
The race for rare earth minerals: can Australia fuel the electric vehicle revolution?
The Guardian
@RoyceRk2
China dominates supply of the elusive metals, which are vital to modern technology, but finding new sources is becoming a global priority.
Doing business in a divided world
Australian Financial Review
@peteryuancai
This is likely to be a foretaste of what is coming, especially as China is emerging as a significant global force in providing technology, from artificial intelligence to supercomputing. Companies need to understand that apart from technology and cost, they must consider the complex rules around the US sanctions regime, which features a growing list of Chinese technology companies.
Cyber security and female representation top priorities
The Sydney Morning Herald
@Gallo_Ways
But in a marked change of emphasis, the former science and industry minister said safely reopening the border, guarding against cyber attacks, shoring up supply chains and protecting critical infrastructure and technologies from foreign adversaries were her top priorities. Cyber attacks, including from countries such as China, have been a growing concern for Australian security agencies, with hacks against businesses and households estimated to be costing about $29 billion a year. Foreign spies have also been targeting Australia’s mining, agricultural and research industries in a bid to steal trade secrets and sensitive technologies.
China
China blocks US think tank Centre for Strategic and International Studies website following critique on sanctions
South China Morning Post
@markmagnier
Beijing has blocked the Centre for Strategic and International Studies (CSIS) website in China, after the Washington-based group released a piece criticising the country’s sanctions on a European think tank.
Why are Twitter ‘China state media’ tags only applied to Chinese employees?
South China Morning Post
@owenschurchill
In the months since, Twitter has expanded the policy’s reach, increasing the number of countries affected and adding more individual accounts to the list, including those of reporters. But one group of users seems to have been spared: non-Chinese news workers employed by Chinese state media outlets, the ranks of which include senior editors, news anchors, foreign correspondents and commentators.
Leaked ByteDance Memo Shows Blockbuster Revenue Projections
Bloomberg
Zheping Huang
As ByteDance Ltd. prepares for a historic initial public offering, an internal memo leaked showing TikTok’s owner aims to grow advertising sales in China 42% and triple the size of its e-commerce business this year. The internet titan is seeking to increase ad revenue for its China-based businesses including Douyin and Toutiao to 260 billion yuan ($39.8 billion) this year from 183 billion yuan in 2020, according to the memo seen by Bloomberg News.
China Becomes World’s Biggest Buyer of Chip Equipment in 2020, Says SEMI
Caixin Global
Ding Yi
China bought more semiconductor manufacturing equipment than any other single country or region in 2020, as Beijing pursues self-sufficiency in chip production amid mounting tech tensions with Washington.
China’s Ant explores ways for Jack Ma to exit
Reuters
@julie_zhuli
Ant Group is exploring options for founder Jack Ma to divest his stake in the financial technology giant and give up control, as meetings with Chinese regulators signaled to the company that the move could help draw a line under Beijing’s scrutiny of its business, according to a source familiar with regulators’ thinking and two people with close ties to the company.
Who are China’s blacklisted supercomputer groups?
South China Morning Post
@jane_zeal @Che Pan
This time around, the US has targeted four of China’s seven national supercomputer centres, along with Tianjin Phytium Information Technology, Shanghai High-Performance Integrated Circuit Design Center and Sunway Microelectronics. Here is a look at what they do.
For Western companies, China is a risky bet
Politico
@elisabethbraw
Stora Enso’s decision is illustrative how the corporate calculus regarding China is being turned on its head. After decades in which companies most feared being locked out of one of the world’s largest markets, Western firms are starting to realize that even the faintest link to Xinjiang’s “re-education camps” can be toxic to their reputation (remember Volkswagen’s China CEO’s cringeworthy interview with the BBC?). As companies weigh the risk of doing business with Beijing, it’s a safe bet that many more will discreetly do a Stora Enso and leave.
USA
A New Threat to New York’s Clean Energy Goals: Bitcoin Mining
New York Focus
Peter Mantius
A Finger Lakes power plant plans to ramp up energy-intensive Bitcoin mining. If the state allows it to proceed, environmentalists warn dozens of fossil-fueled plants could follow.
