Russian state-sponsored hackers target US defence contractors | Israel to build quantum computer for national security | Ukraine's security service suspects Russia behind cyber attacks
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The US government said today that Russian state-sponsored threat actors have targeted and breached multiple defense contractors between January 2020 and February 2022. The Record by Recorded Future
Israel’s innovation and weapons research and development authorities will soon publish the first tender for building an Israeli quantum computer, as part of a massive project intended to give Israel “strategic capabilities” in the nascent field. Haaretz
It is "too early" to identify the culprits behind a small wave of unsophisticated cyber attacks that targeted Ukraine on Tuesday, according to a state security official. Ilya Vityuk, who heads Ukraine's security service cyber department, told journalists that their only suspect was Russia, although this wasn't a formal attribution. Sky News
ASPI ICPC
What the Tonga disaster tells us about the South Pacific’s cyber resilience
The Strategist
Bart Hogeveen
The story of Tonga’s submarine cable connection and the digital infrastructure and services that were built holds valuable lessons on how to approach digital issues in the Pacific. Besides vulnerabilities of infrastructure, there are resilient communities and practices that should inform Australia’s and others’ approaches to digital and cyber capacity-building.
The World
Twitter expands its crackdown on trolling and hate
BBC News
Twitter is to expand its Safety Mode feature, which lets users temporarily block accounts that send harmful or abusive tweets. The system will flag accounts using hateful remarks, or those bombarding people with uninvited comments, and block them for seven days. Half of the platform's users in the UK, US, Canada, Australia, New Zealand and Ireland will now have access.
Twitter officially launches labels to identify the ‘good bots’
TechCrunch
Sarah Perez
Twitter last fall introduced a new label that would allow what it calls the “good bots” on its service to identify themselves. While the word “bot” can often have a negative connotation, Twitter noted there were useful bots, too, which were automatically tweeting out useful information like COVID-19 updates, earthquake alerts, bills being introduced in Congres and more. These “good bot” labels, which had been in testing with a small group, are now publicly available to all automated account holders.
Australia
Cyber soldiers and the final frontier will influence the next war. Is Australia ready?
The Sydney Morning Herald
Anthony Galloway
Cyber offensive capabilities will prove crucial in the next war. Is Australia ready to fight online?
Leaked data from Canadian convoy protest fundraiser reveals hundreds of Australian donors
ABC News
Ariel Bogle and Kevin Nguyen
A leaked database of donations made to Canadian truckers protesting against vaccine mandates has listed hundreds of Australians among the convoy's supporters.
Pacific public broadcasters concerned about Chinese government pressure, says ABC managing director
ABC News
Henry Belot
The ABC managing director says public broadcasters in the Pacific have raised concerns about Chinese government pressure to carry state-owned (controlled) news content.
China
China’s cities are going to the metaverse — before they even know what it is
Protocol
Zeyi Yang
Local governments in Beijing, Shanghai and other cities are all-in on the metaverse to attract new business investments.
China video site Bilibili to add 1,000 censors after worker dies
Financial Times
Cissy Zhou
Chinese online video streaming service Bilibili plans to hire 1,000 content censors after the recent death of a 25-year-old member sparked heated discussions about overwork in the country’s internet industry.
Financing & genocide: Development finance and the crisis in the Uyghur Region
Atlantic Council
Laura T. Murphy, Kendyl Salcito and Nyrola Elimä
A joint investigation by the Helena Kennedy Centre for International Justice at Sheffield Hallam University and NomoGaia, published in coordination with the Atlantic Council’s DFRLab, reveals how the World Bank’s private lending arm, the International Finance Corporation (IFC), has several significant investments in China’s Xinjiang Uyghur Autonomous Region... Using Chinese state media and propaganda, satellite imagery of IFC’s client operations, IFC project documentation, public reports, and corporate disclosures, this report presents credible evidence that IFC financing is contributing to companies committing gross human rights abuses against Uyghur peoples in the region and makes evidence-based recommendations to IFC and other parties.
Antisemitism With Chinese Characteristics
Tablet
Tuvia Gering
Since the most recent conflict in Gaza in May 2021, antisemitic tropes and sentiments have been propagated on Chinese state media, encouraged by top Chinese diplomats, and rehashed by well-known Chinese political commentators.
Official Olympic coverage tells us who wins. TikTok tells us everything else.
