Senate Democrats unveil new online privacy bill | Workers at Israeli surveillance firm NSO sue Facebook for blocking private accounts | Commerce Department issues proposed rule to secure communication
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
US Senate Democrats on Tuesday proposed tough new punishments for Facebook, Google and other Silicon Valley tech giants that mishandle their users’ personal data, unveiling a sweeping new online privacy bill that aims to provide people their “Miranda rights” for the digital age. The Washington Post
A group of employees from Israeli surveillance firm NSO Group filed a lawsuit against Facebook Inc on Tuesday, saying the social media giant had unfairly blocked their private accounts when it sued NSO last month. Reuters
The Commerce Department on Tuesday issued a proposed rule aimed at securing the nation’s information and communications supply chain from foreign threats. The proposed rule lays out the procedures for the secretary of Commerce to follow in evaluating potential security threats posed by foreign-owned or foreign-operated companies seeking to do business with U.S. companies that involve the information and communications technology and services (ICTS) supply chain. The Hill
ASPI ICPC
New Report: The China Defence Universities Tracker
The China Defence Universities Tracker
‘The China Defence Universities Tracker: Exploring the military and security links of China’s universities’ is the ASPI International Cyber Policy Centre’s latest report informing decision makers and the public on the issue of research collaboration with China.
The report accompanies the China Defence Universities Tracker website, a public database of the defence and security links of over 160 Chinese universities, defence companies and research institutes. It provides granular detail on any defence research these institutions are engaged in and is designed as a tool to inform universities and policymakers. It is designed to raise awareness of the risk that engagement with these institutions could contribute to military technologies, the security apparatus or human rights abuses.
You can watch the launch of the Tracker here
Chinese spying allegations increase pressure on national security community to claim scalps
ABC News
@AndrewBGreene
"Ultimately I think the next thing we're going to be looking at is a prosecution," predicts leading China analyst Alex Joske, from the Australian Strategic Policy Institute. “Foreign interference laws have been introduced, we have transparency schemes for people acting on behalf of foreign governments to register themselves on, but to date there haven't been prosecutions of people carrying out foreign interference in Australia. Yet every day we're getting more evidence that it is happening."
Teen's TikTok video about China's Muslim camps goes viral
BBC News
@LeoKelion
A US teenager's TikTok video clip accusing China of putting Muslims into "concentration camps" has gone viral on the Chinese-owned social network. The post appears to be about beauty tips at its start - but the young woman then changes tack to ask her viewers to raise awareness of what she describes as a "another Holocaust". Feroza Aziz later tweeted that TikTok had blocked her from posting new content, as a result. Others have picked up on her posts, including a member of the Australian Strategic Policy Institute think tank, who called Ms Aziz's use of TikTok "creatively subversive".
A Teen Was Not Banned For Her TikTok About China's Concentration Camps But For Making A Dark Thirst Joke About Bin Laden, BuzzFeed News
John Garnaut joins ASPI as a Senior Fellow
ASPI
@jgarnaut
John Garnaut is an authority on Chinese elite politics and Chinese Communist Party interference and technology transfer programs. John was previously Fairfax's China's correspondent (2007-13) and Asia-Pacific Editor (2014-15), Senior Advisor to Prime Minister Malcolm Turnbull (Nov 2015 - Sept 2016), and Principal Advisor (International) at the Department of the Prime Minister and Cabinet where he led the Governments analysis and policy response to authoritarian interference (Oct 2016 - Jun 2017). He is the founder of Garnaut Global where he provides strategic advice to Australian and allied government agencies and international hedge funds. He is also a senior consultant with McGrathNicol Advisory, where he leads enhanced due diligence services and advises universities and corporations on managing compliance with foreign interference legislation. He is a member of the Futures Council of the ANU National Security College and also a member of the Advisory Board for a project on Russian and Chinese disinformation at the Center for Strategic & International Studies.
