Quad leaders to cooperate on secure semiconductor supply chains | Wikipedia reports pro-China 'infiltration' | AUKUS is about far more than subs, it’s about technology
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Leaders from the U.S., Japan, India and Australia will agree to work toward creating a safe supply chain for semiconductors when they meet for the Quad summit in Washington next week, a signal that the four-way alliance meant to counter China in the Indo-Pacific is broadening its scope. Nikkei Asia
Wikipedia has suffered an "infiltration" that sought to advance the aims of China, the US non-profit organisation that owns the volunteer-edited encyclopaedia has said. The Wikimedia Foundation told BBC News the infiltration had threatened the "very foundations of Wikipedia". BBC News
The real potential of AUKUS lies in how the new grouping can be leveraged in the long term to help Australia deal with the profound technological disruption about to sweep the world. The Sydney Morning Herald
ASPI ICPC
Australia well placed to turbocharge its strategic tech capability
The Sydney Morning Herald
@FergusHanson @DaniellesCave
Last week’s surprise AUKUS announcement by the United States, Britain and Australia has created a frenzy of focus on nuclear-powered submarines, but the bigger picture is getting lost in a sea of naval analysis. The real potential of AUKUS lies in how the new grouping can be leveraged in the long term to help Australia deal with the profound technological disruption about to sweep the world. Modern warfare and geopolitical competition will be marked, not just by military action and conventional deterrence, but by “hybrid threats” – cyber attacks and data theft, disinformation, foreign interference, economic coercion, attacks on critical infrastructure, supply chain disruption, among others. Submarines alone will not counter these threats – nuclear-powered or not – and analysis that only focuses on Australia’s future fleet (or France’s furious reaction) is missing the bigger picture about what AUKUS could and should mean..far beyond maritime military matters, AUKUS could give Australia a strategic and technological boost that could last decades.
The most serious cybercrime threat' in Australia
InnovationAus
@joseph_brookes
A recent report by the Australian Strategic Policy Institute warned a “policy vacuum” has made Australia an “attractive market” for hackers, and that ransomware will only get worse unless there are strategic domestic efforts to prevent it.
Read our new ransomware report: Exfiltrate, encrypt, extort
World
Quad leaders to call for securing chip supply chain
Nikkei Asia
Leaders from the U.S., Japan, India and Australia will agree to work toward creating a safe supply chain for semiconductors when they meet for the Quad summit in Washington next week, a signal that the four-way alliance meant to counter China in the Indo-Pacific is broadening its scope. The four nations are expected to confirm that "resilient, diverse and secure technology supply chains for hardware, software, and services" are vital to their shared national interests, according to the draft of a joint statement obtained by Nikkei.
Wikipedia blames pro-China infiltration for bans
BBC News
Chris Vallance
Wikipedia has suffered an "infiltration" that sought to advance the aims of China, the US non-profit organisation that owns the volunteer-edited encyclopaedia has said. The Wikimedia Foundation told BBC News the infiltration had threatened the "very foundations of Wikipedia"…And she told BBC News the foundation had been investigating the infiltration of Chinese-language Wikipedia for nearly a year. But this summer, "credible threats" to volunteers' safety had "led us to prioritise rapid response". The foundation was battling against "capture", where a group gains control of the editing of the Wikipedia to favour a particular viewpoint, Ms Dennis wrote.
Australia
Mildura businesses urged to avoid COVID misinformation on growing social media group
ABC News
Radical views have also been shared in the Facebook group, including disinformation about COVID-19 and links to unverified news sources. Ariel Bogle, a disinformation analyst at the Australian Strategic Policy Institute's International Cyber Policy Centre, said the group's administrator had to be more diligent to ensure the page did not promote false information. Ms Bogle said concerns about mandatory vaccination and the risk of discrimination were not "inherently problematic".
We found Scott Morrison's Facebook and Instagram accounts. That’s a national security risk.
