How China censored the Coronavirus | U.S. charges China-based Zoom executive with disrupting Tiananmen crackdown commemorations | Dozens of journalists hacked with NSO 'zero-click' spyware
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
At a time when digital media is deepening social divides in Western democracies, China is manipulating online discourse to enforce the Communist Party’s consensus. To stage-manage what appeared on the Chinese internet early this year, the authorities issued strict commands on the content and tone of news coverage, directed paid trolls to inundate social media with party-line blather and deployed security forces to muzzle unsanctioned voices. The New York Times
U.S. prosecutors on Friday charged a China-based executive at Zoom Video Communications Inc with disrupting video meetings commemorating the 31st anniversary of the Tiananmen Square crackdown at the request of the Chinese government. Xinjiang Jin, 39, faces up to 10 years in prison if convicted of conspiring since January 2019 to use his company’s systems to censor speech, the U.S. Department of Justice said. Reuters
In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked. The Citizen Lab
World
What we know – and still don’t – about the worst-ever US government cyber-attack
The Guardian
@kari_paul @loisbeckett
Nearly a week after the US government announced that multiple federal agencies had been targeted by a sweeping cyber-attack, the full scope and consequences of the suspected Russian hack remain unknown. Key federal agencies, from the Department of Homeland Security to the agency that oversees America’s nuclear weapons arsenal, were reportedly targeted, as were powerful tech and security companies including Microsoft. Investigators are still trying to determine what information the hackers may have stolen, and what they could do with it.
Hack Suggests New Scope, Sophistication for Cyberattacks
The Wall Street JournalHow the Russian hacking group Cozy Bear, suspected in the SolarWinds breach, plays the long game
Cyberscoop
Russia's Hack Wasn't Cyberwar. That Complicates US Strategy
WiredThe SolarWinds Breach Is a Failure of U.S. Cyber Strategy
LawfareTrump Contradicts Pompeo Over Russia's Role in Hack
The New York TimesMicrosoft breached in suspected Russian hack using SolarWinds
Reuters
Huawei’s Role in the China-Russia Technological Partnership
Council on Foreign Relations
@laurenmdudley
Huawei’s recent pivot to Russia reflects this pattern of cooperation, garnering high-level support from both governments. The Russian government has specifically welcomed Huawei’s increased presence in hopes that Huawei’s training programs, local research centers, purchases of Russian technology, and promises to jointly develop or share emerging technologies will help prevent brain drain and promote local innovation.
Australia
Huawei documents reveal China's grievance against Australia
The Sydney Morning Herald
@ErykBagshaw
Australia's push for a World Trade Organisation investigation into China's crippling tariffs on barley is set to be challenged by its own decision to ban Huawei in 2018, with new documents revealing Australian trade negotiators dismissed China's concerns at the WTO about discriminatory action. The confidential document by Chinese trade negotiators was obtained by The Sydney Morning Herald and The Age two days after Australia lodged a formal complaint with the WTO last week.
Cyber security left out of cabinet reshuffle
IT News
@TessBennett
Prime Minister Scott Morrison has not appointed a dedicated minister for cyber security in Friday’s cabinet reshuffle.
What Australia’s intelligence community wants for Christmas: a secure private cloud
The Strategist
@michael_ASPI
Christmas sometimes brings presents you don’t expect - this year, for me, an excitingly titled ˜Request for expressions of interest’ that appeared on AusTender is one of them. It’s about Australia’s peak intelligence agency, the Office of National Intelligence, beginning an essential, radical and rapid shift into cloud applications and services at the highly classified top secret level of capability. That’s big news.
China
No ‘Negative’ News: How China Censored the Coronavirus
The New York Times
@zhonggg @paulmozur @jeffykao @Aaron_Krolik
At a time when digital media is deepening social divides in Western democracies, China is manipulating online discourse to enforce the Communist Party’s consensus. To stage-manage what appeared on the Chinese internet early this year, the authorities issued strict commands on the content and tone of news coverage, directed paid trolls to inundate social media with party-line blather and deployed security forces to muzzle unsanctioned voices.
