Japan lashes out against alleged Chinese military cyberattacks | Facebook meets with Israeli and Palestinian officials | Europe wants Intel and TSMC to help bring chip-making back
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Usually a mundane affair, the weekly news conference by the National Public Safety Commission caused a stir recently among the global cybersecurity community after police chief Mitsuhiro Matsumoto officially identified China as responsible for a cyberattack on Japan. Nikkei Asia
Top Facebook lobbyists Nick Clegg and Joel Kaplan and several TikTok executives met over Zoom with Israeli Defense Minister Benny Gantz on Thursday evening to discuss the spread of misinformation and violent threats on the social network. Facebook's Clegg and Kaplan are expected to meet with the Palestinian Authority next week, the company said. POLITICO
Europe was naive to outsource so much of its semiconductor design and manufacturing in recent decades, a top government official said ahead of unveiling more details around plans to double the region’s chip production by 2030. European Industry Commissioner Thierry Breton said it was possible to redress the imbalance, and the global chip shortage hobbling carmakers and electronics suppliers was evidence that now is the time to act. South China Morning Post
ASPI ICPC
‘I can’t be that careless’: Australian Uyghur activist targeted online
The Guardian
@joshgnosis
A Uyghur activist in Australia who has been the target of cyber-attacks by hacker groups in China says the Australian government needs to do more to educate the Uyghur community in Australia to protect themselves online. Uyghur activists outside of China are frequently the target of hackers based in China…Tom Uren, a senior analyst with the Australian Strategic Policy Institute’s International Cyber Policy Centre, told Guardian Australia many people in the Uyghur community tended to learn about the cybersecurity threat through word of mouth, but that was why the hackers turned to alternative methods like “watering-hole attacks” – where the attacker makes a fake website to look like a website the target might visit and it contains malware. “If they’re doing that well, that’s why you might need the watering-hole attacks, because you’re not able to penetrate that operational security gap, so this is perhaps a different way to get onto those devices.”
China’s repression of Uyghurs is not only cultural, but also physical, a new report shows
The Washington Post
Evidence is emerging that China’s repression is not only cultural but also physical. In a report last year by researcher Adrian Zenz for the Jamestown Foundation, and in a new report this month by Nathan Ruser and James Leibold for the Australian Strategic Policy Institute, both based on China’s own government data, a precipitous drop in Uyghur birthrates is evident in areas of southern Xinjiang…It found China put in place “a more coercive and intrusive policing of reproduction processes” against the Uyghurs, with hefty fines, disciplinary punishment and extrajudicial internment or the threat of it for any “illegal births.”
For more read ASPI ICPC's report 'Family De-planning: The Coercive Campaign to Drive Down Indigenous Birth-rates in Xinjiang' here.
World
Developing countries sign Huawei deals despite US espionage warnings
Financial Times
US warnings of espionage by Huawei are failing to dissuade governments in Africa, Asia and Latin America from hiring the Chinese tech group for cloud infrastructure and e-government services, a study has found. The report by the Washington-based think-tank CSIS seen by the Financial Times identified 70 deals in 41 countries between Huawei and governments or state-owned enterprises for these services from 2006 to April this year.
Jacinda Ardern calls for ‘ethical algorithms’ to help stop online radicalisation
The Guardian
Tech companies need to make more progress on algorithms that can drive social media users to become radicalised, New Zealand’s prime minister, Jacinda Ardern, has said.
Why more countries want Twitter and Facebook to hire local staff
Rest of World
@telliotter
Now, in an effort to gain greater control over social media platforms, governments around the world are enacting laws requiring that tech platforms appoint in-country representatives and store user data locally. That can put individual representatives like Dzodan in the crosshairs of governments seeking to exert pressure on multinational platforms such as Facebook and Twitter.
