Simeon Gilding on the UK's 5G decision / Leaked report shows United Nations suffered hack / Home Affairs report reveals deeper problems with Australia's encryption laws
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The Brits have “doubled down on a flawed and outdated cybersecurity model to convince themselves that they can manage the risk that Chinese intelligence services could use Huawei’s access to UK telco networks to insert bad code, writes Simeon Gilding. The Strategist
Sophisticated hackers infiltrated U.N. networks in Geneva and Vienna last year in an apparent espionage operation that top officials at the world body kept largely quiet. AP
The first seven months of Australia's controversial encryption laws didn't see an explosion of decryptions. Worry instead about the cops bypassing judges to get their interception warrants approved. ZDNet
ASPI ICPC
Boris Johnson faces questions from his own MPs over Huawei decision
The Sydney Morning Herald
@latikambourke
Simeon Gilding a top figure at the Australian Signals Directorate which provided the advice for the Turnbull government's ban said this was wrong. "The hyperconnected, transformational 5G future marketed by the telcos can only be realised if there is no distinction between core and edge," he said in a detailed article for the Australian Strategic Policy Institute. Gilding said even in this environment, the main threat was not interception which could be prevented by strong encryption, but by a hostile takeover of the equipment to divert or shut down the network.
5G choices: a pivotal moment in world affairs
The Strategist
@SimeonGilding
It is disappointing that the Brits are doing the wrong thing on 5G, having not exhausted other possibilities. Instead they have doubled down on a flawed and outdated cybersecurity model to convince themselves that they can manage the risk that Chinese intelligence services could use Huawei’s access to UK telco networks to insert bad code. 5G decisions reflect one of those quietly pivotal moments that crystallise a change in world affairs.. I was part of the team in the Australian Signals Directorate that tried to design a suite of cybersecurity controls that would give the government confidence that hostile intelligence services could not leverage their national vendors to gain access to our 5G networks. We developed pages of cybersecurity mitigation measures to see if it was possible to prevent a sophisticated state actor from accessing our networks through a vendor. But we failed. We asked ourselves, if we had the powers akin to the 2017 Chinese Intelligence Law to direct a company which supplies 5G equipment to telco networks, what could we do with that and could anyone stop us? We concluded that we could be awesome, no one would know and, if they did, we could plausibly deny our activities, safe in the knowledge that it would be too late to reverse billions of dollars’ worth of investment. And, ironically, our targets would be paying to build a platform for our own signals intelligence and offensive cyber operations.
Simeon Gilding is a senior fellow at ASPI and, until December 2019, was the head of the Australian Signals Directorate’s signal intelligence and offensive cyber missions.
Australia won't withhold intel from Brits despite Huawei split
AFR
@andrewtillett
Australian Strategic Policy Institute cyber policy director Fergus Hanson said the UK decision would affect the intelligence relationship at the margins. “This is a blow to the trust that underpins the Five Eyes network," he said. “The UK is sacrificing national security and broader strategic imperatives for short-term economic gain."
Huawei Australia eyes 5G reprieve
The Australian
@SupratimA
Despite the win in the UK, Huawei’s chances of reviving its 5G fortunes in Australia are negligible, according to Tom Uren, a senior analyst with the Australian Strategic Policy Institute (ASPI). “My impression is that this is done and dusted, people aren’t that interested,” he told The Australian. “It’s unlikely the government will change its mind, there’s no appetite for it.”
Canberra concerned about Britain's decision to open 5G door to Huawei
The Sydney Morning Herald
@Gallo_Ways
A senior analyst at the Australian Strategic Policy Institute's International Cyber Policy Centre, Tom Uren, said excluding Huawei from "security-critical" areas of the network was "risk mitigation" but "not a safeguard". “The first and often hardest step in compromising a network is having a foothold to build upon, and it becomes very hard to defend a network once attackers are operating within it," he said.. Mr Uren said intelligence agencies spent a lot of time guaranteeing they can communicate securely and they should still have good reasons to share information, but the broader relationship between the US and Britain could be damaged. He said Britain's decision also highlighted the lack of choice in the supply of equipment to mobile operators for their 5G networks.
The World
The cyber attack the UN tried to keep under wraps
The New Humanitarian
@BenParker140
The UN did not publicly disclose a major hacking attack into its IT systems in Europe – a decision that potentially put staff, other organisations, and individuals at risk, according to data protection advocates.. Dozens of UN servers – including systems at its human rights offices, as well as its human resources department – were compromised and some administrator accounts breached, according to a confidential UN report obtained by The New Humanitarian. The breach is one of the largest ever known to have affected the world body.
Australia
Home Affairs report reveals deeper problems with Australia's encryption laws
ZDNet
@Stilgherrian
The first seven months of Australia's controversial encryption laws didn't see an explosion of decryptions. Worry instead about the cops bypassing judges to get their interception warrants approved.
‘Embarrassingly slow’: Australia’s broadband internet ranked fourth slowest in OECD
The New Daily
Australia has fallen to 68th in global internet speed rankings, making it the fourth slowest country for broadband in the Organisation for Economic Co-operation and Development (OECD).
USA
Warren issues new disinformation pledge, promising to hold Facebook, Google and Twitter responsible
The Washingotn Post
@tonyromm @isaacstanbecker
Democratic presidential candidate Elizabeth Warren pledged Wednesday that her campaign would not share falsehoods or promote fraudulent accounts on social media, part of a new plan to battle back disinformation and hold Facebook, Google and Twitter “responsible” for its spread.
