Hackers Tell the Story of the Twitter Attack From the Inside | TikTok, WeChat to face Australian social media security investigation | Europe and US can still compete with Chinese tech
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control. NYT.
The Morrison government is set to launch an investigation into social media platforms such as TikTok, as concern grows about whether the Chinese company will be required to share users' information with the Chinese government. SMH.
The US president could have drawn Europe into an alliance that would have pressured China about old trade grievances as well as the need for a new global framework on how digital business should be governed. FT.
ASPI ICPC
The case for banning Chinese-owned app TikTok has yet to be made
SMH
ByteDance runs a separate, highly censored version called Douyin in China. According to the Australian Strategic Policy Institute, ByteDance "collaborates" with public security bureaus across China to disseminate propaganda, including in Xinjiang, where Beijing is under scrutiny for its detention and surveillance of Uighurs and other Muslim minority groups.
US businesses must take a stand against China's human rights abuses
The Hill
A second risk is relying on labor or goods sourced in or from Xinjiang from entities implicated in the forced labor of individuals in their supply chains. The Australian Strategic Policy Institute reported that 27 factories in nine Chinese provinces - collectively claiming to be part of supply chains of more than 80 global brands - have placed Uyghurs in "potentially abusive labor transfer programs" since 2017. In early May, additional reports showed that the PRC was dramatically expanding this program far beyond its original limits.
World
An update on our security incident
Twitter
As we’ve been informing via the @TwitterSupport account, on Wednesday, July 15, 2020, we detected a security incident at Twitter and took immediate action. As we head into the weekend, we want to provide an overview of where we are.
Hackers Tell the Story of the Twitter Attack From the Inside
NYT
Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control.
Europe and US can still compete with Chinese tech
Financial Times
One of the biggest mistakes that Donald Trump has made in recent years, amid a very long list, was trying to go it alone in his technology and trade war with China. Europeans share many of concerns that the US has about the Chinese surveillance state, and the dangers that it poses to competition, privacy and liberal democracy. The US president could have drawn Europe into an alliance that would have pressured China about old trade grievances as well as the need for a new global framework on how digital business should be governed.
Australia
TikTok, WeChat to face Australian social media security investigation
SMH
The Morrison government is set to launch an investigation into social media platforms such as TikTok, as concern grows about whether the Chinese company will be required to share users' information with the Chinese government.
Drivers' licences, hacked accounts, bank details going cheap on dark web
SMH
Hacked Facebook, Gmail and Instagram accounts, banking information and even driver licences are being bought and sold on the dark web for as little as $21, with experts warning identity theft may have life-long consequences for victims.
China
China’s home-grown satnav system will soon be fully functional
The Economist
The state-owned firm that launched it from Sichuan province on June 23rd says the network of BeiDou satellites will function fully around the end of July. China sees this as a moment of triumph. It marks the end of the country’s dependence on America for provision of a vital service: location data.
USA
WhatsApp lawsuit against NSO Group spying can proceed, judge rules
Cyberscoop
A federal judge in California ruled Thursday evening that Facebook’s lawsuit alleging that NSO Group technology was used to spy on thousands of WhatsApp users can move forward. Facebook, which filed the suit last year, alleged NSO Group had exploited a vulnerability in WhatsApp to deploy its malware against human rights activists, journalists, and political dissidents. The decision marks a blow for the Israeli software surveillance company, which has vigorously denied the allegations and fought to get the suit thrown out of court.
TikTok expected to operate as a U.S. company, White House adviser says
Reuters
A top White House adviser said on Thursday that he expects TikTok to separate from its Chinese owner and operate as an American company amid growing U.S. concerns about the security of the data handled by the short video app.
Read TikTok is a political football of Beijing’s making in The Strategist
The varying American fortunes of Grindr and Blued
The Economist
America’s government viewed one gay-dating app with Chinese ties as a national-security concern. Can another that has just listed in New York expect similar treatment?
Don’t Give Up on Your Digital Privacy Yet
Slate
If we could pass a meaningful privacy law today, it would have an immediate effect on your life. You could opt in to or out of these kinds of data collection programs and the inferences built atop them. And as such, you could have tremendously more power in the face of the digital behemoths overnight.
Hacker behind Ripoff Report extortion attempt extradited to the US
ZD Net
A Cypriot national has been extradited to the US to face charges of hacking into review portal Ripoff Report, extorting the company, and selling access to its backend to a third-party.
