Inter-Parliamentary Alliance on China’s website suffers cyber attack | US to publish details on SolarWinds hack | Amazon’s Twitter Army was handpicked for “great sense of humor”

Mar 31, 2021

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

Due to Public Holidays in Australia, there will be no Daily Cyber Digest on Friday 2 April or Monday 5 April. We will return to regular service on Tuesday 6 April.

The global coalition of MPs pushing their governments to take a firmer stance against China has suffered a major cyber attack. The Inter-Parliamentary Alliance on China’s website was down for about nine hours on Monday, UK time, after suffering a distributed denial-of-service, or DDoS, attack. The Sydney Morning Herald
U.S. military and security officials are preparing to publish one of their most detailed analyses yet of the hacking tools used by suspected Russian spies in a campaign that the Biden administration has labeled a national security threat. CyberScoop
Amazon's small Twitter army of “ambassadors” was quietly conceived in 2018 under the codename “Veritas,” which sought to train and dispatch select employees to the social media trenches to defend Amazon and its CEO, Jeff Bezos, according to an internal description of the program obtained exclusively by The Intercept. The Intercept

ASPI ICPC

Profit or principle is the hard choice for foreign companies in China
Financial Times
Scores of large foreign companies have a presence in Xinjiang. These include over 50 American firms listed in the Fortune 500. Almost 70 European firms listed either in the Euro Stoxx 50 index or in the Global Fortune 500 do business there. Moreover, according to the Australian Strategic Policy Institute, about 83 foreign and Chinese firms use some 80,000 Uyghur workers who have been transferred from Xinjiang to work in poor conditions in 27 factories in nine provinces.

The Shanghai files: Australian former intelligence boss, business leaders caught up in Chinese data leak
ABC News
@seanrubinsztein @hui_echo
Australian Strategic Policy Institute senior analyst Samantha Hoffman, a world expert on Chinese surveillance, has looked at similar public security databases in her research. She believes the records are a piece of a larger public security and surveillance system being developed in China. "I've seen evidence of the same system type being developed in other cities and provinces across China in a standardised way," she said. "Although this data is showing information from a limited time period, it shows how foreigners could get caught up in China's surveillance state when they've passed through the country, even if that system isn't fully established yet.

Dr Jake Wallis @JakeWallis_ASPI

Our new @ASPI_ICPC report 👀👇👇 analyses CCP disinformation related to Xinjiang - on 🇺🇸 social media platforms, laundered through alternative fringe media (The Grayzone) and outsourced to companies linked with the United Front Work Department 🧵 aspi.org.au/report/strange…

Strange bedfellows on Xinjiang: The CCP, fringe media and US social media platformsThis report explores how the Chinese Communist Party (CCP), fringe media and pro-CCP online actors seek—sometimes in unison—to shape and influence international perceptions of the Chinese Government’s human rights abuses in Xinjiang, including through the amplification of disinformation. United Stat…aspi.org.au

World

Inter-Parliamentary Alliance on China’s website suffers cyber attack
The Sydney Morning Herald
@latikambourke
The global coalition of MPs pushing their governments to take a firmer stance against China has suffered a major cyber attack. The Inter-Parliamentary Alliance on China’s website was down for about nine hours on Monday, UK time, after suffering a distributed denial-of-service, or DDoS, attack.

Update on campaign targeting security researchers
Google
In January, the Threat Analysis Group documented a hacking campaign, which we were able to attribute to a North Korean government-backed entity, targeting security researchers. On March 17th, the same actors behind those attacks set up a new website with associated social media profiles for a fake company called “SecuriElite.”

You and the Algorithm: It Takes Two to Tango
Nick Clegg
It is alleged that social media fuels polarization, exploits human weaknesses and insecurities, and creates echo chambers where everyone gets their own slice of reality, eroding the public sphere and the understanding of common facts. And, worse still, this is all done intentionally in a relentless pursuit of profit.

Shira Ovide @ShiraOvide

It would be helpful if Facebook acknowledged that a large number of the changes it made to ranking posts happened because of outside pressure to change.

You and the Algorithm: It Takes Two to TangoIn a recent article for The Atlantic, Adrienne LaFrance compared Facebook to a Doomsday Machine: “a device built with the sole purpose of destroying all human life.” In the Netflix documentary The…nickclegg.medium.com

Australia

Facebook now lets users and pages turn off comments on their posts
The Guardian
@joshgnosis
Facebook will allow every user including celebrities, politicians, brands and news outlets to determine who can and can’t comment on their posts. The social media giant announced on Wednesday that when people post on Facebook, they will be able to control who comments on the post, ranging from everyone who can see the post, to only those who have been tagged by the profile or page in the post. It is similar to a change recently introduced by Twitter to limit who can reply to tweets.