One year inside Trump's monumental Facebook campaign
The Guardian
@juliacarriew
A Guardian investigation of 218,100 ads reveals how the campaign’s sophisticated social media machine targets conservative voters.
Department of Interior grounding drone fleet over cybersecurity concerns
CyberScoop
@shanvav
The secretary of the Interior issued an order Wednesday grounding all of the Department of the Interior’s non-emergency drones so the agency can assess potential cybersecurity concerns before operating the devices any further.
Apple Ends AI Startup’s Work on ‘Project Maven’ After Acquisition
The Information
@nickwingfield @ashleyrgold
Big technology companies like Microsoft, Amazon and Google have jockeyed to secure lucrative contracts supplying their products and services to the military. Apple, though, has shown less interest in the market. And when it recently bought a startup that was working on a controversial Pentagon project, Apple ended that company’s work on the project, The Information has learned.
South Asia
India most attacked in the online sphere: National Cyber Security Coordinator Lt Gen Rajesh Pant
The New Indian Express
Pant said that the huge number of users, not cyber hygiene, is the main reason for such attacks on cyberspace.
UK
Britain thumbs nose at Australia, US, with Huawei 5G decision
The Sydney Morning Herald
@latikambourke
Huawei Australia was quick off the blocks, warmly praising UK Prime Minister Boris Johnson’s decision to allow the Chinese telecommunications company to supply parts of Britain’s 5G network..Thanks to Boris Johnson, who claims to be an Australia-phile, Huawei can now credibly pit a Western power against its own ally citing Britain's "evidence-based decision" as it attempts to expand internationally.. The Huawei decision will be put to the Commons in the form of legislation and rebel MPs are hopeful of an opportunity to amend the bill to impose stricter conditions targetting Huawei. Any extra controls imposed on him by the Commons may enable Johnson to save face with Beijing when he goes knocking on their door for the trade deal, while at the same time reducing Britain’s exposure to Huawei, which everyone agrees, cannot be undone overnight.
Huawei: Pompeo urges UK to 'relook' at decision ahead of UK visit BBC News
Don't be misled; the Huawei affair is a lot of paranoid fuss about nothing The Telegraph
UK minister met surveillance firm accused of enabling Uighur abuses
The Guardian
A government trade minister held a one-on-one meeting with a facial recognition firm accused of enabling the Chinese government’s campaign of persecution against Uighur Muslims, the Guardian and the Bureau of Investigative Journalism have established.
Europe
Cybersecurity of 5G networks - EU Toolbox of risk mitigating measures
Digital Single Market - European Commission
The objectives of this toolbox are to identify a possible common set of measures which are able to mitigate the main cybersecurity risks of 5G networks, and to provide guidance for the selection of measures which should be prioritised in mitigation plans at national and at Union level. It does this in order to create a robust framework of measures with a view to ensure an adequate level of cybersecurity of 5G networks across the EU and coordinated approaches among Member States.
Document: Commission drops considerations for temporary face recognition ban
Politico Pro
EU will instead pitch ‘specific requirements’ for technology that analyzes body parts to identify individuals from stored data.
Misc
QAnon-ers’ Magic Cure for Coronavirus: Just Drink Bleach!
The Daily Beast
As the global death toll from an alarming new coronavirus surged this week, promoters of the pro-Trump QAnon conspiracy theory were urging their fans to ward off the illness by purchasing and drinking dangerous bleach.
Jobs & Opportunities
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and passionate technically-focused analyst to join its growing centre. We are looking for a creative and passionate individual who can contribute unique technical skills to work across a range of projects in the centre. This individual may possess skills and experience in one or more of the following areas including malware analysis, reverse-engineering, data analysis and web scraping (for work on online disinformation for example) and/or a deep technical knowledge of critical technologies. The successful candidate will be offered a remuneration package at a level aligned with their demonstrated skills and expertise. This is a contract position for an initial 1 year term with the option of extension. At any one time ASPI has multiple people working at the institute who are on secondments or unpaid leave from the Australian Public Service (APS). Similar arrangements - including secondments - can be negotiated in this instance pending approval from the APS department/agency.
Researcher – Cyber, Technology, Asia-Pacific
ASPI’s International Cyber Policy Centre has an outstanding opportunity for an emerging researcher to join its growing centre and work directly with the ICPC Director. Staff in the centre have diverse backgrounds and are usually involved in several projects at once. We are looking for a team member with a flexible, entrepreneurial approach, who is a self-starter, has the ability to deliver to deadlines and enjoys working in a collaborative team environment. Foreign languages (particularly Asian languages) and social media analysis skills are desirable but not essential. We are looking for a creative and passionate individual who can work collaboratively in a team environment to support the centre’s program of work. This will include working with a variety of centre staff to conduct research on a range of priority projects, on project coordination and administration, working to facilitate international fellowships, supporting public and private events and engaging with key stakeholders.
ASD is seeking two highly motivated, outcome-driven senior executives.
Policy Advisor (Electorate Officer)
Tim Watts MP
I'm now accepting applications for a Policy Advisor based in my Footscray electorate office (6kms from the Melbourne CBD).
Open Grants Process – Cyber Cooperation Program
Department of Foreign Affairs and Trade
The Department of Foreign Affairs and Trade is pleased to invite project proposals for Australia's Cyber Cooperation Program. The Cyber Cooperation Program provides the framework to partner with countries in the Indo-Pacific region so they are equipped to respond to the opportunities and challenges presented by the growth of the global Internet and digital technologies.