Hackers steal passenger information from Bangkok Airways | Beijing limits gaming time for children | Australian MP proposes bill to stamp out lies and misinformation in election campaigns
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Bangkok Airways, the second oldest and the third biggest airline company in Thailand, has admitted last week that hackers stole passenger information during a security breach following a ransomware attack. The Record
Beijing has issued a new rule limiting the gaming time for players aged under 18 to between 8pm and 9pm only on Fridays, Saturdays, Sundays and statutory holidays, marking the country’s most stringent measure yet to tackle gaming addiction among young people. The National Press and Publication Administration (NAAP), China’s top watchdog for gaming and other forms of online media, formally issued the rules to combat gaming addiction among teenagers, according to a report by state media outlet Xinhua. South China Morning Post
Australian Independent MP Zali Steggall has unveiled a private members bill to stamp out lies and misinformation in federal election campaigns. The Warringah MP's proposal would specifically target the use of "deep fake" videos, amid fears the emerging technology could be weaponised to mislead voters. The Canberra Times
ASPI ICPC
World
Preserve Evidence of Potential Rights Abuses in Afghanistan
Human Rights Watch
Human Rights Watch joined Access Now, Amnesty International USA, and Mnemonic today in issuing the following statement, saying that social media platforms need to preserve and archive content that may provide evidence of past or ongoing serious human rights abuses in Afghanistan and that could be used for future efforts to provide justice and accountability, while ensuring the privacy and security of vulnerable individuals associated with that content.q
The next chapter of cyber diplomacy at the United Nations beckons
Microsoft On the Issues
Kaja Ciglic
The recent deluge of damaging cyberattacks, against everything from oil pipelines to food supplies to aid agencies, and increasingly damaging ransomware attacks on a variety of sectors, demand that we take concrete action that implements and upholds the rules of the road in cyberspace. UN member states must now take these recommendations, coupled with others released earlier this year, and quickly turn them into meaningful and enforceable expectations.
Australia
Zali Steggall unveils bill to crackdown on misleading political advertising
The Canberra Times
@D_JervisBardy
Independent MP Zali Steggall has unveiled a private members bill to stamp out lies and misinformation in federal election campaigns. The Warringah MP's proposal would specifically target the use of "deep fake" videos, amid fears the emerging technology could be weaponised to mislead voters.
Calls for a Covid Probe Plunged Australia Into a Hacking Nightmare
Bloomberg
@jamietarabay
Wave after wave of cyberattacks has shaken the country. Experts say even the wealthiest nations are at riks if they annoy China enough.
‘Make tech giants act on child abuse posts’
The Australian
@livcaisley
The Cyber Security Co-operative Research Centre is calling for new legislation to compel tech companies to take greater measures to detect and shut down the sharing of child abuse material.
Time to make Australian space agency permanent: Industry
InnovationAus
@bengrubb
The Australian Space Agency should be made a permanent statutory authority and be given funding that is more in line with comparable countries like Canada, the head of Australia’s space industry association says.
How #IStandWithTruckies has been co-opted into an anti-vaxxer coup fantasy
Crikey
@CAMERONWILSON
Different groups unhappy with governments merged this week into a campaign for truck drivers to block highways into capital cities.
Australian imports of ivermectin increase tenfold, prompting warning from TGA
The Guardian
@joshgnosis
The drug, used to deworm livestock, has been touted among rightwing media as a Covid treatment, prompting the US FDA to tweet ‘You are not a cow’.
How China Overreached in Australia
The National Interest
John Lee
Leverage is one thing. Willingness to use it is another. In this regard, Beijing has form. According to a count by the Australian Strategic Policy Institute, China has used “coercive diplomacy” more than 150 times against foreign governments and firms since 2010. These mainly involve threatening or carrying out investment and trade restrictions in addition to encouraging popular boycotts.
Explore our report 'The Chinese Communist Party's coercive diplomacy'.
