Good morning. It's Friday 6th October.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.



Have feedback? Let us know at icpc@aspi.org.au.

Follow us on Twitter and on LinkedIn.

Shipbuilding companies in South Korea have faced a string of cyberattacks from North Korea, in a suspected attempt to steal technical data that could strengthen the North Korean navy. South Korea's National Intelligence Service said it detected attempts by organised North Korean hackers to breach the shipbuilders' systems in August and September. It called on the industry to strengthen security measures. Nikkei Asia

The US is deepening intelligence cooperation with countries across Asia as it looks to counter Beijing’s sophisticated spying apparatus and blunt Chinese cyber attacks. The Biden administration has developed a set of separate but overlapping partnerships in Asia, including an intelligence-sharing arrangement with the ‘Quad’ grouping of the US, India, Japan and Australia, according to US officials who asked not to be identified discussing matters that aren’t public. Bloomberg

Belgium’s intelligence service has been monitoring Alibaba’s main logistics hub in Europe for espionage following suspicions Beijing has been exploiting its growing economic presence in the West. European governments have been increasing scrutiny of the alleged security and economic risks posed by Chinese companies, which has been part of a wider reassessment of the EU’s traditional openness to trade with China. Financial Times

China

The decentralised social media ‘super app’ of Elon Musk’s dreams already exists, with growing interest in China

South China Morning Post

Matt Haldane

An enthusiastic group of pro bono programmers strewn across the globe, including in Hong Kong, are building the open source, crypto-focused super app of Elon Musk’s dreams – but without the app. For the past year, a dedicated group of developers have been working on a decentralised social media protocol, with new features rolling out at a pace that makes it hard to keep track. Updates made this year to the protocol, which was started in late 2020, and to related apps encompass everything from a marketplace with cryptocurrency payments to a TikTok-like short video feed.

China’s E.V. threat: A carmaker that loses $53,000 a car

The New York Times

Keith Bradsher

Nio, a Chinese electric car company that competes with Tesla, employs 11,000 people in research and development, but sells a mere 8,000 cars per month. Nio offers $350 augmented reality glasses for each seat in its cars, and has introduced a cellphone that interacts with the car’s self-driving system. And none of it is profitable — far from it. Nio lost $835 million from April through June, or $35,000 for each car it sold. Nio and other companies in China’s sprawling electric car sector have formidable government backing that allows them to withstand such losses and keep growing.

USA

US weaves web of intelligence links in Asia to counter China

Bloomberg

Peter Martin and Jenny Leonard

The US is deepening intelligence cooperation with countries across Asia as it looks to counter Beijing’s sophisticated spying apparatus and blunt Chinese cyber attacks. The Biden administration has developed a set of separate but overlapping partnerships in Asia, including an intelligence-sharing arrangement with the “Quad” grouping of the US, India, Japan and Australia, according to US officials who asked not to be identified discussing matters that aren’t public.

Meta and X questioned by lawmakers over lack of rules against AI-generated political deepfakes

Associated Press

Matt O’Brien

Two Democratic members of Congress sent a letter Thursday to Meta CEO Mark Zuckerberg and X CEO Linda Yaccarino expressing “serious concerns” about the emergence of AI-generated political ads on their platforms and asking each to explain any rules they’re crafting to curb the harms to free and fair elections. “They are two of the largest platforms and voters deserve to know what guardrails are being put in place,” said US Sen. Amy Klobuchar of Minnesota in an interview with The Associated Press. “We are simply asking them, ‘Can’t you do this? Why aren’t you doing this?’ It’s clearly technologically possible.”

How the big chip makers are pushing back on Biden’s China agenda

The New York Times

Tripp Mickle, David McCabe and Ana Swanson

Since July, Nvidia, Intel and Qualcomm, three of the world’s largest chip makers, have pressed their case that cracking down on China would have unintended consequences. They have challenged the White House’s national security wisdom in meetings with officials like Secretary of State Antony J. Blinken and Commerce Secretary Gina M. Raimondo, wooed think tanks and urged leaders across Washington to reconsider additional chip controls, according to interviews with two dozen officials across the government, industry and policy organizations.