Crikey
@cameronwilson
Crikey has found Prime Minister Scott Morrison’s private Facebook and Instagram accounts using publicly available information. The accounts, while partially locked down, reveal information about Morrison and his close contacts, making them a potential national security issue. Earlier this year, Crikey uncovered Morrison’s Spotify account. The details in this public profile — which has been confirmed to belong to Morrison — led to the discovery of his other social media accounts.
Australia's Fragmented, Conspiracy-Focused anti-Lockdown Movement
Institute for Strategic Dialogue
@elisethoma5
Conspiracy-focused anti-lockdown social media groups in Australia are experiencing a period of rapid growth, fuelled by widespread public health restrictions across multiple states, most notably in New South Wales and Victoria. Insofar as these groups could be considered a movement, that movement is incoherent, disjointed and disorganised. Nonetheless, it is a force which must be taken seriously.
China
China Defends Tech Crackdown in Meeting With Wall Street Chiefs
Bloomberg
@sridinats @ cocojournalist
China’s top regulators defended their market-roiling crackdown on various industries in a meeting with Wall Street executives, while reassuring them the stricter rules aren’t aimed at stifling technology companies or the private sector. China Securities Regulatory Commission Vice Chairman Fang Xinghai said recent actions were to strengthen regulations for companies with consumer-facing platforms, and improve data privacy and national security, according to a person familiar with the talks, who asked to not be identified because the meeting was private. Fang defended the moves such as those aimed at the education and gaming industries as meant to reduce social anxiety.
How China Exports Authoritarianism
Foreign Affairs
@CharlesEdel @DaveShullman
Its goal is not to spread Marxism or to undermine individual democracies but rather to achieve political and economic preeminence, and its efforts to that effect—spreading propaganda, expanding information operations, consolidating economic influence, and meddling in foreign political systems—are hollowing out democratic institutions and norms within and between countries.
How Chinese Strategists Think AI Will Power a Military Leap Ahead
Defense One
@BenNoon13 Chris Bassler
The United States military should work to better understand Chinese conceptions of intelligentization and the PLA’s efforts to integrate it into its model of future warfare.
USA
DHS: Extremists used TikTok to promote Jan. 6 violence
POLITICO
@woodruffbets @markscott82
Federal officials warned law enforcement agencies this spring that domestic extremists had used TikTok in the lead-up to the Jan. 6 riots on the Capitol, including by promoting bringing guns to Washington that day, according to an internal government document — highlighting authorities’ growing concern over violent content on the video app. In the April 19 briefing reviewed by POLITICO, the Department of Homeland Security’s Office of Intelligence and Analysis said American extremists used the Chinese-owned social media platform to recruit people to their causes, as well as share “tactical guidance” for terrorist and criminal activities.
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Forbes
@iblametom
A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control.
Lawmakers Look to Crack Down on ‘Hack for Hire’ Business Project Raven United Arab Emirates
The Daily Beast
@shanvav
It’s a classic story of what happens when spies go rogue, but instead of the typically draconian punishments associated with treason, three former U.S. cyberoperatives who worked for the United Arab Emirates after leaving government service are getting off with just a fine.
U.S. Justice Department, Huawei’s Meng Wanzhou resume talks on plea deal, sources say
The Globe and Mail
@RobertFife @stevenchase
The United States has resumed discussions with Huawei Technologies Co. Ltd. and lawyers for Meng Wanzhou about a possible deferred prosecution agreement for the Chinese executive that could allow her to return to China, according to Canadian sources. The development could open the door for China to free Canadians Michael Kovrig and Michael Spavor. Canada has accused Beijing of holding them hostage in retaliation for the arrest of Ms. Meng, who is detained in Vancouver and fighting extradition to the United States. Two sources told The Globe and Mail the U.S. Department of Justice has been in talks for weeks with Huawei and lawyers for Ms. Meng, daughter of Ren Zhengfei, founder of the Chinese telecommunications giant.