The World
U.S. Tech Companies Prop Up China’s Vast Surveillance Network
The Wall Street Journal
@Liz_in_Shanghai and @joshchin
Critical pieces of China’s cutting-edge surveillance state share a connection. They came from America. Some of the biggest names in U.S. technology have provided components, financing and know-how to China’s multibillion-dollar surveillance industry. The country’s authoritarian government uses those tools to track ethnic minorities, political dissidents and others it sees as a threat to its power—including in Xinjiang, where authorities are creating an all-seeing digital monitoring system that feeds into a network of detention camps for the area’s Muslims
Distrust but verify: How the U.S. and China can work together on advanced technology
SupChina
Cliff Kupchan and @pstAsiatech
Competition between Beijing and Washington for supremacy in advanced technology is now in full swing.
UN Secretary-General: US-China Tech Divide Could Cause More Havoc Than the Cold War, Wired
The surveillance industry is assisting state suppression. It must be stopped
The Guardian
@davidakaye
The power and reach of private spyware companies is the stuff of dystopian fiction.
Assessing the Russian Internet Research Agency’s impact on the political attitudes and behaviors of American Twitter users in late 2017
PNAS
While numerous studies analyze the strategy of online influence campaigns, their impact on the public remains an open question. We investigate this question combining longitudinal data on 1,239 Republicans and Democrats from late 2017 with data on Twitter accounts operated by the Russian Internet Research Agency. We find no evidence that interacting with these accounts substantially impacted 6 political attitudes and behaviors.
Individual effects of interacting with Russian IRA accounts on political attitudes and behavior by level of news interest using BCFs.
Read a twitter thread on the research here
Australia
APS agencies slow to roll out cyber security
The Canberra Times
@dougdingwall
More than a third of federal government agencies aren't taking steps needed to defend against cyber attacks, a new snapshot reveals.
Telstra calls for Australia to undergo national cyber stocktake
ZDNet
@dobes
Australia's incumbent telco Telstra is calling upon the government to take the pulse of Australia's cyber posture, by way of a national stocktake and cyber check survey.
Uni IT chiefs want an 'Aussie lamb campaign' approach to cyber awareness
iTnews
Matt Johnston
The IT chiefs of Australian universities have endorsed Sam Kekovich’s over-the-top Aussie lamb ads as an example of best practice behaviour change campaigns that could be emulated to boldly bolster the nation’s cyber security attitude.
US
Top Senate Democrats unveil new online privacy bill, promising tough penalties for data abuse
Washington Post
@TonyRomm
Senate Democrats on Tuesday proposed tough new punishments for Facebook, Google and other Silicon Valley tech giants that mishandle their users’ personal data, unveiling a sweeping new online privacy bill that aims to provide people their “Miranda rights” for the digital age. The effort, led by Sen. Maria Cantwell, a Washington state Democrat who previously worked in the tech industry, marks a significant attempt by Congress to write the country’s first-ever national consumer-privacy law after years of false starts — and massive data scandals that illustrated the costs of the U.S. government’s inaction.
Read a summary of the what the Consumer Online Privacy Rights Act would do, @JustinBrookman
Protecting users from government-backed hacking and disinformation
Google
@ShaneHuntley
Google's Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. This is an area we have invested in deeply for over a decade. Our daily work involves detecting and defeating threats, and warning targeted users and customers about the world’s most sophisticated adversaries, spanning the full range of Google products including Gmail, Drive and YouTube. In the past, we’ve posted on issues like phishing campaigns, vulnerabilities and disinformation. Going forward, we’ll share more technical details and data about the threats we detect and how we counter them to advance the broader digital security discussion.
Commerce Department issues proposed rule to secure communications supply chain
The Hill
@magmill95
The Commerce Department on Tuesday issued a proposed rule aimed at securing the nation’s information and communications supply chain from foreign threats. The proposed rule lays out the procedures for the secretary of Commerce to follow in evaluating potential security threats posed by foreign-owned or foreign-operated companies seeking to do business with U.S. companies that involve the information and communications technology and services (ICTS) supply chain.
