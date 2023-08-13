Good morning. It's Monday 14th August.

The Japanese government plans to build an information network spanning the Indo-Pacific region to counter cyberattacks from such places as Russia and China, with a focus on providing support to Pacific island countries that have weak countermeasures, Nikkei has learned. Signs of attacks and their methods would be shared on the network. Japan envisions being a bridge between the U.S., Australia, and other advanced regional countries on one side and emerging and developing countries on the other. Nikkei Asia

New Zealand’s primary national intelligence agency on Friday accused China of “ongoing activity in and against New Zealand” in an unclassified report describing the country’s threat environment. The 53-page report from the NZ Security Intelligence Service described the Chinese activity as “a complex intelligence concern for New Zealand,” with the agency noting that “groups and individuals” linked to Chinese intelligence were continuing to target New Zealand’s diverse ethnic Chinese communities. The Record by Recorded Future

Russian hackers targeting Ukraine have pivoted away from disruptive attacks and are increasingly focusing on collecting data of use to Russian forces on the battlefield, Victor Zhora, a top Ukrainian cybersecurity official, said during a panel appearance at the Black Hat security conference in Las Vegas. Some 15 months since Russian forces invaded Ukraine, Zhora has observed “a shift from disruptive and chaotic attacks to more focused activity, cyber espionage and data collection.” CyberScoop

ASPI

Report warns of mysoginistic incel violence threat

ABC

Tom Melville and Alexandra Humphries

There are warnings that mysoginist hate speech is intensifying in Australia, with a new study showing a small group who identify as incel - or involuntarily celibate - may pose a risk. Researchers are calling for violent incel mysoginy to be recognised as a form of ideological extremism, because of the threat to national security. Featuring Dr John Coyne, Australian Strategic Policy Institute.

World

Australia

Services Aust shuts down questions on its use of spyware

InnovationAus

Joseph Brookes

Services Australia has declined to tell Parliament what data it is collecting with controversial Israeli spyware and confirmed it has never been knocked back from a warrant to deploy it, including 16 in the last year.

Parents and teachers alerted over chatbot child abuse

The Australian

Natasha Bita

Pedophiles could use artificial intelligence chatbots to groom children for sexual abuse, Australia’s eSafety Commissioner has warned schools and parents. Julie Inman Grant, the federal government’s online safety watchdog, called for tough rules over the use of generative AI, which can mimic human speech and writing and generate deep fake photos and videos. The eSafety Commissioner warned that children using AI chatbots can be exposed to sexual or violent content.

TikTok GST fraud hit on Tax Office blows out to $4.6b

Australian Financial Review

Neil Chenoweth

The Tax Office has admitted paying out more than $1.6 billion in fake GST claims as part of a $4.6 billion fraud based on a simple scheme promoted on social media platform TikTok – a total that is twice previous reports and the biggest tax fraud in Australian history. The fraud was uncovered by Westpac and other banks, some of which passed on a series of alerts to the Tax Office from 2020. But after being frustrated by the apparent lack of action by the Tax Office, some bank staff shared their concerns informally with the Reserve Bank, which then alerted Treasury and the Tax Office in February last year.

Shorten sticks it to big IT vendors over digital identity stalling

The Mandarin

Julian Bajkowski

Minister for government services Bill Shorten has taken the cudgels to Canberra’s incumbent technology big vendor community, telling it that the Albanese government won’t stand for long-term lock-ins and intends to build its own cadre of tech troops to deliver user-centric services and digital identity. In a speech clearly intended to draw a line under the ingrained technological ineptitude and drift of the last Morrison government, where opportunistic and uncritical solutionism was fused with largely naked self-interest, Shorten made it clear that so-called policy architects will soon need to carry a supply of plastic bags to clean up after their dogs.

China

China accuses US of trying to block its development and demands that technology curbs be repealed

The Associated Press

Joe McDonald

China accused Washington on Thursday of trying to block its development after President Joe Biden stepped up a feud over technology and security by tightening controls on U.S. investments that might help Beijing develop its military. The Foreign Ministry accused the Biden administration of pursuing “technology hegemony” and demanded Washington “immediately revoke its erroneous decision.” It warned that the latest restrictions in a spreading conflict over Beijing’s industrial development would hurt global supply chains.

USA

Top U.S. cyber official offers 'stark warning' of potential attacks on infrastructure if tensions with China escalate

NBC News

Kevin Collier

China’s hackers have been positioning themselves to conduct destructive cyberattacks on U.S. critical infrastructure, a top U.S. cyber official warned Saturday. Speaking at a panel at the Def Con hacker conference in Las Vegas, Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Agency, said, “I hope that people are taking seriously a pretty stark warning about the potential for China to use their very formidable capabilities in the event of a conflict in the Taiwan straits to go after our critical infrastructure.” Such attacks would reflect a significant pivot from the type of cyber activity historically attributed to China, which for years has largely consisted of a barrage of espionage and theft of data but not destructive attacks designed to harm systems.