Twitter disables Trump 'campaign' tweet over copyright complaint
SMH
Twitter disabled a campaign-style video retweet by US President Donald Trump, citing a copyright complaint. The video, which included music from the group Linkin Park, disappeared from the President's Twitter feed late on Saturday (US time) with the notification: "This media has been disabled in response to a report by the copyright owner."
Asia
TSMC plans to halt chip supplies to Huawei in 2 months
Nikkei Asian Review
Taiwan Semiconductor Manufacturing Co. on Thursday confirmed it has suspended processing new orders from key customer Huawei Technologies to comply with U.S. export regulations, but said it can still achieve more than 20% revenue growth this year thanks to strong demand for 5G smartphones, infrastructure and high-performance computing applications.
UK asks Japan for Huawei alternatives in 5G networks - Nikkei
Reuters
The British government asked Japan to help build its 5G wireless networks without Huawei Technologies, the Nikkei said on Sunday, a further step in a global technology and security war between the United States and China.
UK
China warns British firms ‘retaliation is coming’ and they are ‘in the firing line’ over Downing Street’s Huawei decision amid claims UK told the company US pressure was partly to blame for 5G network ban
Daily Mail
China has warned British businesses 'retaliation is coming' and they could be 'in the firing line' after the UK banned Huawei from the nation's 5G network. Ministers announced last week that the Chinese tech giant was being excluded from the infrastructure, with all of its equipment to be stripped out by 2027 over security concerns.
Huawei buys stake in UK ‘spy’ firm Vision Semantics
The Times
The Chinese tech giant Huawei has quietly bought a stake in a British company that uses artificial intelligence to spot criminals in crowds. Huawei, which was last week barred from Britain’s 5G mobile network, has been snapping up stakes in some of Britain’s most promising tech companies.
TikTok shelves plan for global HQ in Britain
The Times
The Chinese social media giant TikTok has broken off talks to open a global headquarters in Britain and create 3,000 jobs as a tit-for-tat economic war threatens to erupt between London and Beijing. Its parent company, ByteDance, had been in negotiations with the Department for International Trade and No 10 officials for several months. However, it suspended talks because of the “wider geopolitical context”, a source confirmed.
Americas
Chinese government-owned firm wins $6.8M contract to supply security equipment to Canada's embassies
National Post
The government of Canada has awarded an estimated $6.8 million contract to a state-owned Chinese company to supply security equipment for 170 embassies, consulates and high commissions around the globe.
Middle East
Iranian Spies Accidentally Leaked Videos of Themselves Hacking
Wired
IBM’s X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accounts—and who it’s targeting.
Pacific
Samoans asked to stop sharing fake Covid-19 news
Radio New Zealand
Samoa's Director General of Health has called for people to stop sharing fake news on social media about a purported suspected Covid-19 case in the country.
Misc.
The Conspiracy Singularity Has Arrived
Vice
With the pandemic and a global uprising against racial injustice to be explained away, conspiracy communities are bleeding into each other, merging into one gigantic mass of suspicion.
Events
SecuriDay | Canberra 2020
Kids SecuriDay
Kids SecuriDay is going digital! Our August event is tied to National Science Week which will be going entirely digital so we will be too. The National Science Week schools theme this year is 'Deep Blue: innovations for the future of our oceans' so our theme will be pirates! We've got a stack of fun talks, workshops, competitions and games planned so keep an eye out for our upcoming announcements.
Jobs
Program Manager/Senior Analyst
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented, proactive and super efficient program manager/senior analyst to join its growing centre. The successful candidate will need to have a proven track record of leading teams and experience in project management including financial and stakeholder management (which will include industry, the Australian Government, Parliament and foreign governments). To succeed in this position candidates should have exceptional communication and problem-solving skills and experience in research, policy analysis or policy development.
Analyst
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive allrounder to join its growing centre. The ICPC is looking for someone who is an excellent writer and researcher and who is a team player - you will need to juggle multiple research projects that could span the range of topics listed above. This is not an entry level position. Analysts in ICPC have between 5-15 years’ relevant work experience and, depending on experience, are involved in stakeholder and project management, fundraising and the management of small teams.
GFCE Working Group Coordinator
GFCE
The Global Forum on Cyber Expertise (GFCE) Secretariat is seeking an organized, efficient, and communicative GFCE Working Group Coordinator to join the GFCE Secretariat’s team in its main office in The Hague, the Netherlands, starting 16 August 2020.