Scale, details of massive ransomware attack emerge | China's cyberspace regulator orders Didi off app stores after investigation | Prominent women call for tech giants to act against online harassment
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. Politico
China's cyberspace regulator said that it had ordered smartphone app stores to stop offering Didi's app after finding the ride-hailing giant had illegally collected users' personal data. ABC News
More than 200 prominent women from around the world, including actors, journalists, musicians and former government leaders, have written an open letter urging the chief executives of Facebook, Twitter, TikTok and Google to “prioritize the safety of women” on their platforms. The New York Times
ASPI ICPC
Fashion Retailers Face Inquiry Over Suspected Ties to Forced Labor in China
The new York Times
@LizziePaton @leontinegls @aurelienbrd
The groups’ lawsuit is largely based on findings published in a report by the Australian Strategic Policy Institute in March 2020, among other documents, Mr. Bourdon said. As well as human rights violations in Xinjiang, the report identified 83 foreign and Chinese companies, including fashion brands, that it said directly or indirectly benefited from the use of Uyghur workers outside Xinjiang through potentially abusive labor transfer programs.
Read our report ‘Uyghurs for Sale’ here.
World
Scale, details of massive ransomware attack emerge
Politico
Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit.
Biden announces investigation into international ransomware attack
The Guardian
Joe Biden said on Saturday he had directed US intelligence agencies to investigate a sophisticated ransomware attack that hit hundreds of American businesses as the Fourth of July holiday weekend began and aroused suspicions of Russian gang involvement.
Ransomware attack on software manager hits 200 companies
NBC News
@kevincollier
A successful ransomware attack on a single company has spread to at least 200 organizations, according to cybersecurity firm Huntress Labs, making it one of the single largest criminal ransomware sprees in history… The timing, just ahead of Fourth of July weekend, is unlikely to be a coincidence. Ransomware hackers often time their attacks to start at the beginning of a holiday or weekend, as that minimizes the number of cybersecurity professionals who might be able to quickly jump on and stop the malicious software's spread.
Major ransomware attack against U.S. tech provider forces Swedish store closures
Reuters
@johan_ahlander @josephmenn
One of the largest ransomware attacks in history spread worldwide on Saturday, forcing the Swedish Coop grocery store chain to close all 800 of its stores because it could not operate its cash registers.
Prominent Women Call for Tech Giants to Act Against Online Harassment
The New York Times
@ainajkhan
More than 200 prominent women from around the world, including actors, journalists, musicians and former government leaders, have written an open letter urging the chief executives of Facebook, Twitter, TikTok and Google to “prioritize the safety of women” on their platforms.
“Prioritise the safety of women”: Open letter to CEOs of Facebook, Google, TikTok & Twitter
Web Foundation
At the Generation Equality Forum in Paris, the CEOs of Facebook, Google, TikTok and Twitter make unprecedented commitments to tackle the abuse of women on their platforms.
Internet shutdowns now ‘entrenched’ in certain regions, rights council hears
UN News
The practice of shutting down internet and mobile phone access to stifle dissent has become “entrenched” and more sophisticated in a growing number of countries as governments seek to retain power, a top UN-appointed independent rights expert said on Thursday.
The Lawfare Podcast: Coordinating Inauthentic Behavior With Facebook’s Head of Security Policy
Lawfare
Jen Patja Howell
This week on Arbiters of Truth, our podcast on our online information ecosystem, Evelyn Douek and Quinta Jurecic bring you an episode they’ve wanted to record for a while: a conversation with Nathaniel Gleicher, the head of security policy at Facebook. He runs the corner of Facebook that focuses on identifying and tackling threats aimed at the platform, including information operations.
Australia
Pirates of the cyber seas: How ransomware gangs have become security’s biggest threat
Brisbane Times
@chrizap
Cyber security experts, ex-military officials and some politicians are pushing for ransomware gangs to be treated not as hackers but like “pirates” of the past, in a rethink of how to best counter their growing threat to businesses, industries and society.
Qld police accessed QR code check-in app data
Innovation Aus
@denhamsadler
Police in Queensland accessed data from the state’s QR code check-in contact tracing app to investigate a theft, with legislative changes now being considered to prevent this happening again.
