NEW REPORT: Attempted influence in disguise | NSA Warns That Russia Is Attacking Remote Work Platforms | UAE target of cyber attacks after Israel deal
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
This report builds from a Twitter network take-down announced on 8 October 2020 and attributed by Twitter as an Iranian state-linked information operation. Just over 100 accounts were suspended for violations of Twitter’s platform manipulation policies. A review of the data shows that accounts linked to the removed network are still active on Twitter and are using images of staff employed by UK media organisations, activists or stock photos. ASPI ICPC
In an advisory today, the National Security Agency said that Russian state-sponsored groups have been actively attacking a vulnerability in multiple enterprise remote-work platforms developed by VMware. The company issued a security bulletin on Thursday that details patches and workarounds to mitigate the flaw, which Russian government actors have used to gain privileged access to target data. WIRED
The United Arab Emirates was the target of cyber attacks after establishing formal ties with Israel, the Gulf Arab state's cyber security head said on Sunday. Reuters
ASPI ICPC
NEW REPORT: Attempted influence in disguise
ASPI
This report builds from a Twitter network take-down announced on 8 October 2020 and attributed by Twitter as an Iranian state-linked information operation. Just over 100 accounts were suspended for violations of Twitter’s platform manipulation policies. A review of the data shows that accounts linked to the removed network are still active on Twitter and are using images of staff employed by UK media organisations, activists or stock photos. These accounts are amplifying content shared by others in the network, as well as articles posted by news agencies. The accounts appear to be promoting specific narratives, including: how countries such as the UK are ‘mishandling’ coronavirus; the Black Lives Matter movement; US politics.
This case study provides an overview of how to extrapolate from Twitter’s take-down dataset to identify persistent accounts on the periphery of the network. It provides observations on the operating mechanisms and impact of the cluster of accounts, characterising their traits as activist, media and hobbyist personas. The purpose of the case study is to provide a guide on how to use transparency datasets as a means of identifying ongoing inauthentic activity.
China’s digital currency finds its first cross-border payments buddy: Hong Kong
The Register
@ssharwood
China has found the first jurisdiction willing to entertain the idea of using its digital currency for cross-border payments: Hong Kong..the Authority and the Digital Currency Institute of People’s Bank of China (PBOC) “are discussing the technical pilot testing of using e-CNY, the digital renminbi issued by the PBOC, for making cross-border payments, and are making the corresponding technical preparations.”.. “Over time, it is not far-fetched to speculate that the Chinese party-state will incentivise or even mandate that foreigners also use [the digital Yuan] for certain categories of cross-border RMB transactions as a condition of accessing the Chinese marketplace,” wrote the Australian Strategic Policy Institute in a recent paper.
The paper also says that China’s digital currency “intersects with China’s ambitions to shape global technological and financial standards, for example, through the promotion of RMB internationalisation and fintech standards-setting along sites of the Belt and Road Initiative” and suggests that in the long term the currency “could greatly expand the party-state’s ability to monitor and shape economic behaviour well beyond the borders of the People’s Republic of China.”
Australia
ABC, SBS included in news media code as tech giants win concessions
The Sydney Morning Herald
@LisaVisentin
The ABC and SBS will be included in proposed laws to force Google and Facebook to pay media companies for news content but the tech giants have won concessions as a Coalition backbench committee signed off on the legislation on Monday.
OAIC finds Flight Centre breached privacy of almost 7,000 customers in 2017
ZD Net
@dobes
The Australian Information Commissioner and Privacy Commissioner Angelene Falk has handed down a determination that Flight Centre breached the privacy of 6,918 customers when it held its "design jam" event across the weekend of March 24 to March 26 in 2017.
Big tech payment platforms raise competition concerns
The Australian
The Payments System Board recognises that the structure of payment systems is changing. In some cases it is now better to think of a payments ecosystem, rather than a payments system. In this ecosystem, the payment chains can be longer and there are more entities involved and new technologies used. This more complex and dynamic environment is opening up new opportunities for innovation as well as new competition issues.
The strategic costs of adopting technology
The ASPI Strategist
@lesleyseebeck
At the recent Australian e-commerce summit, Prime Minister Scott Morrison praised technology adoption as a means of driving economic returns. Australia doesn’t need to be a Silicon Valley, he said, it just needs to be the best at adopting technology. It’s worth digging into this, as the story around technology for economic development and national sovereignty is complex. There are five main reasons to pursue a technology-adoption strategy.
Google could cut Australians out of upgrades
The Australian Financial Review
Google engineers have been working on a secret project to exclude Australians from regular improvements to its search function and other services if the company does not agree with proposed laws to regulate how it deals with news publishers.
China
JD.com becomes first online platform to accept China's digital currency
Reuters
Chinese e-commerce company JD.com Inc said on Saturday it has become the country’s first virtual platform to accept Beijing’s homegrown digital currency.