China
China limits gaming time for under-18s to one hour a day on Fridays, Saturdays, Sundays and public holidays
South China Morning Post
@therealjoshye
Beijing has issued a new rule limiting the gaming time for players aged under 18 to between 8pm and 9pm only on Fridays, Saturdays, Sundays and statutory holidays, marking the country’s most stringent measure yet to tackle gaming addiction among young people. The National Press and Publication Administration (NAAP), China’s top watchdog for gaming and other forms of online media, formally issued the rules to combat gaming addiction among teenagers, according to a report by state media outlet Xinhua.
China’s regulatory crackdown has wiped billions off tech stocks — here are the risks ahead
CNBC
@ARJUNKHARPAL
Chinese authorities have introduced a slew of legislation in the past few months, largely aimed at the tech sector — a move that's spooked investors and wiped out billions of dollars in value from the country's internet giants.
Tencent's messaging platform blocks LGBTQ search terms
Protocol
@ZeyiYang
On Aug 30, searches with words like "gay," "lesbian," "LGBTQ," and "蕾丝" (a Chinese slang term for lesbian) come back with a notice: "Use the Internet in a civil manner. Say no to harmful information."
Will the Music Stop for Tencent?
The Wire China
@eliotcxchen
With Beijing now stepping up its regulation of China’s biggest internet companies, and promising to root out monopolistic behavior, the spotlight has been cast on Tencent’s enormous reach in gaming, entertainment and social media apps.
Explore Tencent's global footprint via our Mapping China's Technology Giants project
Why is the Communist Party clamping down on China's biggest stars and fan clubs?
CNN
@Nectar_Gan @steve0george
Zhao Wei, one of China's most prominent actresses, saw her presence mostly scrubbed from the country's internet overnight. Her fan page on Weibo, China's heavily censored version of Twitter, was shut down. Movies and television shows she starred in -- some going as far back as two decades ago -- were taken off streaming platforms, with her name also removed from the cast lists.
USA
The first national cyber director has big plans to toughen U.S. digital defenses
POLITICO
@ericgeller
America’s first-ever national cyber director holds a post the Biden administration didn’t want, and he has limited authority to force change. But Chris Inglis says he has a strategy to get government agencies to toughen up their digital defenses. In his first in-depth interview since the Senate confirmed him in June, Chris Inglis told POLITICO he aims to use the soft power that comes with his high-profile White House position to prod agencies to better protect critical infrastructure together, strengthen long-term resilience and prioritize cybersecurity in their budgets.
House defense policy bill okays $10.4 billion for DoD cybersecurity
The Record
@martinmatishak
The House version of the annual defense policy bill backs the Biden administration’s proposed $10.4 billion cybersecurity budget for the Defense Department next year, according to an aide for the panel’s Democratic majority
Biden launches U.S. Digital Corps to bring young tech talent to government
Fast Company
Mark Sullivan
On Monday the Biden administration announced a new program, called the U.S. Digital Corps, designed to attract young tech talent to roles in the government. The Corps offers early-career technologies a chance to get engaged in government via a two-year fellowship focused on major Biden administration priorities, including coronavirus response, economic recovery, cybersecurity, and streamlining government services.
CISA: Don’t use single-factor auth on Internet-exposed systems
BleepingComputer
@serghei
Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against.
The missing context in America's Competition with China
Inkstick
@MartijnRasser
The US government needs to articulate a national technology strategy for an era of sustained competition with a highly capable contender. A national technology strategy includes how the US invents, innovates, and deploys technologies — such as biotech, quantum computing, microelectronics, energy storage, etc. — to compete economically while securing its national interests.
Move fast and break Facebook: A bull case for antitrust enforcement
TechCrunch
@Dlisscious
All three government branches — legislators, regulators and the courts — are gaining steam in their fight, and the press is piling on, battering the company’s reputation in the process. Facebook, the AT&T of our time, is at the brink. For so long, Zuckerberg has told us all to move fast and break things. It’s time for him to break Facebook.
A Russian disinformation site outed by State Department last year is still on multiple social media platforms
Media Matters
E. Rosalie Li
The State Department last year named conspiracy theory website Global Research as a prominent outlet in the Russian “disinformation and propaganda ecosystem,” but the site and its content are still widely accessible across various social media platforms despite spreading misinformation about the COVID-19 pandemic and vaccines.
