NEW REPORT: Borrowing Mouths to Speak on Xinjiang | Huawei linked to China's surveillance programs | Details of 80,000 SA public servants hacked
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
ASPI ICPC’s new report ‘Borrowing Mouths to Speak on Xinjiang’ explores how the CCP uses foreign social media influencers to shape & push messages domestically & internationally about Xinjiang that are aligned with its own preferred narratives.
The Chinese tech giant Huawei Technologies has long brushed off questions about its role in China’s state surveillance, saying it just sells general-purpose networking gear. A review by The Washington Post of more than 100 Huawei PowerPoint presentations, many marked “confidential,” suggests that the company has had a broader role in tracking China’s populace than it has acknowledged. The Washington Post
Nearly 80,000 public sector workers in South Australia “should assume” their personal information has been accessed in a recent cyber attack, the state's Treasurer says. The South Australian government announced on Friday that the attack on its payroll software, Frontier, left between 38,000 and 80,000 workers vulnerable. The data includes names, dates of birth, tax file numbers, home addresses, bank account details, remuneration and superannuation contributions. ABC News
ASPI ICPC
‘Borrowing Mouths to Speak on Xinjiang’
ASPI ICPC
Fergus Ryan, Ariel Bogle, Nathan Ruser, Albert Zhang & Daria Impiombato
ASPI ICPC’s new report ‘Borrowing Mouths to Speak on Xinjiang’ explores how the CCP uses foreign social media influencers to shape & push messages domestically & internationally about Xinjiang that are aligned with its own preferred narratives.
How Beijing Influences the Influencers
The New York Times
Paul Mozur, Raymond Zhong, Aaron Krolik, Aliza Aufrichtig & Nailah MorganAccording to a document featured in a new report by the Australian Strategic Policy Institute, China’s internet regulator paid about $30,000 to a media company as part of a campaign called “A Date With China,” which used “foreign internet celebrities” to promote the government’s success in alleviating poverty.
World
Apple closes in on $3 trillion market value
Reuters
Nivedita Balu, Anisha Sircar & David Randall
Apple Inc's (AAPL.O) market value hovered just shy of the $3 trillion mark on Monday, following a stunning run over the past decade that has turned it into the world's most valuable company.
The Log4J Vulnerability Will Haunt the Internet for Years
WIRED
Lily Hay Newman
A vulnerability in the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the world's most popular applications and services to attack, and the outlook hasn't improved since the vulnerability came to light on Thursday. If anything, it's now excruciatingly clear that Log4Shell will continue to wreak havoc across the internet for years to come.
Australia
Personal details of nearly 80,000 South Australian public sector workers accessed in cyber attack, government confirms
ABC News
Nearly 80,000 public sector workers in South Australia "should assume" their personal information has been accessed in a recent cyber attack, the state's Treasurer says. The South Australian government announced on Friday that the attack on its payroll software, Frontier, left between 38,000 and 80,000 workers vulnerable. The data includes names, dates of birth, tax file numbers, home addresses, bank account details, remuneration and superannuation contributions.
Personal details of 80,000 South Australian public servants stolen in cyber-attack
The Guardian
Royce Kurmelovs
Records including the name, tax file number and banking details of almost 80,000 South Australian government employees may have been stolen in a cyber-attack, with workers advised to assume their personal information has been stolen. The South Australian treasurer, Rob Lucas, first disclosed on Friday that records of 38,000 government employees had been stolen in a cyber-attack, but confirmed the extent of the data breach on Tuesday. The attack was carried out against Frontier Software, an external company that has provided the South Australian government’s payroll software for the last 20 years. It affects employees working for the government as of July last year, with only employees at the Department of Education excluded from the hack.
China
Documents link Huawei to China’s surveillance programs
The Washington Post
Eva Dou
The Chinese tech giant Huawei Technologies has long brushed off questions about its role in China’s state surveillance, saying it just sells general-purpose networking gear. A review by The Washington Post of more than 100 Huawei PowerPoint presentations, many marked “confidential,” suggests that the company has had a broader role in tracking China’s populace than it has acknowledged.
China’s troll king: how a tabloid editor became the voice of Chinese nationalism
The Guardian
Han Zhang
Hu Xijin is China’s most famous propagandist. At the Global Times, he helped establish a chest-thumping new tone for China on the world stage – but can he keep up with the forces he has unleashed?
Chinese nationalists have a new target: Lenovo
Protocol
Zeyi Yang
As a new generation of Chinese tech companies go global, often courting controversy in the process, it’s easy to forget Lenovo, the Chinese computer maker that acquired ThinkPad from IBM in 2005 and remains the world’s largest PC company. But Chinese nationalists haven’t; and now, they are sharpening their knives to go after a company that, for so long, seemed to have it comfortably both ways. For the past month, Lenovo has been engulfed in a renewed controversy in its home country about whether the Beijing-headquartered company is “unpatriotic” and kowtowing to international markets.
Journal Retracts Paper Based on DNA of Vulnerable Chinese Minorities
The Intercept
Mara Hvistendahl
A highly regarded scientific journal has retracted a paper based on DNA samples from nearly 38,000 men in China, including Tibetans and Uyghurs who almost certainly did not give proper consent.
The rare retraction by the journal, Human Genetics, follows a two-year crusade by a Belgian scientist to push publishers to investigate research that he and others say is complicit in human rights violations.
The paper’s authors used DNA samples from across China to assess genetic variation among and within ethnic groups. The journal’s editors retracted the paper because of doubts about the informed consent process.
Weibo fined by Chinese regulator for publishing illegal information
Reuters
Josh Horwitz & Brenda Goh
Chinese social media platform Weibo Corp has been slapped with a 3 million yuan ($470,000) fine by China's internet regulator for repeatedly publishing illegal information. The Cyberspace Administration of China (CAC) said Weibo had violated a cybersecurity law on the protection of minors as well as other laws but did not give further details. It also said Beijing's local cyberspace regulator had imposed 44 penalties on Weibo totalling 14.3 million yuan for the year to November.
Chinese smartphone maker Oppo unveils self-developed chip for phones
Reuters
Josh Horwitz
Chinese smartphone maker Oppo unveiled on Tuesday a new self-developed chip, as the hardware company moves further into the semiconductor sector.
Oppo’s first self-developed chip is all about imaging performance
TechCrunch
Rita Liao
Chinese smartphone giant Oppo revealed its first in-house chipset at its annual innovation event hosted in Shenzhen on Tuesday. The MariSilicon X chip announced — named after the Mariana Trench — is a neural processing unit that aims to boost photo and video performance through machine learning. The move adds Oppo to a list of smartphone makers that are designing their own chips, such as Apple.
With Didi Leaving Wall Street, Trading Edges Closer to Beijing’s Thumb
The New York Times
Lananh Nguyen & Matt Phillips
Didi is moving its stock listing to Hong Kong, heralding more departures as Beijing ramps up scrutiny of China’s corporate sector.
USA
US-China tech war: Washington blocks Chinese fund’s US$1.4 billion takeover of South Korean chip maker
The South China Morning Post
Che Pan
The US agency responsible for screening foreign investment deals has blocked a Chinese fund’s US$1.4 billion takeover of a South Korean chip maker, as Washington continues to exert its influence to restrict China’s access to semiconductor technologies. Chinese buyout fund Wise Road Capital has withdrawn its bid for Magnachip after the deal failed to receive approval from the Committee on Foreign Investment in the United States (CFIUS), according to a statement from the Seoul-based company on Monday. The termination of the deal comes as the semiconductor industry takes centre stage in technology rivalry between China and the US. Separately, Washington barred US investment in Chinese artificial intelligence start-up SenseTime before its Hong Kong IPO this week.