Australia
Ransomware attacks are surging, but governments are too conflicted to do anything other than sound warnings
Crikey
Bernard Keane
While ransomware attacks are multiplying rapidly for private corporations, don't expect our cybersecurity agencies to do much other than warn about them. In fact, they remain a core part of the problem of what will become a key element of 21st century life -- the vulnerability of even the largest corporations to being locked out of their own data and systems.
Aged 10, he was found on Fortnite and groomed on Snapchat, and he’s not alone
The Sydney Morning Herald
Wendy Tuohy
Reports of blackmail, extortion and threats to children to coerce them into generating sexual abuse images and live-streaming of sexual acts, often done at home and sometimes with parents audible in adjacent rooms, have all increased, which is consistent with advice from Australia’s office of eSafety and reports from safety consultants. eSafety Commissioner Julie Inman Grant says there has been a 90 per cent increase in reports of online child sex abuse to her office since the pandemic started.
ASIO’s bid to counter attempts to steal our Covid secrets
The Australian
Australia’s domestic spy agency will move to an artificial intelligence war footing in a technology arms race against the nation’s adversaries.
Read Danielle Cave’s 2020 Foreign Affairs essay ‘Data driven: How Covid-19 and cyberspace are changing spycraft’ in the book Spy vs Spy: The new age of espionage here.
At least Elbit Systems has a great lobbyist
Australian Financial Review
@myriamrobin
A “backdoor” security vulnerability reportedly uncovered by the Australian Signals Directorate has apparently led to the Department of Defence no longer using the battle management software supplied by Israeli defence contractor Elbit Systems (for which it has no replacement).
China
China says Xiaomi removal from U.S. blacklist "beneficial"
AP News
China’s commerce ministry on Thursday welcomed the removal of Xiaomi Corp. from a U.S. government blacklist, a day after the U.S. reversed a ban on U.S. investments in the smartphone maker that was imposed under former President Donald Trump.
China to restrict mobile app news notifications in internet clampdown
Reuters
China's internet watchdog said on Saturday that it will ban some mobile app notifications and tighten regulations as the government ramps up a campaign to rein in the growing influence of internet companies over its citizens' daily lives.
2 million posts deleted for ‘historical nihilism’ as party centenary nears
South China Morning Post
@junmai1103
China’s internet regulator has said it has overseen the deletion of more than 2 million posts containing “harmful” discussion of history, amid preparations to mark the Communist Party’s centenary in July. “For a while, some people have disseminated harmful information with historical nihilism on the internet, under the guise of reflection and declassification,” said Wen Youhua, a division director at the Cybersecurity Administration of China (CAC), during a press conference in Beijing on Saturday.
Student’s Death in China Spurs Questions About Surveillance
The Wall Street Journal
@joshchin
A high-school student’s death in Chengdu, in southwestern China, has set off a wave of public outrage on social media over control of video footage in a country subject to millions of surveillance cameras.
Blistering report alleges Chinese solar panel supply chain tainted by forced labor
CNN
@claresduffy
The report published Friday — titled "In Broad Daylight: Uyghur Forced Labor and Global Solar Supply Chains" — presents evidence of a troubling reality: that components for clean energy may be created with dirty coal and forced labor. An advance copy of the report was shared exclusively with CNN Business.
Chinese-made vaccines are being subject to misleading narratives
First Draft
@cytkeenan
China has been criticized for failing to provide sufficient data about its homegrown vaccines, and for attacking vaccines made by US and European pharmaceutical companies with unsubstantiated claims and even conspiracy theories. Research earlier this year pointed to a network of pro-China social media accounts disseminating vaccine disinformation. At the same time, Chinese-made vaccines have been the subject of misleading narratives, which could undermine confidence in them.
USA
Hackers post hundreds of pages of purported internal D.C. police documents
The Washington Post
@phscoop @DDaltonBennett
Hackers who infiltrated the D.C. police department’s computer network have posted a trove of purported department documents, including some containing information related to street crews and others with raw intelligence on threats following the Jan. 6 attack on the U.S. Capitol. The overnight data dump by the group called Babuk apparently came after negotiations with District officials broke down. The group, which made its theft of documents known last month, had already made public some internal files dealing with job candidates.