Priorities for critical technology cooperation between India and Australia
Observer Research Foundation
@VatsAntara
As both nations gear up for the upcoming Cyber Policy Dialogue and the inaugural meeting of JWG on Information, Communication, and Technology, this article outlines how this partnership can strengthen India’s cyber security capabilities, boost its influence in global Artificial Intelligence governance regimes and enhance its role in critical mineral supply chains.
Read our report ‘Critical technologies and the Indo-Pacific: A new India-Australia partnership’ here.
Why Australia’s local soccer leagues are attracting international gamblers
The Age
@jckkrr
An investigation by The Age and The Sydney Morning Herald has found that Australia’s amateur and semi-professional soccer leagues are among the most available products on the global soccer betting market.
China
China's cyberspace regulator orders Didi off app stores after launching investigation
ABC News
China's cyberspace regulator said that it had ordered smartphone app stores to stop offering Didi's app after finding the ride-hailing giant had illegally collected users' personal data.
China investigates Didi over cybersecurity days after its huge IPO
Reuters
China's cyberspace administration said on Friday it has launched a new investigation into ride-hailing giant Didi Global Inc to protect national security and public interest.
Huawei enlists army of European talent for 'battle' with US
Nikkei Asia
@ChengTingFang @Lauly_Th_Li
For anyone who thought Huawei Technologies had buckled under the strain of a yearslong U.S. crackdown, it might come as a surprise that the Chinese tech group is looking to hire chip engineers in Munich, software developers in Istanbul and AI researchers in Canada, along with hundreds of Ph.D. candidates at home and abroad.
Alibaba Nears First Big Deal Since Record Antitrust Fine
Bloomberg
@cocojournalist
Alibaba Group Holding Ltd. is poised to make its first major investment since it paid a record antitrust fine as part of a bruising crackdown on Jack Ma’s internet empire... The potential investment could mark a comeback for Alibaba since authorities levied a $2.8 billion fine on the company in April for anti-monopoly violations, fueling its first loss in nine years.
Read our report ‘Reining in China’s Technology Giants’ here.
Why the Chinese government turned on Jack Ma’s ‘Harvard for China’
Rest of World
@yilingliu95
But more recently, as the attitude inside China toward the tech industry has soured, Hupan has come under criticism for serving as a glorified boys club for China’s tech elite — including from China’s authorities. In recent months, as the government has aggressively reined in Jack Ma’s business empire, it has also targeted Hupan — forcing the university to suspend enrolments, to let Ma step down as President, and to drop “university” from its title. To the Communist Party, Hupan is a problem not simply because it represents an elite but because it’s an elite that no longer shares its values.
China’s tech group Kuaishou ends compulsory Sunday overtime
Financial Times
China’s short-video company Kuaishou has formally cancelled its weekend overtime policy, while its competitor, TikTok’s parent ByteDance, is debating internally whether to do the same. The move by Kuaishou, which raised $5.4bn in a public listing earlier this year, comes as China’s tech sector grapples with employees’ complaints of overwork and mistreatment. In January, the news of two deaths at ecommerce giant Pinduoduo further stirred nationwide debate over the notorious “996” schedule of working 9am-9pm six days a week.
China advances in challenge to dollar hegemony
Financial Times
@choyleva
The renewed effort to dethrone the dollar is based in large part on China’s technological prowess. It is banking that the development of the necessary financial infrastructure, the country’s world-beating mobile payments systems and a successful launch of the digital version of the renminbi will make it easier to use and promote the currency beyond China’s borders.
Read our report ‘The flipside of China’s central bank digital currency’ here.
TikTok's Algorithm and AI Tech Are Now up for Sale
Gizmodo
@pithyalyse
Now anyone can tap into the secret sauce behind ByteDance’s globally successful TikTok app—for a price. The China-based company quietly launched a new BytePlus division back in June focused on selling TikTok’s artificial intelligence technology, including the popular recommendation algorithm behind its ForYou feed, to businesses worldwide, the Financial Times reported Sunday.
