Russian banks targeted by "protestware" | Australian Space Command strengthens high-tech bonds with U.S. | Government introduces new laws to combat misinformation, disinformation
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Russia's biggest bank has warned its users to stop updating software due to the threat of “protestware”: open-source software projects whose authors have altered their code in opposition to Moscow’s invasion of Ukraine. Most of the protestware simply displays anti-war, pro-Ukrainian messages when it is run, but at least one project had malicious code added which aimed to wipe computers located in Russia and Belarus. MIT Technology Review
Two years after the United States inaugurated a military Space Force to mixed reviews, Australia has created its own Space Command to counter threats from China, Russia and other extraterrestrial powers. The New York Times
Communications Minister Paul Fletcher is planning to introduce legislation that will give Australia’s media watchdog more regulatory power over tech companies who fail to meet the standards of a voluntary misinformation and disinformation code of practice. The Sydney Morning Herald
ASPI ICPC
New Report: The UN norms of responsible state behaviour in cyberspace
Australian Strategic Policy Institute
Bart Hogeveen
There is too much at risk to allow cyberspace to become a lawless world and we need to continue to work together to identify the rules of the road in how international law applies to state behaviour in cyberspace just as it does to activities in other domains.
Ukraine - Russia
Activists are targeting Russians with open-source “protestware”
MIT Technology Review
Patrick Howell O'Neill
Russia's biggest bank has warned its users to stop updating software due to the threat of “protestware”: open-source software projects whose authors have altered their code in opposition to Moscow’s invasion of Ukraine. Most of the protestware simply displays anti-war, pro-Ukrainian messages when it is run, but at least one project had malicious code added which aimed to wipe computers located in Russia and Belarus.
Russian cyber attacks are struggling to impact Ukraine's networks
Bloomberg
Thomas Seal and Alberto Nardelli
Russian cyber attacks have so far struggled to successfully target Ukraine's critical national infrastructure, according to government officials. While they are aware of Russian intent to disrupt or infiltrate Ukrainian systems, according to the officials, they have continued to function and Ukraine has mounted a strong defence.
Truth is another front in Putin's War
The New York Times
Steven Lee Myers and Stuart A. Thompson
Disinformation in wartime is as old as war itself, but today war unfolds in the age of social media and digital diplomacy. That has given Russia — and its allies in China and elsewhere — powerful means to prop up the claim that the invasion is justified, exploiting disinformation to rally its citizens at home and to discredit its enemies abroad.
How to avoid sharing misinformation on the War in Ukraine
The New York Times
Daniel Victor
Sorting out what is real in Ukraine and what is misinformation designed to provoke an emotional response is hard enough for professional journalists. For everyday people seeing photos and videos cascade through their social media feeds, it is even harder.
How Russian disinformation goes from the Kremlin to QAnon to Fox News
The Daily Beast
Jared Holt
False claims that Russia has been targeting sinister U.S.-backed “biolabs” in Ukraine were popularized among conspiratorial American audiences by QAnon believers shortly after Russia launched its invasion in late February. Mainstream Republican voices have since dragged the old Russian propaganda at its roots across the forefront of the U.S. political stage.
Bellingcat founder: Don't let Putin's disinformation distract from his war crimes
Financial Times
Eliot Higgins
Russia has been using phone data captured by its spies operating in the UK to target British former special forces teams in Ukraine. The Kremlin has compiled a database of mobile phone numbers in a top secret operation – and this information is being used to decide where to launch missile attacks.
The 5×5—Russia’s cyber statecraft
Atlantic Council
Simon Handler
On February 25, just a day after Russia launched a massive invasion of Ukraine, the Russia-based Conti ransomware group publicly declared its allegiance to the Kremlin. The cybercriminal organization said in an online post that in response to any potential attack against Russia, the group would use “all possible resources to strike back at the critical infrastructures of an enemy.”
Anonymous: How hackers are trying to undermine Putin
BBC News
Joe Tidy
The Anonymous hacktivist collective has been bombarding Russia with cyber-attacks since declaring “cyber-war” on President Vladimir Putin in retaliation for the invasion of Ukraine.
Australia
Creating space-command, Australia strengthens high-tech bond with U.S.
The New York Times
Damien Cave
Two years after the United States inaugurated a military Space Force to mixed reviews, Australia has created its own Space Command to counter threats from China, Russia and other extraterrestrial powers.
Government to introduce laws to combat misinformation, disinformation
The Sydney Morning Herald
Zoe Samios
Communications Minister Paul Fletcher is planning to introduce legislation that will give Australia’s media watchdog more regulatory power over tech companies who fail to meet the standards of a voluntary misinformation and disinformation code of practice.
China now capable of ‘unprecedented digital onslaught’: Dutton
Australian Financial Review
Andrew Tillett
China’s cyber warfare capabilities now have the capacity to mount “an unprecedented digital onslaught”, Defence Minister Peter Dutton will warn, saying Beijing’s online weaponry has grown in parallel with its military build up.
Australian government to introduce crypto exchange 'badge of approval'
ZDNet
Aimee Chanthadavong
Minister for Digital Economy Jane Hume has announced the Australian government will "let Australians invest in crypto assets safely and securely" by establishing a market licence regime for crypto exchanges.
Australia launches federal cybercrime centre as part of national plan
ZDNet
Campbell Kwan
Home Affairs has launched an AU$89 million centre that will be specifically tasked with preventing cybercriminals from scamming, stealing, and defrauding Australians.
