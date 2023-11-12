Good morning. It's Monday 13th November.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.



Have feedback? Let us know at icpc@aspi.org.au.

Follow us on Twitter and on LinkedIn.

Ports across Australia are expected to remain closed for several days, impacting imports and exports, as the Australian Federal Police investigate a cybersecurity incident. DP World, which manages container terminals in Sydney, Melbourne, Brisbane and Fremantle, said it detected the cybersecurity incident on Friday, with ports closing that same night. The Sydney Morning Herald

The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand. The gang dumped the files online early Friday morning. This latest leak includes about 50GB of data in the form of compressed archives and backup files for various systems. The Register

France strongly condemns the involvement of the Russian network Recent Reliable News in the artificial spreading and initial distribution on social media of photos of graffiti representing Stars of David in the 10th arrondissement of Paris. French Ministry of Europe and Foreign Affairs

Australia

Ports to remain closed as AFP investigates cybersecurity breach

The Sydney Morning Herald

Amber Schultz and Rebecca Peppiatt

Ports across the country are expected to remain closed for several days, impacting imports and exports, as the Australian Federal Police investigate a cybersecurity incident. DP World, which manages container terminals in Sydney, Melbourne, Brisbane and Fremantle, said it detected the cybersecurity incident on Friday, with ports closing that same night.

Government doesn't know details behind cyber hack that shut down port operator DP World

ABC News

Georgia Roberts

The government does not yet know who was behind a cybersecurity incident that has shut down Australia's second-largest port operator, and could affect freight in and out of the country for days. DP World Australia — which operates ports in Melbourne, Sydney, Brisbane and Fremantle, and is responsible for 40 per cent of Australia's maritime freight — closed after it began responding to a cybersecurity incident on Friday.

Govt uses ‘secret’ EOI in search for quantum computer

InnovationAus

Justin Hendry

The Albanese government has quietly approached a small number of local and foreign quantum computing firms for information about their offerings as part of an accelerated plan to acquire a full-stack error-corrected quantum computer, with US-based PsiQuantum firming as the favourite. The move has surprised many in the local tech industry, which has criticised the government for a lack of transparency in its approach to market, or the strategy behind it. It is understood the cost to government would be in the region of $100 million to $200 million.

Telcos required to report on cybersecurity measures in bid to prevent repeat of 2022 Optus hack

ABC News

Matthew Doran

Australia's telecommunications companies will be hit with new laws forcing them to update the federal government on their cybersecurity regimes, with the Home Affairs minister worried they have been left to manage their own affairs with limited oversight. "The rules will make sure that telcos actually meet the minimum cyber standards that were applied to many other critical Australian companies," Home Affairs Minister Clare O'Neil told the ABC. "It will require them to properly consider all of the risks on their networks and to establish proper cyber defences.

Telco boards hit with strict cybersecurity rules

Australian Financial Review

Ronald Mizen, Jenny Wiggins and Mark Ludlow

Optus, Telstra and other major telco boards will be required to sign off on a new or updated cyber risk management program every year or face hundreds of thousands of dollars in penalties. The changes are part of new laws to be introduced by Home Affairs Minister Clare O’Neil that classify telecommunications as “critical infrastructure” for the first time, requiring company boards to comply with strict rules that already cover hospitals, utilities, ports and energy generation assets.

Optus loses court bid to keep report into cause of 2022 cyber-attack secret

The Guardian

Josh Taylor

Optus has lost a bid in the federal court to keep secret a report on the cause of the 2022 cyber-attack – which resulted in the personal information of about 10 million customers being exposed – after a judge rejected the telco’s legal privilege claim. After the hack, the company announced in October last year that it had recruited consultancy firm Deloitte to conduct a forensic assessment of what had led to the cyber-attack.

Telstra strengthens network in wake of Optus outage

The Australian

Jared Lynch

Telstra says it is stepping up its ­efforts to strengthen the resilience of its network following Optus’s nationwide meltdown that sparked widespread economic disruption. “We’re continually taking proactive steps to manage our network resilience with our teams around the country working at it every day,” a Telstra spokesman said on Friday. “We are committed to investing more to improve the coverage, capacity and resiliency of our networks.”

Accelerating Defence innovation: The strategic imperative for change

InnovationAus

Professor Emily Hilder and Professor Tanya Monro

Australia is in an ever evolving and challenging strategic environment made increasingly uncertain by rapid technological development. This has been clearly spelt-out in the Defence Strategic Review published earlier this year. To accelerate the delivery of Australian Defence Force capability needs, more effective support for innovation, faster acquisition and better links between Defence and industry are needed.