In secret Facebook groups, America's best warriors share racist jabs, lies about 2020, even QAnon theories
NBC News
Carol E. Lee
They're the most elite, lethally trained members of the U.S. military, widely considered the best of the best. And yet in secret Facebook groups exclusively for special operations forces that were accessed by NBC News, they share misinformation about a "stolen" 2020 election, disparaging and racist comments about America's political leadership and even QAnon conspiracy theories.
Data Is Power - Washington Needs to Craft New Rules for the Digital Age
Foreign Affairs
Matthew Slaughter & David McCormick
If the United States does not shape new rules for the digital age, others will. China, for example, is promulgating its own techno-authoritarian model, recognizing that shaping the rules of digital power is a key component of geopolitical competition. The United States should offer an alternative: with a coalition of willing partners, it should set up a new framework, one that unleashes data’s potential to drive innovation, generate economic power, and protect national security.
Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program
Zero Day
@KimZetter
A little-seen report issued last month by the Atlantic Council described in detail what a source confirms was the company’s alleged activities on behalf of the Russian government.
FIN7 'technical guru' sentenced to 10 years in prison
CyberScoop
@snlyngaas
A U.S. federal judge on Friday sentenced Fedir Hladyr to 10 years in prison for his alleged role as an administrator of the multibillion-dollar cybercrime group known as FIN7, which has breached hundreds of U.S. firms.
US and Japan vow to push back on China’s ‘intimidation’
The Sydney Morning Herald
@KnottMatthew
The US and Japanese leaders announced a $6 billion commitment to develop next generation mobile networks, an effort designed to ensure Chinese firms such as Huawei do not dominate the playing field on 5G and other emerging technologies.
In Punishing Russia for SolarWinds, Biden Upends U.S. Convention on Cyber Espionage
The Wall Street Journal
@dnvolz
President Biden’s decision this week to punish Russia for the SolarWinds hack broke with years of U.S. foreign policy that has tolerated cyber espionage as an acceptable form of 21st century spycraft, analysts and former officials said. In announcing a suite of punitive measures against Moscow, including financial sanctions and diplomatic expulsions, the White House made clear its actions were in response to “the full scope of Russia’s harmful foreign activities.”
Misinformation in the Military Community and the Next National Security Strategy
The Strategy Bridge
Matthew Butler
The 2017 National Security Strategy of the United States of America espoused an “America First” agenda that equated a favorable balance of power with national security. Focusing on great power competition and international terrorism, the 2017 National Security Strategy did not directly address internal threats to the United States in the form of domestic-influenced extremism.
100 Days Without Trump on Twitter: A Nation Scrolls More Calmly
The New York Times
@sarahlyall
Democrats are breathing easier. Republicans are crying censorship. For all of the country’s news consumers, a strange quiet has descended after a four-year bombardment of presidential verbiage.
P&G Worked With China Trade Group on Tech to Sidestep Apple Privacy Rules
The Wall Street Journal
@sharonterlep @timkhiggins @patiencehaggin
Procter & Gamble Co. helped develop a technique being tested in China to gather iPhone data for targeted ads, a step intended to give companies a way around Apple Inc.’s new privacy tools, according to people familiar with the matter.
South and Central Asia
Pakistan temporarily bans WhatsApp, Facebook, Twitter, other social media in wake of ongoing protests
India Today
@shruberma
Pakistan has banned social media across the country with immediate effect from 11 am to 3 pm today, i.e., Friday. The temporary ban sees the blockage of WhatsApp, Facebook, Twitter, TikTok, Instagram, and YouTube in Pakistan in the wake of the ongoing Islamist protests. Pakistan's Ministry of Interior has ordered the Pakistan Telecommunication Authority to impose the ban effective immediately throughout the country. This means that people living in Pakistan cannot use social media through mobile data or broadband or Wi-Fi connections on any device, including smartphones and laptops.
China tried to wage ‘undeclared war’ on India with cyberattacks, military chief says
South China Morning Post
@kunalpurohit
China tried to wage an “undeclared war” against India through cyberattacks and indicated that it was “my way or no other way”, New Delhi’s most senior military official said on Thursday about the drawn-out border stand-off between the neighbouring countries that is believed to have brought the countries to the brink of open conflict.General Bipin Rawat, the Chief of Defence Staff of the Indian Army, said in a virtual discussion at the annual Raisina Dialogue that China’s creation of “disruptive technologies which can paralyse systems of the adversary” had emboldened Beijing and made it assertive.
