Journalists, human rights activists targeted by Pegasus spyware | Biden criticises Facebook for Covid misinformation | Glasgow University urged to review partnership with Chinese military university
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners... The numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials. The Washington Post
President Joe Biden on Friday criticized social media platforms like Facebook for spreading misinformation about the coronavirus and vaccines, as his administration has blamed them for stalling U.S. vaccine rates. "They’re killing people," Biden said when asked what his message was to social media platforms like Facebook on the spread of false and misleading claims about the virus and the safety of vaccines that prevent it. NBC News
Glasgow University is being urged to review its partnership with a Chinese college said to be a recruiting ground for a state-owned military contractor linked to the persecution of ethnic minorities. Human Rights Watch said the university’s deal with the University of Electronic Science and Technology of China, which offers students a chance to study in China and Scotland, is “troubling” amid warnings that graduates can go on to work for the China Electronics Technology Group Corporation (CETC). The Times
ASPI ICPC
May ransomware blight all the cyber stragglers and let God sort them out
ZDNet
@stilgherrian
A global consensus on how to tackle ransomware does seem to be emerging. Just one example is a new report from ASPI's International Cyber Policy Centre, Exfiltrate, encrypt, extort: The global rise of ransomware and Australia's policy options, of which Falk is co-author. On the vexed question of whether organisations should pay a ransom or not, the report recommends that paying them should not be criminalised. Instead, there should be a "mandatory reporting regime ... without fear of legal repercussions"..The ASPI report recommends expanding the role of the ASD's Australian Cyber Security Centre (ACSC) to include the real-time distribution of publicly available alerts. ACSC should also publish a list of ransomware threat actors and aliases, giving details of their modus operandi and key target sectors, along with suggested mitigation methods.
It’s viral: crims hold nation to ransom
The Australian
@camstewarttheoz
A report this week by the Australian Strategic Policy Institute called for mandatory reporting of ransomware strikes, better incentives for companies to improve their cybersecurity measures and an expanded national alert system
Read ASPI ICPC's new report 'Exfiltrate, encrypt, extort'
World
How the Intelligence Community Can Get Better at Open Source Intel
Defense One
Bob Ashley Neil Wiley
Historically, the analysis produced to meet intelligence requirements was based predominantly on data acquired by government collectors and government technologies. Unlike open data sources, intelligence officers can task sensitive intelligence sources and methods to target the specific people, places and events that drive the intelligence needs of our policymakers and commanders. But the world has changed.
Explore Danielle Cave's work on How Covid-19, data, cyberspace & technology are re-shaping spycraft
Australia
I spy on Instagram … a new career
The Australian
ASIO is looking for the next generation of Australian spies – on Instagram, YouTube and Twitter.
Boards set to face the music on cyber security lapses
Sydey Morning Herald
@TimBiggs
Company directors will need to get used to facing the music when it comes to mitigating cyber risk, security experts have said, as the frequency and scale of ransomware attacks globally continues to escalate.
Social media ‘gurus’ put the ‘con’ in conspiracy
The Australian
@clairlemon
Today, modern quacks follow in Radam’s footsteps. Modern “wellness” gurus tout “natural remedies” for all of our modern ailments, including Covid.
China
China Sends State Security, Police Officials to Didi for Cybersecurity Probe
The Wall Street Journal
@lizalinwsj
China sent state security and police officials to Didi Global Inc.’s ride-hailing business on Friday as a part of a cybersecurity investigation, the country’s internet regulator said, escalating a regulatory saga that has gripped China’s tech industry. Regulators from government units including the Ministry of Public Security, the Ministry of State Security, the Cyberspace Administration of China and the Transport Ministry will be stationed at Didi starting Friday for the investigation, the cyberspace administration said in an online statement.