The Washington Post
Tatum Hunter
Now, at the Winter Olympics, viewers are flocking to watch less polished videos on the social media platform, whether that’s athletes getting their daily throat swabs for covid, robots disinfecting hallways or facial recognition technology able to identify athletes with their masks on. TikTok has plenty of glimpses into life at the Olympics — along with some weirder content from athletes and audiences.
USA
Senators unveil children’s online safety bill after months of pressure on Silicon Valley
The Washington Post
Cat Zakrzewski
The bill would require companies to provide parents and minors with new controls and create new obligations for platforms to address self-harm, eating disorders and other content that might harm children and teens.
California to adopt UK-style child data law in global push against Big Tech
Financial Times
Madhumita Murgia and Hannah Murphy
California lawmakers plan to introduce a new bill to protect children’s data online this Thursday, mirroring the UK’s recently introduced children’s code, as part of growing momentum globally for stricter regulation on Big Tech.
Please Delete Your Recordings: Inside a Police Conference
VICE
Joseph Cox
Police, surveillance tech companies, and government contractors gathered to joke about law enforcement robots in locker rooms and talk about getting close to senior police officers by giving them hunting holidays.
Facial recognition firm Clearview AI tells investors it’s seeking massive expansion beyond law enforcement
The Washington Post
Drew Harwell
The company is pushing toward 100 billion images in its ‘index of faces,’ even as lawmakers worry the company poses a dangerous threat to Americans’ privacy rights.
After FBI Raid, Dem. Congressman Feels the Love - From a Network of Trolls
The Daily Beast
Ursula Perano, Roger Sollenberger and Shannon Vavra
Days after the FBI raided his home and office, Texas Rep. Henry Cuellar’s social media feed was filled with well-wishers that experts say are not actual people.
Their bionic eyes are now obsolete and unsupported
IEEE Spectrum
Eliza Strickland and Mark Harris
These three patients, and more than 350 other blind people around the world with Second Sight’s implants in their eyes, find themselves in a world in which the technology that transformed their lives is just another obsolete gadget. One technical hiccup, one broken wire, and they lose their artificial vision, possibly forever.
North Asia
Fears of online censorship in Hong Kong as rights group website goes down
The Guardian
Vincent Ni
The website of a UK-based advocacy group appears to have become inaccessible through some networks in Hong Kong, raising fears of mainland-style internet censorship in the Chinese territory.
Southeast Asia
Government Confirms Controversial National Internet Gateway Plan Delayed
Cambodianess
Gerald Flynn and Phoung Vantha
Civil society groups remain concerned, despite the indefinite delay to the National Internet Gateway, and have called for the government to repeal the sub-decree, as was advised by the UN and others.
NZ & Pacific Islands
80km stretch of Tonga Cable blown to bits by eruption
Matangi Tonga Online
Mary Lyn Fonua
An 80 km stretch of Tonga's telecommunications cable, was blown to bits by a volcanic eruption on Jan. 15 and there's no easy fix. Short pieces have been recovered, while a major section of the fibre optic cable, about 55 km long, including an expensive repeater, has yet to be recovered from the seabed.
South & Central Asia
Afghans Find Room for Debate on Twitter Spaces
The New York Times
Sharif Hassan
An audio live chat feature on Twitter has become a go-to place for Afghans still recovering from the collapse of the former government and seeking answers on everything from what went wrong to what comes next.
UK
Chinese MI6 informant gave information to MPs about Huawei threat
The Guardian
Duncan Campbell and Richard Norton-Taylor
A Chinese informant for MI6, now serving a life sentence for murder in a British jail, has given information about the telecommunications company Huawei to the parliamentary intelligence and security committee (ISC), the Guardian has learned.
Europe
Ukraine security services say 'too early' to identify cyber attack culprits
Sky News
Alexander Martin
It is "too early" to identify the culprits behind a small wave of unsophisticated cyber attacks that targeted Ukraine on Tuesday, according to a state security official.
Ilya Vityuk, who heads Ukraine's security service cyber department, told journalists that their only suspect was Russia, although this wasn't a formal attribution.
Russia
US says Russian hackers breached multiple DOD contractors
The Record by Recorded Media
Catalin Cimpanu
The US government said today that Russian state-sponsored threat actors have targeted and breached multiple defense contractors between January 2020 and February 2022.
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
CISA
From at least January 2020, through February 2022, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) have observed regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors.
Americas
The Case of the Creepy Algorithm That ‘Predicted’ Teen Pregnancy
WIRED
Diego Jemio, Alexa Hagerty and Florencia Aranda
A government leader in Argentina hailed the AI, which was fed invasive data about girls. The feminist pushback could inform the future of health tech.
