Suspected Chinese hackers stole camera footage from African Union | Israeli spy firm suspected of accessing global telecoms via Channel Islands | NEW ICPC REPORT: The influence environment
Suspected Chinese hackers stole camera footage from African Union | Israeli spy firm suspected of accessing global telecoms via Channel Islands | NEW ICPC REPORT: The influence environment
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Acting on a tip from Japanese cyber researchers, the African Union’s (AU) technology staffers discovered that a group of suspected Chinese hackers had rigged a cluster of servers in the basement of an administrative annex to quietly siphon surveillance videos from across the AU’s sprawling campus in Addis Ababa, Ethiopia’s capital.. Chinese workers built the AU’s showpiece new conference center in 2012 and Chinese technicians still help maintain the organization’s digital infrastructure. Reuters
The Israeli private intelligence company Rayzone Group appears to have had access to the global telecommunications network via a mobile operator in the Channel Islands in the first half of 2018, potentially enabling its clients at that time to track the locations of mobile phones across the world. The Guardian
NEW REPORT: The influence environment: A survey of Chinese-language media & WeChat in Australia. Four of the 24 Australian media companies studied in this report show evidence of CCP ownership or financial support. We identified connections to the CCP’s united front system in 17 of the 24 companies. WeChat—a Chinese social media app created by Tencent—may be driving the most substantial and harmful changes ever observed in Australia’s Chinese-language media sector. ASPI ICPC
ASPI ICPC
NEW ICPC REPORT: The influence environment
ASPI ICPC
In the past two decades, Australia’s Chinese-language media landscape has undergone fundamental changes that have come at a cost to quality, freedom of speech, privacy and community representation. The diversity of Australia’s Chinese communities, which often trace their roots to Hong Kong, Southeast Asia and Taiwan as well as the People’s Republic of China, isn’t well reflected in the media sector.
A new report by ASPI’s International Cyber Policy Centre finds that Chinese Communist Party (CCP) influence is widespread in Australia’s Chinese-language media sector. A handful of outlets, such as the ABC and SBS, generally offer high-quality coverage of a range of issues, but the CCP has successfully targeted individual outlets while also manipulating market incentives through advertising, coercion and WeChat. Four of the 24 Australian media companies studied in this report show evidence of CCP ownership or financial support. We identified connections to the CCP’s united front system in 17 of the 24 companies.
WeChat—a Chinese social media app created by Tencent—may be driving the most substantial and harmful changes ever observed in Australia’s Chinese-language media sector. WeChat is particularly important to Chinese Australians and helps people stay connected to friends and family in China. It’s also the most popular platform used by Chinese Australians to access news. However, WeChat raises concerns because of its record of censorship, information control and surveillance, which align with Beijing’s objectives. Media outlets on WeChat face tight restrictions that facilitate CCP influence by pushing the vast majority of news accounts targeting Australian audiences to register in China. Australian-registered WeChat accounts for media can only post four times a month, while ones registered in China can post daily but are subject to even greater censorship and must be registered through a Chinese company or individual.
This report contains policy recommendations designed to both help the Australian Government protect Chinese-language media from foreign interference while also introducing measures to support the growth of an independent and professional media sector.
How WeChat is helping the CCP control Australian media outlets The Sydney Morning Herald @Gallo_Ways
Chinese Communist Party tied to local media outlets The Australian @bennpackham
Australia
Australia sues Facebook over its use of Onavo to snoop
TechCrunch
Yet more trouble brewing for Facebook: Australia’s Competition and Consumer Commission (ACCC) is suing the tech giant over its use, in 2016 and 2017, of the Onavo VPN app to spy on users for commercial purposes.
Australian startups hope Ellume's success will help tap global markets
The Sydney Morning Herald
Australian startups at the cutting edge of rapid diagnostic testing say a decision from US regulators to approve an at-home COVID-19 test from Brisbane biotech Ellume will help unlock global markets for local firms.
Hack was hard lesson: School counts cost of cyber attack
Newcastle Herald
Newcastle Grammar School will find out this week if any of its data has been stolen, following a ransomware cyber attack which saw criminals encrypt and destroy part of its network.
China
Uighur repression ‘turbocharged by technology,’ confidential documents show
ICIJ
Researchers uncover new details on how apps and tech companies like Zapya, Huawei and Megvii contribute to China’s surveillance and mass internment program in Xinjiang.
This is the year Hong Kong began speaking the Communist Party’s authoritarian language
Quartz
Hong Kong officials are also mirroring the Communist Party’s belligerent style of deflecting criticisms with a mix of bulldozing and gaslighting—in one instance rewriting a widely witnessed seminal moment of the protests. Long a staple in China’s propaganda and government statements, the Hong Kong government has similarly taken to countering any claims that it dislikes by labelling them as false, with phrases like “misled,” and “distorted” seeing marked increases—while the term “fake news” made its debut in 2019 and became even more common in 2020.
US
Facebook Attacks Apple Software Changes in Newspaper Ads
Bloomberg
@KurtWagner8 @markgurman
Facebook Inc. lashed out at Apple Inc. in a series of full-page newspaper ads, claiming the iPhone maker’s coming mobile software changes around data gathering and targeted advertising are bad for small businesses.