USA
Biden Says ‘Not Sure’ If Russia Is Behind Latest Cyberattack
Bloomberg
President Joe Biden said “we’re not sure” that Russia is behind a massive ransomware attack on managed-service providers as U.S. intelligence officials conduct an investigation. “I directed the full resources of the government to assist in the response if needed,” Biden told reporters during a trip to Michigan on Saturday.
Some accused in Capitol riot reportedly tried to scrub info from their phones and social media
The Verge
@SocialKimLy
Some 49 people accused of taking part in the January 6th riot at the US Capitol building have tried to erase images, videos, and texts from their phones and social media accounts, the Associated Press reported, citing a review of court records. Authorities told the AP that the people may have realized that the many photos and videos posted to social media by people participating in the riot could be used as evidence against them.
The Making and Unmaking of Chet Hanks’s “White Boy Summer”
Vanity Fair
@kenzbry
In a matter of weeks, the term “White Boy Summer” has gone from a seemingly innocent, mainstream internet fad to a viral meme among neo-Nazis and white supremacists. Versions of the far-right’s dark subversion of the meme have jumped across from the fever swamps of the imageboard 4chan and encrypted messaging service Telegram, to more popular social media apps like TikTok where Bellingcat found one video featuring Nazi iconography that had been viewed more than 10,000 times.
White Boy Summer, Nazi Memes and the Mainstreaming of White Supremacist Violence
Bellingcat
@IwriteOK @hungrybowtie
White Boy Summer started as a harmless internet fad. But the term has since been adopted by far-right extremists and used in their propaganda.
California’s yoga, wellness and spirituality community has a QAnon problem
Los Angeles Times
@laura_nelson
More commonly associated with right-wing groups, the conspiracy theory is spreading through yoga, meditation and other wellness circles. Friends and colleagues have watched with alarm as Instagram influencers and their New Age peers — yogis, energy healers, sound bathers, crystal practitioners, psychics, quantum magicians — embraced QAnon’s conspiratorial worldview and sprayed it across social media.
What’s in a tag? Twitter revamps misinformation labels
AP News
@BarbaraOrtutay
The labels are an update from those Twitter used for election misinformation before and after the 2020 presidential contest. Those labels drew criticism for not doing enough to keep people from spreading obvious falsehoods. Now, Twitter is overhauling them in an attempt to make them more useful and easier to notice, among other things. Beginning Thursday, the company will start testing the redesigns with some U.S. users on the desktop version of its app.
North Asia
Apple and Intel become first to adopt TSMC's latest chip tech
Nikkei Asia
@ChengTingFang @Lauly_Th_Li
Apple and Intel have emerged as the first adopters of Taiwan Semiconductor Manufacturing Co.'s next-generation chip production technology ahead of its deployment as early as next year, Nikkei Asia has learned.
Taiwan's Terry Gou, TSMC reach initial agreements for BioNTech vaccines -sources
Reuters
@YimouLee
Terry Gou, the billionaire founder of Taiwan's Foxconn, along with TSMC reached initial agreements to each buy 5 million doses each of BioNTech SE's COVID-19 vaccine on Friday, three sources with knowledge of the situation told Reuters.. Last month, facing public pressure about the slow pace of Taiwan's inoculation programme, the government agreed to allow Gou and Taiwan Semiconductor Manufacturing Co to negotiate on its behalf for the vaccines, which would be donated to Taiwan's government for distribution.
Southeast Asia
Vietnam orders Netflix to remove Australian spy show over South China Sea map
Reuters
@pearswick
Netflix Inc has removed Australian spy drama "Pine Gap" from its services in Vietnam after a complaint from broadcast authorities in the Southeast Asian country about the appearance of a map which depicts Chinese claims in the South China Sea.
Temasek Polytechnic to disperse 3,000 sensors in bid to cut campus carbon footprint
ZDNet
@eileenscyu
Temasek Polytechnic is dispersing at least 3,000 sensors across its campus to churn real-time data that it says can identify potential faults and predict changing conditions. These insights will enable the education institution to make tweaks to its operations for better efficiencies and reduce its carbon emissions.
