Huawei equipment could disrupt US nuclear arsenal communications | Instagram slow to tackle bots targeting Iranian women’s groups | New tool in the cyber ‘arms race’ against child sexual abusers
Good morning. It's Monday 25th July.
The Daily Cyber Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Have feedback? Let us know at icpc@aspi.org.au.
Follow us on Twitter and on LinkedIn.
In 2017, the Chinese government was offering to spend $100 million to build an ornate Chinese garden at the National Arboretum in Washington DC. But when US counterintelligence officials began digging into the details, they found numerous red flags. The pagoda, they noted, would have been strategically placed on one of the highest points in Washington DC, just two miles from the US Capitol, a perfect spot for signals intelligence collection, multiple sources familiar with the episode told CNN. CNN
Iranian women's rights groups have for months faced a deluge of bots following their Instagram accounts and disrupting their digital outreach operations. Activists say that while they have repeatedly asked Meta, Instagram’s parent company, to stymie the flood of junk followers, more keep coming, totaling in the millions across dozens of organizations operating in Iran and elsewhere around the world. WIRED
The search for these safe, happy pictures is the goal of a new campaign to crowdsource a database of ethically obtained images that Dalins hopes will help build better investigative tools to use in the fight against what some have called a “tsunami” of child sexual assault material online. Dalins is the co-director of AiLecs lab, a collaboration between Monash University and the Australian federal police, which builds artificial intelligence technologies for use by law enforcement. The Guardian
ASPI ICPC
Policy, Guns and Money: Australian rocket launches, 2022 Lowy poll and policing in the Pacific
The Strategist
The Lowy Institute recently released its annual poll, which captures Australian views of the world and current global issues, including Russia’s invasion of Ukraine, China and climate change. ASPI’s Fergus Ryan speaks to the author of the report on the 2022 poll, Natasha Kassam, about the notable shifts in this year’s poll and what surprised her in the polling results.
Ukraine - Russia
Russian-backed separatists in Ukraine block Google search engine
Reuters
Russian-backed separatists in a breakaway region of eastern Ukraine have blocked access to the search engine Google, their leader said on Friday, citing what he calls "disinformation".
Assess Russia's cyber performance without repeating its past mistakes
War on the Rocks
Gavin Wilde
Many observers saw Russia’s February invasion of Ukraine as the first case in modern history of a great power with near-peer cyber capability waging a major conventional war. Analysts are already trying to measure Russia’s cyber performance against prior expectations. A Russia-focused examination, however, must factor in the uniquely expansive way Moscow views “information warfare,” a blanket concept entailing not only cyber operations against technical infrastructure, but also adversary hearts and minds, and public perception more broadly.
Australia
100,000 happy pictures: A new tool in the cyber ‘arms race’ against child sexual abusers
The Guardian
Royce Kurmelovs
The search for these safe, happy pictures is the goal of a new campaign to crowdsource a database of ethically obtained images that Dalins hopes will help build better investigative tools to use in the fight against what some have called a “tsunami” of child sexual assault material online. Dalins is the co-director of AiLecs lab, a collaboration between Monash University and the Australian federal police, which builds artificial intelligence technologies for use by law enforcement.
Expert analysis Telstra/Digicel Deal
Post-Courier
Amanda H A Watson
Australian Foreign Minister Penny Wong and other Australian ministers announced on Thursday 14 July that an Australian telecommunication company's purchase of Digicel's Pacific arm is now complete. The Australian government brokered the deal, offering favourable terms to Telstra, which now owns Digicel's operations in Papua New Guinea, Samoa, Fiji, Tonga, Vanuatu and Nauru.
China
Hong Kong’s new cybercrime law consultation
The Diplomat
Charles Mok
This week the Cybercrime Subcommittee of the Law Reform Commission (LRC) in Hong Kong published a consultation paper on cybercrimes and related jurisdictional issues, setting in motion what will likely be a series of legislations of new laws and amendments in the reformed “patriots-ruled” territory under the People’s Republic of China.
Hong Kong in talks with Beijing to ease cross-border data flow as new rules threaten city’s gateway status
South China Morning Post
Xinmei Shen
The Hong Kong government has initiated talks with the Cyberspace Administration of China (CAC) to make it easier for data to be transferred from the mainland to the city, as Beijing’s new restrictions on cross-border data flow raise questions about Hong Kong’s status as a regional hub.
China has a problem with data leaks. One reason is its surveillance state.
The Wall Street Journal
Karen Hao
To protect sensitive data, China’s government has built one of the world’s strictest cybersecurity and data-protection regimes. Despite those efforts, a thriving cross-border underground market has grown up around the trade in the data of Chinese citizens. Much of that data comes from another of the Chinese government’s big security projects: its extensive surveillance network.
‘We show hotshots who’s boss’: How China disciplines its tech barons
The Guardian
Lulu Chen
In an attempt to control public opinion, the government told social media sites including WeChat – the super-app used by two-thirds of China’s population – to wipe and scrape posts deemed negative or critical of the policy. But the censorship backfired. A video documenting the dire fallout of lockdown began circulating online. WeChat censors tried to wipe posts sharing the video, but it was like a multi-headed hydra: no sooner did one get blocked, than another would pop up. This seminal moment embodied the dynamics between the Chinese government and the country’s giant tech companies.
China’s social media giants to require influencers to disclose agency names on profile pages
South China Morning Post
Jiaxing Li
Two of China’s most popular social media platforms said they would start displaying the names of marketing agencies on influencers’ profile pages, after the country’s internet watchdog accused those service providers of spreading incorrect values.
