New report on language and Aust–China relations | Mark Zuckerberg rallies Facebook employees against critics | Victorian hospitals hit by ransomware attack
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
As Australia is compelled to engage a more confrontational China, there’s a risk that political commentary and media reporting on China’s influence and interference operations in Australia could affect Chinese-Australian communities adversely. What can well-meaning Australians do to help? And how can Chinese-Australian communities be enlisted as equal partners in meeting the challenges ahead? ASPI ICPC
In language that is often more candid than he typically uses in his public comments, Zuckerberg seeks to rally the company against Facebook's competitors, critics, and the US government. "But look, at the end of the day, if someone’s going to try to threaten something that existential, you go to the mat and you fight," Zuckerberg said. The Verge
The Victorian Government is investigating the scale of a ransomware attack by "sophisticated cyber criminals" on some of the state's major regional hospitals that has forced healthcare providers to go offline. ABC
ASPI ICPC
Mind your tongue: Language, public diplomacy and community cohesion in contemporary Australia–China relations
ASPI ICPC
John Fitzgerald
As Australia is compelled to engage a more confrontational China, there’s a risk that political commentary and media reporting on China’s influence and interference operations in Australia could affect Chinese-Australian communities adversely. What can well-meaning Australians do to help? And how can Chinese-Australian communities be enlisted as equal partners in meeting the challenges ahead?
Media's 'sloppy' language on China is playing into Beijing's hands, report warns | The Sydney Morning Herald
China trying to portray criticism of government as racism, says report | The Australian Financial Review
Australia's Cyber Strategy, version 2.0
ASPI ICPC
Back in 2016, Australia launched its first national cybersecurity strategy. The strategy covers a four-year period to 2020, and given the changes in the security environment, an update is now clearly warranted. To that end, the government has just launched a discussion paper to kick off the public consultation. The closing date for submissions on the discussion paper is 1 November.To complement the public submission process, ASPI’s International Cyber Policy Centre is initiating a public debate on what should be included in the next cybersecurity strategy. Contributions will be compiled into a report that we will deliver to the Department of Home Affairs to inform the strategy’s development. Follow the debate here.
Doxxing the pro-democracy movement in Hong Kong
The Strategist
@elisethoma5
Since late August, an anonymous website has been publishing the personal details of pro-democracy protesters, journalists and politicians in Hong Kong. Building on our team’s earlier analysis of the state-backed information campaign targeting the Hong Kong protests, I took a look at how this site has been spread on Twitter.
China’s Youth Are Trapped in the Cult of Nationalism
Foreign Policy
@xu_xiuzhong
Since I reported on a Sydney pro-China rally marred by aggression and violence, I have become a national enemy on the Chinese internet. Articles and social media posts calling me a traitor have spread from Australia to the United States and even my hometown.
Yesterday ASPI ICPC hosted the 2nd regional workshop on e-governance in the Pacific.
World
Academics find eight vulnerabilities in Android's VoIP components
ZDNet
@campuscodi
The vulnerabilities can be exploited to make unauthorized VoIP calls, spoof caller IDs, deny voice calls, and even execute malicious code on users' devices.
Australia
Snarky tweets as a national security imperative
The Strategist
@TimWattsMP
The ‘one-tweet hacker’ slipped through the fingers of law enforcement once more last week when the Australian Federal Police dropped its investigation into the alleged hacking of Liberal candidate Jessica Whelan’s Facebook account during the federal election campaign, after she failed to provide the referral needed for the investigation to proceed.
Victorian hospitals across Gippsland, Geelong and Warrnambool hit by ransomware attack
ABC
The Victorian Government is investigating the scale of a ransomware attack by "sophisticated cyber criminals" on some of the state's major regional hospitals that has forced healthcare providers to go offline.
China
Analysis and Disclosure of the US Central Intelligence Agency Network Weapons Database
RedDrip Team
@RedDrip7
The Red Raindrop team of the Chianxin Threat Intelligence Center conducted research on historically exposed CIA network weapons and related materials, and discovered a variety of cyber weapon files, and correlated and judged the contents of the existing public information based on the analysis results. And we also found that these cyber weapons were used to attack Chinese target personnel and institutions. The related attacks mainly occurred between 2012 and 2017 (in line with the Vault7 data disclosure time), and after the relevant information was exposed until 2018 At the end of the year, some of the attacks were still carried out, and the target may involve the domestic aviation industry.
China Enforces Barriers Against Foreign AI and VSaaS Providers
IPVM
@CharlesRollet1
While AI and VSaaS is the future of video surveillance, these are obstructed to foreign firms in China (the PRC), where authorities are tightening implementation of rules, as demonstrated by 2 recent examples of major PRC surveillance companies that IPVM found. This is in stark contrast to the US and EU, where foreign companies including PRC Hikvision owned Ezviz operate with virtually no restrictions. This gives the PRC a massive advantage in the field thanks to its vast protected home market.