SolarWinds hides list of high-profile customers after devastating hack
The Verge
@russellbrandom
SolarWinds has removed a list of high-profile clients from its website in the wake of a massive breach. The list was hosted on “Customers” page of the company’s website and is easily accessible through its Google cache. But the page has been deleted from the site itself, suggesting the company may be trying to obscure its clients in an effort to protect them from bad publicity. Google’s cache shows that the page was still live as of Monday morning (roughly 11AM ET). SolarWinds did not respond to a request for clarification.
Investors in breached software firm SolarWinds traded $280 million in stock days before hack was revealed
The Washington Post
The timing of the trades raises questions about whether major shareholders used inside information to avoid stark losses after the attack. The company’s share price has plunged roughly 22 percent since its role in the breach was revealed.
Governor Baker, regulating facial recognition technology is a racial justice issue
Boston Globe
Baker’s rejection of this section of the police reform bill is deeply troubling because this technology supercharges racial profiling by police and has resulted in the wrongful arrests of innocent people.
Trump Twitter ‘hack’: Police accept attacker's claim
BBC
Dutch prosecutors have found a hacker did successfully log in to Donald Trump's Twitter account by guessing his password - "MAGA2020!" But they will not be punishing Victor Gevers, who was acting "ethically".
“I started crying”: Inside Timnit Gebru’s last days at Google—and what happens next
Technology Review
@_KarenHao
By now, we’ve all heard some version of the story. On December 2, after a protracted disagreement over the release of a research paper, Google forced out its ethical AI co-lead, Timnit Gebru. The paper was on the risks of large language models, AI models trained on staggering amounts of text data, which are a line of research core to Google’s business. Gebru, a leading voice in AI ethics, was one of the only Black women at Google Research.
North Asia
S. Korea's ICT exports up for 6th straight month in Nov. on chips, displays
Korea Herald
South Korea's exports of information and telecommunication products surged 15.8 percent in November from a year earlier, extending their rise for the sixth consecutive month, data showed Tuesday, on the back of robust overseas demand for memory chips and display products amid the pandemic.
The Pacific
‘Digital colonisation': A tiny island nation just launched a major effort to win back control of its top-level internet domain
Business Insider
@jckkrr
A tiny island microstate has today launched proceedings that could have profound repercussions for who controls the internet. The Government of Niue, a tiny island 2,400 kilometres northeast of New Zealand, has demanded a “redelegation” of its national webspace, .nu, from the Internet Corporation for Assigned Names and Numbers (ICANN), the supranational non-profit that coordinates top-level domains to ensure the stable operation of the internet.
UK
Facebook to move UK users to California terms, avoiding EU privacy rules
Reuters
Facebook Inc will shift all its users in the United Kingdom into user agreements with the corporate headquarters in California, moving them out of their current relationship with Facebook's Irish unit and out of reach of Europe's privacy laws.
Europe
Huawei Gets Conditional Green Light in Germany as Government Approves Security Bill
The Wall Street Journal
@berlindiary @stuwoo
The German government Wednesday moved closer to allowing the use of Huawei’s technology in 5G mobile networks, giving the Chinese company a small victory on a European continent increasingly aligned with the Trump administration’s anti-Huawei views.
Middle East
Israeli spy firm suspected of accessing global telecoms via Channel Islands
The Guardian
@skirchy @dansabbagh
The Israeli private intelligence company Rayzone Group appears to have had access to the global telecommunications network via a mobile operator in the Channel Islands in the first half of 2018, potentially enabling its clients at that time to track the locations of mobile phones across the world.
Africa
Suspected Chinese hackers stole camera footage from African Union
Reuters
As diplomats gathered at the African Union’s headquarters earlier this year to prepare for its annual leaders’ summit, employees of the international organization made a disturbing discovery. Someone was stealing footage from their own security cameras. Acting on a tip from Japanese cyber researchers, the African Union’s (AU) technology staffers discovered that a group of suspected Chinese hackers had rigged a cluster of servers in the basement of an administrative annex to quietly siphon surveillance videos from across the AU’s sprawling campus in Addis Ababa, Ethiopia’s capital.. Chinese workers built the AU’s showpiece new conference center in 2012 and Chinese technicians still help maintain the organization’s digital infrastructure.
Misc
The gig workers taking legal action to regain control of their data
Thomson Reuters Foundation
@UmbertoBacchi
From Britain to India, gig workers are fighting back against what they say is increased surveillance and control by platforms like Uber and Zomato.
Research
Desecuritising cybersecurity: towards a societal approach
Journal of Cyber Policy
Cybersecurity is often treated as a national security issue with responses to attacks implemented by military and intelligence agencies. This has created path dependencies in which tensions between the private sector and government have continued, where over-classification of cyberthreats has occurred, and where the broader societal impacts of malicious use of the internet have been underestimated. Drawing on the societal security concept established by the Copenhagen School of International Relations, we seek to reframe cybersecurity theory and policy.