University Researcher Sentenced to Prison for Lying on Grant Applications to Develop Scientific Expertise for China
Department of Justice
An Ohio man and rheumatology professor and researcher with strong ties to China was sentenced to 37 months in prison for making false statements to federal authorities as part of an immunology research fraud scheme. As part of his sentence, Zheng was also ordered to pay more than $3.4 million in restitution to the National Institute of Health (NIH) and approximately $413,000 to The Ohio State University.
A 'deepfake' of a vaping teen is at the center of a harassment case—but what if it's not faked?
The Daily Dot
@MikaelThalen
Experts doubt that artificial intelligence was used to create a video police are calling a 'deepfake' at the center of a harassment case.
Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity
The New York Times
@SangerNYT @nicoleperlroth
The hack underscored how vulnerable government and industry are to even basic assaults on computer networks.
Elliptic Follows the Bitcoin Ransoms Paid by Colonial Pipeline and Other DarkSide Ransomware Victims
elliptic.co
Dr. Tom Robinson
Elliptic has identified the Bitcoin wallet used by the DarkSide ransomware group to receive ransom payments from its victims, based on our intelligence collection and analysis of blockchain transactions. This wallet received the 75 BTC payment made by Colonial Pipeline on May 8, following the crippling cyberattack on its operations - leading to widespread fuel shortages in the US. The wallet has been active since 4th March 2021 and has received 57 payments from 21 different wallets. Some of these payments directly match ransoms known to have been paid to DarkSide by other victims, such as 78.29 BTC (worth $4.4 million) sent by chemical distribution company Brenntag on May 11.
We Found Joe Biden’s Secret Venmo. Here’s Why That’s A Privacy Nightmare For Everyone.
BuzzFeed News
@RMac18 @katienotopoulos @ryanbrooks @_loganmcdonald
The peer-to-peer payments app leaves everyone from ordinary people to the most powerful person in the world exposed.
Activists and Ex-Spy Said to Have Plotted to Discredit Trump ‘Enemies’ in Government
The New York Times
@adamgoldmanNYT @MarkMazzettiNYT
The campaign included planned operations against President Trump’s national security adviser at the time, H.R. McMaster, and F.B.I. employees, according to documents and interviews.
North-East Asia
Japan lashes out against alleged Chinese military cyberattacks
Nikkei Asia
Yuichi Sakaguchi
Usually a mundane affair, the weekly news conference by the National Public Safety Commission caused a stir recently among the global cybersecurity community after police chief Mitsuhiro Matsumoto officially identified China as responsible for a cyberattack on Japan.
Former KMT aides sentenced for espionage
Taipei Times
@Jason Pan
Prosecutors in August last year charged former aides Lin Yung-ta, Chen Wei-jen and Lee Yi-hsien with stealing classified materials from lawmakers at the legislature and passing them on to their Chinese handler, and for allegedly trying to hack into President Tsai Ing-wen’s medical records..Evidence showed that Chen in 2017 offered money to a computer technician working for a government contractor to hack into the National Health Insurance database to obtain medical records and personal information about Tsai and other top officials.
South and Central Asia
India's DoT tries to debunk coronavirus 5G link
Light Reading
@Gagandeep Kaur
In a bid to address growing rumors blaming 5G trials for the second coronavirus surge in India, the Department of Telecommunications (DoT) has issued a press note asserting that there is no link. "The claims linking the 5G technology with the COVID-19 pandemic are false and have no scientific basis. Moreover, it is informed that the testing of the 5G network has not yet started anywhere in India," says the press note issued by the DoT. "Hence, the claim that 5G trials or networks are causing coronavirus in India is baseless and false."
For more read ASPI ICPC’s 2020 report ‘Critical technologies and the Indo-Pacific: A new India–Australia partnership’ here.