Singapore, UK begin discussions on digital economy pact
ZDNet
@eileenscyu
Singapore and the United Kingdom have kicked off discussions on a bilateral agreement that aims to facilitate digital trade and new opportunities, including cross-border data flow and use of technologies such as artificial intelligence (AI). The move follows similar pacts Singapore have already inked with Chile and New Zealand.
South & Central Asia
China pledges support to make Pakistan’s capital a smart city
Pakistan Observer
Chinese Ambassador to Pakistan Nong Rong said on Wednesday that full cooperation will be extended to turn Islamabad, the capital of Pakistan, into a smart city.
UK
Stop bowing to Beijing, MPs tell LinkedIn
The Times
@CharlieHParker
LinkedIn is facing pressure from senior MPs and academics to stop “bowing to Beijing” by censoring users who are critical of China. The Times has identified scholars, businessmen, journalists, whistleblowers and a former diplomat whose accounts were blocked in China after the professional networking site found “prohibited content” on their profiles. References on their pages to the Tiananmen Square massacre, criticism of the Chinese Communist Party or support for Uighurs and the independence movements in Hong Kong, Taiwan and Tibet are thought to have led to the accounts being blocked.
UK’s largest chip plant to be acquired by Chinese-owned firm Nexperia amid global semiconductor shortage
CNBC
@Sam_L_Shead
Newport Wafer Fab, the U.K.’s largest chip producer, is set to be acquired by Chinese-owned semiconductor company Nexperia for around £63 million ($87 million) next week, according to two sources close to the deal who asked to remain anonymous because the information is not yet public. Nexperia, a Dutch firm that is 100%-owned by China's Wingtech Technology, told CNBC on Friday that the deal talks are ongoing.
An artists’ levy on tech would solve the UK’s copyright issue
Financial Times
@M_Heffernan
The creative industries are badly remunerated, but a small percentage on gadgets can make things fairer.
Europe
Watching China in Europe - July 2021
GMF Asia
@GMFAsia
The alignment on China coming out of the G7, NATO, and EU-U.S. summits was largely rhetorical. But by creating an array of new structures that—explicitly or not—are focused on the strategic challenges presented by China, the summits created a new geopolitical dynamic that will be difficult to stop. The transatlantic Trade and Technology Council alone created 10 working groups—including on supply chains, export controls, and investment screening—that will consume the attention of the technocrats in Washington and Brussels in the months ahead.
Norway Law Forces Influencers to Label Retouched Photos on Instagram
VICE
@gabriels_geiger
Legislators in Norway have passed new regulations requiring influencers and advertisers to label retouched photos in a bid to fight unrealistic beauty standards.
Dutch court rejects Facebook’s bid to have privacy lawsuit in the Netherlands dismissed
The Verge
@SocialKimLy
A court in Amsterdam ruled that privacy litigation against Facebook in the Netherlands can proceed, rejecting the social network’s bid to have the lawsuit from two non-profit groups thrown out. As TechCrunch reported, the Amsterdam-based Data Privacy Foundation and Dutch consumer advocacy organization Consumentenbond are suing Facebook on behalf of users over what they claim are violations of European Union privacy law.
The Tech Cold War’s ‘Most Complicated Machine’ That’s Out of China’s Reach
The New York Times
@donal888
A $150 million chip-making tool from a Dutch company has become a lever in the U.S.-Chinese struggle. It also shows how entrenched the global supply chain is.
Russia
Americas
Peru’s presidential election turns into a test for social media platforms
The Record
@johnnysaks130
The runner-up in Peru’s presidential run-off is waging a Trump-style disinformation campaign aimed at preventing the country’s electoral authorities from certifying her defeat. But there’s one key difference: Social media companies have taken few steps to label, downgrade, or remove misleading content, sparking a debate about when and how those firms should intervene to prevent baseless allegations of electoral fraud from spiraling into civil unrest.
Middle East
Chinese cyberspies targeted the Afghan National Security Council
The Record
@campuscodi
A Chinese cyber-espionage group has been seen impersonating the office of the Afghan president in attempts to infect members of the Afghanistan National Security Council with malware.
