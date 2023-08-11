Good morning. It's Friday 11th August.

Germany’s domestic intelligence service published a cyber espionage warning on Thursday that Iranian dissident organizations and individuals in the country were being targeted by a suspected state-sponsored threat group. Officially known as the Federal Office for the Protection of the Constitution, the agency reported it had found concrete attempts by the group known as Charming Kitten to target the Iranian opposition and exiles based in Germany. The Record by Recorded Future

Hackers with apparent links to the Belarusian government have been targeting foreign diplomats in the country for nearly 10 years, according to security researchers. On Thursday, antivirus firm ESET published a report that details the activities of a newly discovered government hacking group that the company has dubbed MoustachedBouncer. TechCrunch

The Kremlin's fear of a serious tech brain drain is the main factor preventing Moscow from nationalising Nasdaq-listed Yandex, often dubbed ‘Russia's Google’, four people with knowledge of the company's divestment plans told Reuters. Yandex's fate has been the subject of much speculation since it announced plans to pursue a corporate restructuring last November, a move that should ultimately see its main revenue-generating businesses inside Russia spun off from its Dutch-registered parent company. Reuters

ASPI

Incels in Australia: the ideology, the threat, and a way forward

ASPI

Jasmine Latimore and John Coyne

This report explores the phenomenon of ‘incels’—involuntary celibates—and the misogynistic ideology that underpins a subset of this global community of men that has become a thriving Internet subculture. It examines how online spaces, from popular social media sites to dedicated incel forums, are providing a platform for not just the expansion of misogynistic views but gender-based violent extremism.

Incels in Australia: the ideology, the threat and a way forward

The Strategist

John Coyne

The online nature of the MI movement facilitates the transnational nature of the threat. Although studies have shown that MI violence has thus far only been reported as occurring in the US, Canada and the UK, there’s growing concern about the spread of MI ideology throughout Europe, Australia, and Asia, with studies demonstrating that incels exist across almost every continent.

US-China rivalry has upsides for the world

Nikkei Asia

Charles Ormiston

A comprehensive study earlier this year by the Australian Strategic Policy Institute looked at high-impact research across 44 critical technologies, including advanced materials, mineral extraction and processing, blockchain, data analytics, high-performance computing, green hydrogen, electric batteries, nuclear energy, synthetic biology and quantum computing. Among these fields, the study found that China leads in 37 and the US in seven. No other country led in any and only in three fields was another country even in second place.

Australia

Australia, US urged to ramp up AUKUS as PM invited to White House

The Sydney Morning Herald

Matthew Knott

Pillar one of the AUKUS pact refers to the sharing of nuclear-powered submarine technology, while pillar two refers to other technologies such as hypersonic weapons, artificial intelligence and quantum computing. “The point is that the potential for AUKUS – from the undersea domain, to munitions and critical technologies, to logistics – is limited only by our willpower and our imagination,” Gallagher said.

Why Australia could follow US on China tech ban

Australian Financial Review

Matthew Cranston

The Biden administration is ratcheting up efforts to decouple from China with increased investment restrictions and tariffs, and experts say ally Australia has a case to follow suit on national security grounds. US imports from China are down 24 per cent in the first five months of this year, leaving Mexico as America’s largest trading partner, and reducing US companies’ dependence on Chinese suppliers.

Australia to build world’s largest electric ship in boon for jobs as world demands ‘green’ vessels

The Australian

Matthew Denholm

The world’s largest battery-­powered ship is to be built in Australia, in a breakthrough for decarbonising global shipping and growing the nation’s shipbuilding industry. Tasmanian aluminium catamaran shipbuilder Incat is building the 130m lightweight fast ferry, using a Finnish-supplied electric propulsion and waterjet system, at its yards in Hobart.

China

New US investment curbs to have limited impact on China’s targeted semiconductors, quantum computing and AI sectors

South China Morning Post

Ben Jiang and Che Pan

New American investment restrictions overseas under US President Joe Biden’s latest executive order are expected to have a limited impact on the targeted tech sectors in China, according to analysts, although it could disrupt the flow of fresh funds to the country’s private sector amid a weakening economic recovery. The executive order issued on Wednesday restricts US venture capital and private equity investments in Chinese companies involved in semiconductors and microelectronics, quantum information technologies and certain artificial intelligence systems, according to a fact sheet released by the US Department of Treasury.

China's internet giants order $5bn of Nvidia chips to power AI ambitions

Nikkei Asia

China's internet giants are rushing to acquire high-performance Nvidia chips vital for building generative artificial intelligence systems, making orders worth $5 billion in a buying frenzy fueled by fears the US will impose new export controls. Baidu, ByteDance, Tencent and Alibaba have made orders worth $1 billion to acquire about 100,000 A800 processors from the US chipmaker to be delivered this year, according to multiple people familiar with the matter. The Chinese groups had also purchased a further $4 billion worth of the graphics processing units to be delivered in 2024, two people close to Nvidia said.

USA

Chinese cyberattacks on Japan prompts US push for stronger defenses

Nikkei Asia

Ryo Nakamura

Revelations that Chinese hackers have accessed Japanese defense secrets are causing concern in the US, which is poised to share more defense-related information with its Asian ally. Chinese cyberattacks on key infrastructure that could hinder response times during crisis is a separate concern. Washington has warned allies to bolster digital defenses.

Biden's China tech curbs to keep investors sidelined, fearing more steps

Reuters

Kane Wu and Michael Martina

President Joe Biden's move to prohibit some US technology investments in China is expected to keep investors on the sidelines, concerned that tougher measures are ahead as tensions simmer between the world's two biggest economies. US private equity and venture capital investors have already hit the brakes on sensitive technologies in China as relations have worsened since the administration of Biden's predecessor, Donald Trump, over issues from tech to China's industrial policies to national security.

NSA chief: Chinese cyber spies continue to improve — but haven't surpassed US

The Record by Recorded Future

Martin Matishak

China has not yet surpassed the US in conducting cyber espionage despite several successful hacks that have been publicly linked to Beijing, the head of the US’s premier digital spy agency said Thursday. “No. No. No,” Army Gen. Paul Nakasone, the outgoing director of the National Security Agency and the head of US Cyber Command, answered during a discussion at the Center for Strategic and International Studies in Washington when asked if the US had been eclipsed.

Detroit police changing facial-recognition policy after pregnant woman says she was wrongly charged

Associated Press

The Detroit police chief said he’s setting new policies on the use of facial-recognition technology after a woman who was eight months pregnant said she was wrongly charged with robbery and carjacking in a case that was ultimately dismissed by prosecutors. The technology, which was used on images taken from gas station video, produced leads in the case but was followed by ‘very poor’ police work, Chief James White said. ‘We want to ensure that nothing like this happens again,’ White said Wednesday.

Lapsus$ hackers’ corporate exploits draw US cyber board scrutiny

Bloomberg

Andrea Vittorio

The Department of Homeland Security’s cybersecurity review panel called for targeted efforts to shore up weak points in digital infrastructure and to steer young people away from cybercrime in its newly released analysis of Lapsus$ hacking group and its affiliates. Lapsus$ emerged in 2021 and stood out for its public profile and its ability to exploit vulnerabilities in cyber systems at well-defended organizations, the DHS Cyber Safety Review Board said in a report released Thursday.

Sam Altman’s eyeball-scanning crypto project Worldcoin is having an identity crisis

Forbes

Richard Nieva

For a company whose business is identity, Worldcoin has been grappling with an identity problem. The issue has played out literally in technological struggles like the Asian eyes incident, but it has also manifested in a larger conundrum: As the crypto market has crumbled—devastated in part by the disgraced crypto exchange FTX, founded by Sam Bankman Fried, who once invested in Worldcoin—the company has been struggling to define its purpose.

Americas

Early adopters in Mexico lend their eyes to global biometric project

Reuters

Anna Portella

Eager early adopters recently descended upon a Mexico City cafe where their eyes were scanned by a futuristic sphere, part of an ambitious project that ultimately seeks to create a unique digital identification for everyone on the planet. Mexico is one of nearly three dozen countries where participants are allowing the sphere, outfitted with cameras and dubbed an orb, to scan their iris. The project's goal is to distinguish people from bots online, while doling out a cryptocurrency bonus as a incentive to participate.