US military must prepare for POW concerns in the deepfake era
C4ISRNET
@Jan_Kallberg Col. Stephen Hamilton
From a POW and captive recovery perspective, this technology creates two distinct concerns.The first concern is the release of a POW deepfake to the public. Even though a violation of the Geneva Conventions, such a deepfake could be manipulated and utilized to create narratives of war crimes, atrocities, rejection of the U.S. war effort, pleadings to end the war, and other propaganda.
Read our report 'Weaponised deep fakes'.
North Asia
Japan and US wrestle over Kioxia and future of chip security
Nikkei Asia
Akira Yamashita, Tomohiro Ebuichi, Ryosuke Eguchi, Taisei Hoyama
But while creating a U.S.-Japan tie-up in the semiconductor sector fits with the narrative of countering the rise of China, the allies are sensitive of handing over too much control of such a key industry. Semiconductors are the cornerstone of the data society, and both countries are eager to bolster their respective chip industries. The deal is likely to be a test case of what the U.S.-Japan alliance will look like in the coming years.
Low-quality semiconductors likely circulating across Japanese market
Kyodo News
Low-quality semiconductors, such as imitations of major manufacturers' products, are likely circulating widely across Japan, a survey by a testing firm has indicated, raising concern over an increase of defective items using such components amid a global chip shortage. More than 30 percent of the semiconductors, which Oki Engineering Co. checked upon the requests of over 100 companies, were imitations, used chips passed off as new or defective, the firm said.
Digital dissent: Hong Kongers race to archive democracy movement
Yahoo News
@XinqiSu
Hong Kong activists are working in the shadows to preserve digital backups of their democracy movement as the physical symbols of their resistance, including an opposition newspaper and a museum, are purged from the city's streets.
Southeast Asia
Bangkok Air confirms passenger PII leak after ransomware attack
The Record
@campuscodi
Bangkok Airways, the second oldest and the third biggest airline company in Thailand, has admitted last week that hackers stole passenger information during a security breach following a ransomware attack.
South Asia
After Jio, Google now in talks to make large investments in Airtel
The Times of India
@pankajdoval
After its more than Rs 34,000 crore investment in Mukesh Ambani’s Reliance Jio Platforms, American internet giant Alphabet Inc’s Google could well be on its way to making “substantial investments, running into several thousands of crores of rupees”, into Bharti Airtel, Jio’s main rival.
Europe
Targeting Baerbock: Gendered Disinformation in Germany’s 2021 Federal Election
Alliance for Securing Democracy
@NKovalcikova Melanie Weiser
On April 19, 2021, Annalena Baerbock was announced as the German Green Party candidate for chancellor. With this nomination, Baerbock became the only woman in the race to succeed Angela Merkel. However, her nomination was undermined from the outset when she started to face sexist allegations, smear campaigns, and more negative coverage than her male competitors.
Ireland ranks sixth worst cybersecurity State in Europe, study shows
Independent.ie
Eoghan Moloney
The research analysed and ranked countries on factors such as: cybercrime exposure, commitment to cybersecurity, malicious software, social media and email hacks, online banking fraud, identity theft and cybersecurity legislations. The research found that 15pc of Irish people had a social media or email account hacked, 10pc were victims of online banking or bank card fraud while 6pc of Irish people were victims of identity theft.
Russia
Russian government moves to repress opposition in run-up to elections
The Guardian
@Andrew__Roth
The Russian government has silenced opposition voices, approved cash payouts to potential voters, and made it nearly impossible to monitor the polls as it prepares for parliamentary elections next month that the opposition has warned will be marred by fraud… Ella Pamfilova, a former human rights advocate who has become the head of Russia’s elections commission, said that access to cameras at polling stations had been blocked to pre-empt cyber-attacks. The explanation was met with scepticism by journalists and opponents of the Kremlin.
The Enemies List: How the authorities divide the labor of crushing Russia’s free press
Meduza
Lilia Yapparova
The nature of political violence in Russia changed in the summer of 2021. What was once a disparate collection of draconian laws and legislative amendments (four categories of “foreign agent,” a registry for “undesirable” organizations, and a growing list of “extremists”) has now coalesced into a single campaign.