Chinese hackers suspected of using Dropbox to snoop on Afghan officials
CyberScoop
@TonyaJoRiley
Hackers with ties to China have been targeting the emails of Afghan security officials with malware meant to scoop up everything on their desktop, according to a Thursday report from researchers at Check Point. In an example shared by researchers, a hacker sent a malicious file to an official at the Afghanistan National Security Council posing as someone from the administrative office of the president of Afghanistan. The email requested the recipient review an attachment that was purportedly about an upcoming press conference.
Misc
Asia crypto sector stays confident despite China regulatory curbs
Nikkei Asia
@cheskareports @michan_hk
After a period of explosive growth, the tide appears to be turning for bitcoin and other cryptocurrencies as financial watchdogs tighten oversight of the digital asset market. But some exchanges and traders welcome stricter regulation to weed out bad actors, fraud and money laundering, and to help to bring crypto assets into the mainstream.
What happened when a ‘wildly irrational’ algorithm made crucial healthcare decisions
The Guardian
Erin McCormick
Advocates say having computer programs decide how much help vulnerable people can get is often arbitrary – and in some cases downright cruel.
Everyone should decide how their digital data are used — not just tech companies
Nature
@jathansadowski @salome_viljoen_ @mer__edith
Smartphones, sensors and consumer habits reveal much about society. Too few people have a say in how these data are created and used.
Breaking Up Big Tech Is a Messy Proposition
Bloomberg
A collection of commentary examining antitrust laws, how tech companies conduct business and how both are shaping markets.
Research
Chinese overseas promotion of ‘smart city’ technologies
Swedish Center for China Studies
Miriam Tardell
China has used the covid-19 pandemic as an opportunity to promote domestic smart city technologies, exporting such systems all over the world. Chinese state media claim that China’s high-tech anti-epidemic measures (the Chinese solution) are the most efficient in the world. These “solutions” are described as a reflection of China’s systemic advantages.
A Global Smart-City Competition Highlights China’s Rise in AI
WIRED
Chinese entrants swept all five categories, featuring technologies to improve civic life. But the advances could also be tools for surveillance.
Knowledge base: Blockchain-based Service Network (BSN, 区块链服务网络)
Stanford Cyber Policy Center
Mikk Raud
In April 2020, the Chinese government launched the Blockchain-based Service Network (BSN), which is defined on its website as "common infrastructure for the deployment and operation of blockchain applications globally."
A new ‘digital violence’ platform maps dozens of victims of NSO Group’s spyware
TechCrunch
@zackwhittaker
For the first time, researchers have mapped all the known targets, including journalists, activists, and human rights defenders, whose phones were hacked by Pegasus, a spyware developed by NSO Group.
Events
ASPI Webinar: In-conversation with Will Cathcart, Head of WhatsApp
ASPI
ASPI's International Cyber Policy Centre is delighted to invite you to the webinar 'In-conversation with Will Cathcart, Head of Whatsapp'. Join Fergus Hanson in a 'fireside chat' with the CEO of WhatsApp Will Cathcart as they discuss the big issues facing the world’s largest messaging service. This webinar will include Q&A with the online audience. How do we balance requirements for safety, privacy and security? Why does WhatsApp use end-to-end encryption and how has WhatsApp evolved to combat misinformation? Join us at 10am on Thursday, 8 July to take part in this important conversation.
Jobs
ICPC Senior Analyst or Analyst - Information operations & disinformation
ASPI ICPC
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive senior analyst or analyst to join its centre. The successful candidate will work with a small, high-performing team to produce original research and analysis centred around policy responses to information operations and disinformation by state and non-state actors. They will also work with senior staff in the centre to engage globally with governments, social media and Internet companies.
ICPC Analyst or Senior Analyst - Cyber & technology
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for an exceptional cyber-security or technology focused analyst or senior analyst to join its centre in 2021. Please note that interviews have commenced for this position and will continue until the end of June. This role will focus on policy relevant cybersecurity analysis, informed public commentary and either original data-heavy research and/or technical analysis. Analysts usually have around 7-15 years work experience. Senior analysts usually have a minimum of 15 years relevant work experience and tend to be involved in staff and project management, fundraising and stakeholder engagement.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.