LINE accounts of 100+ Taiwanese politicians hacked | Biden warns cyberattacks could escalate into all-out war | US National Security Memorandum to improve cybersecurity of critical infrastructure
LINE accounts of 100+ Taiwanese politicians hacked | Biden warns cyberattacks could escalate into all-out war | US National Security Memorandum to improve cybersecurity of critical infrastructure
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The LINE accounts of more than 100 Taiwanese politicians and government officials have been hacked, and data exfiltrated from devices. The intrusions were discovered by LINE and came to light when the company notified some of the affected users, who later shared the warnings with Taiwanese news outlet Liberty Times. According to the news outlet, the hacked accounts belonged to “high-level dignitaries,” such as personnel of the presidential office, the state cabinet, members of several political parties, mayors, and members of the Taiwanese military. The Record
Joe Biden has warned that cyber attacks could escalate into a full-blown war as tensions with Russia and China mounted over a series of hacking incidents targeting US government agencies, companies and infrastructure. Biden said on Tuesday that cyber threats including ransomware attacks “increasingly are able to cause damage and disruption in the real world”. “If we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach.” The Financial Times
President Biden just signed a national security directive aimed at boosting defenses against ransomware attacks and the hacking of critical infrastructure like energy, food, water and power systems. A senior administration official, speaking on condition of anonymity, told reporters that the new standards will be voluntary, though the Biden administration may pursue legislative options, with help from Congress, to require the kind of technological improvements that would defend against such cyberattacks. NPR
ASPI ICPC
In-conversation with Marietje Schaake: How can technologies be appropriately governed, and what impacts does this have on free and open societies?
In this webinar, Fergus Hanson speaks to Marietje Schaake, International Policy Director at Stanford University’s Cyber Policy Center, International Policy Fellow at Stanford’s Institute for Human-Centered Artificial Intelligence and President of the Cyber Peace Institute. The discussion focuses on technology, democracy and the question of accountability; how democracies can cooperate amidst rising authoritarianism and the privatised governance of technologies.
Who are Australia’s anti-lockdown protestors?
7am Podcast
Today, journalist and disinformation researcher at the Australian Strategic Policy institute Ariel Bogle on the different groups behind these marches, why they’re growing, and the Australian politicians trying to capitalise on lockdown discontent.
New measures needed to protect businesses from ransomware attacks
Business Australia
A lack of policy surrounding cyber crime has made Australian businesses a target of ransomware attacks, according to a brief from The Australian Strategic Policy Institute. The think tank’s International Cyber Policy Centre (ICPC) has issued a report titled Exfiltrate, Encrypt, Extort, laying out the significant risk to Australian businesses that exists without a large-scale domestic effort to prevent hostile takeovers of data and computer systems.
Read our new report: Exfiltrate, Ecnrypt, Extort.
World
Australia
Top cop says more foreign meddling arrests are coming
Australian Financial Review
@andrewtillett
Australia’s top cop has signalled further arrests under foreign interference laws, fending off criticism they have been hardly used despite regular warnings from security agencies about the level of activity by foreign spies and their proxies. Just one person has been charged under the foreign interference laws after they were introduced in 2018.
Five Eyes warn about hacking dangers in wake of China cyber attacks
The Sydney Morning Herald
@Gallo_Ways
Australia’s premier cyber security agency has joined forces with its “Five Eyes” partners for the first time to issue an unprecedented warning about the vulnerabilities cyber hackers are exploiting in the wake of a series of hacks by China.
Top Routinely Exploited Vulnerabilities
US Cybersecurity & Infrastrcuture Security Agencies
This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI). This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber actors in 2020 and those being widely exploited thus far in 2021.
Laws to protect critical infrastructure are attack on workers: ACTU
The Age
@Gallo_Ways
Australia’s biggest unions have joined with business groups to oppose the federal government’s new laws overhauling the management of critical infrastructure, saying the bill in its current form is poorly designed and will cost jobs.
China
Uyghurs and Tibetans locked out of Airbnb in China's latest crackdown on ethnic minorities
The Telegraph
@sophia_yan
Accommodation listings on Airbnb in China at times explicitly ban ethnic minority groups such as Uyghurs and Tibetans, a move that rights groups say run counter to the company’s non-discrimination policy of “inclusion and respect.”
Xi's Four Pillars of Regulation Will Change the Way Big Tech Works in China
Bloomberg
Beijing’s regulatory crackdown on fintech to education to ride-hailing will alter the corporate landscape and affect foreign investment.
USA
Biden warns cyber attacks could lead to a ‘real shooting war’
The Financial Times
@KatrinaManson
Joe Biden has warned that cyber attacks could escalate into a full-blown war as tensions with Russia and China mounted over a series of hacking incidents targeting US government agencies, companies and infrastructure. Biden said on Tuesday that cyber threats including ransomware attacks “increasingly are able to cause damage and disruption in the real world”. “If we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach,” the president said in a speech at the Office for the Director of National Intelligence, which oversees 18 US intelligence agencies.
