Daily Cyber Digest

Share this post
Russian banks targeted by "protestware" | Australian Space Command strengthens high-tech bonds with U.S. | Government introduces new laws to combat misinformation, disinformation
aspiicpc.substack.com

Russian banks targeted by "protestware" | Australian Space Command strengthens high-tech bonds with U.S. | Government introduces new laws to combat misinformation, disinformation

ASPI Cyber Policy
Mar 21
Comment
Share

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

  • Russia's biggest bank has warned its users to stop updating software due to the threat of “protestware”: open-source software projects whose authors have altered their code in opposition to Moscow’s invasion of Ukraine. Most of the protestware simply displays anti-war, pro-Ukrainian messages when it is run, but at least one project had malicious code added which aimed to wipe computers located in Russia and Belarus. MIT Technology Review

  • Two years after the United States inaugurated a military Space Force to mixed reviews, Australia has created its own Space Command to counter threats from China, Russia and other extraterrestrial powers. The New York Times

  • Communications Minister Paul Fletcher is planning to introduce legislation that will give Australia’s media watchdog more regulatory power over tech companies who fail to meet the standards of a voluntary misinformation and disinformation code of practice. The Sydney Morning Herald

ASPI ICPC

New Report: The UN norms of responsible state behaviour in cyberspace
Australian Strategic Policy Institute
Bart Hogeveen
There is too much at risk to allow cyberspace to become a lawless world and we need to continue to work together to identify the rules of the road in how international law applies to state behaviour in cyberspace just as it does to activities in other domains.

Ukraine - Russia

Activists are targeting Russians with open-source “protestware”
MIT Technology Review
Patrick Howell O'Neill
Russia's biggest bank has warned its users to stop updating software due to the threat of “protestware”: open-source software projects whose authors have altered their code in opposition to Moscow’s invasion of Ukraine. Most of the protestware simply displays anti-war, pro-Ukrainian messages when it is run, but at least one project had malicious code added which aimed to wipe computers located in Russia and Belarus.

Russian cyber attacks are struggling to impact Ukraine's networks
Bloomberg
Thomas Seal and Alberto Nardelli
Russian cyber attacks have so far struggled to successfully target Ukraine's critical national infrastructure, according to government officials. While they are aware of Russian intent to disrupt or infiltrate Ukrainian systems, according to the officials, they have continued to function and Ukraine has mounted a strong defence.

Truth is another front in Putin's War
The New York Times
Steven Lee Myers and Stuart A. Thompson
Disinformation in wartime is as old as war itself, but today war unfolds in the age of social media and digital diplomacy. That has given Russia — and its allies in China and elsewhere — powerful means to prop up the claim that the invasion is justified, exploiting disinformation to rally its citizens at home and to discredit its enemies abroad.

  • How to avoid sharing misinformation on the War in Ukraine
    The New York Times
    Daniel Victor
    Sorting out what is real in Ukraine and what is misinformation designed to provoke an emotional response is hard enough for professional journalists. For everyday people seeing photos and videos cascade through their social media feeds, it is even harder.

  • How Russian disinformation goes from the Kremlin to QAnon to Fox News
    The Daily Beast
    Jared Holt
    False claims that Russia has been targeting sinister U.S.-backed “biolabs” in Ukraine were popularized among conspiratorial American audiences by QAnon believers shortly after Russia launched its invasion in late February. Mainstream Republican voices have since dragged the old Russian propaganda at its roots across the forefront of the U.S. political stage.

  • Bellingcat founder: Don't let Putin's disinformation distract from his war crimes
    Financial Times
    Eliot Higgins
    Russia has been using phone data captured by its spies operating in the UK to target British former special forces teams in Ukraine. The Kremlin has compiled a database of mobile phone numbers in a top secret operation – and this information is being used to decide where to launch missile attacks.

The 5×5—Russia’s cyber statecraft
Atlantic Council
Simon Handler
On February 25, just a day after Russia launched a massive invasion of Ukraine, the Russia-based Conti ransomware group publicly declared its allegiance to the Kremlin. The cybercriminal organization said in an online post that in response to any potential attack against Russia, the group would use “all possible resources to strike back at the critical infrastructures of an enemy.”