Ukraine - Russia

Fear of tech 'brain drain' prevents Russia from seizing Yandex for now -sources

Reuters

Alexander Marrow and Polina Devitt

Yandex co-founder condemns ‘barbaric’ war in Ukraine

Financial Times

Max Seddon

The co-founder of Russian tech giant Yandex has spoken out against the ‘barbaric’ war in Ukraine, placing him among the few of the country’s leading businessmen to do so since Vladimir Putin ordered the full-scale invasion 18 months ago. ‘Russia’s invasion of Ukraine is barbaric, and I am categorically against it,’ Arkady Volozh said in a statement published on Thursday. ‘I am horrified about the fate of people in Ukraine — many of them my personal friends and relatives — whose houses are being bombed every day.’

Ukrainian official touts country’s wartime cyber intelligence efforts

The Record by Recorded Future

Daryna Antoniuk

Intelligence gathered in cyberspace is helping Ukraine understand Russia's plans and stop the enemy from carrying them out, according to the country’s top cyber and information security official. Illia Vitiuk, head of cybersecurity at the Security Service of Ukraine, said Thursday that hackers have been getting into Russian systems to find out the Kremlin’s targets, how the enemy’s troops move, and how Russia avoids Western sanctions.

Europe

Iranian cyber spies are targeting dissidents in Germany

The Record by Recorded Future

Alexander Martin

Belarus hackers target foreign diplomats with help of local ISPs

TechCrunch

Lorenzo Franceschi-Bicchierai

Sweden is not staying neutral in Russia’s information war

The New York Times

Steven Lee Myers

Facing a tsunami of disinformation about the treatment of Muslims that has in recent months fueled protests from Stockholm to Baghdad, Sweden decided it needed to fight back. It turned to the Psychological Defense Agency, a part of the Ministry of Defense that its government created last year. The agency has become the first line of defense for a country facing a sustained information attack from abroad. After working quietly behind the scenes, the agency has now explicitly accused Russia of exploiting recent protests by immigrants and others in Sweden that have included burning copies of the Quran, an act of desecration that is deeply offensive to Muslims. The outrage has already had an impact: delaying Sweden’s accession to NATO because of objections by another member, Turkey.

EU treads cautious line over US investment bans on Chinese tech

Financial Times

Alice Hancock, Laura Pitel and Leila Abboud

The EU has signalled that it will not immediately follow the US in issuing outright bans on investment in China’s cutting-edge technology sector, saying instead that it will make its own proposal by the end of the year. The White House issued an executive order on Wednesday that will limit some US investment in sectors deemed by President Joe Biden as posing ‘significant national security risks’ in the hope that allies might follow its lead.

UK

China dissidents fear for safety after polling data cyberattack

The Times

Matt Dathan

Chinese, Uighur and Hong Kong dissidents in the UK fear that the cyberattack on the Electoral Commission threatens their safety. The names, emails, phone numbers and addresses of up to 40 million voters were accessed by hackers in what is thought to be the biggest cyberattack in Britain’s history. Even people who had opted out of having their details accessible by phone book companies and credit agencies had their data accessed. The Electoral Commission has said it still does not know the identity of those behind the attack. The National Cyber Security Centre, an arm of GCHQ, has been called in to investigate.

How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever

ArsTechnica

Dan Goodin

It’s looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK’s biggest hacks ever—the breach of the country’s Electoral Commission, which exposed data for as many as 40 million residents. Electoral Commission officials disclosed the breach on Tuesday. They said that they discovered the intrusion last October when they found ‘suspicious activity’ on their networks and that ‘hostile actors had first accessed the systems in August 2021.’ That means the attackers were in the network for 14 months before finally being driven out. The Commission waited nine months after that to notify the public.

Minister defends safety law on messaging apps

BBC

Zoe Kleinman

The technology secretary has defended a controversial section of the Online Safety Bill which would force messaging apps to access the content of private messages if requested by the regulator Ofcom. She said it was a sensible approach in order to protect children from abuse. But some tech firms, including WhatsApp and Signal, have threatened to leave the UK if forced to weaken their messaging security.

UK considers response to US ban on tech investments in China

Reuters

Britain said on Thursday it was weighing how to respond to a decision by US President Joe Biden to prohibit some tech investments in China, adding it was continuing to assess potential national security risks. A spokesperson for Prime Minister Rishi Sunak's government said the executive order gave important clarity on the US approach: “The UK will consider these new measures closely as we continue to assess potential national security risks attached to some investments.”