A DuPont China deal reveals cracks in U.S. national-security screening

The Wall Street Journal

Kate O’Keeffe and Aruna Viswanatha

U.S. officials forged an uneasy compromise to let DuPont sell its sustainable-materials business last year to a Chinese company while ensuring the technology behind it never left the U.S. The arrangement hasn’t worked as planned, according to people familiar with the matter, exposing flaws in a national-security review process on the front lines of a battle over technology between the U.S. and China—and ultimately prompting an investigation by the FBI.

White House is fast-tracking executive order on artificial intelligence

CyberScoop

Elias Groll

The Biden administration is expediting work to develop an executive order to address risks posed by artificial intelligence and provide guidelines to federal agencies on how it might be used, Arati Prabhakar, director of the White House Office of Science Technology and Policy, told CyberScoop on the sidelines of the DEF CON security conference. As generative AI tools such as ChatGPT have become widely available, Prabhakar said that President Biden has grown increasingly concerned about the technology and that the administration is working rapidly to craft an executive order that will provide guidance to federal agencies on how best to use AI.

Microsoft’s role in email breach to be part of cyber inquiry

Bloomberg

William Turton and Dina Bass

A US cybersecurity advisory panel will investigate malicious targeting of cloud computing environments, including Microsoft Corp.’s role in a recent breach of government officials’ email accounts by suspected Chinese hackers, the Department of Homeland Security confirmed on Friday. The review by the Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on approaches cloud service providers, the government and industry should employ to strengthen identity management and authentication in the cloud, according to a DHS statement.

How the FBI goes after DDoS cyberattackers

TechCrunch

Lorenzo Franceschi-Bicchierai

In 2016, hackers using a network of compromised internet-connected devices — vulnerable security cameras and routers — knocked some of the then biggest websites on the internet offline for several hours. Twitter, Reddit, GitHub and Spotify all went down intermittently that day, victims of what was at the time one of the largest distributed denial-of-service attacks in history. DDoS is a form of cyberattack where bad actors flood websites with malicious traffic with the goal of taking them offline. DDoS attacks had existed for years before 2016, but the fact that this one incident took down so many major services drew the attention of people who didn’t know much about cybersecurity.

Robotaxis can now work the streets of San Francisco 24/7

WIRED

Aarian Marshall

California today cleared all-day paid robotaxi service in San Francisco—with unlimited fleets of self-driving cars. Soon, anyone in the city might be able to hail a driverless car with a few taps of a phone. And San Francisco cab and ride-hail drivers will have new, automated competition. The 3-1 vote by the California Public Utilities Commission came in response to applications from Cruise, backed by General Motors, and Waymo, a subsidiary of Alphabet. It was taken in a packed San Francisco hearing room after a marathon six-hour public comment session, over strenuous objections from San Francisco officials and some vocal residents. They urged the CPUC to deny any expansion, saying that even after years of testing on the city’s winding, foggy, and sometimes chaotic streets, the vehicles are not ready for prime time.

Americas

As free press withers in El Salvador, pro-government social media influencers grow in power

The Associated Press

Megan Janetsky

Douglas Guzmán’s TikTok feed was dotted with workout routines and videos showcasing his favorite parts of his country. That changed about a year ago, as rights groups, civil society and even some officials criticized El Salvador’s President Nayib Bukele for violating human rights in his crackdown on criminal gangs, and said that his unconstitutional bid for re-election would corrode the country’s democracy.

Foreign interference inquiry must get access to all cabinet confidences, former spies say

The Globe and Mail

Robert Fife and Steven Chase

An organization representing retired Canadian spies says a public inquiry into Beijing foreign-interference operations must be given access to all cabinet documents and transcripts of discussions to determine whether Prime Minister Justin Trudeau was ever informed of China’s attempts to meddle in the 2019 and 2021 elections. The Pillar Society, which represents retired Canadian Security Intelligence Service officers and former members of the RCMP Security Service, has joined calls for a public inquiry and expressed concern that further delay could end up scuttling one.

North Asia

Japan to develop generative AI to speed scientific discovery

Nikkei Asia

Ryosuke Matsuzoe

Japan's education ministry plans to develop a generative artificial intelligence program that produces medical and scientific hypotheses by learning from research papers and images of experiments, Nikkei has learned. Relying on foreign technology could lead to technology leaks. By developing homegrown technology, the Ministry of Education, Culture, Sports, Science and Technology hopes to ensure data safety and raise national competitiveness.