Jack Ma Makes Ant Offer to Placate Chinese Regulators
The Wall Street Journal
@Lingling_Wei
As Jack Ma was trying to salvage his relationship with Beijing in early November, the beleaguered Chinese billionaire offered to hand over parts of his financial-technology giant, Ant Group, to the Chinese government, according to people with knowledge of the matter. “You can take any of the platforms Ant has, as long as the country needs it,” Mr. Ma, China’s richest man, proposed at an unusual sit-down with regulators, the people said.
She tweeted from Sweden about the plight of her Uyghur cousin. In Xinjiang, the authorities were watching
CNN
@bexwright1 @IvanCNN
They said the authorities didn't give them a medical reason for her admission to hospital, but they did pass a message to her aunt and uncle: stop your daughter, Nyrola, from tweeting.
Efforts To Make 5G More ‘Open’ With Less Huawei Have Attracted Dozens Of Chinese Vendors
Forbes
@RoslynLayton
China can afford to lose the Huawei battle if it wins the war to control O-RAN specifications and manufacturing.
USA
U.S. charges China-based Zoom executive with disrupting Tiananmen crackdown commemorations
Reuters
@JonathanStempel
U.S. prosecutors on Friday charged a China-based executive at Zoom Video Communications Inc with disrupting video meetings commemorating the 31st anniversary of the Tiananmen Square crackdown at the request of the Chinese government. Xinjiang Jin, 39, faces up to 10 years in prison if convicted of conspiring since January 2019 to use his company’s systems to censor speech, the U.S. Department of Justice said.
China-Based Executive at U.S. Telecommunications Company Charged with Disrupting Video Meetings Commemorating Tiananmen Square Massacre
US Department of Justice
U.S. lawmakers to back $1.9 billion to replace telecom equipment from China's Huawei, ZTE
Reuters
@davidshepardson
U.S. lawmakers are expected to endorse $1.9 billion to fund a program to remove telecom network equipment that the U.S. government says poses national security risks as part of a year-end spending bill and COVID-19 bill, a source briefed on the matter said on Sunday.
Man really did hack Trump’s Twitter account by guessing password, ‘maga2020!’ Dutch prosecutors say
Washington Post
@MiriamABerger
Dutch hacker Victor Gevers claims to have logged in to President Trump’s Twitter account six years ago by guessing the password: “yourefired.” Then he did it again. On Oct. 16, Gevers, 44, made an accurate guess, “maga2020!” on his fifth try, according to Dutch prosecutors
U.S. to blacklist dozens of Chinese firms including SMIC, sources say
Reuters
@alexalper @davidshepardson @humeyra_pamuk
The United States added dozens of Chinese companies, including the country’s top chipmaker SMIC and Chinese drone manufacturer SZ DJI Technology Co Ltd, to a trade blacklist on Friday as U.S. President Donald Trump’s administration ratchets up tensions with China in his final weeks in office.
Government Leaders Clash Over Next Step for Trump’s Ban on Chinese Stocks
The Wall Street Journal
@jingyanghk @dawnmlim
President Trump’s recent executive order prohibiting Americans from investing in companies tied to China’s military complex has set up a fight in the highest ranks of government over how broad the list should be.
Only Seven of Stanford’s First 5,000 Vaccines Were Designated for Medical Residents
ProPublica
@CarolineYLChen
Stanford Medicine officials relied on a faulty algorithm to determine who should get vaccinated first, and it prioritized some high-ranking doctors over patient-facing medical residents.
Christopher Krebs: We prepared for more Russian interference. But this year the assault on democracy was from within the US
CNN
@C_C_Krebs
Unfortunately, as we moved on from November 3, we began to see wild and baseless claims of domestic origin, about hackers and malicious algorithms that flipped the vote in states across the country, singling out election equipment vendors for having ties to deceased foreign dictators. None of these claims matched up with the intelligence we had, based on reporting from election officials or how elections actually work in this country.
Trump Officials Deliver Plan to Split Up Cyber Command, NSA
Defense One
@KatieBoWill
Trump administration officials at the Pentagon late this week delivered to the Joint Chiefs of Staff a proposal to split up the leadership of the National Security Agency and U.S. Cyber Command. It is the latest push to dramatically reshape defense policy advanced by a handful of key political officials who were installed in acting roles in the Pentagon after Donald Trump lost his re-election bid.
Trump Appointee Seeks to Cut Off Funding for Global Internet Access Group
The New York Times
@pranshuverma_
Michael Pack, the head of the U.S. Agency for Global Media, is moving to stop federal funding of the Open Technology Fund, which develops tools that allow people to get around controls on internet access.