Twitter will remove inactive accounts and free up usernames in December
The Verge
@chriswelch
Twitter is sending out emails to owners of inactive accounts with a warning: sign in by December 11th, or your account will be history and its username will be up for grabs again. Any account that hasn’t signed in for more than six months will receive the email alert.
US senator to investigate if foreign spyware used to target Americans
The Guardian
@skirchy and @jonswaine
An influential US senator has told the Guardian he is examining the possible hacking of US citizens with technology sold by the NSO Group and other foreign surveillance companies, an issue he said raised “serious national security issues”.
Facebook was mystery firm bidding against Google to buy Fitbit, sources say
CNBC
@sherman4949 and @chrissyfarr and @sal19
Facebook is the mystery “Party A” revealed in an SEC filing that bid several times to acquire health wearables maker Fitbit, including a best and final offer of $7.30 per share, according to people familiar with the matter.
NZ
Massey working with Chinese firm blacklisted over human rights
Newsroom
@SamSachdevaNZ
As New Zealand joins nations criticising China for its detention and surveillance of Uighur Muslims, one of our universities is continuing to work with a Chinese firm blacklisted by the US for providing technology to help with the Uighur crackdown.
South Asia
India wants to increase capacity at Kudankulam. But our nuclear facilities must be resilient to cyberattacks first
ET Prime
@SandhyaETprime
India has an audacious civil nuclear programme in the works and has joined hands with over a dozen global powers including the US, France, Russia, and the UK to make it possible. But all this could come undone if the country can’t convince the world that its nuclear assets are protected from cyber threats. Russia already seems concerned.
Europe
Europe police agency hits Islamic State servers in blow to jihadist publicity
Reuters
Belgian prosecutors have knocked out several internet servers used by Islamic State, shutting a large number of accounts and websites run by its news arm, in an operation led by Europe’s police agency, the Belga press agency reported on Monday.
The people, not governments, should exercise digital sovereignty
Financial Times
@johnthornhillft
Europe’s leaders are right to worry about Big Tech but the answer is not to over-regulate.
Russia
Russia’s AI Quest is State-Driven — Even More than China’s. Can It Work?
Defense One
@SamBendett
More than Western governments and even more than China’s, the Russian government is trying to position itself as a facilitator of innovation in artificial intelligence, the technology that Vladimir Putin said will lead whoever masters it to global advantage.
Americas
Pemex Communications Still Spotty After Crippling Cyberattack
Bloomberg
@amystillman
Some of Petroleos Mexicanos’s communication systems are still affected two weeks after a cyberattack hit Mexico’s beleaguered state oil firm.
Middle East
Workers at Israeli surveillance firm NSO sue Facebook for blocking private accounts
Reuters
@StevenMScheer
A group of employees from Israeli surveillance firm NSO Group filed a lawsuit against Facebook Inc on Tuesday, saying the social media giant had unfairly blocked their private accounts when it sued NSO last month.
Misc
Amazon’s Ring Planned Neighborhood “Watch Lists” Built on Facial Recognition
The Intercept
@samfbiddle
Rind, Amazon's Crimefighting surveillance camera division, has crafted plans to use facial recognition software and its ever-expanding network of home security cameras to create AI-enabled neighborhood “watch lists,” according to internal documents reviewed by The Intercept.
A hacking group is hijacking Docker systems with exposed API endpoints
ZD Net
@campuscodi
It's almost 2020 and some sysadmins are still leaving Docker admin ports exposed on the internet.
New Technique Allows Ransomware to Operate Undetected
Security Week
@IonutArghire
A recently discovered technique allows ransomware to encrypt files on Windows-based systems without being detected by existing anti-ransomware products, Nyotron security researchers warn.