NSO Group Impersonated Facebook to Help Clients Hack Targets | China launches 90,000 conspiracy tweets in info war | Australia slams Covid-19 cyber attacks |
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Infamous Israeli surveillance firm NSO Group created a web domain that looked as if it belonged to Facebook's security team to entice targets to click on links that would install the company's powerful cell phone hacking technology, according to data analyzed by Motherboard. Vice
China has launched a Twitter offensive in the COVID-19 information war, more than doubling its number of official government tweets since January and in recent days using the platform to spread a conspiracy theory that the virus came from a U.S. government lab. NBC News
Australia accuses unnamed countries of conducting and supporting cyber attacks under the cover of the coronavirus crisis. Australian Strategic Policy Institute cyber policy chief Fergus Hanson said DFAT's statement was a "fairly pointed message to China" but other countries were also conducting cyber activities during the pandemic including Iran and Russia while cyber criminals had also been disruptive. The Australian Financial Review
ASPI ICPC
NEW REPORT: Cybercrime in Southeast Asia
ASPI
Dr Jonathan Lusthaus
Cybercrime is a serious threat facing Australia and the world, but this criminal activity is often wrongly viewed as a near invisible online phenomenon, rather than a ‘real world’ concern. Cybercrime isn’t evenly distributed around the globe, but is centred around hotspots, which offer potential breeding grounds or safe harbours from where offenders can strike. This is true in Australia’s own region, where some Southeast Asian countries are emerging as bases for serious regional, and even global, cybercrime threats. We’re not proactively tackling the locations where the cybercrime threat develops and matures.
Read the Strategist Article here: Cybercriminals in the backyard
Coronavirus cyber attackers going after hospitals
The Sydney Morning Herald
Fergus Hanson, director of the Australian Strategic Policy Institute's International Cyber Policy Centre, said working-from-home arrangements had provided additional access points to a network for hackers. Mr Hanson said hospitals were a target because they were an essential service and be more likely to pay a ransom if their network was taken over by a cyber attacker.
Australia slams coronavirus crisis cyber attacks
The Australian
Australian Strategic Policy Institute cyber policy chief Fergus Hanson said DFAT's statement was a "fairly pointed message to China" but other countries were also conducting cyber activities during the pandemic including Iran and Russia while cyber criminals had also been disruptive. “China is stepping up its disinformation campaign, transiting from soft and cuddly propaganda to Russian-style methods of muddying the waters, outright lies and cultivation of fringe extremist groups," he said.
Read the ASPI International Cyber Policy Centre report about Covid-19 disinformation here.
Canadian ‘incel’ terror case should be watched closely in Australia
ASPI Strategist
@elisethoma5
On 24 February, a 17-year-old boy stabbed a young woman to death at the Crown Spa massage parlour in North York, Canada, and left two other people with serious injuries. The alleged perpetrator (who cannot be named because he is a minor) was charged with first-degree murder and attempted murder. While the details of his motivation remain murky, he reportedly told police officers that his goal was to kill as many women as possible.
World
NSO Group Impersonated Facebook to Help Clients Hack Targets
Vice
@josephfcox
Infamous Israeli surveillance firm NSO Group created a web domain that looked as if it belonged to Facebook's security team to entice targets to click on links that would install the company's powerful cell phone hacking technology, according to data analyzed by Motherboard.
Australia
Unacceptable Malicious Cyber Activity
Cyber.gov.au
As Australians and the international community band together to respond to COVID-19, the Australian Government is concerned that malicious cyber actors are seeking to exploit the pandemic for their own gain. Of particular concern are reports that malicious cyber actors are seeking to damage or impair the operation of hospitals, medical services and facilities, and crisis response organisations outside of Australia.
Watchdog seeks input on tech titan payments to publishers for news
The Age
Australia's competition tsar Rod Sims says future payments by digital giants to media companies will be focused predominantly on the indirect value Google and Facebook gain from news content rather than the ad revenue generated by news items.
As The World Hopes For A COVID-19 Vaccine, Anti-Vaxxers Are Growing Their Social Media Influence
Buzzfeed News
A week after Australian prime minister Scott Morrison declared COVID-19 would become a pandemic, Australian-Samoan anti-vaccination campaigner Taylor Winterstein issued a call-to-arms. In a Facebook post, Winterstein — who made headlines last year by supporting a Samoan traditional healer spreading anti-vaxxer beliefs during the country's deadly measles outbreak — called on her followers to begin organising against a global mandatory vaccination scheme, a common conspiracy theory.
China
China launches 90,000 COVID-19 tweets, conspiracy theory in info war
NBC News
China has launched a Twitter offensive in the COVID-19 information war, more than doubling its number of official government tweets since January and in recent days using the platform to spread a conspiracy theory that the virus came from a U.S. government lab.
