Hackers spied on U.S. Treasury emails for a foreign government | In India Facebook fears crackdown on hate groups could backfire on staff | Huawei worked on surveillance systems to identify ethnicity
Hackers spied on U.S. Treasury emails for a foreign government | In India Facebook fears crackdown on hate groups could backfire on staff | Huawei worked on surveillance systems to identify ethnicity
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Hackers backed by a foreign government have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter. Reuters
Social media giant’s security team cites possible attacks if extremist Hindu groups are kicked off platform. The Wall Street Journal
Products made by Huawei with four other partner companies were also advertised to have ethnicity-tracking capabilities, according to marketing materials posted on a public Huawei website where the material could be downloaded by anyone who registered an account. The Washington Post
ASPI ICPC
Sinister sounds: podcasts are becoming the new medium of misinformation
The Guardian
@arielbogle
In the US, Australia and across the Anglosphere, people regularly spend hours with strangers talking directly into their ears. Around one third of Australian news consumers are reported to be podcast listeners, and indications are that numbers have grown during the pandemic. Yet the role of podcasts in the information ecosystem has gone largely unexamined. While alt-right figures have been increasingly chased off Facebook and Twitter, podcasting is shaping up as the next arena where the fight over questionable or dangerous content will play out. However, the problem of how to moderate audio content is proving thorny.
Australia
AFP’s new power to spy on Australians
The Saturday Paper
@KarenMMiddleton
In direct contradiction to a recommendation of a national intelligence review, the government is giving the AFP sweeping new spying powers to combat cybercrime.
Australian intelligence community seeking to build a top-secret cloud
ZDNet
The Office of National Intelligence has called for expressions of interest from vendors to build a highly-secure private community cloud service for the national intelligence community.
Facebook oversight board says it 'won't shy away' from tackling Trump-style disinformation
The Guardian
@joshgnosis
The independent body set up by Facebook to review decisions to remove content will eventually need to tackle the issue of how to address politicians such as Donald Trump posting disinformation online, the board’s sole Australian member has said.
Scam bitcoin ads using unauthorised Australian celebrity images traced to Moscow addresses
The Guardian
@joshgnosis
Photo Scam bitcoin ads trading off unauthorised images of Dick Smith, Andrew Forrest and other celebrities, which have taken in tens of thousands of Australians, are part of a highly organised global business that uses five addresses in the centre of Moscow, a Guardian investigation has found. The sheer scale of the scam has made it difficult for Google to block them, and for Australian regulators to take action.
China
Huawei worked on several surveillance systems promoted to identify ethnicity
The Washington Post
@evadou @drewharwell
Products made by Huawei with four other partner companies were also advertised to have ethnicity-tracking capabilities, according to marketing materials posted on a public Huawei website where the material could be downloaded by anyone who registered an account. After The Post approached Huawei for comment, the site briefly became inaccessible. When it returned, the number of product collaborations detailed there had dropped from more than 2,000 to 38.. Huawei’s partnerships reflect the ongoing expansion of surveillance in China, where top officials have called for police to use big data to fight crime, under the slogan, “One Person, One File,” a phrase signifying the use of disparate information streams, from surveillance footage to Internet chat history, to better track individuals. Companies have rushed to stake a claim to this vast, new lucrative market.
China launches ‘gray-zone’ warfare to subdue Taiwan
Reuters
Having crushed the resistance to its rule in Hong Kong, China is moving against Taiwan with irregular tactics meant to exhaust the island's military - which is in bad shape to confront the threat. It's unclear how the incoming Biden administration will respond.
JD.com, Meituan, Didi, Bilibili are in Suzhou's digital yuan trial
TechNode
Lucky winners of Suzhou’s digital yuan lottery can spend their digital currency on JD.com, Meituan, Bilibili, and Didi, depending on their bank card, a look at the wallet app reveals. TechNode has seen the app in action through screen recordings sent by a user in Suzhou. TechNode is the first English language outlet to see the digital yuan wallet in action during the Suzhou trial.
Read ASPI ICPC’s research on China’s central bank digital currency here.
US
Hackers spied on U.S. Treasury emails for a foreign government
Reuters
@Bing_Chris
Hackers backed by a foreign government have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter.
Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a top cyber firm The Washington Post
Foreign state hackers reportedly breached the US Treasury Engadget @jonfingas
AI Accountability, Tech Talent Pipeline In-Focus for Next Congress
Next Gov
@BrandiVincent_
Several Senate and House staffers suspect the responsible use of artificial intelligence and America’s technology workforce pipeline could land among big-ticket tech policy items for the next Congress, which is set to start early next month. “I would love to see us putting out proposals related to bias [in AI] and related to the future of work—those are two areas that we have not played in too much yet,” Sam Mulopulos, a legislative assistant for Sen. Rob Portman, R-Ohio, said during a virtual event hosted by the Wilson Center Thursday.
U.S. Schools Are Buying Phone-Hacking Tech That the FBI Uses to Investigate Terrorists
Gizmodo
In May 2016, a student enrolled in a high-school in Shelbyville, Texas, consented to having his phone searched by one of the district’s school resource officers. Looking for evidence of a romantic relationship between the student and a teacher, the officer plugged the phone into a Cellebrite UFED to recover deleted messages from the phone. According to the arrest affidavit, investigators discovered the student and teacher frequently messaged each other, “I love you.” Two days later, the teacher was booked into the county jail for sexual assault of a child.
Dangers Of Doxing: Internet Users Release Addresses, Phone Numbers Of Election Officials
PBS39
@MeganFrank__
As the Trump campaign continues to assert baseless and unproven claims of voting fraud in Pennsylvania, extremist supporters have used doxing to threaten election workers. Secretary of State Kathy Boockvar was targeted on right-wing social media app Parler. Users posted her phone number and home address and encouraged people to show up at her house.
