Israel escalates surveillance of Palestinians with facial recognition program in West Bank | Suspected foreign hackers breach US gov't | US & EU make REvil ransomware arrests and seizures
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The Israeli military has been conducting a broad surveillance effort in the occupied West Bank to monitor Palestinians by integrating facial recognition with a growing network of cameras and smartphones, according to descriptions of the program by recent Israeli soldiers. The phone app flashes in different colors to alert soldiers if a person is to be detained, arrested or left alone. The Washington Post
Suspected foreign hackers have breached nine organizations in the defense, energy, health care, technology and education sectors -- and at least one of those organizations is in the US, according to findings that security firm Palo Alto Networks shared exclusively with CNN. CNN
The U.S and European Union announced seven arrests on Monday, with each person accused of deploying malicious software for REvil. NBC News
ASPI ICPC
Chinese tech companies appear to censor Uyghur and Tibetan
Protocol
Screen recordings shared by Fergus Ryan, a senior analyst with ASPI's International Cyber Policy Centre, showed that when he tried to type comments in Uyghur and Tibetan, he received error messages that read: "Comment contains sensitive information."
World
Ransomware crackdown spreads in U.S., Europe and Asia
NBC News
@kevincollier
The U.S and European Union announced seven arrests on Monday, with each person accused of deploying malicious software for REvil.
Australia
Labor wants new anti-scam centre and code of practice for fighting against scams
ZDNet
@campbell_kwan
Australia's Labor Party has called out the federal government, saying it has been slow to implement measures for fighting against scams.
NSW government to create quantum technology centre for its transport network
ZDNet
@campbell_kwan
Minister for Transport and Roads Rob Stokes said using quantum technology could allow New South Wales' transport network to become 'self-healing'.
China
In the Camps: Life in China’s High-Tech Penal Colony
Financial Times
@cdcshepherd
Byler’s conclusion is a reminder that China’s internment programme, which he calls the largest internment of a religious minority since the second world war, has global implications for surveillance and modern policing that should be considered in their own right. As such, Byler argues, those implicated in Xinjiang’s “penal colony” are not merely party officials but also the white-collar workers of China’s artificial intelligence start-ups or the Hong Kong boutique shops buying gloves sewn by Uyghur labourers. And also, by extension, western consumers, since Xinjiang now produces “around a quarter” of the world’s cotton.
China applies to join DEPA in boost for global digital trade
Global Times
Xie Jun
The formation of a digital trade order is an emerging front in standard-setting for cutting-edge technologies, and China’s recent application to join the Digital Economy Partnership Agreement between Singapore, Chile and New Zealand would boost the competition to set rules.
China says a foreign spy agency hacked its airlines, stole passenger records
The Record
@campuscodi
Chinese officials said last week that a foreign intelligence agency hacked several of its airlines in 2020 and stole passenger travel records...The MSS did not formally attribute the attack to any foreign agency or country.
Xi Jinping’s crackdown on Chinese tech firms will continue
The Economist
@donweinland
As the new year dawns, vast swathes of China’s economy have been hit by the regulatory crackdown. Xi Jinping, China’s president, is rewriting the rules for how the economy works, and how the data that companies collect is treated. That has meant striking down some of the country’s most prominent tycoons, such as Jack Ma, the founder of Alibaba, and forcing other groups, such as DiDi Global, a ride-hailing giant, into submission.
Selling China's Story: How the Chinese Gov't Privatized Facebook Propaganda
ChinaTalk
@BaughmanMM
An in-depth analysis of hundreds of Chinese public procurement documents shows that government agencies at all levels are increasingly hiring professional companies to take over their social media management and online discourse work – paying them to post positive stories about the government, local culture, economic growth, or other quasi-political aspects of life in China.
China's tech crackdown hit SoftBank like a 'big winter snowstorm'
CNN
@dikshamadhok
SoftBank is stuck in a "big winter snowstorm," founder and CEO Masayoshi Son said Monday, after a sweeping tech crackdown in China battered some of the Japanese company's key investments. SoftBank on Monday posted a loss of 397 billion yen ($3.5 billion) for the July-to-September quarter. Son said that the company's net asset value — which he says is a better indication of the firm's performance — fell by 6 trillion yen ($54.3 billion) to $187 billion. The reason for the hit? "In one word: Alibaba," said Son, during an earnings presentation which he opened with a picture of a blizzard. Alibaba was long the crown jewel of SoftBank's investment portfolio, and Son and Alibaba co-founder Jack Ma are close friends. The Japanese entrepreneur invested $20 million in Alibaba over 20 years ago, turning that bet into one that was worth $60 billion when Alibaba went public in 2014.