Could China's strict cyber controls gain international acceptance?
Asia One
It is all part of a broader push by China to try to influence the global norms for cyberspace, pushing back against the competing international support for a free and open online world as cyberattacks, digital espionage and online influence campaigns grow as security concerns.
USA
In two hours of leaked audio, Mark Zuckerberg rallies Facebook employees against critics, competitors, and the US government
The Verge
In language that is often more candid than he typically uses in his public comments, Zuckerberg seeks to rally the company against Facebook's competitors, critics, and the US government. "But look, at the end of the day, if someone’s going to try to threaten something that existential, you go to the mat and you fight," Zuckerberg said.
Facebook’s "I Voted" Button Could Be Trump’s Secret Turnout Weapon In 2020
Buzzfeed News
The news Tuesday that Mark Zuckerberg is preparing to fight Sen. Elizabeth Warren's policies has returned the spotlight to an uncomfortable fact about Facebook’s scale and power: Its actions could help determine whether Warren, Donald Trump, or someone else is sworn into office in January 2021.
White House ordered ultrasecret system upgraded to prevent leaks
Politico
@dlippman @natashabertrand
The Trump White House upgraded the security of the National Security Council’s codeword system in the spring of 2018, according to two former Trump White House officials familiar with the matter, as part of an effort to ferret out and deter leaks.
Southeast Asia
New cyber-security masterplan launched to protect critical sectors
The Straits Times
Hariz Baharudin
A masterplan has been unveiled to protect operational technology (OT) systems from cyber attacks that can cripple Singapore’s water supply, transport and other critical sectors.
Europe
Report on the state of cyber security in the Czech Republic in 2018
Czech government
In 2018 the NUKIB continued its investigation into a large-scale attack on a strategically important Czech government institution. The investigation included an analysis of available technical data and other relevant information (character of the victim, duration of the attack, nature of stolen information, disposal of stolen information, etc.), concluding that the attack originator was almost certainly (90-100%) a state actor or a group associated with one. According to the information available to the NUKIB, it is likely (55-70%) that the attack was conducted by a Chinese actor.
Ransomware incident to cost Danish company a whopping $95 million
ZDNet
@campuscodi
Demant, one of the world's largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month.
Trolls for hire: Russia's freelance disinformation firms offer propaganda with a professional touch
NBC News
@bpopken
Firms charged varying prices for services, such as $8 for a social media post, $100 per 10 comments made on an article or post and $65 for contacting a media source.
Misc
The First Ever Global Meeting on Cyber Norms Holds Promise, But Broader Challenges Remain
Council on Foreign Relations
Earlier this month, the United Nations held the first ever global meeting on peace and stability in cyberspace. While there is little reason to expect states to reach a final agreement on major issues, this forum could have a lot to offer so long as states remain focused on consensus areas and win-win pragmatism.
Report: Cyber Criminals Target More Firms in Search of Bigger Paydays
Nextgov
In a report published Tuesday, researchers at the cybersecurity company CrowdStrike said some 61% of the malicious campaigns they uncovered during the first half of 2019 were conducted by cyber criminals, while the other 39% were launched by state-sponsored actors. That represents a sharp spike from last year, when online criminals were responsible for only about one-quarter of targeted intrusion campaigns, they said.
Events
The Digital Revolution in the Pacific
ASPI ICPC
ASPI’s International Cyber Policy Centre warmly invites you to attend a panel discussion to consider how governments and businesses in the Pacific Islands are reaping the benefits and tackling the challenges stemming from increased internet and mobile connectivity.
The rise of information warfare: in-conversation with Peter W. Singer
ASPI ICPC
ASPI's International Cyber Policy Centre invites you to an in-conversation with Peter W. Singer and Danielle Cave to consider the rise of information warfare. Peter Warren Singer is strategist and senior fellow at New America. He has been named by the Smithsonian as one of the nation’s 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and as an official “Mad Scientist” for the U.S. Army’s Training and Doctrine Command. A drinks and canapes reception will conclude the event. This event is kindly supported by Microsoft.
Cyber Security Hypothetical – Panel
UNSW
We invite you to join us on 22 October, in challenging paradigms and provoking discussion around this important topic that impacts and targets us all. Cyber Security Hypothetical will be led and moderated by Mr Steve Wilson and panellists will include MAJGEN Marcus Thompson, Professor Michael Frater, Mr Alastair MacGibbon, Ms Kate Carruthers and Mr Justin Warren.