Ethereum’s Co-Founder Vitalik Buterin Donates Over $1 Billion To India Covid Relief Fund And Other Charities
Forbes
@ninabambysheva
Buterin made sizable donations to a range of charities on Wednesday afternoon, after selling large amounts of dog-themed meme cryptocurrencies given to Buterin by their developers.
UK
UK accuses Russia and China of using cyberattacks to ‘ransack’ West
POLITICO
Cristina Gallardo
Beijing and Moscow are using cyberattacks to “sabotage, steal and ransack” and to “control and censor” their own citizens, Britain’s foreign secretary said Wednesday. In a speech to the Cyber UK annual conference Wednesday, Dominic Raab contrasted “authoritarian regimes” such as China, Russia, North Korea and Iran with Britain’s own system of “democratic oversight and accountability.”
Improbable founder's battle to transform the world of video games
The Telegraph
James Cook
Military commanders use Improbable’s technology to plan out battles, adjusting factors such as the amount of ammunition carried by troops and even potential social media posts about battles to see how they might impact events on the ground. The business has hired three former senior US armed forces officials as it plans to expand its defence business in that region after earning more than £25m in revenues from the British Army.. Picking up future defence contracts in the US may prove awkward for Improbable, however, as Chinese technology giant NetEase owns 5pc of the company. Improbable also operates an office in Guangzhou which Narula says does not work on any defence projects.
China swoops on London-listed lithium miner
The Telegraph
Ministers urged to block potential takeover of Bacanora Lithium by Gangfeng as fears mount over Beijing's control of rare earths.
BT's $700 Million Job to Rip-And-Replace Huawei 5G Begins Here
Bloomberg
@TW_Seal
Telecom engineers in hard hats and fluorescent jackets spent a decade scaling buildings to install Huawei Technologies Co. equipment across the U.K. Now, starting atop the Muswell Court tower block in Hull, they’re beginning a seven-year and $700 million task of ripping it all down because of a U.S.-led campaign against the Chinese company. Hull is the first British city where Huawei will be eradicated from the country’s biggest network, BT Group Plc. The London-based company said it’s on track to cut out all of Huawei’s equipment there by July, substituting in components from Nokia Oyj.
Train Workers’ Covid Bonus Offer Turns Out to Be a Phishing Test
The New York Times
@bellakwai
As pandemic-related scams rise, experts say companies should tread carefully with cybersecurity exercises like one that has prompted anger in Britain.
Europe
Europe aims to bring back chip-making after being ‘too naive, too open’
South China Morning Post
Europe was naive to outsource so much of its semiconductor design and manufacturing in recent decades, a top government official said ahead of unveiling more details around plans to double the region’s chip production by 2030. European Industry Commissioner Thierry Breton said it was possible to redress the imbalance, and the global chip shortage hobbling carmakers and electronics suppliers was evidence that now is the time to act.
Intel seeks $10 bln in subsidies for European chip plant
Reuters
Intel (INTC.O) wants 8 billion euros ($9.7 billion) in public subsidies towards building a semiconductor factory in Europe, its CEO was cited as saying on Friday, as the region seeks to reduce its reliance on imports amid a shortage of supplies.
German regulator bans Facebook from processing WhatsApp user data
Reuters
@Douglas Busvine
Germany's lead data protection regulator for Facebook (FB.O) is banning the social network from processing personal data from WhatsApp users because it views the messaging app's new terms of use as illegal, it said on Tuesday.
Irish health system says it's targeted in ransomware attack
AP News
Ireland’s health service shut down its IT systems on Friday after being targeted in what it called a “significant ransomware attack.” The Health Service Executive said the move was a precaution, and appointments for coronavirus vaccinations were not affected.
Russia
Middle East
Facebook meets with Israeli and Palestinian officials to discuss online hate speech, threats as violence escalates
POLITICO
@birnbaum_e
Facebook is engaging with both Israel and Palestinian officials on the spread of hate speech and incitements to violence on the platform amid the region's escalating conflict.