Chinese companies face uncertainty as data security hawks gain power
Financial Times
@yuanfenyang Sun Yu
Long before China’s cyber space agency warned Didi to slow down its blockbuster $4.4bn public offering in New York, the country’s data security hawks had started preparing their legal arsenal to face another perceived threat from the US..The resulting rise of China’s data security hawks has elevated everyday business procedures, such as listing or transferring data abroad, to the status of national security concerns. Lawyers warn that firms are being caught in the vast legal grey space at the whim of agencies’ discretionary power, while companies say they fear being subject to the kind of inter-agency miscommunication that muddled Didi’s IPO.
Let the bullets fly for a while
Chinese Characteristics
@lillianmli
There’s a symbiotic relationship between old public institutions and rising new digital institutions in China. Didi cleaned up the grey market for black cabs, Meituan and Ele.ma act as de facto restaurant inspectors. Every content platform carries out content moderation on behalf of the party. The government is pragmatic. In the fragmented authoritarian governance structure of China, the agents that can introduce and maintain legibility stay.
China Targets Another Region in Ethnic Assimilation Campaign: Tibet
The Wall Street Journal
@lizalinwsj @wsjeva @JChengWSJ
Taking one method used in Xinjiang, local security forces in the Tibet Autonomous Region have sought to put in place cutting-edge technological upgrades and predictive policing systems to forecast the activities of “people of interest,” according to government procurement documents. The contractor named in the documents had previously sold similar systems with the ability to sift data, including from bank accounts, social media and cellphones, to create portraits of targets’ lifestyles and social circles.
Ericsson Warns China Backlash Threatens Its Market Share
The Wall Street Journal
@stuwoo
In China, it said it now expects to pay the price of its home government’s decision, which it made last October, to ban Huawei gear from its networks. Stockholm cited national-security concerns. The U.S. and allies worry Huawei gear can be used to spy on or disrupt networks on behalf of Beijing. Huawei and Beijing have said that worry is unfounded. Chinese officials have threatened to retaliate by punishing Swedish companies doing business in China. They specified Ericsson as a potential target. Ericsson lobbied Sweden’s government to reconsider its ban.
US agencies circulate warning about 'aggressive' Chinese hacking effort to steal secrets from a range of targets
CyberScoop
@snlyngaas
Chinese government-backed hackers’ rampant appetite for intellectual property represents a “major threat to U.S. and allied cyberspace assets,” according to a U.S. government assessment obtained by CyberScoop.
USA
They're killing people': Biden blames Facebook, other social media for allowing Covid misinformation
NBC News
@Lauren_V_Egan
President Joe Biden on Friday criticized social media platforms like Facebook for spreading misinformation about the coronavirus and vaccines, as his administration has blamed them for stalling U.S. vaccine rates. "They’re killing people," Biden said when asked what his message was to social media platforms like Facebook on the spread of false and misleading claims about the virus and the safety of vaccines that prevent it.
Moving Past the Finger Pointing
Facebook
@guyro
At a time when COVID-19 cases are rising in America, the Biden administration has chosen to blame a handful of American social media companies. While social media plays an important role in society, it is clear that we need a whole of society approach to end this pandemic. And facts — not allegations — should help inform that effort.
Majority of Covid misinformation came from 12 people, report finds
The Guardian
@salamdogmillion
The vast majority of Covid-19 anti-vaccine misinformation and conspiracy theories originated from just 12 people, a report by the Center for Countering Digital Hate (CCDH) cited by the White House this week found. CCDH, a UK/US non-profit and non-governmental organization, found in March that these 12 online personalities they dubbed the “disinformation dozen” have a combined following of 59 million people across multiple social media platforms, with Facebook having the largest impact.
Psaki excoriates criticism of Biden administration work on vaccine misinformation
POLITICO
@NickNiedz
White House press secretary Jen Psaki forcefully defended the Biden administration’s growing offensive on vaccine-related misinformation spreading on Facebook and other social media platforms.
U.S. extremists dabble in #FreeBritney conspiracy theories
DFRLab
@jaredlholt
Politically driven fringes look to pop star’s predicament to validate their conspiracy theories.
Biden’s Cybersecurity Team Gets Crowded at the Top
WIRED
@vermontgmg
It’s a lot of talent, but the US now has five overlapping roles jockeying for limited budgets, authorities, and bureaucratic victories.