China Wants to Own Shipping's Digital Operating System
The Maritime Executive
Brian Gicheru Kinyua
The contours of shipping’s telecommunication technology have changed from the historical era of AT&T dominance and are shifting to a future one, which seems imprinted in China’s Digital Silk Road (DSR). DSR is the largest deployment of transnational digital infrastructure ever witnessed. Its backbone is thousands of miles of subsea fiber optic cables beneath the world’s oceans. The nerve center is China’s “Big Three” state owned telecommunications firms - China Telecom, China Unicom and China Mobile. They assist in carrying, storing and mining of data passing through the subsea cables encircling the earth, while at the same time keeping China’s networks out of foreigners’ reach.
USA
Hackers have breached organizations in defense and other sensitive sectors, security firm says
CNN
@snlyngaas
Suspected foreign hackers have breached nine organizations in the defense, energy, health care, technology and education sectors -- and at least one of those organizations is in the US, according to findings that security firm Palo Alto Networks shared exclusively with CNN.
US seizes $6 million in ransom payments and charges Ukrainian over major cyberattack
CNN
@ChrisCarrega @snlyngaas
Law enforcement officials seized an estimated $6 million in ransom payments and federal prosecutors charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration's pursuit of cybercriminals, the Justice Department announced Monday.
US charges 2, seizes more than $6 million as part of dragnet against REvil ransomware gang
CyberScoop
@AJVicens
The U.S. government announced a sweeping set of actions Monday targeting alleged REvil ransomware attackers in Europe, including an arrest, an indictment, seizure of more than $6 million in stolen money, and new sanctions against a cryptocurrency exchange service and companies that support it. Yaroslav Vasinksyi, 22 a Ukrainian national, was arrested Oct. 8 as he crossed the border into Poland at the behest of US authorities, CyberScoop first reported Nov. 2. Vaskinskyi is accused of writing the code behind REvil malware, also known as Sodinokibi, which has become among the most virulent ransomware strains in use.It's striking that of 4 main pillars of the Biden counter-ransomware strategy, it's going guns-a-blazing at 3 (going after hackers, int'l cooperation & making crypto payments harder) and struggling with 1 - Making U.S. institutions more resilient against hacking.AG Garland is closing his announcement re. the REvil indictments and clawing back $6 million in ransomware proceeds by calling for legislation to mandate that companies report ransomware attacks to government. He wants DOJ in the loop on those alerts. https://t.co/rMVZ8FgATiJoseph Marks @Joseph_Marks_
UNLEASHING THE U.S. MILITARY’S THINKING ABOUT CYBER POWER
War on the Rocks
M.A. Thomas
Military thinking about computers and networks began as part of a broader discussion of information in war that included both information for humans and signals for machines. Joint doctrine continues to tie cyber power to that discussion even as information was gradually narrowed to focus on information for humans, leaving cyber attacks with physical effects, like those on the water treatment plants, out of the discussion. Filing cyber power under “information” risks shaping how commanders understand what cyber power can do, how the military organizes itself to exercise cyber power, and where and how cyber power is included in planning and exercises. To ensure that the Department of Defense is poised to exploit and defend against the full range of cyber capabilities, cyber power should be considered independently of the broader discussion of information.
THE U.S. TREASURY IS BUYING PRIVATE APP DATA TO TARGET AND INVESTIGATE PEOPLE
The Intercept
@samfbiddle
The treasury department has in recent months expanded its digital surveillance powers, contracts provided to The Intercept reveal, turning to the controversial firm Babel Street, whose critics say it helps federal investigators buy their way around the Fourth Amendment.
North-East Asia
Evolving Australia–Japan cooperation in dealing with the ‘three Cs’
The Strategist
@YumaOsaki
In the Indo-Pacific region, cooperation between Australia and Japan has been where the action is. There are three defining challenges—the so-called three Cs—that these key US allies are facing: climate change, China and Covid-19.
South and Central Asia
Central Asian leaders want to tighten grip on social media. Russia’s playbook blazes the trail.
The Washington Post
@ikhurshudyan
The incident reflects a trend among Central Asian countries testing how far they can go to restrict Internet freedoms. Their fight with Big Tech comes as Central Asian governments increasingly balk at Western influence and instead take their cues from powers such as China, which is investing heavily in the region. Central Asia is also following the playbook of traditional ally Russia on Internet controls.
Europe
Five hackers linked to ransomware gang REvil arrested since Feb -Europol
Reuters
@mehta_chavi
Five hackers linked to ransomware group REvil and responsible for thousands of cyberattacks have been arrested since February, European Union's law enforcement agency Europol said on Monday.
Vestager’s Big Tech tactics face moment of truth with Google verdict
POLITICO
@simonvandorpe
In the first of three EU competition decisions against the U.S. search giant, Vestager in 2017 fined Google €2.4 billion for unfairly favoring its own shopping comparison service over rivals. It's the second-biggest antitrust fine ever imposed on a single company by Brussels, eclipsed only by the later Google Android case...After more than a decade of legal fights, following the first complaint against Google in 2010, the EU's lower court will now render its judgment. And the stakes are immense, both for Google and for Vestager.