U.S. Space Force holds war game to test satellite network under attack
Reuters
Mike Stone
The United States is testing satellite resiliency to threats from China and Russia miles above the earth's surface, just weeks after Russia shot down an aging communications satellite. The computer-aided simulations included potential shooting down of U.S. missile-tracking satellites, satellite jamming, and other electronic warfare "effects" that are possible tactics in space warfare. Actual satellites are not used.
Harvard professor charged with lying about China ties goes on trial
Reuters
Nate Raymond
A federal jury was selected on Tuesday in the trial of a Harvard University nanotechnology professor accused of lying to U.S. authorities about his ties to a China-run recruitment program and concealing funding he received from the Chinese government...Prosecutors charged Lieber in January 2020 as part of the U.S. Department of Justice's "China Initiative" it started during former President Donald Trump's administration to combat Chinese economic espionage and research theft.
Six more women sue Tesla over workplace sexual harassment
TechCrunch
Igor Bonifacic
In the wake of Jessica Barraza’s lawsuit last month, six more current and former female employees have come forward to accuse Tesla of fostering a culture of rampant sexual harassment at its Fremont factory in California. In separate complaints filed on Tuesday with the Superior Court in Alameda County, the women said they were consistently subjected to catcalling, unwanted advances, physical contact and discrimination while at work.
South and Central Asia
The case for deeper technological ties with London
The Indian Express
C. Raja Mohan
It makes strategic and economic sense for Delhi, as the UK is one of the few nations to have laid out ambitious policy goals with an eye on the unfolding technological revolution. When Delhi thinks of technological cooperation with major powers, the US, Europe and Japan come to mind. Russia lags behind its Western cousins in civilian technologies but remains a major force in defence technologies. China has risen to the top ranks of technological powers, but President Xi Jinping’s expansionist policies have put Beijing at odds with not only the West but also India. The missing link in India’s technological mind space, however, is the United Kingdom.
UK
Cyber review warns UK and west in ‘clash of values’ with Russia and China
The Guardian
Dan Sabbagh
Britain and the West are becoming embroiled in a “clash of values” with Russia and China over the rules governing the internet, ministers and spy chiefs warned in the UK’s first national cyber review published since 2016. Threats to the UK in cyberspace are “evolving and diversifying” they added, and argued that Britain has to improve its offensive cyber capabilities – and its wider digital skills base to meet the challenge.
Government unveils national cyber strategy in bid to protect UK from hostile states and ransomware plots
The Independent
Kim Sengupta
The government is set to announce its new National Cyber Strategy aimed, it says, at protecting the country from attacks by hostile states and organised crime, while projecting “Global Britain” as a “world leader” in the field. The programme, funded by £2.6bn allocated in the spending review, will carry out offensive operations against countries carrying out malign cyber activities and pursue criminals who are using the internet for ransomware.
UK regulator says Google and Apple hold 'vice-like' grip on consumers
Reuters
Paul Sandle & Kate Holton
Google (GOOGL.O) and Apple (AAPL.O) hold a "vice-like" grip over how people use mobile phones, stripping any meaningful choice from the system and potentially hiking costs, Britain's competition regulator said on Tuesday. The Competition and Markets Authority (CMA) said it had provisionally found that the two groups were able to leverage their market power to create largely self-contained ecosystems. The statement is a fresh warning to tech groups after the regulator, with British government backing, stepped up scrutiny of the power they wield in a world increasingly lived online.
Apple and Google’s mobile duopoly likely to face UK antitrust action
TechCrunch
Natasha Lomas
The U.K.’s antitrust watchdog has given the clearest signal yet that interventions under an upcoming reform of the country’s competition rules will target tech giants Apple and Google — including their duopolistic command of the mobile market, via iOS and Android; their respective app stores; and the browsers and services bundled with mobile devices running their OSes. So it could mean good news for third-party developers trying to get oxygen for alternatives to dominant Apple and Google apps and services down the line. Publishing the first part of a wide-ranging mobile ecosystem market study — which was announced this summer — the Competition and Markets Authority (CMA) said today that it has “provisionally” found Apple and Google have been able to leverage their market power to create “largely self-contained ecosystems”; and that the degree of lock-in they wield is damaging competition by making it “extremely difficult for any other firm to enter and compete meaningfully with a new system”.