China

Apple’s top iPhone supplier goes to outer space with new satellites

Bloomberg

Jane Lanhee Lee and Bruce Einhorn

Two prototype low-Earth orbit satellites made by Hon Hai Precision Industry Co., better known as Foxconn, took off aboard a SpaceX rocket from Vandenberg Space Force Base in southern California on Saturday.

Meta strikes deal to return to China after 14 years

The Wall Street Journal

Raffaele Huang, Liza Lin and Salvador Rodriguez

Meta Platforms has struck a preliminary deal to sell a new, lower-priced version of its virtual-reality headset in China, regaining a foothold among consumers in the country 14 years after Facebook was shut out. The agreement with Tencent Holdings will make the world’s largest videogame company the exclusive seller of Meta’s headsets in China, people familiar with the matter said, offering the US technology giant a major new market as it looks to boost tepid global demand for its niche gear. Tencent will start selling the headset beginning late 2024, with the two companies reaching a deal after about a year of negotiations.

USA

Wall Street and Beijing fight fallout of ransomware attack on China’s biggest bank

Financial Times

Cheng Leng

The Industrial and Commercial Bank of China is trying to minimise losses after a ransomware attack on the country’s biggest bank disrupted the market for US Treasuries, the Chinese foreign ministry said. At a briefing on Friday, the ministry said ICBC had done a good job in handling the attack on its financial services arm. New York-based ICBC Financial Services has in recent years become a key player on Wall Street for Treasury clearance as Chinese lenders have expanded overseas.

Americas

In Mexico, surveillance orders that read like a political power list

The New York Times

Maria Abi-Habib, Natalie Kitroeff and Emiliano Rodríguez Mega

At least 14 written orders reviewed by The New York Times show that the attorney general directed Mexico’s largest telecommunications company to hand over the phone and text records, as well as location data, of more than a dozen prominent Mexican officials and politicians. Telcel, the telecommunications company, acknowledged in a court filing reviewed by The Times that it had received the orders and handed over the records, which spanned from 2021 until earlier this year. The surveillance included both opponents of the governing Morena party and its allies.

North Asia

South Korea's Yoon, Japan's Kishida to attend technology roundtable on Nov 17

The Straits Times

South Korean President Yoon Suk Yeol plans to attend a roundtable on technological cooperation with Japanese Prime Minister Fumio Kishida at Stanford University on Nov. 17, Yoon's office said on Friday. The two leaders will be attending the event while they are in the United States for a summit of the Asia-Pacific Economic Cooperation member states in San Francisco next week, Yoon's office said in a statement.

Nikon looks to strike gold in China's low-tech chip device market

Nikkei Asia

Tsuyoshi Tamehiro

Nikon plans to breathe new life into its lackluster chipmaking equipment business by selling a new product in China that uses technology old enough not to be subject to export controls. Next summer, the Japanese manufacturer will release a stepper that uses i-line technology, which was initially commercialised in the early 1990s.

South & Central Asia

Android spyware delivered through infected news site targets Urdu speakers in Kashmir

The Record by Recorded Future

Jonathan Greig

Hackers are targeting Urdu speakers with spyware delivered through an infected popular news site, according to a new report. Researchers from cybersecurity firm ESET said they discovered a brand of Android spyware called Kamran that is allegedly being distributed through a so-called watering hole attack involving a compromised news website called Hunza News.

Why the US needs India to get ahead in the AI race with China

Indian Express

C Raja Mohan

As the foreign and defence ministers of India and the US gather in Delhi this week to review and advance the defence and security partnership, cooperation in AI ought to loom large in the discussion. Two developments last week underline the urgency for an intensified and comprehensive India-US discussion on AI. One is the Executive Order on AI issued by President Joe Biden, and the other is the release of the Pentagon’s updated strategy for AI adoption by the US armed forces.

Ukraine - Russia

Russian hackers Sandworm cause power outage in Ukraine amidst missile strikes

The Hacker News

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems. "The actor first used OT-level living-off-the-land techniques to likely trip the victim's substation circuit breakers, causing an unplanned power outage that coincided with mass missile strikes on critical infrastructure across Ukraine," the company said.

Russia to limit only VPN services which pose a 'threat' to security, RIA reports

Reuters

Russia plans to block certain Virtual Private Networks and protocols which are deemed by a commission of experts to pose a threat, state news agency RIA reported citing correspondence from the digital ministry. Demand for VPN services soared after Russia restricted access to some Western social media after President Vladimir Putin ordered troops into Ukraine in February 2022.