Pandemic profiteers' are using deceptive tactics to peddle products and subscriptions, according to a memo submitted to the FTC
The Washington Post
@Cat_Zakrzewski
The Federal Trade Commission is under pressure to crack down on a network of “pandemic profiteers,” who are allegedly using deceptive tactics to peddle products making health and wellness claims, events and subscriptions. This “network of savvy affiliate marketers” -- which includes many of the most high-profile spreaders of vaccine disinformation -- has allegedly engaged in multiple potential violations of consumer welfare law.
Biden battles Russian hacking groups with restrictions on IT firms
Reuters
@karen_freifeld
The United States on Friday took a new stab at Russia's cybersecurity industry, restricting trade with four information technology firms and two other entities over "aggressive and harmful" activities - including digital espionage - that Washington blames on the Russian government.
‘Rogue’ U.S. Agency Used Racial Profiling to Investigate Commerce Dept. Employees, Report Says
The New York Times
@CatieEdmondson
In recent years, American law enforcement officials have become increasingly concerned that China is expanding its spying efforts in the United States and using visiting Chinese scholars for intelligence-gathering purposes. The Senate report laid out how those fears fueled an aggressive, unauthorized counterespionage effort inside a department that houses scientific agencies staffed by researchers from around the world. The result, it said, was a discriminatory effort to target and spy on people of Asian and Middle Eastern descent.
The United States Can’t Afford the Brutal Price of Chinese Solar Panels
Foreign Policy
Henry Wu
Americans need a national green tech strategy.
U.S. Government Offers Cryptocurrency Bounty In Radical New Approach To Fighting Cybercrime
Forbes
@MartinRivers
In what appears to be a first for the American government, the U.S. Department of State is offering to pay a cryptocurrency bounty worth up to $10m (315BTC at the time of writing) in return for actionable intelligence about cyberattacks orchestrated by foreign governments.
North Asia
Pro-China disinformation network weaponizes scientific research to attack Japan
Coda Story
@caitlin_reports
A pro-China disinformation network is distorting legitimate scientific research to undermine Japan, after Tokyo announced plans to release more than 1 million tonnes of treated wastewater from the Fukushima nuclear power plant into the Pacific Ocean, beginning in 2023..According to new research shared exclusively with Coda Story from the Institute for Strategic Dialogue, which analyzes global disinformation networks, prominent Chinese journalists, government officials, and a cluster of five pro-China “super-spreader” Twitter accounts are misrepresenting a 2012 simulation of the dispersal of radioactive materials after the Fukushima disaster, in order to claim that the wastewater is dangerous.
Chip decoupling risks costly failure, TSMC founder warns APEC
Nikkei Asia
Cheng Ting-Fang Lauly Li
Efforts by nations to bring chip production onshore could backfire, failing to achieve self-sufficiency despite massive cost outlays, warned Morris Chang, the founder of top contract chipmaker Taiwan Semiconductor Manufacturing Co.
Auto chip supplies accelerate
Financial Times
@ChrisNuttall
There was finally some good news for the auto industry today, with the world’s largest contract chipmaker saying the semiconductor shortage disrupting car production should ease in the current quarter. Taiwan’s TSMC increased its output of microcontroller units, an important component in car electronics, by 30 per cent in the first half and MCU production is expected to be 60 per cent higher for the full year, compared to 2020.
Southeast Asia
Right-Wing Extremism Has Deep Roots in Southeast Asia
Global Network on Extremism & Technology
@MuniraMustaffa
The far right or right-wing extremism as an ideologically motivated violent extremism (IMVE) is the least understood security threat in the Southeast Asian region.
South & Central Asia
Taiwan-India cyberdefense needed
Taipei Times
Sumit Kumar
The cybersecurity threat China poses, coupled with other factors, provides another avenue for cooperation between Taiwan and India. While the two sides have since the 1990s taken efforts to improve bilateral ties, the process of expanding cooperation has been too slow, but in times of fast changing security concerns and indications of strong political will on both sides, Taiwan and India should take concrete steps to establish cybersecurity cooperation.