A Press Corps Deceived, and the Gaza Invasion That Wasn’t
The New York Times
@halbfinger
The Israeli military abruptly announced after midnight on Friday that its ground forces had begun “attacking in the Gaza Strip,” saying it on Twitter, in text messages to journalists, and in on-the-record confirmations by an English-speaking army spokesman. Several international news organizations, including The New York Times, immediately alerted readers worldwide that a Gaza incursion or invasion was underway, a major escalation of Israeli-Palestinian hostilities. Within hours, those reports were all corrected.. by Friday evening, several leading Israeli news outlets were reporting that the incorrect announcement was no accident, but had actually been part of an elaborate deception.
Facebook’s Secret Rules About the Word “Zionist” Impede Criticism of Israel
The Intercept
@samfbiddle
Facebook’s secret internal rules for moderating the term “Zionist” let the social network suppress criticism of Israel amid an ongoing wave of Israeli abuses and violence, according to people who reviewed the policies.
Syria’s Surprising Solar Boom: Sunlight Powers the Night in Rebel Idlib
The New York Times
@NYTBen
Cut off from the power grid and with fuel costs soaring, Syrians in a poor, embattled enclave have turned en masse to solar panels to charge their phones and light their homes and tents.
Iran Floods Clubhouse to Drown Out Debate
The Wall Street Journal
@SuneEngel @Aresu Eqbali
Authoritarian rulers have clamped down on dissidents trying to organize online in recent years, with some attempting to emulate the firewall that insulates China’s homegrown web from the world outside. Iran has taken a different approach. Knowing its filters aren’t enough to keep Iranians off global social-media platforms, it floods them with propaganda, aiming to turn them to its advantage. The latest is Clubhouse.
Misc
The Assorted Teachings of Dogecoin
The New York Times
@jwherrman
Created as a cryptocurrency parody in 2013, Dogecoin languished for years. Then, in 2021, it went absolutely wild. What have its holders learned?
Privacy activists are winning fights with tech giants. Why does victory feel hollow?
The Guardian
Evgeny Morozov
Perhaps we wasted energy achieving privacy concessions, when we should have been building a more foundational critique of the power of big tech
12 Influencers Are Behind Most Anti-Vax Hoaxes On Social Media, Surprise Research Reveals
Huffington Post
@blatherat
Big Tech needs to take more decisive action against the "Disinformation Dozen," says the group that identified them.
This facial recognition website can turn anyone into a cop — or a stalker
The Washington Post
@drewharwell
While most facial recognition tools are reserved for police or government use, PimEyes is open to the masses, whether they’re hunting down U.S. Capitol riot suspects or stalking women around the Web.
Confronting Disinformation Spreaders on Twitter Only Makes It Worse, MIT Scientists Say
VICE
Matthew Gault
Twitter is a hellscape and it only gets worse when you point out some is sharing bad information.
Clubhouse to launch Android app worldwide in a week
TechCrunch
@refsrc
Voice social network Clubhouse said on Sunday it will expand its Android app worldwide in a week, days after launching a beta version of its service on Google-owned mobile operating system for users in the U.S.
The Untold Story of the NFT Boom
The New York Times
Clive Thompson
Digital creators used the blockchain to create a whole new art scene. Then their work started selling for thousands — sometimes millions of dollars.
Events
Research
NSA, ODNI and CISA Release 5G Analysis Paper
National Security Agency Central Security Service
The National Security Agency (NSA), in partnership with the Office of the Director of National Intelligence (ODNI), and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), published an analysis paper today which identifies and assesses risks and vulnerabilities introduced by 5G adoption. The Potential Threat Vectors to 5G Infrastructure analysis paper informs national 5G stakeholders of these issues to develop a comprehensive approach to solutions.
Jobs
International Cyber Policy Centre – Strategic engagement, program & research coordinator
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding early career role for a talented and proactive individual to support senior centre staff on strategic engagement, program and research coordination.