Britain can learn lessons from Taiwan’s industrial strategy

Financial Times

Yuan Yang

At every roundtable I’ve attended recently on the UK’s response to a rising China, I’ve heard the same refrain: we are too small, too insignificant, too poor. Faced with the same conundrum, the European Commission has launched a strategy for economic security that emphasises ‘technological sovereignty and resilience of EU value chains’. The era of industrial ambition has arrived everywhere, except the UK. Uniquely among its rich peers, when faced with the prospect of global competition, the British tendency is to pre-emptively admit defeat. As tech minister Paul Scully put it recently in an interview with the FT: ‘We are not going to recreate Taiwan in south Wales’. We should indeed concentrate on our strategic advantages in research and development as a nation of top universities, rather than attempt to out-scale existing giants in manufacturing. But Scully’s remark raises the question of what was necessary to create Taiwan in the first place.

Africa

TikTokers are documenting — and monetising — anti-government protests in Kenya

Rest of World

Martin Siele

TikTok has become a vital part of the ongoing anti-government protests in Kenya, where at least 23 people have reportedly been killed as crowds take to the streets to oppose proposed tax increases and cost of living expenses. Kenyans are sharing videos of protests from big cities and small towns, giving an on-the-ground perspective in real time.

AI hysteria is a distraction: algorithms already sow disinformation in Africa

The Guardian

Odanga Madung

More than 70 countries are due to hold regional or national elections by the end of 2024. It will be a period of huge political significance across the globe, with more than 2 billion people (mostly from the global south) directly affected by the outcome of these elections. The stakes for the integrity of democracy have never been higher. Tech multinationals such as TikTok, Facebook and Twitter built highly vulnerable AI systems and left them unguarded. As a result, disinformation spread via social media has become a defining feature of elections globally.

NZ & Pacific Islands

China, Iran and Russia conducting foreign interference in NZ

NZ Herald

Adam Pearse

The Security Threat Environment 2023 report, released this morning, canvasses threats to national security and provides more detail than what has previously been reported at an unclassified level by the NZ Security Intelligence Service. It discussed several factors impacting New Zealand’s national security, including violent extremism, foreign interference, strategic competition, declining social trust, technological innovation and global economic instability. The report highlighted foreign interference activities by three states: the People’s Republic of China, the Islamic Republic of Iran and Russia.

NZSIS's first unclassified threat assessment targets competition, public trust, technology

RNZ News

New Zealand's spy agency has for the first time published an unclassified threat assessment, highlighting rising global competition, falling public trust, technological innovation and global economic instability. They say these are the main factors driving the threats New Zealand collectively faces: violent extremism, foreign interference and espionage. The New Zealand Security Intelligence Service published the report on Friday as part of a drive to be more open about New Zealand's national security after the inquiry into the 2019 Christchurch terror attacks.

Big Tech

Twitter/X defends restoring account that shared child abuse material

The Guardian

Josh Taylor

The company formerly known as Twitter has faced heat from politicians in a combative hearing over X’s tackling of child abuse material, after the company restored an account that shared such material last month, despite claiming to have a ‘zero tolerance approach’. At the end of July, a rightwing influencer account with over half a million followers shared an image of child abuse material on X, stating it was to draw attention to child exploitation. It garnered more than 3m views and 8,000 retweets before it was taken down and the account was suspended.

Research

The future of the Christchurch call to action: How to build multistakeholder initiatives to address content moderation challenges

Ian Axford Fellowships in Public Policy

Rachel Wolbers

This report explores the challenges the New Zealand Government faced after the events in Christchurch on 15 March 2019, where a violent gunman killed 51 people and live-streamed his attack on social media. To find a long-term solution that ended the proliferation of this violent content while protecting human rights, the New Zealand Government decided to take a non-regulatory approach that worked alongside tech companies and civil society. The result was the creation of the Christchurch Call to Action, a multistakeholder initiative where governments and online platforms, working with civil society, committed to 25 goals to eliminate terrorist and violent extremist content while protecting a free, open, and secure internet.

“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping

Citizen Lab

Jeffrey Knockel, Zoë Reichert, and Mona Wang

In this report, we analyze Tencent’s Sogou Input Method, the most popular Chinese input method with over 455 million monthly active users and versions of the app for multiple platforms, including Windows, Android, and iOS. Sogou Input Method accounts for 70% of Chinese input method users, with products by iFlytek and Baidu taking second and third place, respectively. McAfee’s 2015 analysis previously observed that the Windows version of the app transmitted device identifiers in the clear without any encryption, but it did not analyze the safety of data transmitted by the app’s encryption system.

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.