Americas

Suspected China-linked hackers target Guyana government with new backdoor

The Record by Recorded Future

Daryna Antoniuk

A cyber espionage campaign has been targeting government agencies in Guyana with a previously undocumented backdoor used to harvest sensitive information, according to new research. Researchers at the Slovakia-based cybersecurity firm ESET named the backdoor DinodasRAT after the hobbit Dinodas in the Lord of the Rings. Alongside DinodasRAT, the hackers used a version of the Korplug backdoor, a tool commonly associated with China-aligned groups like Mustang Panda.

North Asia

North Korean hackers target South Korea's shipbuilding tech

Nikkei Asia

Junnosuke Kobara

Shipbuilding companies in South Korea have faced a string of cyberattacks from North Korea, in a suspected attempt to steal technical data that could strengthen the North Korean navy. South Korea's National Intelligence Service said it detected attempts by organized North Korean hackers to breach the shipbuilders' systems in August and September. It called on the industry to strengthen security measures.

Taiwan to probe suppliers helping Huawei with China chip plants

Bloomberg

Jane Lee and Debbie Wu

Taiwan will investigate whether Taiwanese firms helping Huawei Technologies Co. with chipmaking plants in China violated US sanctions, ramping up scrutiny of a company at the heart of Washington-Beijing tensions over technology. Minister of Economic Affairs Wang Mei-hua told lawmakers Wednesday her agency has agreed to launch a probe into that unusual relationship.

Taiwan to tighten tech safeguards against China this year

Nikkei Asia

Thompson Chau and Cheng Ting-Fang

Taiwan is set to announce this year a list of critical technologies it wants to protect from the reach of China, a top Taiwanese official told Nikkei Asia. "Before the end of the year, the National Science and Technology Council will announce what are considered core technologies that need to be protected," Wellington Koo, secretary-general of Taiwan's National Security Council, told Nikkei Asia.

Tech war: Taiwan’s share in global semiconductor manufacturing supply chain to decline, while mainland China poised for gains, IDC report says

South China Morning Post

Xinmei Shen

Taiwan’s share in the global chip manufacturing supply chain – covering foundry work and the field of assembly and test – is expected to decline over the next few years, while mainland China’s portion will continue to increase amid changes brought by various governments’ semiconductor policies and geopolitical tensions, according to a report by market research firm IDC. “Geopolitical shifts are fundamentally changing the semiconductor game,” Helen Chiang, IDC’s Asia-Pacific semiconductor research lead and Taiwan country manager, wrote in the report published earlier this week.

Southeast Asia

TikTok shuts shopping feature in Indonesia following ban

The New York Times

John Yoon and Muktita Suhartono

Indonesia was one of the first countries where TikTok launched TikTok Shop, betting on the app's potential to become a successful retail platform for the company's second-largest user base. Now, the country has become the first to block the feature. TikTok, a hugely popular short-form video platform, shut down its Shop apparatus in Indonesia on Wednesday after the country banned commerce on social media platforms to protect local business owners, a setback for the app's new venture in a major market.

Europe

Alibaba accused of ‘possible espionage’ at European hub

Financial Times

Laura Dubois and Qianer Liu

Belgium’s intelligence service has been monitoring Alibaba’s main logistics hub in Europe for espionage following suspicions Beijing has been exploiting its growing economic presence in the West. European governments have been increasing scrutiny of the alleged security and economic risks posed by Chinese companies, which has been part of a wider reassessment of the EU’s traditional openness to trade with China.

UNESCO, Dutch launch project to prepare for AI supervision

Reuters

Toby Sterling

The Netherlands and the UN on Thursday launched a project to help prepare Europe's national agencies to supervise artificial intelligence. The project, undertaken with support of the European Commission, comes ahead of the passage of the AI Act, the broad legislation that is expected to govern AI use in Europe. In the project, UNESCO will be assembling information about how European countries are currently supervising AI and putting together a list of ‘best practices’ recommendations. The Dutch digital infrastructure agency will be assisting UNESCO in communicating and meeting with national working groups from around Europe.

UK

Supporting NATO’s cyber posture

UK Government

Centred on cybersecurity and cyberconflict, the CyberSec Summit 2023 brought together influential decision-makers, experts, and stakeholders to discuss the theme of ‘shielding the digital frontier’. As NATO contends with digital threats originating from both adversarial nations and cybercriminals, Deputy Commander Lieutenant General Tom Copinger-Symes joined a panel discussion on how we can support and strengthen the Alliance’s cyber preparedness.