How right-wing websites are getting around Facebook’s ban on political ads
Protocol
@issielapowsky
Since Election Day, Facebook's ban on all political and issue ads has stoked anger among the many political candidates, organizations and even charities that have been barred from advertising on the platform, particularly with a high-stakes Georgia runoff taking place in just a few weeks.
After The US Election, Key People Are Leaving Facebook And Torching The Company In Departure Notes
Buzzfeed News
On Wednesday, a Facebook data scientist departed the social networking company after a two-year stint, leaving a farewell note for their colleagues to ponder. As part of a team focused on “Violence and Incitement,” they had dealt with some of the worst content on Facebook, and they were proud of their work at the company. Despite this, they said Facebook was simply not doing enough.
Website targeting U.S. election officials draws attention of intelligence agencies
Reuters
The harassment campaign against U.S. election officials following President Donald Trump’s defeat took an ominous turn on Thursday after a website surfaced that accused them of “treason” and included photographs and home addresses, drawing the attention of U.S. intelligence agencies.
As FireEye grapples with breach investigation, questions remain
CyberScoop
@timstarks
FireEye’s announcement this week that hackers breached its systems has sent shockwaves through the cybersecurity community, raising new questions about how one of the most influential security firms in the U.S. grappled with an apparently state-sponsored attack.
Southeast Asia
Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam
Reuters
Cybersecurity investigators at Facebook have traced a hacking group long suspected of spying on behalf of the Vietnamese government to an IT company in Ho Chi Minh City.
India
In India, Facebook Fears Crackdown on Hate Groups Could Backfire on Its Staff
The Wall Street Journal
@JeffHorwitz @newley
Social media giant’s security team cites possible attacks if extremist Hindu groups are kicked off platform.
Not India but ‘next door’ country uses disinformation: campaign
The Hindu
India on Friday responded to EU DisinfoLab’s discovery of an anti-Pakistan disinformation campaign, saying that it is not India but a country “next door” which shelters terrorists and uses such campaigns.
The dead professor and the vast pro-India disinformation campaign
BBC
A dead professor and numerous defunct organisations were resurrected and used alongside at least 750 fake media outlets in a vast 15-year global disinformation campaign to serve Indian interests, a new investigation has revealed. The man whose identity was stolen was regarded as one of the founding fathers of international human rights law, who died aged 92 in 2006.
UK
Why has the UK handed the world's new most powerful weapon to China?
The Daily Mail
@DavidRoseUK
A laboratory at Oxford University – part-funded by the MoD via the top-secret institution based at Porton Down – has nurtured a crucial link with a Chinese military university and passed on our knowledge. Beijing helped fund the Ultracold Quantum Matter lab through a university controlled by the Communist Party and the People’s Liberation Army.. Now, the Daily Mail has learnt, Oxford’s link with the NUDT and China’s military has been severed – following an intervention ‘at the highest level’ by security officials, horrified at the damage that may have been done. This week, the case was discussed by ministers. Meanwhile, visa rules for students and academics hoping to work in such sensitive areas have been quietly changed so that a repeat of this affair should be impossible.
The National University of Defense Technology (NUDT) is the PLA’s premier institution for scientific research and education. NUDT is directly subordinate to the Central Military Commission and ranks among China’s top universities for computer science, optical engineering, communications engineering and aerospace science. Read more about it in ASPI ICPC’s China Defence University Tracker here. ASPI’s Chinese Defence Universities Tracker
Canada
Government efforts to counter propaganda risk undermining public trust
Ottowa Citizen
Inside governments there is a growing awareness of the rapid worldwide spread of disinformation across digital and social media platforms and concern that foreign actors are seeking to exploit these tactics to increase domestic tensions. That, in turn, has put pressure on governments to find new ways to tackle online campaigns to deliberately manipulate or deceive. But should supposedly creative responses lead to the violations of the rights of citizens, rather than advancing truthful narratives, governments will undermine the greatest strength that any democracy has – public trust. Like many nations, Canada has declared foreign influence a serious online threat.
Middle East
Israeli Surveillance Companies Are Siphoning Masses Of Location Data From Smartphone Apps
Forbes
@iblametom
This year has seen a rush amongst government snoops for a new and sometimes contentious data set: location data grabbed by smartphone popular apps. Customs and Border, the FBI, the U.S. military and other federal agencies have been keen buyers, though it’s caused a furor amongst privacy and human rights watchdogs. The outcry this week led Apple and Google to kick apps containing location-grabbing code from Reston, Virginia-based provider X-Mode out of their respective app stores.
Outsourcing Disinformation
Law Fare Blog
In December 2019, Twitter suspended 88,000 accounts that were pushing narratives aligned with positions of the government of Saudi Arabia. These accounts had published tweets that, among other things, denigrated Jamal Khashoggi, the journalist who was murdered inside the Saudi consulate in Istanbul. What made this social media takedown notable was that Twitter attributed the pro-Saudi messaging operation not to the government of Saudi Arabia but, rather, to Smaat, a Saudi digital marketing firm with a mix of political and corporate clients. Smaat was co-founded by Ahmed Almutairi, an agent of the Saudi royal family who also recruited two Twitter employees to spy on the accounts of critics of the Saudi government.
Misc
It’s crucial to understand how misinformation flows through diaspora communities
First Draft News
@stephszh @estherswchan
The way misinformation travels through diaspora communities — including the Chinese diaspora — deserves more of our attention.
51 Years Later, Coded Message Attributed to Zodiac Killer Has Been Solved, F.B.I. Says
The New York Times
The code had long baffled cryptographers, law enforcement agents and armchair sleuths obsessed with the shadowy killer, who was blamed for five murders in the late 1960s.