  • Anonymous: How hackers are trying to undermine Putin
    BBC News
    Joe Tidy
    The Anonymous hacktivist collective has been bombarding Russia with cyber-attacks since declaring “cyber-war” on President Vladimir Putin in retaliation for the invasion of Ukraine.

Australia

Creating space-command, Australia strengthens high-tech bond with U.S.
The New York Times
Damien Cave
Two years after the United States inaugurated a military Space Force to mixed reviews, Australia has created its own Space Command to counter threats from China, Russia and other extraterrestrial powers.

Government to introduce laws to combat misinformation, disinformation
The Sydney Morning Herald
Zoe Samios
Communications Minister Paul Fletcher is planning to introduce legislation that will give Australia’s media watchdog more regulatory power over tech companies who fail to meet the standards of a voluntary misinformation and disinformation code of practice.

China now capable of ‘unprecedented digital onslaught’: Dutton
Australian Financial Review
Andrew Tillett
China’s cyber warfare capabilities now have the capacity to mount “an unprecedented digital onslaught”, Defence Minister Peter Dutton will warn, saying Beijing’s online weaponry has grown in parallel with its military build up.

Australian government to introduce crypto exchange 'badge of approval'
ZDNet
Aimee Chanthadavong
Minister for Digital Economy Jane Hume has announced the Australian government will "let Australians invest in crypto assets safely and securely" by establishing a market licence regime for crypto exchanges.

Australia launches federal cybercrime centre as part of national plan
ZDNet
Campbell Kwan
Home Affairs has launched an AU$89 million centre that will be specifically tasked with preventing cybercriminals from scamming, stealing, and defrauding Australians.

China

Four leaked CAC censorship directives on Ukraine, Beijing Olympic budget, and ban of Russian and Belarusian Paralympians
China Digital Times
Cindy Carter
The four leaked censorship directives are issued by the Cyberspace Administration of China (CAC) to major Chinese social media platforms and online news portals. The censorship instructions include prohibiting live streams from Ukraine and deleting new discussions.

China's big tech firms are axing thousands of workers
The Wall Street Journal
Yoko Kubota
Tencent Holdings, operator of the popular chat, social media and payments app WeChat, is planning to cut thousands of employees in some of its biggest business units this year, including around a fifth of the staff at its cloud unit, people familiar with the matter said.

China's tech hub relaxes COVID restrictions to restart industrial production
The Register
Simon Sharwood
The Chinese city of Shenzhen – widely billed as the tech manufacturing capital of the world – has relaxed its COVID-19 restrictions in ways the city government expects will allow industrial production to resume.

Technology companies have a road out of China
The Washington Post
Tim Culpan
Global electronics suppliers looking to diversify their manufacturing footprint beyond China are taking advantage of growing demand for sophisticated components used in electric vehicles to shift production closer to their customers overseas.

USA

Twitter avatar for @POTUSPresident Biden @POTUS
I’ve previously warned about the potential that Russia could conduct malicious cyber activity against the U.S. Today, I’m reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks. Statement by President Biden on our Nation’s Cybersecurity | The White HouseThis is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warnedwhitehouse.gov

March 21st 2022

2,949 Retweets8,258 Likes

Cellphone dragnets can help catch criminals. Judges say they can also violate constitutional rights.
The Washington Post
Justin Jouvenal and Rachel Weiner
Fairfax County detectives turned to a powerful and controversial new investigative tool. They asked a judge to approve a kind of digital dragnet — a request for Google to list all cellphones its data shows were active in an area around the crime scene.

UK

British soldiers are ordered off WhatsApp amid fears that sensitive military details could be accessed by Russian hackers
Daily Mail Australia
Mark Nicol
The British Army has banned WhatsApp over fears Russia is hacking the platform to acquire operationally sensitive information. All personnel, from senior officers to junior soldiers, must cease using the phone messaging service for professional purposes or face disciplinary action.

Twitter avatar for @wcathcartWill Cathcart @wcathcart
The British military went on the record contradicting this story. They aren’t asking personnel to delete WhatsApp and their internal communication guidance is not linked to the invasion of Ukraine. British soldiers are ordered off WhatsApp due to hacking fearsA Ministry of Defence document confirming the ban last night said there were ‘significant security concerns’ around using WhatsApp. Senior government ministers may also come under pressure.dailymail.co.uk

March 21st 2022

35 Retweets92 Likes

Downing street points the finger at Russia over hoax calls to ministers
HuffPost
Kevin Schofield
Russia was behind hoax calls made to three high-profile cabinet ministers, Downing Street has revealed. Number 10 blamed Kremlin “disinformation” for Ben Wallace, Priti Patel and Nadine Dorries being targeted.