Europe

New russian digital interference against France

French Ministry of Europe and Foreign Affairs

France strongly condemns the involvement of the Russian network Recent Reliable News in the artificial spreading and initial distribution on social media of photos of graffiti representing Stars of David in the 10th arrondissement of Paris. Regarding the events themselves, the judicial investigation under way will have to establish the possible responsibility of a foreign backer.

LinkedIn says spy firm targeted Hungarian activists, journalists before 2022 election

Reuters

Raphael Satter

Private spy firm Black Cube was behind a hidden video campaign that used LinkedIn to target Hungarian activists and journalists leading to last year's election in the central European country, the professional networking site said on Thursday. A researcher for Microsoft-owned LinkedIn said Black Cube, based in Israel, created a network of fake personas that used bogus job postings to connect with their targets on the platform.

NATO's Stoltenberg urges vigilance over Chinese digital infrastructure influence

Politics Today

NATO Secretary General Jens Stoltenberg issued a stern warning to allies on Thursday, November 9, 2023, about the risks of integrating Chinese technology into their critical digital infrastructure. Speaking at NATO’s first annual Cyber Defense Conference in Berlin, Stoltenberg urged that the lessons from dependence on Russian energy must extend to technology, highlighting the need for caution to avoid similar vulnerabilities.

UK

UK creators plan blackout over TikTok’s history with creator convicted of rape

Forbes

Emily Baker-White

A group of creators in the UK are turning off the “gifting” features on their TikTok accounts next week and plan to abstain from TikTok “battles” in an effort to pressure the company into changing its promotion policies after a creator previously lauded by the company was convicted of rape. More than 100 TikTokers have made posts and comments about the impending blackout, which they say will begin on Sunday, although some have started early.

Middle East

How Chinese firm linked to repression of Uyghurs aids Israeli surveillance in West Bank

The Guardian

Johana Bhuiyan

Surveillance cameras now cover the Damascus Gate, the main entrance into the old city of Jerusalem and one of the only public areas for Palestinians to gather socially and hold demonstrations. It’s at that gate that “Palestinians are being watched and assessed at all times”, according to an Amnesty International report, Automated Apartheid. These cameras have created a chilling effect on not just the ability to protest but also on the daily lives of Palestinians who live under occupation, according to Amnesty investigators. The organisation had previously concluded that Israel has established a system of apartheid against Palestinians. Among the vendors behind these surveillance cameras is a company that has been accused of aiding what the US has categorised as a genocide: Hikvision. Based in Hangzhou, China, the company is one of the world’s largest makers of video surveillance equipment.

Israel-Hamas fake news thrives on poorly regulated online platforms

The Guardian

Dan Sabbagh

Disinformation has flourished across a range of online platforms in the month since Hamas launched its bloody attack on Israel, fuelled by weak content regulation on X, formerly Twitter, and Telegram and at times propelled by state actors. Widely shared faked news and false claims include efforts to downplay the horror of Hamas’s cross-border attack on 7 October through to distasteful allegations that Palestinians, already under heavy bombardment, are faking scenes of violence.

Artificial Intelligence

Personalised AI agents are here. Is the world ready for them?

The New York Times

Kevin Roose

You could think of the recent history of AI chatbots as having two distinct phases. The first, which kicked off last year with the release of ChatGPT and continues to this day, consists mainly of chatbots capable of talking about things. Greek mythology, vegan recipes, Python scripts — you name the topic and ChatGPT and its ilk can generate some convincing (if occasionally generic or inaccurate) text about it. Very soon, tech companies tell us, AI “agents” will be able to send emails and schedule meetings for us, book restaurant reservations and plane tickets, and handle complex tasks like “negotiate a raise with my boss” or “buy Christmas presents for all my family members.”

The AI debate is happening in a cocoon

The Atlantic

Amba Kak and Sarah Myers West

Much of the time, discussions about AI are far removed from the realities of how it’s used in today’s world. Earlier this year, executives at Anthropic, Google DeepMind, OpenAI, and other AI companies declared in a joint letter that “mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks, such as pandemics and nuclear war.” In the lead-up to the AI summit that he recently convened, British Prime Minister Rishi Sunak warned that “humanity could lose control of AI completely.” Existential risks—or x-risks, as they’re sometimes known in AI circles—evoke blockbuster science-fiction movies and play to many people’s deepest fears.

Ransomware

Impatient LockBit says it's leaked 50GB of stolen Boeing files after ransom fails to land

The Register

Jessica Lyons Hardcastle

The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand. The gang dumped the files online early Friday morning. This latest leak includes about 50GB of data in the form of compressed archives and backup files for various systems. The full release comes after the extortionists uploaded some files said to be related to company finances and marketing activities as well as supplier details.

Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.