Inside the chaos of brand safety technology
Branded
Integral Ad Science, Comscore and Oracle are leaking the top secret classifications they use to block ad revenues from the news.. Every day, a handful of tech companies decide how billions of advertising dollars will be spent on the web. We don’t see these decisions take place, but brand safety algorithms scan every page and every piece of content we look at to decide whether it’s ‘safe’ before serving an ad.
Southeast Asia
YouTube faces complaints of lax approach on overseas election misinformation
Reuters
@f_potkin
Social media researchers and civil society groups in Myanmar say the uneven standard is emblematic of YouTube's comparatively hands-off approach to election misinformation globally at a time when rival Facebook is taking a more aggressive country-by-country measures.
NZ & Pacific Islands
U.S. warns Pacific islands about Chinese bid for undersea cable project - sources
Reuters
@barrett_ink
The United States has warned Pacific island nations about security threats posed by a Chinese company’s cut-price bid to build an undersea internet cable, two sources told Reuters, part of an international development project in the region.
UK
COVID-19 vaccine rollout may be delayed - with IT system 'failing constantly'
Sky News
@rowlsmanthorpe
The rollout of the COVID-19 vaccine could be delayed by technical issues, doctors and health officials have warned, after the first week of the vaccination programme was marred by difficulties with data collection. GP practices have been forced to collect data on the rollout of the Pfizer vaccine by hand, following problems with the software being used to keep track of who has been given the jab.
General Sir Nick Carter: ‘To win against Russia and China we must beat them at their own game’
The Sunday Times
@edwardlucas
The chief of the defence staff has vowed to bring the armed forces up to date - and that means fighting under the radar
UK and China: how the love affair faded
The Guardian
@patrickwintour
In 2003, the Cabinet Office decided to allow the Chinese state-backed Huawei telecommunications network to start supplying BT for the first time. Nobody bothered to put a note on the security implications into the red box of the then business secretary, Patrica Hewitt. A minor discussion, solely on the competition implications, did take place. The then head of MI6, Sir Richard Dearlove, used to daily cooperation with BT to secure wire taps, was shocked and concerned when he heard of the plan, but was told: ‘It is nothing to do with you’.
Europe
Moderna COVID-19 vaccine documents accessed in EMA cyberattack
Reuters
Moderna Inc said on Monday it was informed by the European Medicines Agency (EMA) certain documents related to pre-submission talks of its COVID-19 vaccine candidate were unlawfully accessed in a cyberattack on the medicines regulator.
Africa
Sierra Leone's tech-aided war on corruption
DW
@beenishjaved
The West African nation's fight against corruption started bearing fruit when political will, supported by international partners, began mixing with digital technology. Can Sierra Leone be a model for the rest of Africa?
Misc
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
The Citizen Lab
@billmarczak @jsrailton Noura Al-Jizawi Siena Anstis
In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked.
My reporting on QAnon and coronavirus disinformation led to death threats
iNews
@mariannaspring
Investigating conspiracies and the people who spread them led the journalist Marianna Spring to become the target for an onslaught of abuse online.
The ‘invisible’ international law in cyberspace
Directions Blog
@KuleszaJ
Recent state contributions to the discussion of how international law applies in cyberspace suggest that the cybersecurity dialect of international law is losing sight of the mainstream - that is, how international law is applied outside of the cyber bubble.
COVID-19 vaccine distribution algorithms may cement health care inequalities
Venture Beat
@Kyle_L_Wiggers
The Trump administration aims to deliver the first shots to 20 million people by year’s end. But shipments must be prioritized in a country of over 300 million people. This logistical challenge has fallen on algorithms designed to account for a range of factors in identifying which populations are most vulnerable. Problematically, however, a lack of transparency plagues their decision-making processes. And given the body of research showing algorithms can encode biases against certain demographic groups, particularly minorities and low-income earners, experts believe this is cause for concern.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional and experienced China-focused senior analyst or analyst to join its centre in 2021. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
ICPC Analyst - Information operations & disinformation
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented and proactive analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.
ICPC - Strategic engagement & program coordinator
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding early career role for a talented and proactive individual to support senior centre staff on strategic engagement, program and research coordination.
For more information and to apply for these roles go to the ASPI Jobs Page.