Services Australia's data chief becomes CISO
iTNews
@justinrhendry
Services Australia’s inaugural chief data officer Maria Milosavljevic is moving into the agency's chief information security officer role. Milosavljevic, who has spent the past two years heading up the agency’s data and analytics division, revealed her new position over the weekend.

The intersection of cybercrime and terrorist activity
The Strategist
Indeed, the greatest dilemma for modern counterterrorism is intent. In a world where intent evolves in the dark spaces of the internet, where individuals draw inspiration from YouTube videos, social media posts and anonymous chatrooms, we desperately need a comprehensive approach to counterterrorism that incorporates prevention and early intervention strategies.

Apple to let repairers in Australia and New Zealand sign up to spare parts program
The Guardian
@joshgnosis
Apple will allow independent repairers in Australia and New Zealand to sign up to a new program this week which will provide access to its tools and spare parts, as the company faces heat on the right to repair.

A long road': the Australian city aiming to give self-driving cars the green light
The Guardian
@CullenDenise
Ipswich is an ideal place to trial technology to bring fully self-driving cars to Australian cities. But the project has had to overcome a lot of road bumps

China

Chinese Propaganda Officials Celebrate Social-Media Attacks on H&M in Countering Forced-Labor Allegations
Wall Street Journal
@wsjeva
The furor that scorched Hennes & Mauritz AB’s H&M , Nike Inc., Adidas AG and other boldface names of global retail, threatening them with lost revenues in one of the world’s most lucrative consumer markets, began with a message from a blogger on China’s Twitter -like Weibo service on March 23, according to an analysis by Doublethink Lab, a Taipei-based nonprofit that has researched online Chinese state disinformation. China fanned the flames the next day through state-media outlets and Communist Party-affiliated social-media accounts.

USA

US to publish details on suspected Russian hacking tools used in SolarWinds espionage
CyberScoop
@snlyngaas
U.S. military and security officials are preparing to publish one of their most detailed analyses yet of the hacking tools used by suspected Russian spies in a campaign that the Biden administration has labeled a national security threat.

Amazon’s Twitter Army Was Handpicked for “Great Sense of Humor,” Leaked Document Reveals
The Intercept
@kenklippenstein
Amazon's small Twitter army of “ambassadors” was quietly conceived in 2018 under the codename “Veritas,” which sought to train and dispatch select employees to the social media trenches to defend Amazon and its CEO, Jeff Bezos, according to an internal description of the program obtained exclusively by The Intercept.

Intel's US expansion highlights fragility of Asian supply chains
Nikkei Asia
Intel's recent move to invest $20 billion in new advanced U.S. semiconductor manufacturing facilities has raised hopes of a revival for the troubled computing giant, after many years in which U.S. policymakers fretted about declines in advanced domestic chipmaking and moved to deny China the same cutting-edge technologies.

Risk Aversion Is at the Heart of the Cyber Response Dilemma
Council on Foreign Relations
The United States’ usual recourse has included economic sanctions, legal indictments, and public attribution statements—or some combination of these instruments. However, the precise policy objective of imposing “risks and consequences” through them is often unclear. Sanctions and indictments tend to target a number of individual hackers for a variety of incidents, which confuses the signal they intend to deliver to the seats of power in Moscow and Pyongyang.

Alliance for Securing Democracy @SecureDemocracy

For nearly a year, we’ve documented over 200 actions that more than 50 government, private sector, and civil society actors took to secure the 2020 election against foreign interference. Here are our 5 major takeaways.👇 securingdemocracy.gmfus.org/defending-2020/

North-East Asia

TSMC head says drive to onshore chip supply chain is 'unrealistic'
Nikkei Asia
The head of the world's biggest contract chipmaker has said the rush by major economies to onshore semiconductor production is "unrealistic" and that expanding capacity would not help alleviate the global chip shortage.

Europe

Ingrid d'Hooghe @ingriddhooghe

New @AsiaLeiden report on the role of prominent Sino-Dutch persons, organizations & media in China's influence strategy and on the extent that China's influence poses a threat to the fundamental rights of citizens in the Netherlands:

Onderzoeksrapport “China’s invloed en de Chinese gemeenschap in Nederland” van Prof. Dr. Frank Pieke - LeidenAsiaCentreFor now, this report is only available in Dutch. An English translation will become available soon. Het LeidenAsiaCentre publiceert het ... ... read more »Onderzoeksrapport “China’s invloed en de Chinese gemeenschap in Nederland” van Prof. Dr. Frank Piekeleidenasiacentre.nl

Research

Cybersecurity in the Western Balkans: a Guide to Public–Private Partnerships
Geneva Centre for Security Sector Governance
This Guide is designed to support Western Balkan governments and non-state actors that are planning to establish cybersecurity Public-Private Partnerships (PPPs) as part of their public–private cooperation. Drawing on international best practice, and referencing the region’s distinctive cultural, economic, and social context, it highlights options for establishing suitable cooperation frameworks and methods for overcoming obstacles.