Pegasus Project: How Phones of Journalists, Ministers, Activists May Have Been Used to Spy On Them
The Wire
@svaradarajan
The Indian Telegraph Act and Information Technology Act prescribe procedures that must be followed for lawful interception. Different countries have different laws but the use of hacking to deliver surveillance spyware in India by any individual, private or official, is an offence under the IT Act. The Wire will be revealing the names it has been able to verify under different categories, in a step by step fashion with its partners over the next few days. The numbers of those in the database include over 40 journalists, three major opposition figures, one constitutional authority, two serving ministers in the Narendra Modi government, current and former heads and officials of security organisations and scores of businesspersons.
United Kingdom
Glasgow University urged to cut ties with Chinese college linked to Uighur surveillance
The Times
@macca808
Glasgow University is being urged to review its partnership with a Chinese college said to be a recruiting ground for a state-owned military contractor linked to the persecution of ethnic minorities. Human Rights Watch said the university’s deal with the University of Electronic Science and Technology of China, which offers students a chance to study in China and Scotland, is “troubling” amid warnings that graduates can go on to work for the China Electronics Technology Group Corporation (CETC).
Find out more about the University of Electronic Science and Technology of China via our China Defence University Tracker project
Classified Challenger tank specs leaked online for videogame
UK Defence Journal
@geoallison
A user has posted a classified document online relating to the Challenger 2 in order to improve the accuracy of the design of the tank in combat game ‘War Thunder’.
China is buying up chip firms in a push for semiconductor supremacy, says UK lawmaker
CNBC
@Sam_L_Shead
Iain Duncan Smith, a member of parliament and the former leader of the Conservative Party, told the U.K. Parliament on Thursday that China has identified semiconductor technology as a key area it wants to dominate globally. The industry is currently led by Taiwan, South Korea and the U.S, which are home to chipmaking giants TSMC, Samsung and Intel respectively.
Europe
How Europe’s top court hobbled global data flows
POLITICO
@vmanancourt @markscott82
With a new deal on transatlantic data flows still far off, pressure is growing on companies to store their data locally in Europe.
Ireland must 'swiftly' investigate legality of Facebook-WhatsApp data-sharing, says EDPB
TechCrunch
@riptari
Facebook’s lead regulator in the European Union must “swiftly” investigate the legality of data sharing related to a controversial WhatsApp policy update, following an order by the European Data Protection Board.
China Wants a Chip Machine From the Dutch. The U.S. Said No.
The Wall Street Journal
@stuwoo Yang Jie
Some of the tech industry’s most important machines are made next to corn fields in the Netherlands. The U.S. government is trying to make sure they don’t end up in China. Beijing has been pressuring the Dutch government to allow its companies to buy ASML Holding NV’s marquee product: a machine called an extreme ultraviolet lithography system that is essential to making advanced microprocessors.
Americas
CPP Investments must stop investing in companies benefiting from Uyghur persecution
The Globe and Mail
@IrwinCotler David Kilgour
Do Canadians want their financial futures built on the suffering of China’s persecuted Uyghur minority? This question is raised by the practices of the Canada Pension Plan Investment Board (CPP Investments), which has invested billions of dollars of CPP contributions deducted from Canadians’ paycheques into Chinese and multinational companies identified as using Uyghur forced labour.
Middle East
Private Israeli spyware used to hack cellphones of journalists, activists worldwide
The Washington Post
@danapriest @craigtimberg @smekhennet
Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners... The numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials.
Revealed: leak uncovers global abuse of cyber-surveillance weapon
The Guardian
@skirchy @paullewis @davidtpegg @ninalakhani
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
Israeli Companies Aided Saudi Spying Despite Khashoggi Killing
The New York Times
@ronenbergman @MarkMazzettiNYT
Israel secretly authorized a group of cyber-surveillance firms to work for the government of Saudi Arabia despite international condemnation of the kingdom’s abuse of surveillance software to crush dissent, even after the Saudi killing of the journalist Jamal Khashoggi, government officials and others familiar with the contracts said.