China
Four leaked CAC censorship directives on Ukraine, Beijing Olympic budget, and ban of Russian and Belarusian Paralympians
China Digital Times
Cindy Carter
The four leaked censorship directives are issued by the Cyberspace Administration of China (CAC) to major Chinese social media platforms and online news portals. The censorship instructions include prohibiting live streams from Ukraine and deleting new discussions.
China's big tech firms are axing thousands of workers
The Wall Street Journal
Yoko Kubota
Tencent Holdings, operator of the popular chat, social media and payments app WeChat, is planning to cut thousands of employees in some of its biggest business units this year, including around a fifth of the staff at its cloud unit, people familiar with the matter said.
China's tech hub relaxes COVID restrictions to restart industrial production
The Register
Simon Sharwood
The Chinese city of Shenzhen – widely billed as the tech manufacturing capital of the world – has relaxed its COVID-19 restrictions in ways the city government expects will allow industrial production to resume.
Technology companies have a road out of China
The Washington Post
Tim Culpan
Global electronics suppliers looking to diversify their manufacturing footprint beyond China are taking advantage of growing demand for sophisticated components used in electric vehicles to shift production closer to their customers overseas.
USA
Cellphone dragnets can help catch criminals. Judges say they can also violate constitutional rights.
The Washington Post
Justin Jouvenal and Rachel Weiner
Fairfax County detectives turned to a powerful and controversial new investigative tool. They asked a judge to approve a kind of digital dragnet — a request for Google to list all cellphones its data shows were active in an area around the crime scene.
UK
British soldiers are ordered off WhatsApp amid fears that sensitive military details could be accessed by Russian hackers
Daily Mail Australia
Mark Nicol
The British Army has banned WhatsApp over fears Russia is hacking the platform to acquire operationally sensitive information. All personnel, from senior officers to junior soldiers, must cease using the phone messaging service for professional purposes or face disciplinary action.
Downing street points the finger at Russia over hoax calls to ministers
HuffPost
Kevin Schofield
Russia was behind hoax calls made to three high-profile cabinet ministers, Downing Street has revealed. Number 10 blamed Kremlin “disinformation” for Ben Wallace, Priti Patel and Nadine Dorries being targeted.
Europe
Italian public sector told to replace antivirus software linked to Russia
Reuters
Italy's public authorities must replace antivirus software that is linked to Russia to prevent any disruption of services due to the ongoing Ukrainian conflict. The move comes as Italy's data regulator starts a probe into potential privacy risks connected to the use of software provided by Russia-based Kaspersky Lab, amid growing concerns over potential cybersecurity attacks.
Gender and Women in Cyber
CISA’s Easterly calls on industry leaders to close gender gap
The Record
Emma Vail
In celebration of Women’s History Month, WiCyS hosted its annual conference to shine a light on the successes of women already in the field and the work that still needs to be done. Easterly, who took the top role at CISA last July, called on cybersecurity leaders to close the gender gap - current statistics show the industry is only 24% women.
Big Tech
Last apps standing? Telegram, Whatsapp duck Russia bans
Al Jazeera
Chat platforms like WhatsApp and Telegram have avoided being blocked by Russia – unlike some of the world’s biggest social networks – in a tenuous tolerance that experts warn could end suddenly.
Russia finds Meta guilty of 'extremist activity' but WhatsApp can stay
Reuters
A Moscow court said on Monday that Meta was guilty of "extremist activity", but the ruling will not affect its WhatsApp messenger service, focusing on the U.S. firm's already banned Facebook and Instagram social networks.
Apple Maps, App Store, other Apple services experience outage
The Washington Post
Rachel Lerman
Apple services including Maps and iMessage went down for some people Monday, prompting spotty outages and confusion. The company appeared to be experiencing issues with its cloud-based services, which power many features on Apple’s hardware.
Musk reveals plan to scale Tesla to ‘extreme size’
TechCrunch
Jaclyn Trop
Musk revealed on Twitter the themes that will dominate the next installment in Tesla’s long-term playbook: artificial intelligence and scaling the automaker’s operations.
Misc
The latecomer's guide to crypto
The New York Times
Kevin Roose
As it’s gone mainstream, crypto has inspired an unusually polarized discourse. Its biggest fans think it’s saving the world, while its biggest skeptics are convinced it’s all a scam — an environment-killing speculative bubble orchestrated by grifters and sold to greedy dupes, which will probably crash the economy when it bursts.
Research
Serpent, No Swiping! New backdoor targets French entities with unique attack chain
Proofpoint
Bryan Campbell, Zacharge Abzug, Andrew Northern and Selena Larson
Proofpoint observed new, targeted activity impacting French entities in the construction and government sectors. The threat actor used macro-enabled Microsoft Word documents to distribute the Chocolatey installer package, an open-source package installer. Various parts of the VBA macro include the following ASCII art and depict a snake as below.
Jobs
The Sydney Dialogue - Director
ASPI ICPC
The Australian Strategic Policy Institute (ASPI) is currently recruiting for a Director to lead the second iteration of ASPI’s Sydney Dialogue - the world’s premier summit on emerging, critical and cyber technologies.
The Sydney Dialogue - Senior Events Coordinator
ASPI ICPC
The Australian Strategic Policy Institute (ASPI) is currently recruiting for an experienced events professional to coordinate the planning and logistics of the second iteration of ASPI’s Sydney Dialogue - the world’s premier summit on emerging, critical and cyber technologies.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
Important disclaimer: This digest is a daily collation of material designed to provide authoritative information and commentary in relation to the subject matters covered. The views expressed in this material are those of the authors only. To provide feedback please contact: icpc@aspi.org.au