Africa

Voice cloning tech emerges in Sudan civil war

BBC

Jack Goodman and Mohanad Hashim

A campaign using artificial intelligence to impersonate Omar al-Bashir, the former leader of Sudan, has received hundreds of thousands of views on TikTok, adding online confusion to a country torn apart by civil war. An anonymous account has been posting what it says are ‘leaked recordings’ of the ex-president since late August. The channel has posted dozens of clips - but the voice is fake. Campaigns like this are significant as they show how new tools can distribute fake content quickly and cheaply through social media, experts say.

Senegal seeks regulation deal with TikTok after ban

Reuters

Ngouda Dione

Senegalese authorities on Thursday refused to lift a ban on social media app TikTok as they demanded that the company sign an agreement that would allow the creation of a mechanism to remove accounts. "For the time being, the restriction is being maintained pending the conclusion of a comprehensive written agreement," communications minister Moussa Bocar Thiam told a press conference, adding that authorities were in discussions with TikTok.

Middle East

How Israeli spyware was sold to Egypt and pitched to Qatar and Saudi Arabia

Haaretz

Omer Benjakob

A global investigation published Thursday into Intellexa, an alliance of digital arms and surveillance firms owned by Israelis but operating from outside of Israel, reveals how the company sold its spyware to Egypt, where it was used against critics of the regime. Intellexa also pitched its capabilities to Saudi Arabia, Malaysia, Cameroon, Mauritius, Sierra Leone and others, per the investigation. The revelations are part of the ‘Predator Files’ investigation, which is based on documents and evidence obtained by French magazine Mediapart and German Der Spiegel.

Microsoft: State-backed hackers grow in sophistication, aggressiveness

CyberScoop

AJ Vicens

Iranian cyber operations targeting Western entities are growing more sophisticated and effective as part of an overall shift among state-backed hacking groups toward espionage, researchers with Microsoft said Thursday. In a report published Thursday describing the global cybersecurity landscape, Microsoft researchers conclude that state-backed cyber operations are broadly becoming more advanced and aggressive and are increasingly pairing campaigns to breach computer systems with information operations to spread propaganda.

Big Tech

X, formerly Twitter, strips headlines from news story links to improve their look

The Guardian

Josh Taylor

X, the platform formerly known as Twitter, has stopped showing headlines for links posted on the site, after site owner Elon Musk said it would make posts look better. Links posted on Twitter now appear as the image included in the article, as well as text in the left-hand corner of the image noting the domain of the link. If users want to visit the page, they must click the image, but it only appears slightly different to how images uploaded to the site appear.

Apple considered buying Microsoft’s Bing to battle Google

The Washington Post

Eva Dou

Unsealed testimony reveals that Apple considered mounting a challenge against Google in search by acquiring Microsoft’s search engine Bing, in a rare glimpse of the behind-the-scenes manoeuvring in an industry dominated by Google. A Washington, D.C. court unsealed the testimony of an Apple senior vice president, John Giannandrea, on Wednesday after public criticism that too much of a landmark antitrust trial against Google was taking place behind closed doors. Apple lawyers had argued against the necessity of Giannandrea taking the stand, and had pushed for much of the details about Apple’s business with Google to be sealed on grounds of trade secrets.

Zero-days for hacking WhatsApp are now worth millions of dollars

TechCrunch

Lorenzo Franceschi-Bicchierai

Thanks to improvements in security mechanisms and mitigations, hacking cell phones — both running iOS and Android — has become an expensive endeavour. That’s why hacking techniques for apps like WhatsApp are now worth millions of dollars, TechCrunch has learned. Last week, a Russian company that buys zero-days — flaws in software that are unknown to the developer of the affected product — offered $20 million for chains of bugs that would allow their customers, which the company said are “Russian private and government organizations only,” to remotely compromise phones running iOS and Android.

Misc

Cybercrime gangs now deploying ransomware within 24 hours of hacking victims

The Record by Recorded Future

Alexander Martin

Cybercriminals are now deploying ransomware within the first day of initially compromising their targets, a dramatic drop on the 4.5 days that the task had been taking last year, according to a new threat report. Cybersecurity company Secureworks warns that “2023 may be the most prolific year for ransomware attacks to date” with three times as many victims listed on leak sites in May this year as there were in the same month a year ago.

Events & Podcasts

Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.