Hackers Target Top Officials at WHO | Chinese Agents sowed virus panic in the US | Vietnamese actors collect intelligence on Covid-19 in Wuhan
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Top officials at the World Health Organisation are being targeted by hackers as they work on the global response to the coronavirus pandemic. Bloomberg
United States intelligence agencies have assessed that Chinese operatives helped push the messages across platforms, according to six American officials, who spoke on the condition of anonymity to publicly discuss intelligence matters. The New York Times
From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis. Fire Eye
ASPI ICPC
Publication Launch - Weaponised deep fakes: national security and democracy
ASPI ICPC
@Hannah_ASPI @KMansted
ASPI's International Cyber Policy Centre warmly invites you to a webinar for the launch of ASPI's newest publication - Weaponised deep fakes: national security and democracy.
When: 12:00pm-1:00pm, Wednesday 29 April 2020
Where: Online, register via the link below
Deep fake technology allows cyber criminals, political activists, and nation-states to quickly create cheap, realistic forgeries. They have the ability to enhance cyber attacks, accelerate the spread of propaganda and disinformation online, and exacerbate declining trust in democratic institutions.
Join the authors of this new report, ASPI's Hannah Smith and Katherine Mansted, of ANU's National Security College, in a discussion, moderated by Danielle Cave, about the deep fake landscape, how this technology can be weaponised and what can be done to mitigate its impact.
World
Hackers Target Top Officials at World Health Organization
Bloomberg
@ rj_gallagher
In an interview Tuesday, Mariano said that some of the attacks had been perpetrated by suspected nation-state hackers. The targets have included WHO Director General Tedros Adhanom Ghebreyesus, as well as Bruce Aylward, a senior WHO envoy who led a Covid-19 response team in China. In addition, there had also been a recent “sustained attempt” to hack into computers operated by a team of four WHO employees in South Korea, as well as an incident last week targeting staff at the organization’s Geneva headquarters, Mariano said.
Anti-Vaxxers Are Forming an Unholy Alliance With Shelter-in-Place Protesters
Daily Beast
@ willsommer @ JFKucinich
Protests against social distancing and stay-at-home guidelines in states across the country have become fertile ground for anti-vaccine activists, foreshadowing future showdowns over government-led efforts to help bring an end to the coronavirus pandemic.
Climate strikes continue online: 'We want to keep the momentum going'
The Guardian
@ JournoJess_
The coronavirus pandemic has put a stop to large gatherings of people the world over, and the climate strikers have had to change their tactics. Now, instead of big crowds they hold mass video calls, and instead of marching with banners and placards they post photos with hashtags. “We’ve started digital striking because we want to keep the momentum going, so that when the pandemic is contained we still have that energy and we can go back on to the streets,” says Palmer.
Australia
How the coronavirus tracing app will work
Overcast
The government has announced it will be rolling out a new app to help slow the spread of coronavirus. But how will this app track its users and will the data be secure? Josh Taylor examines what we know about the app so far
Attorney-General to ban police from accessing coronavirus app metadata
The Age
@ MaxKoslowski
Police will be barred from accessing metadata from the proposed coronavirus contact tracing app, after Attorney-General Christian Porter vowed regulatory action to stop access under controversial telecommunications laws.
USA
Chinese Agents Spread Messages That Sowed Virus Panic in U.S., Officials Say
The New York Times
@ewong @ AllMattNYT @ julianbarnes
Since that wave of panic, United States intelligence agencies have assessed that Chinese operatives helped push the messages across platforms, according to six American officials, who spoke on the condition of anonymity to publicly discuss intelligence matters. The amplification techniques are alarming to officials because the disinformation showed up as texts on many Americans’ cellphones, a tactic that several of the officials said they had not seen before.
Read ASPI’s latest report on COVID-19 disinformation & social media manipulation here.
US #COVID19 Relief Fund Leaks Data on Thousands of Firms
Infosecurity Magazine
@ philmuncaster
Thousands of US businesses may have had personal information (PII) leaked online after a government agency error led to problems with applications for economic relief.
Ripple sues YouTube over cryptocurrency scams
Reuters
@ katielpaul
Blockchain firm Ripple sued Alphabet Inc’s YouTube on Tuesday, alleging the video-sharing platform failed to protect consumers from cryptocurrency “giveaway” scams that use fake social media profiles to dupe victims into sending money.
US adds cameras at Mexico border despite drop in crossings
The Associated Press
@ JimLaPorta @ watson_julie
The Trump administration has been quietly adding military surveillance cameras at the U.S.-Mexico border in response to the coronavirus pandemic, though fewer people appear to be crossing illegally. It’s the latest move as operations at the U.S.-Mexico border have become increasingly militarized and secretive.
New York payments startup exposed millions of credit card numbers
Tech Crunch
@ zackwhittaker
A massive database storing millions of credit card transactions has been secured after spending close to three weeks exposed publicly to the internet.
Southeast Asia
Exclusive: Facebook agreed to censor posts after Vietnam slowed traffic
Reuters
@pearswick
Facebook's local servers in Vietnam were taken offline early this year, slowing local traffic to a crawl until it agreed to significantly increase the censorship of ""anti-state"" posts for local users, two sources at the company told Reuters on Tuesday.