Investigation services make record catch of cryptocurrencies of criminals
Netherlands News Live
Christopher Cloutier
Dutch investigative services have seized more than 25 million euros in crypto coins such as Bitcoin and Ethereum. Dozens of suspects are said to have laundered criminal earnings.
Russia
Russia fines Google again over banned content
Reuters
Alexander Marrow & Maria Vasilyeva
A Moscow court on Monday fined Alphabet Inc.'s (GOOGL.O) Google 2 million roubles ($28,085) for not deleting content that Russia deems illegal, part of a wider dispute between Moscow and the U.S. tech giant.
The Americas
Brazil’s Far-Right Disinformation Pushers Find a Safe Space on Telegram
The New York Times
@londonoe @FlaMilhorance @jacknicas
Shortly after President Donald J. Trump was banned from Twitter early this year, Brazil’s like-minded leader made a plea to his millions of followers on the site. “Sign up for my official channel on Telegram,” President Jair Bolsonaro requested. Since then, Telegram, an encrypted messaging and social media platform run by an elusive Russian exile, has racked up tens of millions of new users in Brazil. Its growing popularity in Brazil and elsewhere is being fueled by conservative politicians and commentators for whom it has become the most permissive disseminator of problematic content — including disinformation — in a social media ecosystem facing mounting pressure to combat fake news and polarization.
Middle East
Israel escalates surveillance of Palestinians with facial recognition program in West Bank
The Washington Post
@lizzadwoskin
The Israeli military has been conducting a broad surveillance effort in the occupied West Bank to monitor Palestinians by integrating facial recognition with a growing network of cameras and smartphones, according to descriptions of the program by recent Israeli soldiers. The surveillance initiative, rolled out over the past two years, involves in part a smartphone technology called Blue Wolf that captures photos of Palestinians’ faces and matches them to a database of images so extensive that one former soldier described it as the army’s secret “Facebook for Palestinians.” The phone app flashes in different colors to alert soldiers if a person is to be detained, arrested or left alone.
Palestinian activists’ mobile phones hacked by NSO spyware, says report
The Guardian
@skirchy @safimichael
The mobile phones of six Palestinian human rights defenders who work for organisations that were recently – and controversially – accused by Israel of being terrorist groups were previously hacked by sophisticated spyware made by NSO Group, according to a report. An investigation by Front Line Defenders (FLD), a Dublin-based human rights group, found that the mobile phones of Salah Hammouri, a Palestinian rights defender and lawyer whose Jerusalem residency status has been revoked, and five others were hacked using Pegasus, NSO’s signature spyware. In one case, the hacking was found to have occurred as far back as July 2020.
US sanctions Israel's NSO Group over Pegasus spyware
The Washington Post
@drewharwell @nakashimae @craigtimberg
The United States on Wednesday added the Israeli spyware company NSO Group to its “entity list,” a federal blacklist prohibiting the company from receiving American technologies, after determining that its phone-hacking tools had been used by foreign governments to “maliciously target” government officials, activists, journalists, academics and embassy workers around the world. The move is a significant sanction against a company spotlighted in July in an investigation by the global Pegasus Project consortium, which includes The Washington Post and 16 other news organizations worldwide.
Despite Abuses of NSO Spyware, Israel Will Lobby U.S. to Defend It
The New York Times
@ronenbergman @PatrickKingsley
Hacking software sold by the NSO Group, an Israeli surveillance firm, has been used to spy on journalists, opposition groups and rights activists. There have been so many accusations of abuse that the Biden administration slapped sanctions on the company last week. But the company’s biggest backer, the government of Israel, considers the software a crucial element of its foreign policy and is lobbying Washington to remove the company from the blacklist, two senior Israeli officials said Monday.
"There's not enough brutality.": Former TikTok moderator says workers were asked to leave up 'disturbing' violence against Palestinians
ABC News
@AvaniDias
TikTok moderators were asked not to remove content containing 'disturbing' attacks against Palestinian people despite the app's guidelines banning 'violence or suffering', a former employee has told Hack. In one of the only public interviews with a TikTok worker on record, the former moderator has given Hack a unique and exclusive insight into the company's notoriously secret processes around deciding what ends up in a user's feed. It is her personal account of what went on at the company. She said TikTok's own company guidelines, which say the app "takes a firm stance against enabling violence" and does not moderate content because of political sensitivities, were inconsistently applied when dealing with content about Palestinian people. It adds to growing accusations that the app is using its powerful algorithm to silence political movements.
Israel Approves Permits for Palestinian Workers for Tech Sector
Bloomberg
@OdenheimerAlisa
The Israeli cabinet approved for the first time on Sunday the issuing of a limited number of permits for Palestinians to work in the technology sector in Israel.