China’s TikTok owner ByteDance boosted lobbying spending by 130 percent in second quarter
The Hill
Olafimihan Oshin
Chinese-based company ByteDance, the owner of popular social media platform TikTok, spent $2.1 million on lobbying in the second quarter of 2022, boosted its lobbying spending by 130 percent, according to CNBC.
China bets big on basic chips in self-sufficiency push
The Wall Street Journal
Dan Strumpf and Liza Lin
China is leading the world in building new chip factories, a step toward achieving more self-sufficiency in semiconductors that could eventually make some buyers reliant on China for many of the basic chips now in short supply. As chip makers race worldwide to boost production and ease supply shortages, no country is expanding faster than China, which is slated to build 31 major semiconductor factories, known as fabs, during the four years through 2024, according to the chip-industry group SEMI.
Despite Didi's $1.2 bln fine, China tech's regulatory woes may not be over
Reuters
Josh Ye, Eduardo Baptista and Yingzhi Yang
China's $1.2 billion fine on Didi Global draws a line under the ride hailing company's regulatory woes, but the retroactive application of laws and a lack of clarity on the firm's business revival show the worst for its tech sector may not be over.
USA
FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications
CNN
Katie Bo Lillis
In 2017, the Chinese government was offering to spend $100 million to build an ornate Chinese garden at the National Arboretum in Washington DC. But when US counterintelligence officials began digging into the details, they found numerous red flags. The pagoda, they noted, would have been strategically placed on one of the highest points in Washington DC, just two miles from the US Capitol, a perfect spot for signals intelligence collection, multiple sources familiar with the episode told CNN.
FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
Security Affairs
Pierluigi Paganini
The U.S. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide.
US bolsters cyber alliance to counter rising Iran threat
The Hill
Ines Kagubare
President Biden vowed to expand cyber cooperation with Israel and Saudi Arabia on his trip to the Middle East last week, a move experts see as a direct response to the rising digital threat from Iran.
Americas
Rogers to invest C$10 billion in AI, testing after massive outage
Reuters
Rogers Communications Inc said on Sunday it will invest C$10 billion ($7.74 billion) over the next three years in Artificial Intelligence (AI), and more testing and oversight, just weeks after the company reported network issues that caused widespread disruptions across the country.
Europe
Chrome use subject to restrictions in Dutch schools over data security concerns
Bleeping Computer
Bill Toulas
The Dutch Ministry of Education has decided to impose some restrictions on the use of the Chrome OS and Chrome web browser until August 2023 over concerns about data privacy. The officials worry that Google services collect student data and make it available to large advertising networks, who use it for purposes beyond helping education. Since the national watchdog doesn't know where or how the students' personal data is stored and processed, there are concerns about violating European Union's GDPR (General Data Protection Regulation).
Gender and Women in Cyber
Instagram slow to tackle bots targeting Iranian women’s groups
WIRED
Lily Hay Newman
Iranian women's rights groups have for months faced a deluge of bots following their Instagram accounts and disrupting their digital outreach operations. Activists say that while they have repeatedly asked Meta, Instagram’s parent company, to stymie the flood of junk followers, more keep coming, totaling in the millions across dozens of organizations operating in Iran and elsewhere around the world.
Tinder: Women's safety now at the heart of the app
BBC
Shiona McCallum
Keeping women safe is now "at the heart" of the world's largest dating app, Tinder, it claims. The technology company is launching a partnership with campaign group No More, aiming to end domestic violence. But charity End Violence Against Women says it is only a "small step" in addressing the disproportionate amount of abuse women experienced online. Tinder has faced scrutiny over abusive interactions on the service, with concerns dating apps are attracting sexual predators.
Big Tech
Sweeping changes remake Facebook app in TikTok's image
Axios
Sara Fischer
Meta announced major changes Thursday to the Facebook app that will transform its experience into a more TikTok-like selection of algorithmically chosen videos — and shunt off content posted by family, friends and groups into a separate side feed.
Twitter data breach exposes contact details for 5.4M accounts; on sale for $30k
9to5Mac
Ben Lovejoy
A Twitter data breach has allowed an attacker to get access to the contact details of 5.4M accounts. Twitter has confirmed the security vulnerability which allowed the data to be extracted.
Google fires engineer who contended its AI technology was sentient
CNN
Ramishah Maruf
Google has fired the engineer who claimed an unreleased AI system had become sentient, the company confirmed, saying he violated employment and data security policies. Blake Lemoine, a software engineer for Google, claimed that a conversation technology called LaMDA had reached a level of consciousness after exchanging thousands of messages with it.
Big tech is bracing for a possible recession, spooking other industries
The Washington Post
Rachel Lerman and Gerrit De Vynck
Big Tech is bracing for an economic recession and an uncertain future. That, in turn, is triggering more economic angst. The biggest tech firms, most of whom report quarterly earnings next week, have offered recent hints they are hunkering down.
Misc
Uber admits covering up 2016 hacking, avoids prosecution in U.S. settlement
Reuters
Jonathan Stempel
Uber Technologies Inc on Friday accepted responsibility for covering up a 2016 data breach that affected 57 million passengers and drivers, as part of a settlement with U.S. prosecutors to avoid criminal charges.
Research
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
The Daily Cyber Digest is brought to you by the team at ASPI’s International Cyber Policy Centre.