Southeast Asia

Fake news peddlers boost support for China amid incursion in WPS

NBC News

Charie Abarca

Coast Guard Spokesperson for the West Philippine Sea Commodore Jay Tarriela said fake news peddlers are among the reasons why some Filipinos are siding with the Chinese government despite its continued incursion in the West Philippine Sea. The Coast Guard official said these fake news peddlers are the ones who are actively sharing posts on Facebook and Twitter to sway Filipinos into believing that China is on the right side of history.

Ukraine - Russia

Ukrainian official: Russian hackers change tactics from disruptive attacks

CyberScoop

Christian Vasquez

Russian hackers targeting Ukraine have pivoted away from disruptive attacks and are increasingly focusing on collecting data of use to Russian forces on the battlefield, Victor Zhora, a top Ukrainian cybersecurity official, said during a panel appearance at the Black Hat security conference in Las Vegas. Some 15 months since Russian forces invaded Ukraine, Zhora has observed “a shift from disruptive and chaotic attacks to more focused activity, cyber espionage and data collection.”

Back in the trenches: Why new technology hasn’t revolutionized warfare in Ukraine

Foreign Affairs

Stephen Biddle

The war in Ukraine is being waged with a host of advanced technologies, from remotely operated drones to space-based surveillance, precision weapons, hypersonic missiles, handheld jammers, artificial intelligence, networked communications, and more. Many argue that this array is transforming warfare, with omnipresent surveillance combining with newly lethal weapons to make legacy systems such as the tank obsolete and to make traditional methods such as large-scale offensive action impractical. But in many ways, this war seems quite familiar.

Inside Russia's attempts to hack Ukrainian military operations

NPR

Jenna McLaughlin

Ukrainian intelligence officials have revealed details to NPR about an attempt by Russian state hackers to penetrate Ukrainian military planning operations systems. The hackers from Russian military intelligence captured Android tablet devices used by Ukrainian officers on the front lines in an attempt to spy, according to a report published by the Security Service of Ukraine's Cyber Security Situation Center.

Russia is replicating Iranian drones and using them to attack Ukraine

The New York Times

John Ismay

Russia has begun making copies of attack drones it acquired from Iran last year and is using them in combat against Ukrainian forces despite sanctions imposed to cripple the country’s weapons production, according to a report issued Thursday by a weapons research group. The researchers traveled to Kyiv in late July and inspected the wreckage of two attack drones that were used in combat in southeastern Ukraine. Both appeared to be Iranian Shahed-136s, but they contained electronic modules that match components previously recovered from Russian surveillance drones, according to the report.

Microsoft to freeze license extensions for Russian companies

The Record by Recorded Future

Daryna Antoniuk

Microsoft will stop renewing licenses for its products to Russian companies starting in October following sanctions imposed against Russia due to the war in Ukraine. The U.S. software giant said in a letter sent to Russian businesses on Thursday that it will no longer process payments via wire transfer to a local bank account for its services in Russia. Microsoft customers now have two months to find an alternative vendor.

Europe

Chip shortage in Germany's car industry will last years - Audi manager

Reuters

Riham Alkousaa

Semiconductor shortages that have created bottlenecks for Germany's car industry will take years to resolve despite chipmakers' plans to build factories in the country, a senior Audi manager was quoted as saying on Friday. German automakers and electronics producers have been hit hard by manufacturing delays, caused by a global shortfall of chips. Executives and policymakers are re-thinking supply lines and trying to reduce reliance on a handful of Asian and U.S. chip suppliers.

UK

Why US tech giants are threatening to quit the UK

BBC

Zoe Kleinman

The Online Safety Bill is due to pass in the autumn. Aimed at protecting children, it lays down strict rules around policing social media content, with high financial penalties and prison time for individual tech execs if the firms fail to comply. One clause that has proved particularly controversial is a proposal that encrypted messages, which includes those sent on WhatsApp, can be read and handed over to law enforcement by the platforms they are sent on, if there is deemed to be a national security or child protection risk.

Can Britain recreate a microchip industry worth its salt?

The Guardian

Richard Partington

Britain is again pushing into microtechnology amid an investment subsidy arms race involving the US, EU and China. After the world was hit by crippling semiconductor shortages during Covid, billions of dollars are being pumped into developing domestic production to keep supplies of these ubiquitous components flowing. The White House last week revealed plans to ban US investment in advanced Chinese microconductors, while in May, China said chips from US manufacturer Micron were a security risk. In the UK, Rishi Sunak’s government announced plans in May to invest £1bn over 10 years in semiconductor research, design and production. However, his plan risks being blown out of the water by the vast subsidies on offer elsewhere, including Joe Biden’s $52bn (£41bn) Chips Act, and €43bn (£37bn) of EU subsidies.