UK lawmakers call for tougher crackdown on online scammers, cyberflashing
Reuters
Huw Jones
Google, Facebook and other online services should be held legally accountable for advertisements on their platforms in order to prevent fraudsters scamming millions of consumers, a cross-party group of British lawmakers has said. Britain has proposed a landmark online safety law to punish abuses such as child pornography, racism and violence against women, but a joint committee of lawmakers drawn from both houses of parliament said on Tuesday it should go a step further to cover paid-for adverts. "Excluding paid-for advertising will leave service providers with little incentive to remove harmful adverts, and risks encouraging further proliferation of such content," the joint committee report said. The Financial Conduct Authority also wants adverts on social media and search engines, currently excluded from the draft law, to be included after 754 million pounds ($999.65 million) was stolen from consumers in the first six months of this year.
UK lawmakers push for Online Safety Bill to have a tighter focus on illegal content
TechCrunch
Natasha Lomas
A U.K. parliamentary committee that’s spent almost half a year scrutinizing the government’s populist yet controversial plan to regulate internet services by applying a child safety-focused framing to content moderation has today published its report on the draft legislation — offering a series of recommendations to further tighten legal requirements on platforms.
UK antitrust regulator looks into Microsoft's $16 bln Nuance deal
Reuters
Yadarisa Shabong
Britain's antitrust regulator said on Monday it will look into Microsoft Corp's (MSFT.O) $16 billion purchase of artificial intelligence and speech technology firm Nuance Communications Inc (NUAN.O). The Competition and Markets Authority (CMA), which has been stepping up its regulation of Big Tech, said it was considering if the deal would result in lesser competition in the UK market. Microsoft announced it would buy Nuance in April to boost its presence in cloud services for healthcare. The deal has already received regulatory approval in the United States and Australia, without remedies given.
Europe
Politician says Germany should ban Telegram unless it tackles extremist content
Reuters
Thomas Escritt
Germany should order the messaging programme Telegram removed from Apple's and Google's app stores if it continues to ignore requests to help track down extremist content, a senior German official said on Tuesday. Telegram has been blamed in Germany for fueling an increasingly virulent subculture of anti-vaccine conspiracy theorists who exchange news about supposed dangers and arrange protests that have spilled over into violence. The app, which says it does not bow to "government censorship", has become increasingly popular with activists and protesters, especially as platforms like Facebook become more responsive to government pressure to crack down on those spreading lies, threats or conspiracy theories.
Key EU parliament committee agrees tough position on DSA tech rules
Reuters
Foo Yun Chee
A key European Parliament committee agreed on Tuesday to a ban on "dark patterns" that trick web users and advertising targeting minors as part of new rules aimed at U.S. tech giants, taking a tougher stand that could spell trouble in forthcoming negotiations with EU countries. The Digital Services Act (DSA), a proposal from EU antitrust chief Margrethe Vestager, forces Amazon (AMZN.O), Apple (AAPL.O), Alphabet (GOOGL.O) unit Google and Facebook owner Meta (FB.O) to do more to tackle illegal content on their platforms or risk fines up to 6% of global turnover. Vestager's proposal needs to be ironed out with EU countries and lawmakers next year before it can become law, the first of its kind in the world.
