The Australians who hacked the Islamic State | The longest Internet shutdown in a democracy | Medicare details of AFP commissioners for sale
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Inside the secret hack that infiltrated, and then tore down, Islamic State's propaganda unit… The Australian Signals Directorate (ASD), one of the nation's most secretive organisations. It describes itself as operating "in the slim area between the difficult and impossible" and is responsible for foreign signals intelligence and cyber warfare. In simple terms, it spies on people or groups offshore who are a threat to Australians and, when required, launches cyber-attacks to disrupt, control or destroy. ABC
The shutdown, which entered its 134th day Monday, is now the longest ever imposed in a democracy, according to Access Now, an international advocacy group that tracks Internet suspensions. Only authoritarian regimes such as China and Myanmar have cut off the Internet for longer. The Washington Post
The Medicare card details of three former Australian Federal Police commissioners were advertised for sale on a dark web marketplace, a revelation likely to raise further concerns about the integrity of Medicare card information. ABC
The World
Selling off online domain names threatens internet governance
FT
@MarietjeSchaake
Civil society groups and non-profits, up in arms about what they see as an unwarranted privatisation, are rushing out protest letters and petitions. They hope to reverse the deal, which threatens the foundations of their online presence. However, it seems unlikely the agreement will be stopped. The Internet Corporation for Assigned Names and Numbers (Icann), the body with ultimate responsibility for internet addressing, could raise objections, but so far has not done so. Meanwhile, it remains to be seen whether a $1.1bn endowment will be sufficient to offset ISOC’s self-inflicted reputational damage.
Fintech: the rise of the Asian ‘super app’
FT
@mjruehl @JKynge
The sheer scale of the fintech groundswell is captured by the number of start-ups across Asia. Almost 800 companies have received financing from venture capital and private equity houses since December 2016, according to data compiled by the Asian Venture Capital Journal. China leads the way, with 266 fintech start-ups. India is second with 190 while south-east Asia ranks third with 183. Some 44 are in Indonesia and 86 in Singapore, according to AVCJ numbers.
Australia
The anonymous Australians who hacked into the Islamic State and attacked its propaganda
ABC News
@StephieBorys
Inside the secret hack that infiltrated, and then tore down, Islamic State's propaganda unit... Sarah works for the Australian Signals Directorate (ASD), one of the nation's most secretive organisations. It describes itself as operating "in the slim area between the difficult and impossible" and is responsible for foreign signals intelligence and cyber warfare. In simple terms, it spies on people or groups offshore who are a threat to Australians and, when required, launches cyber-attacks to disrupt, control or destroy.
Medicare card details of former Australian Federal Police commissioners available on the dark web
ABC News
@FarrellPF
The Medicare card details of three former Australian Federal Police commissioners were advertised for sale on a dark web marketplace, a revelation likely to raise further concerns about the integrity of Medicare card information.
China
She Accused a Tech Billionaire of Rape. The Chinese Internet Turned Against Her.
NYT
@LiYuan6
Liu Jingyao, a college student, describes what it’s like to be slut-shamed by 800 million people.
One Country, One Censor: How China undermines media freedom in Hong Kong and Taiwan
Committee to Protect Journalists
Understanding how China tries to influence the media is a first step to preserve press freedom. Hong Kong and Taiwan are on the frontlines of this battle. In deeply polarized Hong Kong, journalists are under pressure as independent outlets struggle to counteract strong pro-Beijing influence. And Taiwan must navigate how to maintain its openness and press freedom while fending off Beijing’s vast resources and technological prowess. A special report by the Committee to Protect Journalists.
China’s ‘magical reality’ is a growing threat
The Globe and Mail
@wang_maya
Beijing’s mistreatment of Turkic Muslims in Xinjiang, the people of Hong Kong, and now foreign diplomatic staff should be a warning for all.
US
Peter Thiel at Center of Facebook’s Internal Divisions on Politics
WSJ
@EmilyGlazer @dseetharaman, Jeff Horwitz
Billionaire investor thinks political-ad policy shouldn’t change; some directors and executives disagree.
What does your car know about you and your data?
Washington Post
@geoffreyfowler
Our privacy experiment found hundreds of sensors and an always-on Internet connection. Driving surveillance is becoming very hard to avoid.
Ransomware 'Crisis' in US Schools: More Than 1,000 Hit So Far in 2019
Dark Reading
@kjhiggins
Ransomware attacks have continued pummeling US schools, with 11 new school districts — 226 schools — hit since October, while major US cities such as New Orleans and Pensacola gradually recover from attacks this month.
North Asia
Taiwan is battling a wave of online disinformation from China
LA Times
@aliceysu
Thousands of lies flood social media every day in Taiwan, a new frontier of information warfare. Scholars say the island, which China claims as part of its territory but has been functionally independent since the 1950s, is the target of a Russian-style disinformation campaign by China to exploit social divisions and undermine democracy in the lead-up to the presidential election in January.