USA
Disinformation, Coronavirus, and the 2020 Presidential Election
Right Wing Watch
In the 2016 presidential campaign, a robust disinformation effort fueled by Russia’s intelligence agencies provided a new turn in the narrative of United States politics. Now, as the 2020 presidential election approaches in a nation and world grappling with a global pandemic, disinformation is a growing threat to American democracy, especially as necessary social distancing measures make street protest impossible.
Misinformation about coronavirus finds new avenues on unexpected sites
The Washington Post
Within days of social media companies taking down a viral video touting conspiracy theories about the novel coronavirus, a clip popped up on YouTube telling viewers about another way they could still access the banned footage: through a link to the video on the file-sharing service Google Drive.
North Asia
Japan defence ministry investigating potential hack of next-gen missile details
Reuters
Japan's defence ministry is investigating a possible leak of details of a new state-of-the-art missile in a large-scale cyber attack on Mitsubishi Electric Corp, the Asahi Shimbun newspaper reported on Wednesday.
Southeast Asia
South & Central Asia
Greenbug' hacking group hits three telecom firms in Pakistan
CyberScoop
@snlyngaas
For the past several months, suspected Iranian hackers have been rooting around the IT systems of at least three telecommunications companies in Pakistan, accessing data servers when it suits them, according to cybersecurity company Symantec.
India’s Covid-19 tracing app: Power in the right hands?
The Lowy Interpreter
@pomegranitaa
Governments around the world are working hard to convince their populations to download the various Covid-19 infection tracing apps. As well as potentially helping to stymie the spread of the virus, the app download numbers serve another purpose: they could be read to indicate how much trust there is in government. With the apps containing potentially sensitive personal data about millions of people, it comes as little surprise that there is growing concern over privacy and how this data will be used, post-pandemic.
UK
NHS Contact Tracing App Security Issues Detailed
InfoSecurity Magazine
New security issues have been discovered in the UK Government’s NHS contact tracing app, as well as a potential data breach. The app is currently being trialed on the Isle of Wight and privacy issues have been raised, which the National Cyber Security Centre (NCSC) told BBC News it was already aware of and is in the process of addressing.
Europe
Creepy Technologies Invade European Post-Pandemic Workplaces
Bloomberg
A “Romware Covid Radius bracelet” beeps every time a Tata Steel Ltd. worker in the U.K. or a docker at Belgium’s Antwerp port is within virus-catching distance of someone. At Bouygues SA construction sites and in Sanofi and Schneider Electric SE offices in France employees enter after thermal cameras check their temperatures. Invisible lasers will manage crowds at shopping malls and transport hubs in Spain and France, and some firms will use infection-tracing lanyard devices.
Apple whistleblower goes public over 'lack of action'
The Guardian
A former Apple contractor who helped blow the whistle on the company’s programme to listen to users’ Siri recordings has decided to go public, in protest at the lack of action taken as a result of the disclosures.
Misc
TikTok Owner’s Value Exceeds $100 Billion in Private Markets
Bloomberg
ByteDance Ltd.’s valuation has risen at least a third to more than $100 billion in recent private share transactions, people familiar with the matter said, reflecting expectations the owner of video phenom TikTok will keep pulling in advertisers.
Sundar Pichai on managing Google through the pandemic
The Verge
LikeLike all big tech companies, Google and Alphabet are playing an outsized role in our lives as the coronavirus pandemic continues. Whether it’s helping people find reliable information in search, working with the government on testing, building an exposure-tracking system into Android and iOS in partnership with Apple, or battling misinformation on YouTube, Google’s capability — and responsibility — has never been greater.
CEOs and CISOs disagree on cyber strategies
Help Net Security
Most leaders (76%) are losing sleep over the prospect of becoming the next headline-grabbing security breach. This is despite a high percentage (87%) believing that their security team is consistently ahead of cybersecurity threats.
Testing, testing...new conversation settings
Twitter
Twitter is where you go to see and talk about what’s happening. But sometimes, unwanted replies make it hard to have meaningful conversations. (Ahem, reply guys.) Since last year, we’ve been working to give people more control over their conversations starting with the ability to hide replies. We also began trying out new ways to start conversations with casual, fleeting thoughts. And now, we’re testing new settings that let you choose who can reply to your Tweet and join your conversation.
Your face mask selfies could be training the next facial recognition tool
CNet
@alfredwkng
Your face mask selfies aren't just getting seen by your friends and family -- they're also getting collected by researchers looking to use them to improve facial recognition algorithms. CNET found thousands of face-masked selfies up for grabs in public data sets, with pictures taken directly from Instagram.
Events
Jobs
Cyber Data Analysts and Digital Forensic Investigators
Cyber Peace Institute
CyberPeace Institute seeks to hire professionals of diverse backgrounds and experiences who are creative, intelligent and demonstrate initiative.