Europe’s final push on the Digital Markets Act must include default settings
TechCrunch
Sophie Dembinski
Europe has a deeply uneven tech playing field. But as members of the European Parliament prepare to vote in plenary on the Digital Markets Act (DMA) on Wednesday, there’s a chance to correct this course. MEPs must sustain significant progress made within the legislation, such as with regard to ad platforms, as well as the major wins brought home by the European Commission over recent months such as the Google Shopping case and Android choice screen — demonstrating the EU’s ability to take concrete action to create a fair and competitive European market. MEPs must now secure a majority on key amendments tabled ahead of the plenary and following the pivotal Internal Market and Consumer Protection Committee vote last month. Of most importance are those focused on default settings that would finally prohibit tech giants such as Google from locking up search defaults on gatekeeping platforms and provide European consumers with real choice across mobile and desktop devices once and for all.
German chip chemical supplier Merck to invest 500 mln euros in Taiwan
Reuters
Sarah Wu
German supplier of chemicals and materials used in making semiconductors, Merck KGaA (MRCG.DE), announced on Tuesday it is to invest 500 million euros in Taiwan over the next five to seven years, primarily in semiconductor technologies.
The Americas
Mexico may appeal 'discriminatory' U.S. EV tax credits
Reuters
Raul Cortes, Sharay Angulo & Drazen Jorgic
Mexico is not ruling out the possibility of appealing to an international panel over tax incentives proposed by the United States for some U.S.-made electric vehicles, President Andres Manuel Lopez Obrador said on Tuesday. Mexico has promised to review a range of legal actions in response to a new U.S. tax incentive that Mexican officials say is "discriminatory" and contrary to free trade including the new United States-Mexico-Canada Agreement (USMCA) trade pact. The U.S. Congress is considering a new $12,500 tax credit that would include $4,500 for union-made U.S. electric vehicles. Only U.S.-built vehicles would be eligible for the $12,500 credit after 2027, under a House proposal.
Misc
Exclusive: Facebook owner is behind $60 mln deal for Meta name rights
Reuters
David French & Elizabeth Culliford
Meta Platforms Inc (FB.O), the owner of social media network Facebook, is behind a $60 million deal to acquire the trademark assets of U.S. regional bank Meta Financial Group (CASH.O), spokespeople for the companies said on Monday. The deal underscores how valuable the Meta name has become for the technology giant, which is betting that its focus on the metaverse - shared digital spaces accessed via the internet through an array of devices - will pay off handsomely in the coming years. Meta Financial had said in regulatory filing on Monday that a Delaware company called Beige Key LLC agreed to acquire the worldwide rights to its company names for $60 million in cash. It did not disclose who the owner of Beige Key was.
Apple releases ‘Tracker Detect’ Android app to help users discover unknown nearby AirTags
TechCrunch
Aisha Malik
Apple has released a new Android app called “Tracker Detect” to help people who don’t own Apple products to identity unexpected AirTags near them in an effort to boost privacy. If a user thinks they may be being tracked, they can use the app to scan for nearby AirTags. If the app finds any, it will flag it as an “unknown AirTag.” If a detected item tracker is known to be moving with a user for more than 10 minutes, users will be able to play a sound on the detected item tracker to help locate it. From there, the user will be given instructions on how to learn more about it and how to disable it by removing the battery.
Twitter adds auto captions feature to make videos more accessible
TechCrunch
Amanda Silberling
Starting today, Twitter is rolling out auto-generated captions on videos. This feature will make videos more accessible for Deaf and hard-of-hearing users. Auto captions will be available on web, iOS and Android in over thirty languages, including English, Spanish, Japanese, Arabic, Thai, Chinese, Hindi and many more. The captions could become useful in Twitter’s new vertical feed the company began testing last week. The feed, if rolled out publicly, would make the app’s Explore tab resemble TikTok, serving one piece of algorithmically recommended content at a time, including videos. On feeds like this, captioned videos have become expected because they make it easier to scroll through feeds when you’re in a public place and headphones aren’t in reach.
Podcasts
He Conceived of the Metaverse in the ’90s. He’s Unimpressed With Mark Zuckerberg’s
The New York Times
Neal Stephenson & Kara Swisher
The novelist Neal Stephenson on Facebook’s next move and how you can survive the climate crisis.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.