FT editor among 180 journalists identified by clients of spyware firm
The Guardian
@davidtpegg @paullewis @ninalakhani
Data leak and forensics suggest NSO’s surveillance tool used against journalists at some of world’s top media companies
Facebook removes 200 accounts in 'highly targeted' Iran-based espionage operation
ABC News
Facebook said it has disrupted an Iran-based espionage operation targeting defence and aerospace workers in Europe and the United States.
Taking Action Against Hackers in Iran
Facebook
Mike Dvilyanski @DavidAgranovich
Today, we’re sharing actions we took against a group of hackers in Iran to disrupt their ability to use their infrastructure to abuse our platform, distribute malware and conduct espionage operations across the internet, targeting primarily the United States. This group is known in the security industry as Tortoiseshell, whose activity was previously reported to mainly focus on the information technology industry in the Middle East.
Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus
The Citizen Lab
@billmarczak @jsrailton Kristin Berdan Bahr Abdul Razzak
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts. Using Internet scanning we identified more than 750 websites linked to Candiru’s spyware infrastructure.
Misc
Technology has ended ownership but can now reinvent it
Financial Times
@ohnthornhillft
Against big tech dominance, regulators, creators and consumers are reasserting the benefits of owning things
Cryptographers unearth vulnerabilities in Telegram's encryption protocol
CyberScoop
@timstarks
An international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular encrypted message app Telegram.
Research
LuminousMoth APT: Sweeping attacks for the chosen few
SecureList by Kaspersky
@_marklech_ @r00tbsd @Aseel Kayal
In this publication we aim to profile LuminousMoth as a separate entity, outlining the infection chain and unique toolset it leverages, the scale and targeting in its campaigns as well as its connections to HoneyMyte through common TTPs and shared resources.
Artificial Intelligence diplomacy
European Parliament
@RikeFranke
This paper discusses the way that AI impacts the European Union’s geopolitical power and its relationship with other countries. It presents possible scenarios for how AI may change the international balance of power and recommends ways for the EU and its Member Statesto respond.
Spanish-language misinformation about vaccines is evading Facebook's moderators
CyberScoop
@TonyaJoRiley
Facebook is still struggling to rein in COVID-19 misinformation in Spanish, a recent report from the advocacy group Avaaz indicates.
Events
Indigenous Cyber and Digital Skills Conference
ASPI’s IndigiCyber, Defence and Space Program
This half-day conference will canvas a range of curriculum and engagement initiatives in cyber-security and STEM as well as government and industry responses to both support those already in work, and to attract diverse candidates. What can defence, and defence-related sectors, do to support the next generation of technology champions? 23 Jun 2021 9:00 am - 1:00 pm
ASPI Webinar: In-Conversation with Marietje Schaake
ASPI ICPC
SPI's International Cyber Policy Centre is delighted to invite you to an in-conversation with Marietje Schaake, President of the Cyber Peace Institute, the International Policy Director at Stanford's Cyber Policy Center and International Policy Fellow at Stanford’s Institute for Human-Centered Artificial Intelligence. Join Fergus Hanson for an online ‘fireside chat’ with Marietje focusing on technology, democracy and the question of accountability. They will discuss how democracies can cooperate amidst rising authoritarianism and the privatised governance of technologies. They will also consider the rule of law and how it relates to the oversight of existing and emerging technologies. 27 July 2021 5:00 pm - 6:00 pm
Jobs
ICPC Senior Analyst or Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive senior analyst or analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.
ICPC Analyst or Senior Analyst - Cyber & technology
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional cyber-security or technology focused analyst or senior analyst to join its centre in 2021. This role will focus on policy relevant cybersecurity analysis, informed public commentary and either original data-heavy research and/or technical analysis. Analysts usually have around 7-15 years work experience. Senior analysts usually have a minimum of 15 years relevant work experience and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.