Europe

Italian public sector told to replace antivirus software linked to Russia
Reuters
Italy's public authorities must replace antivirus software that is linked to Russia to prevent any disruption of services due to the ongoing Ukrainian conflict. The move comes as Italy's data regulator starts a probe into potential privacy risks connected to the use of software provided by Russia-based Kaspersky Lab, amid growing concerns over potential cybersecurity attacks.

Gender and Women in Cyber

CISA’s Easterly calls on industry leaders to close gender gap
The Record
Emma Vail
In celebration of Women’s History Month, WiCyS hosted its annual conference to shine a light on the successes of women already in the field and the work that still needs to be done. Easterly, who took the top role at CISA last July, called on cybersecurity leaders to close the gender gap - current statistics show the industry is only 24% women.

Big Tech

Last apps standing? Telegram, Whatsapp duck Russia bans
Al Jazeera
Chat platforms like WhatsApp and Telegram have avoided being blocked by Russia – unlike some of the world’s biggest social networks – in a tenuous tolerance that experts warn could end suddenly.

  • Russia finds Meta guilty of 'extremist activity' but WhatsApp can stay
    Reuters
    A Moscow court said on Monday that Meta was guilty of "extremist activity", but the ruling will not affect its WhatsApp messenger service, focusing on the U.S. firm's already banned Facebook and Instagram social networks.

Apple Maps, App Store, other Apple services experience outage
The Washington Post
Rachel Lerman
Apple services including Maps and iMessage went down for some people Monday, prompting spotty outages and confusion. The company appeared to be experiencing issues with its cloud-based services, which power many features on Apple’s hardware.

Musk reveals plan to scale Tesla to ‘extreme size’
TechCrunch
Jaclyn Trop
Musk revealed on Twitter the themes that will dominate the next installment in Tesla’s long-term playbook: artificial intelligence and scaling the automaker’s operations.

Misc

The latecomer's guide to crypto
The New York Times
Kevin Roose
As it’s gone mainstream, crypto has inspired an unusually polarized discourse. Its biggest fans think it’s saving the world, while its biggest skeptics are convinced it’s all a scam — an environment-killing speculative bubble orchestrated by grifters and sold to greedy dupes, which will probably crash the economy when it bursts.

Research

Twitter avatar for @James_CockayneJames Cockayne @James_Cockayne
Check out this new dataset detailing 250+ company responses to alleged #Xinjiang #forcedlabour on xinjiangsanctions.info. The site also now includes: - interactive search, filtering & download features - v4 of the Government Measures and Chinese Counter-Measures datasets.
Image

March 21st 2022

5 Retweets5 Likes

Serpent, No Swiping! New backdoor targets French entities with unique attack chain
Proofpoint
Bryan Campbell, Zacharge Abzug, Andrew Northern and Selena Larson
Proofpoint observed new, targeted activity impacting French entities in the construction and government sectors. The threat actor used macro-enabled Microsoft Word documents to distribute the Chocolatey installer package, an open-source package installer. Various parts of the VBA macro include the following ASCII art and depict a snake as below.

Jobs

The Sydney Dialogue - Director
ASPI ICPC
The Australian Strategic Policy Institute (ASPI) is currently recruiting for a Director to lead the second iteration of ASPI’s Sydney Dialogue - the world’s premier summit on emerging, critical and cyber technologies.

The Sydney Dialogue - Senior Events Coordinator
ASPI ICPC
The Australian Strategic Policy Institute (ASPI) is currently recruiting for an experienced events professional to coordinate the planning and logistics of the second iteration of ASPI’s Sydney Dialogue - the world’s premier summit on emerging, critical and cyber technologies.

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.

Share

Important disclaimer: This digest is a daily collation of material designed to provide authoritative information and commentary in relation to the subject matters covered. The views expressed in this material are those of the authors only. To provide feedback please contact: icpc@aspi.org.au

CommentComment
ShareShare

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

TopNewCommunity

No posts

Ready for more?

© 2022 ASPI Cyber Policy
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing