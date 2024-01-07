Good morning and welcome back to our first Daily Cyber Digest of 2024. It's Monday 8 January.

Australia needs a dedicated, autonomous national security adviser

Danielle Cave

The world is on the verge of revolutionary technological change. Artificial Intelligence is just one of a suite of game-changing developments we must deal with, each emerging technology bringing enormous potential benefits but also risks of a nature we have not faced before. While the digital era has brought our societies and economies great benefits, for democratic nations, each technological evolution adds to the already long list of domestic and international security challenges that need to be managed. Crucially, as threats to our security, economy and stability evolve, so must our forms of global engagement.

More than 1,000 ‘distressing’ social media posts removed at Australian government’s request during Gaza war

Sarah Basford Canales and Josh Taylor

More than 1,000 violent and extremist posts have been taken down from social media at the federal government’s request since 7 October following an increase in referrals brought on in part by the conflict between Israel and Hamas. It follows a warning by the communications minister, Michelle Rowland, in the days following Hamas’s 7 October attacks in southern Israel that it was the job of social media companies to “prevent the spread of distressing violent and terrorist content”.

Low cost, high reward: The hackers holding Australia to ransom

David Swan and Colin Kruger

The Petya ransomware attack, in June 2017, halted chocolate bar production in Hobart and ultimately cost Cadbury’s parent company, Mondelez International, an estimated $140 million in lost revenue. It was also among the first of what has become an avalanche of ransomware attacks to hit Australian businesses, which industry insiders say are chronically underprepared to deal with such incidents.

Chinese spy agency rising to challenge the C.I.A.

Edward Wong, Julian E. Barnes, Muyi Xiao and Chris Buckley

The Chinese spies wanted more. In meetings during the pandemic with Chinese technology contractors, they complained that surveillance cameras tracking foreign diplomats, military officers and intelligence operatives in Beijing’s embassy district fell short of their needs.

Prominent Chinese business analysts are starting to disappear from social media

Some of China’s most prominent analysts have been subjected to social media restrictions that appear designed to restrict their ability to comment on the country’s ailing stock markets and struggling economy. At least six analysts are unable to upload new posts or gain new followers on popular social networking platforms, according to their account pages reviewed by CNN.

Uyghur students targeted in PRC police "anti-terrorism" project

Uyghur students are being explicitly targeted as part of a wide-ranging "anti-terrorism" project in a major PRC city. This confirms PRC discrimination against Uyghur students, with Hikvision separately winning a 'Smart Campus' deal requiring Ramadan warnings for minorities. Uyghurs are often treated as "terrorists" by PRC policing systems with e.g. Dahua tracking "Uyghurs with hidden terrorist intentions".

China sanctions US firm, two researchers over Xinjiang work

Colum Murphy and Josh Xiao

China said it was sanctioning a US company and two human rights researchers over work related to Xinjiang, escalating a dispute between the nations over allegations of forced labor. China was freezing any assets held in the nation by Kharon, Foreign Ministry spokeswoman Mao Ning said at a regular press briefing in Beijing on Tuesday, referring to a Los Angeles-based company that identifies sanctions and compliance risks for organizations.

Thermo Fisher halts DNA collection kit sales in Tibet

Bethany Allen-Ebrahimian

Biotechnology company Thermo Fisher Scientific has halted sales of DNA collection kits to Tibet after criticism from rights groups and pressure from Congress, the company tells Axios. Thermo Fisher's HID technology has "important forensic applications, from tracking down criminals, to stopping human trafficking and freeing the unjustly accused" and its HID sales in Tibet were "consistent with routine forensic investigation in an area of this size," the spokesperson added.

7 months inside an online scam labor camp

Isabelle Qian

As Mr. Lu quickly realized, there was, in fact, no translation job. No e-commerce company, either. It had all been part of a ruse, starting with a posting on a Chinese job forum, perfected by human traffickers to get people like him to travel to Thailand. From bases in Cambodia, Laos and Myanmar, the gangs coerce their captives into carrying out complicated online scams that prey on the lonely and vulnerable around the world.

Former CIA head Mike Pompeo to advise AUKUS tech fund

Matthew Cranston

Former CIA director Mike Pompeo has been appointed as a strategic adviser to DYNE Maritime, the Australian-founded, US-based venture capital company investing in technologies related to the AUKUS military intelligence-sharing pact. DYNE Maritime, started by former JPMorgan investment banker Matthew Kibble, an Australian, and former US Navy surface warfare and intelligence officer Tom Hennessey, launched the $US100 million fund in October to invest in dual-use technologies – those with military and civilian applications.

U.S. awards chip supplier $162 million to bolster critical industries

Ana Swanson

The Biden administration on Thursday announced plans to provide $162 million in federal grants to Microchip Technology, an Arizona-based semiconductor company that supplies the automotive, defense and other industries. The agreement is the second award announced under a new program intended to help ensure that American companies that rely on semiconductors have a stable supply.

U.S. intelligence officials determined the Chinese spy balloon used a U.S. internet provider to communicate

Courtney Kube and Carol E. Lee

U.S. intelligence officials have determined that the Chinese spy balloon that flew across the U.S. this year used an American internet service provider to communicate, according to two current and one former U.S. official familiar with the assessment. The balloon connected to a U.S.-based company, according to the assessment, to send and receive communications from China, primarily related to its navigation.

Introduction to expert statements on role of extremism in social and news media, submitted to January 6th House Select Committee

Meghan Conroy and Justin Hendrix

During the course of its 18-month investigation, the Select Committee to Investigate the January 6th Attack on the U.S. Capitol solicited expert statements to help it better understand “the facts, circumstances, and causes” of the attack, in accordance with the law that established the body.

Misinformation on Japan quake spreading on social media, government warns

False information concerning a powerful earthquake in central Japan on New Year's Day has been spreading on social media platforms, prompting the government on Wednesday to call for the public to exercise caution. Some posts have attributed the cause of the magnitude 7.6 quake that struck the Noto Peninsula and its vicinity on the Sea of Japan coast on Monday to the use of an "earthquake weapon," while describing the seismic event as an "artificial earthquake."

X kicked off 2024 by screwing up during Japan's earthquake emergency

Jordan Pearson

A 7.5 magnitude earthquake struck Japan on New Year’s Day, sending many people seeking information about the disaster to X, formerly called Twitter. Instead, users of the Elon Musk-owned platform found misinformation from verified accounts as the website limited posts from a key source of emergency information.

Iranian-linked hacks expose failure to safeguard US water system

Jamie Tarabay and Katrina Manson

In late November, an Iranian-backed hacking group attacked Israeli-made digital controls commonly used in the water and wastewater industries in the US, affecting multiple organizations across several states. The Iranian-linked hacks were a wake-up call that has jolted officials to redouble efforts to agree on at least minimum standards of security. But little actual progress has been made so far.

India targets Apple over its phone hacking notifications

Gerry Shih and Joseph Menn

A day after Apple warned independent Indian journalists and opposition party politicians in October that government hackers may have tried to break into their iPhones, officials under Prime Minister Narendra Modi promptly took action — against Apple. Officials from the ruling Bharatiya Janata Party publicly questioned whether the Silicon Valley company’s internal threat algorithms were faulty and announced an investigation into the security of Apple devices.

Russian hackers were inside Ukraine telecoms giant for months

Tom Balmforth

Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a "big warning" to the West, Ukraine's cyber spy chief told Reuters. The hack, one of the most dramatic since Russia's full-scale invasion nearly two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from Dec. 12.

China’s advanced machine tool exports to Russia soar after Ukraine invasion

Joe Leahy, Chris Cook, Max Seddon and Max Harlow

Chinese shipments to Russia of an important class of advanced machine tools have increased tenfold since the full-scale invasion of Ukraine, with the country’s producers now dominating trade in high-precision “computer numerical control” devices vital to Moscow’s military industries. The soaring shipments of CNC units, which permit extremely precise metal milling, have become a big concern to Ukraine’s allies as they seek to crack down on Russia’s access to the equipment.

Ukraine war: How TikTok fakes pushed Russian lies to millions

Olga Robinson, Adam Robinson & Shayan Sardarizadeh

A Russian propaganda campaign involving thousands of fake accounts on TikTok spreading disinformation about the war in Ukraine has been uncovered by the BBC. Its videos routinely attract millions of views and have the apparent aim of undermining Western support. The decision came in April after the utility sought advice from the National Cyber Security Centre, a branch of the nation's signals intelligence agency GCHQ, the newspaper quoted a Whitehall official as saying.

How pro-Russian 'yacht' propaganda influenced US debate over Ukraine aid

Olga Robinson, Shayan Sardarizadeh and Mike Wendling

A website founded by a former US Marine who now lives in Russia has fuelled a rumour that Volodymyr Zelensky purchased two luxury yachts with American aid money. Despite the false claim, the disinformation plot was successful. It took off online and was echoed by members of the US Congress making crucial decisions about military spending.

Huawei cuts North America PR staff as hopes for U.S. breakthrough fade

Marrian Zhou

Huawei has gradually dismantled its public relations and government relations teams in the U.S. and Canada, according to people familiar with the matter. Employees have been let go over the past few months including several right after the New Year. Some have worked for Huawei for about a decade and were upset about the news, but others saw the decision coming given worsening U.S.-China relations, according to several sources.

Huawei teardown shows 5nm chip made in Taiwan, not China

Vald Savov and Debby Wu

Huawei Technologies Co.’s newest laptop runs on a chip made by Taiwan Semiconductor Manufacturing Co., a teardown of the device showed, quashing talk of another Chinese technological breakthrough. The Qingyun L540 notebook contains a 5-nanometer chip made by the Taiwanese company in 2020, around the time US sanctions cut off Huawei’s access to the chipmaker, research firm TechInsights found after dismantling the device for Bloomberg News.

Huawei is back, and the need to keep it out of 5G networks is greater than ever

David Wilezol

Chinese telecommunications giant Huawei’s cell phone business was on life support in 2020 after the Trump administration launched its economic war against the company. But Huawei has shown a vampiric ability to come back from the dead in the years since. Since 2020, Western officials have largely shifted their focus to tackling other Chinese tech threats — TikTok, semiconductors and artificial intelligence among them.

Hackers discover way to access Google accounts without a password

Anthony Cuthbertson

Security researchers have uncovered a hack that allows cyber criminals to gain access to people’s Google accounts without needing their passwords. Analysis from security firm CloudSEK found that a dangerous form of malware uses third-party cookies to gain unauthorised access to people’s private data, and is already being actively tested by hacking groups.

The unbearably high cost of cutting trust and safety corners

Matt Motyl and Glenn Ellingson

In 2023, social media companies decided to cut corners by laying off thousands of employees who were experts on combating abusive behaviors and harmful content. Laying experts off may have saved these companies money in the short term – but at what cost, and will these cuts come back to haunt them?

Generative AI's wild 2023

Kenneth Li

ChatGPT was well on its way to becoming a household name even before 2023 kicked off. Just weeks after the Nov. 30 launch of the generative artificial intelligence-powered chatbot, OpenAI, the non-profit behind ChatGPT, was projected to rake in as much as $1 billion in revenue in 2024, sources told Reuters at the time.

Japan MoD, US DoD sign joint agreement for AI, UAS research

Secretary of the Air Force Public Affairs

The U.S. Department of Defense and the Japanese Ministry of Defense signed a project arrangement for joint research on Overwhelming Response through Collaborative Autonomy, Dec. 22. The project’s objective is to revolutionize airborne combat by merging state-of-the-art artificial intelligence and machine learning with advanced unmanned air vehicles and is a direct result of the December 2022 MoD-DoD joint statement on cooperation for Japan’s future aircraft.

NIST identifies types of cyberattacks that manipulate behavior of AI systems

Adversaries can deliberately confuse or even “poison” artificial intelligence systems to make them malfunction — and there’s no foolproof defense that their developers can employ. Computer scientists from the National Institute of Standards and Technology and their collaborators identify these and other vulnerabilities of AI and machine learning in a new publication.

Investigation finds AI image generation models trained on child abuse

David Thiel

A Stanford Internet Observatory investigation identified hundreds of known images of child sexual abuse material in an open dataset used to train popular AI text-to-image generation models, such as Stable Diffusion. A previous SIO report with the nonprofit online child safety group Thorn found rapid advances in generative machine learning make it possible to create realistic imagery that facilitates child sexual exploitation using open source AI image generation models.