China’s New Surveillance Currency
The Diplomat
@max_karnfelt
Should the digital RMB be broadly adopted, Beijing will exercise unprecedented financial insight and real-time monetary and economic oversight. This will no doubt benefit fiscal policy, tax collection, and fighting fraud – but also subject citizens to potentially menacing digital social governance.
USA
The NSA Warns That Russia Is Attacking Remote Work Platforms
WIRED
In an advisory today, the National Security Agency said that Russian state-sponsored groups have been actively attacking a vulnerability in multiple enterprise remote-work platforms developed by VMware. The company issued a security bulletin on Thursday that details patches and workarounds to mitigate the flaw, which Russian government actors have used to gain privileged access to target data.
Russian State-Sponsored Malicious Cyber Actors Exploit Known Vulnerability in Virtual Work National Security Agency
America’s intelligence agencies prepare for life after Trump
The Economist
After two decades of relentless focus on counter-terrorism, the agencies are shifting resources and attention to “great-power” rivals, above all China. That requires different skills and capabilities than those wielded in the militarised war against jihadists. As Mr Warner notes, “it’s not just about who has the best rocket or submarine. Who’s going to control the 5g network? What will be the ethical and legal criteria around ai?...We kind of fell asleep at the wheel, and China flooded the zone with engineers in standard-setting areas.”
US investors funding Chinese firms with military ties: State Department
South China Morning Post
At least 70 per cent of Chinese companies previously identified by the United States government as having ties to the Chinese military have affiliates whose securities are included on major stock indices, with money from US investors supporting these companies involved in both civilian and military production, the State Department said on Sunday.
Coronavirus Apps Show Promise but Prove a Tough Sell
The New York Times
Technology to alert people exposed to the virus could slow transmission, pilot studies show, but only if people and states sign up. So far, most haven’t.
North Asia
‘Stronger together': Taiwan foreign minister urges new alliance against China
The Guardian
@heldavidson
He said Taiwan would “appreciate” intelligence information sharing and other non-military forms of support from other allies including Australia and Japan. Taiwan was working domestically against disinformation campaigns and infiltration, but also sought international partners on hybrid warfare and security cooperation.
Singapore’s government launches blockchain innovation program with $8.9 million in funding
TechCrunch
@CatherineShu
A group of Singaporean government agencies is launching a new research program for blockchain technology with $12 million SGD (about $8.9 million USD) in funding. Called the Singapore Blockchain Innovation Programme (SBIP), the project is a collaboration between Enterprise Singapore, Infocomm Media Development Authority and the National Research Foundation Singapore. It has support from the Monetary Authority of Singapore, the country’s central bank and financial regulator.
India
Twitter accused of censoring Indian critic of Hindu nationalism
The Guardian
Twitter has been accused of censoring the prominent Indian journalist Salil Tripathi by suspending his account, after he tweeted on subjects including the anniversary of the demolition of the Babri mosque and his work on India’s shrinking democratic space.
The Pacific
Billions Needed to Build 200 Huawei Towers
Solomon Times
@ginakekea
Building 200 broadband towers across the country will cost the government Billions of dollars. Chinese tech giant Huawei were in advanced talks with the government to build the 200 broadband towers around the country. The Prime Ministers office would not confirm whether the technical paper for the 200 towers was presented or passed by Cabinet, although sources say it has.
UK
Europe
After U.S. Push, EU Set to Target Human-Rights Violators
The Wall Street Journal
The EU has approved the sanctions regime, set to be formally launched in early December, ending a decade of fighting that has divided the region’s governments, parliaments and political parties. The law will also give EU governments a new tool to coordinate sanctions with the U.S., just as the Biden administration prepares to take office.
South America
Hackers leak data from Embraer, world's third-largest airplane maker
ZD Net
@campuscodi
Brazilian company Embraer, considered today's third-largest airplane maker after Boeing and Airbus, was the victim of a ransomware attack last month. Today, hackers involved in the intrusion have leaked some of the company's private files as revenge after the airplane maker refused to negotiate and instead chose to restore systems from backups without paying their ransom demand.
Middle East
UAE target of cyber attacks after Israel deal, official says
Reuters
The United Arab Emirates was the target of cyber attacks after establishing formal ties with Israel, the Gulf Arab state's cyber security head said on Sunday.
Misc
Five Cyber Strategies to Forget in 2021
CSIS
There is an exuberant public discussion of cybersecurity. However, at times this discussion is not as well thought out as one might hope. The starting point for analysis should not be artifacts from Cold War strategic thinking or hypothetical scenarios that are demonstrably improbable (now that we have had more than 25 years of experience with cyber conflict), but observable fact. Guided by observation and experience, we can improve analysis and policymaking if we eliminate these five refutable concepts from our cyber vocabulary for 2021.