Middle East
Palestinians Finally Have Vaccines. But Will People Take Them?
The New York TImes
@adamrasgon
For months, the Palestinian authorities struggled to get doses. Now they have the shots, but disinformation and conspiracy theories have led to widespread hesitancy.
Before the Taliban took Afghanistan, it took the internet
Atlantic Council
@etbrooking
The Taliban insurgents who conquered nearly all of Afghanistan in just two weeks counted social media among their weapons. They deployed Facebook and WhatsApp to help prevail over their opponents on the battlefield. They issued hundreds of premature declarations of victory via Twitter—using spam to amplify their messages and create a sense of inevitability. Their smartphones proved just as handy as their rifles when they entered Kabul on August 15, enabling them to film the first propaganda footage of their occupation. Many Western observers have expressed surprise at the sophistication of these Taliban information operations.
This is the real story of the Afghan biometric databses abandoned to the Taliban
MIT Technology Review
@eileenguo @noori1st
By capturing 40 pieces of data per person - from iris scans and family links to their favorote fruit - a system meant to cut fraud in the Afghan security forces may actually aid the Taliban.
Misc
Apple cares about privacy, unless you work at Apple
The Verge
@ZoeSchiffer
The company has taken a strong stance on safeguarding its customers’ data — but some employees don’t believe it protects theirs.
Hackers steal $29 million from crypto-platform Cream Finance
The Record
@campuscodi
Hackers are estimated to have stolen more than $29 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform that allows users to loan and speculate on cryptocurrency price variations.
Events
Cyber Citizenship Education is Essential
Recorded Future
Scholars and researchers from the think tank New America recently released an education policy initiative titled, Teaching Cyber Citizenship — Bridging Education and National Security to Build Resilience to New Online Threats. The report outlines challenges facing educators when it comes to preparing students for the online world, describes the broad spectrum of reasons why it’s important that they are properly prepared, and provides resources and potential solutions for communities and school systems to adopt.
Jobs
New ICPC Program on Critical Technologies - 3 positions
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for three exceptional and experienced senior analysts and analysts to join its large team from October 2021. These new roles will focus on original research, analysis and stakeholder engagement centred around international critical technology development, including analysis of which countries are leading on what technologies.
ICPC Pacific Islands Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented and proactive Pacific Islands analyst who will work with the Centre’s information operations and disinformation program. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by actors in the Pacific Islands region. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies. Candidates must have a demonstrated background in, and strong knowledge of, the Pacific Islands region, including the region’s digital, media and social media landscape.
ICPC Analyst & Project Manager - Coercive diplomacy
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an Analyst and Project Manager to manage, and help lead, a project on coercive diplomacy in the Indo-Pacific region. This new role will focus on analysis, workshops and stakeholder engagement centred around coercive diplomacy, including how countries in the Indo-Pacific can work together to tackle this complicated policy challenge. Candidates must have excellent coordination, project management and stakeholder engagement skills.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.
Executive Level 1 - Assistant Director, Cyber Policy and Technology (Specialist)
Department of Foreign Affairs and Trade
The Cyber Affairs and Critical Technology Branch (CYB) is seeking innovative, collaborative and driven leaders to join a busy and expanding team responsible for policy advice and program delivery on cyber and critical technology issues. The Branch, through the Ambassador for Cyber Affairs and Critical Technology, coordinates Australia’s international engagement across the full spectrum of these issues – from deterring malicious cyber activity, to enabling a prosperous and secure Indo-Pacific region, to shaping the future of the international technology environment.
APS Level 6 - Policy Officer, Cyber Policy and Technology (Specialist)
Department of Foreign Affairs and Trade
The Cyber Affairs and Critical Technology Branch (CYB) is seeking innovative, collaborative and driven leaders to join a busy and expanding team responsible for policy advice and program delivery on cyber and critical technology issues. The Branch, through the Ambassador for Cyber Affairs and Critical Technology, coordinates Australia’s international engagement across the full spectrum of these issues – from deterring malicious cyber activity, to enabling a prosperous and secure Indo-Pacific region, to shaping the future of the international technology environment.