Biden Pushes Cybersecurity Upgrades For Critical Infrastructure After Recent Hacks
NPR
@rachel_treisman
President Biden just signed a national security directive aimed at boosting defenses against ransomware attacks and the hacking of critical infrastructure like energy, food, water and power systems. The directive sets performance standards for technology and systems used by private companies in those sectors — though it can't force those companies to comply.
National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
The White House
Protection of our Nation’s critical infrastructure is a responsibility of the government at the Federal, State, local, Tribal, and territorial levels and of the owners and operators of that infrastructure. The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation. The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States.
Should ransomware payments be banned?
Brookings TechStream
@tarah @ciaranmartinoxf
At the heart of the ransomware phenomenon is a misalignment of economic and policy incentives that allow criminals to operate successfully and with impunity. But as ransomware has proliferated, addressing this problem most often falls on the shoulders of its victims—businesses facing difficult decisions about whether or not to pay ransoms to regain access to critical systems and data. And as victims have paid up in order to mitigate damage, there are now growing calls for businesses to be banned from paying ransoms
Read our report: Exfiltrate, Ecnrypt, Extort.
Lawmakers voice anxiety about China's digital yuan during CBDC hearing
The Block
@AislinnKeely
Lawmakers agree the U.S. is behind when it comes to central bank digital currency (CBDC) development, and they want to know what catching up would mean for the dollar. In a hearing of the House Subcommittee on National Security, International Development and Monetary Policy on Tuesday, lawmakers asked industry experts how far behind the U.S. actually is — especially as it relates to its standing with China.
Read our report: The flipside of China’s central bank digital currency.
Twitter Permanently Suspends Pro-Trump "Audit" Accounts
Buzzfeed News
@mimms
Twitter has permanently suspended eight accounts that spread former president Donald Trump’s lies about the 2020 election and pushed for partisan “audits” to find evidence to support those falsehoods, the platform's latest suspensions directed at the audits. Among those suspended was the official Twitter account for the ongoing, Republican-led audit in Arizona, which is being overseen by a contractor who has spread false conspiracy theories, including in a recent pro-Trump movie.
Facebook’s Next Target: The Religious Experience
The New York Times
@elizabethjdias
The company is intensifying formal partnerships with faith groups across the United States and shaping the future of religious experience.
North-East Asia
LINE accounts for more than 100 Taiwanese politicians were hacked
The Record
@campuscodi
The LINE accounts of more than 100 Taiwanese politicians and government officials have been hacked, and data exfiltrated from devices. The intrusions were discovered by LINE and came to light when the company notified some of the affected users, who later shared the warnings with Taiwanese news outlet Liberty Times. According to the news outlet, the hacked accounts belonged to “high-level dignitaries,” such as personnel of the presidential office, the state cabinet, members of several political parties, mayors, and members of the Taiwanese military.
Taiwan gives TSMC green light for most advanced chip plant
Nikkei Asia
@ChengTingFang @Lauly_Th_Li
Taiwan Semiconductor Manufacturing Co. has received final approval to build its most advanced chip plant yet, a day after U.S. rival Intel said it planned to seize chip industry leadership. TSMC plans to build a 2-nanometer chip facility in Hsinchu, one of Taiwan's most important chipmaking centers.
South and Central Asia
How foreign hackers weaponised India’s cybersecurity shield
The Ken
@PratapVikramSin
For state-sponsored hacker groups, few scalps are as prized as top government officials of geopolitical rivals. Earlier this month, one hacker group caught the proverbial white whale. The Ken has learned that between 7-14 July, the group managed to compromise the email of Ajay Prakash Sawhney, the secretary of the Ministry of Electronics and Information Technology (MeitY).
UK
Europe
Huawei 5G: European countries playing 'politics' with network bans, Chinese company says
EuroNews Next
@AnnabelCMurphy @jackeparrock
The decision by some EU countries to ban Huawei from supplying 5G infrastructure is based on "political motivation", the Chinese company has said, as it defended its legacy and ongoing investments in the region. Speaking exclusively to Euronews Next Abraham Liu, Huawei’s chief representative to the EU, said “when you talk about certain, very few countries who have made a different kind of decision based on their political motivation, I think that's politics”.
Is there a dark side of digitalisation?
Emerging Europe
@nikola__dj
Digitalisation, or digital transformation, is a stated priority of all countries in Central and Eastern Europe. But as they move sensitive data to the cloud, new threats emerge both to privacy and civil liberties. Are governments doing enough to protect their citizens?
Russia
Russia, US launch cybersecurity dialogue, three rounds already held, says diplomat
TASS
Russia and the US have launched bilateral cybersecurity dialogue, with three formal rounds already held, Russian Deputy Foreign Minister Sergey Ryabkov told reporters on Wednesday.