Africa

LGBTQ+ people in Ethiopia blame attacks on their community on inciteful and lingering TikTok videos

The Associated Press

Cara Anna

Members of Ethiopia’s LGBTQ+ community say they face a wave of online harassment and physical attacks and blame much of it on the social media platform TikTok, which they say is failing to take down posts calling for homosexual and transgender people to be whipped, stabbed and killed. A local LGBTQ+ support group, House of Guramayle, said that some TikTok users are also outing Ethiopians by sharing their names, photographs and online profiles on one of the country’s most popular social media platforms.

Middle East

Iraq to unblock Telegram app as platform responded to security requirements -statement

Reuters

Amina Ismail

Iraq's telecoms ministry said it will lift a ban on the Telegram messaging app on Sunday, which was imposed earlier this week, citing security concerns and data leaks of official state institutions and citizens. The app is widely used in Iraq for messaging but also as a source of news and for sharing content. Some channels contain large amounts of personal data including the names, addresses and family ties of Iraqis.

NZ & Pacific Islands

New Zealand intelligence report accuses China of cyber-enabled interference

The Record by Recorded Future

Alexander Martin

New Zealand’s primary national intelligence agency on Friday accused China of “ongoing activity in and against New Zealand” in an unclassified report describing the country’s threat environment. The 53-page report from the NZ Security Intelligence Service described the Chinese activity as “a complex intelligence concern for New Zealand,” with the agency noting that “groups and individuals” linked to Chinese intelligence were continuing to target New Zealand’s diverse ethnic Chinese communities.

Gender & Women in Tech

These women tried to warn us about AI

Rolling Stone

Lorena O’Neil

Timnit Gebru didn’t set out to work in AI. At Stanford, she studied electrical engineering — getting both a bachelor’s and a master’s in the field. Then she became interested in image analysis, getting her Ph.D. in computer vision. When she moved over to AI, though, it was immediately clear that there was something very wrong. “There were no Black people — literally no Black people,” says Gebru, who was born and raised in Ethiopia. “I would go to academic conferences in AI, and I would see four or five Black people out of five, six, seven thousand people internationally.… I saw who was building the AI systems and their attitudes and their points of view. I saw what they were being used for, and I was like, ‘Oh, my God, we have a problem.’”

Big Tech

Microsoft finds vulnerabilities it says could be used to shut down power plants

ArsTechnica

Dan Goodin

On Friday, Microsoft disclosed 15 high-severity vulnerabilities in a widely used collection of tools used to program operational devices inside industrial facilities such as plants for power generation, factory automation, energy automation, and process automation. The company warned that while exploiting the code-execution and denial-of-service vulnerabilities was difficult, it enabled threat actors to “inflict great damage on targets."

Billions of Intel CPUs are leaking passwords and killing performance

Digital Trends

Monica J. White

A scary vulnerability has recently been discovered in some Intel processors, and while the best CPUs are not affected, billions of chips could be. According to the researcher who first spotted the Downfall vulnerability, “everyone on the internet is affected.” This is made worse by the fact that a skilled hacker could steal some of the most sensitive data from affected computers, including passwords.

Artificial Intelligence

Quantum computing could give AI the rocket fuel it needs to become transformative, but it’s not there yet

South China Morning Post

Mike Hodgkinson

The tech story of the century so far has been the mainstream arrival of generative artificial intelligence, which drives the uncanny capabilities of systems such as ChatGPT, and is fast being absorbed into our everyday lives. Whether to mimic human creativity, double as empathetic counsellor or eliminate clerical drudgery, generative AI has delivered an unprecedented surge in excitement for its potential benefits. Of equal concern are possible negatives: catastrophic job losses, widespread disinformation, and even – at the wildly unsettling end of the scale – human extinction.

The case against AI everything, everywhere, all at once

Time

Judy Estrin

I cringe at being called “Mother of the Cloud," but having been part of the development and implementation of the internet and networking industry—as an entrepreneur, CTO of Cisco, and on the boards of Disney and FedEx—I am fortunate to have had a 360-degree view of the technologies that are at the foundation of our modern world. I have never had such mixed feelings about technological innovation. In stark contrast to the early days of internet development, when many stakeholders had a say, discussions about AI and our future are being shaped by leaders who seem to be striving for absolute ideological power. The result is “Authoritarian Intelligence.” The hubris and determination of tech leaders to control society is threatening our individual, societal, and business autonomy.

Events & Podcasts

Podcast: Gone to ground: China’s rare earths strategy

Little Red Podcast

Beijing's recent ban on the export of two rare metals represents the latest front in the global battle to control chipmaking technology. Now there are fears China could block the export of rare earths, over which it has a stranglehold. How close are we to that nuclear option? To find out, Louisa and Graeme are joined by Martijn Rasser, a former senior intelligence officer and analyst with the CIA, who is now the managing director of the Netherlands-based Datenna, and Jon Hykaway, the director and president of Stormcrow Capital in Toronto.

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.