The Battle for Digital Privacy Is Reshaping the Internet
The New York Times
@bxchen
As Apple and Google enact privacy changes, businesses are grappling with the fallout, Madison Avenue is fighting back and Facebook has cried foul.
What the Privacy Battle Upending the Internet Means for You
The New York Times
@bxchen @kateconger
The internet is changing, including how much we pay for content and the ads and brands we see. That’s because Apple and Google, two hugely influential tech companies, are rolling out privacy protections that hinder marketers from gaining access to our data when they show us ads. The changes have major repercussions for online advertising, which are a business foundation for the free apps and websites that many of us use, like Facebook, TikTok and the Weather Channel. Those sites and apps now have to come up with new ways to show ads or make money. Here’s what that means for you.
The new warrant: how US police mine Google for your location and search history
The Guardian
@JMBooyah
Geofence location and keyword warrants are new law enforcement tools that have privacy experts concerned.
Chris Gilliard aims to abolish Silicon Valley’s surveillance machine
The Washington Post
@willoremus
In Ring, a doorbell video camera that can send footage to your phone and broadcast it to your neighbors, millions of American homeowners see an affordable way to gain peace of mind. Chris Gilliard, a community college professor raised in an aggressively policed Detroit, sees something quite different: a tool of old-fashioned racial profiling dressed up in a sleek new package.
Tim Cook Faces Surprising Employee Unrest at Apple
The New York Times
@jacknicas @Kellen_Browning
Apple, known among its Silicon Valley peers for a secretive corporate culture in which workers are expected to be in lock step with management, is suddenly facing an issue that would have been unthinkable a few years ago: employee unrest.
Senate to grill tech execs after report on Instagram, teen mental health
CNBC
@lauren_feiner
The Senate Commerce subcommittee on consumer protection will question tech executives following a report on Facebook documents revealing its products' impact on teens' mental health.
Anonymous Leaked a Bunch of Data From a Right-Wing Web Host
WIRED
@Ax_Sharma
Hacktivist collective Anonymous claims to have obtained gigabytes of data from Epik, which provides domain name, hosting, and DNS services for a variety of clients. These include the Texas GOP, Gab, Parler, and 8chan, among other right-wing sites. The stolen data has been released as a torrent. The hacktivist collective says that the data set, which is over 180 GB in size, contains a "decade's worth of data from the company."
Troll farms reached 140 million Americans a month on Facebook before 2020 election
MIT Technology Review
@_KarenHao
In the run-up to the 2020 election, the most highly contested in US history, Facebook’s most popular pages for Christian and Black American content were being run by Eastern European troll farms. These pages were part of a larger network that collectively reached nearly half of all Americans, according to an internal company report, and achieved that reach not through user choice but primarily as a result of Facebook’s own platform design and engagement-hungry algorithm.
North-East Asia
Taiwan calls for quick start to trade talks with EU
Reuters
Ben Blanchard
Taiwan’s government called on the European Union to quickly begin trade talks after the bloc pledged to seek a trade deal with the tech-heavyweight island, something Taipei has long angled for.
Short-Sellers Are Beating Day Traders in Korea’s Tech Crackdown
Bloomberg
Youkyung Lee
Short-sellers have driven big losses in the favorite stocks of South Korean retail investors this month, piggybacking on a campaign by local regulators to rein in the power of Kakao Corp. and other internet giants. Kakao, the operator of Korea’s most-used messenger app, is the most-shorted stock in September as lawmakers voiced concerns over its market dominance - a move that has drawn comparisons with China’s crackdowns. It has plunged more than 20%, losing $14 billion in market value amid selling by institutional investors, even as it is the most-bought name by day traders.