Explained: Russia's proposal to the UN for expanding list of designated cybercrimes
@MrAhmedSays
With an aim to deter cyber criminals, Russia has submitted the world’s first draft convention for strengthening laws against cybercrime to the United Nations (UN). As part of this submission, Russia is seeking to expand the list of internationally designated types of cybercrimes, which is currently a relatively short one.
Middle East
I worked at Israeli phone hacking firm Cellebrite. They lied to us
Haaretz
I would like to address the issue of supervising phone hacking technology that is being exported by NSO Group and Cellebrite. As a former Cellebrite employee, I can say from personal experience that the company does nothing to prevent the abuse of its products by customers. It knowingly sells products and services to users of dubious repute, belonging to autocratic regimes.
I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona
Proofpoint US
@ChicagoCyber Michael Raggi Crista Giering
TA456, an Iranian-state aligned actor, spent years masquerading as the persona “Marcella Flores” in an attempt to infect the machine of an employee of an aerospace defense contractor with malware.
Israel begins investigation into NSO Group spyware abuse
MIT Technology Review
@HowellONeill
Israeli government officials visited the offices of the hacking company NSO Group on Wednesday to investigate allegations that the firm’s spyware has been used to target activists, politicians, business executives, and journalists, the country’s defense ministry said in a statement today.
Israeli Authorities Inspect NSO Offices After Damning Investigation
VICE
@lorenzofb @emanuelmaiberg
The visit from Israel's Ministry of Defense representatives was first reported by Calcalist, which called it a "raid." NSO Group confirmed authorities came to the office, but described it as a "visit" not a raid. A tweet from the official Ministry of Defense account said that representatives from several bodies came to NSO's office to look into the allegations against the company.
Africa
Tunisia crisis prompts surge in foreign social media manipulation
Al Jazeera
@marcowenjones
The political crisis in Tunisia has prompted a surge of social media propaganda and manipulation emanating mostly from Saudi Arabia and the United Arab Emirates (UAE), much of it attempting to skew the narrative so that it justifies Tunisian President Kais Saied’s decision to suspend parliament and sack the prime minister.
How Zello keeps people connected during South Africa’s unrest
MIT Technology Review
@tanyabasu
For South Africans like Amith Gosai, keeping track of what was happening on the ground was hard. His WhatsApp chats were flooded and confusing. Then he saw a note on his community WhatsApp group urging neighbors to join a sort of neighborhood watch channel on Zello, a “walkie-talkie” app that is fast becoming a tool for protest communication.
Misc
BlackMatter ransomware targets companies with revenue of $100 million and more
The Record
@campuscodi
A new ransomware gang launched into operation this week, claiming to combine the best features of the now-defunct Darkside and REvil ransomware groups, Recorded Future analysts have discovered. Named BlackMatter, the group is currently recruiting affiliates (collaborators) through ads posted on two cybercrime forums named Exploit and XSS. The group is willing to pay up to $100,000 for access to large corporate networks and has said it won't attack hospitals, critical infrastructure, non-profits, and government organizations.
Read our report: Exfiltrate, Ecnrypt, Extort.
A Controversial Tool Calls Out Thousands of Hackable Websites
WIRED
@a_greenberg
The web has long been a playground for hackers, offering up hundreds of millions of public-facing servers to comb through for basic vulnerabilities to exploit. Now one hacker tool is about to take that practice to its logical, extreme conclusion: Scanning every website in the world to find and then publicly release their exploitable flaws, all at the same time—and all in the name of making the web more secure.
How Silicon Valley's Tech Giants Use NDAs to Create a Culture of Silence
Business Insider
@mattdrange
We reviewed 36 NDAs from major tech companies and discovered how far Silicon Valley's giants will go to silence and control their employees.
One third of cybersecurity workers have faced harassment at work or online - this initiative aims to stamp it out
ZDNet
@dannyjpalmer
Around a third of cybersecurity professionals have personal experience of facing harassment and abuse either online or in person – and a new initiative is aiming to provide support to victims while also encouraging action to help stop bullying and abuse across the industry. Set up with the aim of taking stand against all forms of harassment in the cybersecurity industry, Respect In Security is encouraging organisations to formally pledge their commitment to creating a workplace and professional community free from harassment and fear.
Research
Jobs
ICPC Deputy Director – 12 month parental leave cover
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) is currently recruiting for a one-year parental leave cover for its Deputy Director position. This is an exceptional opportunity for a talented and experienced individual to contribute to the work of Australia's leading think-tank on cyber, information, technology and other national security issues in a unique leadership role.
ICPC Senior Analyst & Program Manager
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) potentially has an outstanding opportunity for a proactive, efficient and talented senior analyst & program manager to join its centre. We are looking for a senior individual with a minimum of 10-15 years of demonstrated relevant work experience who possesses excellent project management, stakeholder engagement and staff management skills. They must also possess strong knowledge - either as a generalist or a specialist - of some of the topics ICPC works across, and feel comfortable engaging with politicians, senior policymakers, business representatives and preferably also the media.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.