Africa
World Bank Group's IFC partners with South African tech group to boost digital infrastructure
Reuters
@Nqobile_D
The World Bank Group's International Finance Corporation (IFC) has partnered with South Africa's Liquid Intelligent Technologies to expand data centre capacity and roll out fibre-optic cable on the continent, the groups said in a joint statement on Monday. The link-up with Liquid Intelligent Technologies, formally Liquid Telecom, aims to increase digital connectivity in Africa and to support the region's growing digital ecosystem, the partners said.
Misc
Digital Diplomacy 4.0: Return of the Jedi?
TechCrunch
@TFletcher
As British ambassador to Lebanon, Tom Fletcher was one of the first ambassadors to “go digital.” Ten years on, he reflects on what the first wave of “technodiplomats” got right and wrong, and where digital diplomacy goes next.
Analysis | Space could be the next frontier for cyber threats
The Washington Post
@Joseph_Marks_
Cyber analysts are pushing the Department of Homeland Security to ramp up cyber protections for satellites and other space-based systems, which they say are far too vulnerable to hacks that could upend large parts of the economy...The danger has escalated as the number of space systems has proliferated and as more of it is being run by private companies such as Elon Musk’s SpaceX and Jeff Bezos’s Blue Origin. (Bezos owns The Washington Post).
Cleo Smith, Gabby Petito and viral crime on social media
The Strategist
@elisethoma5
The abduction and extraordinary rescue of Cleo Smith in Western Australia has played out as a dramatic and ultimately heart-warming story of dogged police work and a little girl returned to her family. For hundreds of thousands of social media users, however, her disappearance became a kind of true-crime whodunnit in which they could play detective in real time. Earlier this year, the case of 22-year-old American woman Gabby Petito went viral on social media. Her disappearance, the discovery of her body, the vanishing of her fiancé, Brian Laundrie, and the finding of his remains were picked up, pored over, repackaged and consumed as entertainment by millions of social media users across multiple channels.
Events
Committee on foreign interference presents draft report
European Parliament
@EP_Democracy @Kalniete
Rapporteur Sandra Kalniete (EPP, LV) presents her draft report on foreign interference and disinformation in the special committee INGE on Tuesday. Time: 9 November, 13:45-15:45. The draft report sets out the arenas, tools, and conduits of foreign interference and disinformation in the EU. It also recommends ways to combat interference and disinformation and to improve the efficacy of the EU response.
The Sydney Dialogue
ASPI
@ASPI_ICPC
The Sydney Dialogue is a world-first summit for emerging, critical and cyber technologies. Launching virtually on 17 November, the inaugural Sydney Dialogue will have an Indo-Pacific focus, featuring keynote addresses from Australia’s Prime Minister, Scott Morrison; India’s Prime Minister, Narendra Modi; and former Japanese Prime Minister, Shinzo Abe - as well as a number of panel discussions with experts from around the world. You will hear from political, technology, business and civil society leaders and - as well as the world’s best strategic thinkers - as they generate new ideas, work towards common understandings and formulate possible solutions to maximise the opportunities and minimise the negative consequences of the next wave of new technologies. Head on over to our brand new website to check out the line-up of events and speakers, and register for the virtual sessions you’d like to attend.
Research
Mapping the International 5G Standards Landscape and How It Impacts U.S. Strategy and Policy
Information Technology & Innovation Foundation
Alexandra Bruer @dmbrake
Standards-setting bodies for 5G technology appear to be working well, but U.S. policymakers are justifiably wary of China’s ambitions to manipulate the system. They should stay on guard and provide financial support for U.S. companies to participate.
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Unit 42 Palo Alto Networks
Robert Falcone, Jeff White & Peter Renals
On Sept. 16, 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) released an alert warning that advanced persistent threat (APT) actors were actively exploiting newly identified vulnerabilities in a self-service password management and single sign-on solution known as ManageEngine ADSelfService Plus. The alert explained that malicious actors were observed deploying a specific webshell and other techniques to maintain persistence in victim environments; however, in the days that followed, we observed a second unrelated campaign carry out successful attacks against the same vulnerability. As early as Sept. 17 the actor leveraged leased infrastructure in the United States to scan hundreds of vulnerable organizations across the internet. Subsequently, exploitation attempts began on Sept. 22 and likely continued into early October. During that window, the actor successfully compromised at least nine global entities across the technology, defense, healthcare, energy and education industries.
Jobs
ICPC Analyst & Project Manager - Coercive diplomacy
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an Analyst and Project Manager to manage, and help lead, a project on coercive diplomacy in the Indo-Pacific region... This new role will focus on analysis, workshops and stakeholder engagement centred around coercive diplomacy, including how countries in the Indo-Pacific can work together to tackle this complicated policy challenge.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.