UK
How China tried to discredit London’s Uyghur Tribunal and harass its witnesses
Coda Story
@isocockerell
Tribunal staff also experienced a number of suspicious attempts to hack into their digital security. “We did receive a high number of fake bookings in the build-up to the hearings,” said Frankie Vetch, a project assistant at the tribunal. He described how the organizers received several suspicious emails and login attempts. This led them to take measures to safeguard the data of their witnesses, including ensuring that there was no public Wi-Fi connection within the venue, in order to prevent outsiders from hacking into the system…Another expert witness, Julie Millsap, director of public affairs and advocacy at the Campaign for Uyghurs, was harassed by anonymous accounts on Instagram, Twitter and Facebook, which posted old photographs of her pole dancing, along with out-of-focus, fake images of a woman kissing a man in a dance studio. “The messages said, “We’ll show this to your husband,” she said. He then received similar messages. During her testimony, trolls spammed the Uyghur Congress YouTube page with comments denouncing her.
Europe
Facebook announces new policy against ‘coordinated social harm’ that may lower the bar on who gets banned
The Washington Post
@craigtimberg
Facebook on Thursday announced a new enforcement policy for groups that coordinate online to spread misinformation, hate and “social harm” but do not violate traditional company standards against “inauthentic” content. Facebook immediately used its new policy against “coordinated social harm” on Thursday to shut down large portions of a German online network pushing the Querdenken conspiracy theory, which has fueled resistance to government health restrictions related to the covid-19 pandemic.
Finland is winning the war on fake news. Other nations want the blueprint
CNN
@elizamackintosh
The initiative is just one layer of a multi-pronged, cross-sector approach the country is taking to prepare citizens of all ages for the complex digital landscape of today – and tomorrow. The Nordic country, which shares an 832-mile border with Russia, is acutely aware of what’s at stake if it doesn’t. Finland has faced down Kremlin-backed propaganda campaigns ever since it declared independence from Russia 101 years ago. But in 2014, after Moscow annexed Crimea and backed rebels in eastern Ukraine, it became obvious that the battlefield had shifted: information warfare was moving online.
Russia
Google, Apple remove Navalny app from stores as Russian elections begin
Reuters
Anton Zverev Alexander Marrow
Alphabet's Google and Apple have removed jailed Kremlin critic Alexei Navalny's tactical voting app from their stores, his team said on Friday, after Russia accused the U.S. tech firms of meddling in its internal affairs
Apple and Google bow to pressure in Russia to remove Kremlin critic’s tactical voting app
TechCrunch
@riptariApple and Google Remove a Navalny Voting App to Appease Russia
WIRED
@lilyhnewman
The Americas
Opinion: Canada’s exclusion from ‘Three Eyes’ only confirms what was already the case
The Globe and Mail
@StephanieCarvin @thomasjuneau
But Canada’s relatively benign threat environment is deteriorating, as threats are becoming more diffuse and transnational; recent events such as major ransomware and hacking incidents targeting critical infrastructure, and increasing reports of foreign interference targeting Canadians, provide yet another indication that the country should take national security more seriously. While no one should doubt that there remains excellent intelligence co-operation between Canada and its Five Eyes partners, the country’s neglect of all things intelligence and national security – as illustrated by the issues’ complete absence from the electoral campaign – is increasingly unsustainable.
Middle East
A New App Helps Iranians Hide Messages in Plain Sight
WIRED
@lilyhnewman
Amid ever-increasing government internet control, surveillance, and censorship in Iran, a new Android app aims to give Iranians a way to speak freely. Nahoft, which means “hidden” in Farsi, is an encryption tool that turns up to 1,000 characters of Farsi text into a jumble of random words. You can send this mélange to a friend over any communication platform—Telegram, WhatsApp, Google Chat, etc.—and then they run it through Nahoft on their device to decipher what you’ve said.
The Scientist and the A.I.-Assisted, Remote-Control Killing Machine
The New York Times
@ronenbergman @farnazfassihi
But it was also the debut test of a high-tech, computerized sharpshooter kitted out with artificial intelligence and multiple-camera eyes, operated via satellite and capable of firing 600 rounds a minute. The souped-up, remote-controlled machine gun now joins the combat drone in the arsenal of high-tech weapons for remote targeted killing. But unlike a drone, the robotic machine gun draws no attention in the sky, where a drone could be shot down, and can be situated anywhere, qualities likely to reshape the worlds of security and espionage.