Middle East
Israel Joins Latest Arms Race: Quantum Computing
Haaretz
Sagi Cohen
Israel’s innovation and weapons research and development authorities will soon publish the first tender for building an Israeli quantum computer, as part of a massive project intended to give Israel “strategic capabilities” in the nascent field.
Africa
Nigeria’s tech entrepreneurs target healthcare and education
Financial Times
Alexis Akwagyiram
Nigerian payment companies are at the vanguard of innovation in Africa, with investment levels to match. But, with the coronavirus pandemic focusing attention on healthcare, companies that offer services from technology for remote consultations to the digitisation of medical records are becoming increasingly appealing to investors.
Misc
ICRC cyber-attack: Sharing our analysis
ICRC
Robert Mardini
The following is an open letter from Robert Mardini, the director-general of the International Committee of the Red Cross (ICRC), following the discovery in mid-January of a cyber-attack on ICRC servers containing data related to the Red Cross and Red Crescent Movement's Restoring Family Links services.
Red Cross blames hack on Zoho vulnerability, suspects APT attack
The Record by Recorded Future
Catalin Cimpanu
After making headlines last month, additional details are emerging about the hack of the Red Cross organization and the possibility that the attack was carried out by a state-sponsored hacking group.
Quantum Cryptanalysis: Hype and Reality
Lawfare
Chris Jay Hoofnagle and Simson Garfinkel
The United States, China, the European Union, and individual European nations (France, Germany, the United Kingdom) are pumping billions into the field. And make no mistake: Quantum computers are here today. They just aren’t very powerful for solving real-world problems like factoring or revealing the secrets of photosynthesis.
Devious hackers are using NFT hype to hijack your PC and webcam
ZDNet
Danny Palmer
Cybersecurity researchers warn that criminals are using hype around NFTs to trick victims into downloading password-stealing BitRAT malware that allows them to hijack infected machines.
‘Ice phishing’ on the blockchain
Microsoft 365 Defender Research Team
The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every technology that enables human connection. Our recent analysis of a phishing attack connected to the blockchain reaffirms the durability of these threats as well as the need for security fundamentals to be built into related future systems and frameworks.
Events and Podcasts
Increasing Resilience in a Post-Pandemic World
The Sydney Dialogue
Covid-19 has created unprecedented disruption to our economic, health, and travel systems. The pandemic has demonstrated the importance of governments, scientists, and industry leaders working together to ensure healthy and thriving communities. How will this relationship re-write itself in the wake of the pandemic? In this panel discussion, speakers will look at how governments, scientists and industry leaders can better work together to protect global health and promote economic recovery using technology. Streaming on Monday 21st February at 5:30pm AEDT.
ASPI Webinar Launch: The future of assistance to law enforcement in an end-to-end encrypted world
ASPI
ASPI’s International Cyber Policy Centre is delighted to invite you to the online launch of its new report ‘The future of assistance to law enforcement in an end-to-end encrypted world’. Join report author Tom Uren alongside panellists Brendan Dowling, First Assistant Secretary of the Department of Home Affairs Digital and Policy Division, and Clair Deevy, Director of Public Policy at WhatsApp for a discussion on how encryption has affected assistance to law enforcement, moderated by ASPI's Fergus Hanson.
Research
Assessing Systemic Strengths and Vulnerabilities of China's Defense Industrial Base
RAND Corporation
Cortney Weinbaum, Caolionn O'Connell, Steven W. Popper, M. Scott Bond, Hannah Jane Byrne, Christian Curriden, Gregory Weider Fauerbach, Sale Lilly, Jared Mondschein and Jon Schmid
In response to a requirement set in the National Defense Authorization Act for Fiscal Year 2021, the authors examine the strengths and vulnerabilities of China's defense industrial base (DIB) by designing and applying a comparative analytic structure that could be used to assess any country's DIB.
U.S. Antitrust Legislative Proposals: A Global Perspective
U.S. Chamber of Commerce
This report cautions against current U.S. legislative proposals that could undermine U.S. economic and security interests and strengthen foreign rivals without any apparent benefit to U.S. consumers and workers.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Data Analyst
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for talented Data Analysts to join its growing centre. ASPI’s ICPC undertakes complex research on some of the most challenging issues at the intersection of technology and public policy. How do we develop international norms to deter information operations and coercive diplomacy, how should we build international cooperation on the development of emerging critical technologies, what is the right balance between regulation and innovation? We deliver empirical research that is policy-relevant and we’re looking for people who can help us analyse data at scale.