Europe
Huawei was able to eavesdrop on Dutch mobile network KPN: Report
NL Times
Chinese technology company Huawei would have had free access to KPN's mobile network in the past and could eavesdrop on all conversations. De Volkskrant writes this based on a secret report from 2010 which their editorial staff reviewed. According to the newspaper, Huawei was able to eavesdrop on mobile numbers from the telecom provider at that time. This also included the phones of the then Prime Minister Jan Peter Balkenende, various ministers, and Chinese dissidents. Huawei also knew which numbers were tapped by police and intelligence services.
Fake News Attacks in NATO Cyber War Game
The Defense Post
A fake news site attacking a NATO member recovering from the pandemic is part of the fictional scenario in an alliance cyber war game this week billed as the world’s largest.
Commission seeks to block China from sensitive joint science projects
Politico
@gallardo_ortega
The EU is pressing China to agree to a list of conditions before allowing it to cooperate with European researchers on sensitive areas of research, but there are fears that tie-ups with Britain, Switzerland and Israel could also be prevented by the proposed rules.
The Americas
Hong Kongers say they're being targeted by Chinese agents on Canadian soil
CTV News
@C_Somos
Wong said that in the past year, Hong Kong activists have experienced “countless harassment incidents, online attacks and physical altercations” with agents and individuals that they believe are acting on behalf of the Chinese government.
China’s social credit program creeps into Canada
The Sunday Guardian
Scott McGregor & Ina Mitchell
Ryan Pan, a manager with Haidilao Hot Pot in Vancouver confirmed that over 60 surveillance cameras have been installed in the restaurant at the request of the Haidilao corporation, as part of the social credit system in China. He said that the Vancouver location has 30 tables with two cameras assigned to each table. When asked specifically why Haidilao required so many cameras to monitor staff and patrons, Ryan Pan said that the cameras were installed to “punish” staff if they didn’t adhere to corporate standards and to “people track”. Pan also said that the video is sent back to China but declined to say why this was, other than to say the reason for this was “secret.”
Middle East
Iran state television names suspect in Natanz nuclear facility attack
The Washington Post
@kfahim
Iranian officials had previously said the April 11 attack at the Natanz nuclear site was the result of unspecified sabotage carried out by Israel that had caused a blackout and a fire that had damaged centrifuges. Israeli media outlets reported that the facility had been targeted by a cyberattack carried out by the Mossad, Israel’s intelligence service. Israel has not commented on the allegations.
Misc
Big Tech’s guide to talking about AI ethics
MIT Technology Review
@_KarenHao
AI researchers often say good machine learning is really more art than science. The same could be said for effective public relations. Selecting the right words to strike a positive tone or reframe the conversation about AI is a delicate task: done well, it can strengthen one’s brand image, but done poorly, it can trigger an even greater backlash.
Jobs
ICPC Analyst or Senior Analyst - Cyber & technology
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional cyber-security or technology focused analyst or senior analyst to join its centre in 2021. Candidates must have the ability to synthesis complex cyber and technology developments and explain these developments to media and key stakeholders in plain language. The ability to engage with and brief seniors across parliaments, governments, civil society and the business community.
International Cyber Policy Centre – Program Coordinator
ASPI ICPC
The Coordinator’s primary focus will be the organisation and execution of ICPC’s sponsorship program. The Program Coordinator will work closely with internal and external stakeholders to maintain and develop these relationships. The coordinator will also support the Director and the Deputy Director with the coordination and delivery of ICPC's global research program. This will be a busy, fast-paced and varied role that would suit a highly organised and energetic individual who thinks and acts strategically.
Visiting Senior Fellow, Digital Anthropology & Messaging Platform Analysis, Digital Forensic Research Lab
Atlantic Council
This contract position will lead a research project on encrypted peer-to-peer (P2P) and centralized messaging platforms in the United States. The one-year project aims to produce the most comprehensive body of research on encrypted messaging platform activity in the US to date, with particular focus on identifying future research questions.