Africa
Morocco’s Mohamed Benhammou Named President of the African Cyber Security Federation
Morocco World News
@IToutate
Morocco's Mohamed Benhammou has been named president of the African Federation of Cybersecurity. The Moroccan was appointed during the first "Brazza-cybersecurity" Forum in Brazzaville, the Republic of Congo, on September 16-17, and the event marked the formalization of the Federation's constitution. The organization of this forum was a follow-up to the 10th session of the International Conference on African Security "Marrakech Security Forum" held on February 8-9, 2019 and at which the African Cyber Security Charter had been adopted.
Misc
Cybersecurity Convergence in the BRICS Countries
Directions
@1lucabelli
The thirteenth BRICS Summit took place on 9 September 2021 and cybersecurity featured prominently amongst the priorities identified by BRICS leaders. The BRICS – Brazil, Russia, India, China, and South Africa – are explicitly advocating for enhanced cooperation on cybersecurity issues, both at the international and intra-BRICS level. The facility with which cooperation can be enhanced remains unclear, but BRICS priorities and regulatory agendas are increasingly converging with a shared interest in data protection, content regulation and cybercrime.
New Research Busts Popular Myths About Innovation
The Wall Street Journal
@mims
Some technologies improve much faster than others, and they do so at a more or less steady pace, regardless of individual breakthroughs and inventors. This should change how investors, policy makers and anyone choosing a career decides where to invest time and money.
Events
State power over citizen data post-pandemic
Chatham House
Of the vastly expanded government power to fight COVID-19, digital surveillance has moved to the forefront. Whilst lockdowns, testing, quarantines, and limited travel are some of the freedoms suspended to stop the spread, it is digital rights that are troubling many. Citizens have endured extensive digital intrusion conducted in the name of public health. From contact tracing and government apps to venue check-ins and enhanced medical data, questions regarding the state and digital liberty are rising. States have accrued substantial amounts of data to combat the virus. How this data will be used and stored worries data privacy advocates. But as vaccinations continue apace and economies reopen, have the boundaries of state intervention in the digital sphere shifted?
WIRED / RE: WIRED: Conversations About Humanity’s Biggest Bets
WIRED
Our world is facing some of the most critical challenges of all time. While the last decade ushered in dramatic technological acceleration, the last 18 months have kicked off a tectonic societal shift in how we live, work, and connect. Generating sustainable and strategic solutions to these challenges—from both communal action and heroic innovation—requires us to rewire discourse and the way we think. This is RE:WIRED. Join us this November for a series of conversations between technologists and people who think hard about the consequences for those technologies on society, economics, sustainability and, ultimately, our future.
Research
Jobs
New ICPC Program on Critical Technologies - 3 positions
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for three exceptional and experienced senior analysts and analysts to join its large team from October 2021. These new roles will focus on original research, analysis and stakeholder engagement centred around international critical technology development, including analysis of which countries are leading on what technologies.
ICPC Pacific Islands Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented and proactive Pacific Islands analyst who will work with the Centre’s information operations and disinformation program. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by actors in the Pacific Islands region. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies. Candidates must have a demonstrated background in, and strong knowledge of, the Pacific Islands region, including the region’s digital, media and social media landscape.
ICPC Analyst & Project Manager - Coercive diplomacy
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an Analyst and Project Manager to manage, and help lead, a project on coercive diplomacy in the Indo-Pacific region. This new role will focus on analysis, workshops and stakeholder engagement centred around coercive diplomacy, including how countries in the Indo-Pacific can work together to tackle this complicated policy challenge. Candidates must have excellent coordination, project management and stakeholder engagement skills.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.