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
Fire Eye
@ gabby_roncone @JohnHultquist @bread08
From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis. Spear phishing messages were sent by the actor to China's Ministry of Emergency Management as well as the government of Wuhan province, where COVID-19 was first identified.
MDES joins hands with HUAWEI, provides 5G solution and AI Technology
Bangkok Post
The Digital Economy and Society Ministry, together with Huawei Technologies (Thailand) Co., Ltd., are providing AI-assisted solutions with 5G technology to Siriraj Hospital with the aim of enabling output diagnosis results automatically, quickly, and correctly through a high-speed network. This world-class technology will strengthen Thai medical staff capabilities to cope with the COVID-19 pandemic effectively.
South and Central Asia
Facebook Invests $5.7 Billion in India Internet Giant Jio
The New York Times
@ MikeIsaac @ vindugoel
Facebook on Tuesday made its largest single investment by putting $5.7 billion into Jio Platforms of India, an enormous bet on the developing market and a sign of how large tech companies are forging ahead in the pandemic.
UK
Britain's Zoom parliament makes an almost glitch-free debut
Reuters
@WJames_Reuters
British lawmakers upended 700 years of history on Wednesday, grilling stand-in leader Dominic Raab by video link in an unprecedented but largely successful ‘hybrid parliament’ session forced by the coronavirus outbreak.
Our thriving healthtech sector is proving its worth on the coronavirus frontline
The Telegraph
@ cj_dinenage
For a long time we have been talking about the potential for digital delivery of care and tools to support frontline clinicians. Now we are using these on a mass scale. Covid-19 will expedite healthtech's integration into mainstream healthcare.
UK made a firm decision on Huawei in 5G: foreign ministry's top official
Yahoo Finance
@ piperliza
Asked whether he would advise the foreign minister to try to change the government's position on Huawei, Simon McDonald, permanent under secretary and head of the diplomatic service at the foreign ministry, told lawmakers: ""As you know ... the government decided to proceed with an investment but with very strict conditions ... As far as I know that ... is a firm decision and is not being reopened.
Europe
First fuctioning European "Corona App" reviewed by noyb, epicenter.works and SBA Research
NOYB
First European ""corona app"" with 400,000 active users reviewed by noyb, epicenter.works and SBA resarch. Privacy friendly concept, that can still be improved.
Coronavirus: Apple and France in stand-off over contact-tracing app
BBC News
@LeoKelion @
France is pressing Apple to let its forthcoming coronavirus contract-tracing app work in the background on iPhones without building in the privacy measures the US company wants.
China's Coronavirus Diplomacy Has Finally Pushed Europe Too Far
Bloomberg
As a result of the Covid-19 crisis, pressure is growing on the U.K. to reverse its decision to allow Huawei Technologies a limited role in its fifth-generation mobile networks, while France may be less inclined to give Huawei a chunk of its 5G contracts after the embassy spat. Germany must make a decision by around midyear on Chinese involvement in its 5G networks.
Misc
Digital media clobbered by coronavirus
Axios
@ sarafischer
Vice Media has laid out a plan for potential layoffs of over 300 people in digital operations, according to The Wall Street Journal. It would be joining Group Nine Media, BuzzFeed, Vox Media, Bustle Digital Group, Cheddar, Maven Media, G/O Media, Protocol and others who have resorted to layoffs and furloughs.
Fitness App Kinomap Leaks 42 Million Records
Infosecurity Magazine
@philmuncaster
An unsecured online database is to blame for yet another major privacy incident after fitness tech company Kinomap accidentally leaked 42 million records including personal identity data (PII).
Help #BLOCKCOVID19
Minecraft
At Mojang, we find that distributing factual information is incredibly important, as that information will help people make informed decisions, which in turn may save lives. One thing we’re doing to help is teaming up with the United Nations Development Programme (UNDP) and their partner, Heart17. Together, we’ll spread the word under the banner of #TomorrowTogether.
'Dark data' is polluting the environment - and the issue is only set to get worse
TechRadar
@JKFruit
More than half (52%) of all business data exists in a dormant and unused state and the resources expended in storing this information could have an enormous impact on the environment. According to data management firm Veritas Technologies, the energy used to store ‘dark’ data will see 5.8 million tonnes of carbon dioxide enter the atmosphere this year alone - the equivalent of driving a car around the earth 575,000 times over.
CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag
Insinuator
Nowadays, Bluetooth is an integral part of mobile devices. Smartphones interconnect with smartwatches and wireless headphones. By default, most devices are configured to accept Bluetooth connections from any nearby unauthenticated device
What happens if Magic Leap shuts down?
TechCrunch
@lucasmtny
Since first uploading a YouTube teaser video of its tech five years ago, Magic Leap’s presence in the augmented reality industry has been controversial. Some have lauded the team’s ambitions, while others I’ve talked to say the company’s posturing has dissuaded investors from taking chances on other AR hardware startups, which has hampered the industry’s advance.