Japan moves to tighten rules on the handling of browsing history data
The Japan Times
Jiji
A government commission has proposed tightening rules on the handling of browsing history data, which can convey personal information to third parties.
Southeast Asia
CekFakta: A groundbreaking Indonesian project to counter false information
IFEX
How a collaborative project in Indonesia tackled the problem of misinformation and disinformation during the country's 2019 elections.
NZ & Pacific Islands
Hacking the human: Why most cybercrime doesn't involve computer hacking
Noted
@petergnz
If you thought cybercrime was mostly about skilled hackers finagling their way through complex firewalls, think again. Most scams involve people being manipulated or blackmailed into handing over their cash.
Sichuan police officer training opportunities
Fiji Times
China's Sichuan Public Security Department is planning to increase training opportunities available to the Fiji Police Force in tackling cyber-crime and drugs.
South Asia
India's Internet shutdown in Kashmir is the longest ever in a democracy
The Washington Post
@NihaMasih @jslaternyc, Shams Irfan
The shutdown, which entered its 134th day Monday, is now the longest ever imposed in a democracy, according to Access Now, an international advocacy group that tracks Internet suspensions. Only authoritarian regimes such as China and Myanmar have cut off the Internet for longer.
UK
Tories switch to messaging app Signal after WhatsApp leaks
The Guardian
The UK Conservative party has started using the secure messaging service Signal for its internal communications with Tory MPs, following years of leaks from WhatsApp groups. Signal, which is an alternative to Facebook-owned WhatsApp, prides itself on its ultra-secure privacy features and has an option to make messages automatically disappear after a set period of time, making it harder to retrospectively leak conversations.
Europe
Czech security chief's sacking had nothing to do with Huawei
Axios
The firing of the Czech Republic's cybersecurity director, Dusan Navratil, was not linked to an ongoing dispute with Chinese telecom giant Huawei, sources with direct knowledge tell Axios. Why it matters: The Czech cybersecurity agency has fended off numerous overtures from Huawei, bucking the trend among Eastern European nations. Navratil’s departure does not signal a change in this stance.
(Twitter thread covering the adoption of a 5G paper by the German CDU)
Americas
Internet agency discovers explicit photos on president’s computer — fires IT, staff, keeps president
The Star
@_kevindonovan
Imagine your boss — the company president — asks you to transfer files from one company computer to a new one. As the work is underway, sexually explicit photos start popping up on the screen from files he has been storing. Human resources is alerted and an investigation takes place. You and two colleagues from the IT department are fired. The boss continues in his job. That’s what happened at the Canadian Internet Registration Authority (CIRA) — the federally created agency that sells Canada’s “.ca” internet domain, and offers cybersecurity and other programs nationally.
Middle East
(Twitter thread tracking the suspension of bot network spreading anti-Qatar content)
Africa
Data breach reveals customer browsing activity at South African teleco
SC Media
@chandu2gopal
Researchers discover data breach at South African ICT major Conor; customer data on 80 million users across Africa, South America potentially exposed.
Misc
Click Here to Kill
Harper's
@bcmerchant
The dark world of online murder markets.
This Bug Could Have Let Anyone Crash WhatsApp Of All Group Members
The Hacker News
WhatsApp, the world's most popular end-to-end encrypted messaging application, patched an incredibly frustrating software bug that could have allowed a malicious group member to crash the messaging app for all members of the same group.
Alexa, Google Home Eavesdropping Hack Not Yet Fixed
Threat Post
Months after researchers disclosed a new way to exploit Alexa and Google Home smart speakers to spy on users, those same researchers now warn that Amazon and Google have yet to create effective ways to prevent the eavesdropping hack.
We Tested Ring’s Security. It’s Awful
Vice
@josephfcox
Ring lacks basic security features, making it easy for hackers to turn the company's cameras against its customers.
You Might Be Buying Trash on Amazon—Literally
WSJ
Dumpster divers say it’s easy to list discarded toys, electronics and books on the retailer’s platform. So we decided to try.
Events
CPX 360 2020 The Premier Cyber Security Summit And Expo Join us in New Orleans, January 27 – 29, 2020 | #CPX360
CPX 360 2020
CPX 360 promises to be premier cybersecurity summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cybersecurity experts. In addition, you’ll enjoy getting hands-on with cutting-edge security solutions from Check Point, networking with your peers, and celebrating with the world’s cybersecurity elite. If you attend one cybersecurity event this year, make it CPX 360.
2020 Billington CyberSecurity Summit
2020 Billington CyberSecurity Summit
Following a sold-out Summit in 2019, the 11th Annual CyberSecurity Summit promises to continue the proud tradition of convening the top “who’s who” in cybersecurity leadership for an unparalleled two days of high-level networking and knowledge-sharing to advocate cyber mission in the U.S. and among allied countries.