Trump’s disinfectant talk trips up sites’ vows against misinformation | Privacy concerns over contact tracing apps around the world | FBI head helped Facebook defend encryption he's now fighting
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Mark Zuckerberg, Facebook’s chief executive, said in March that promoting bleach as a cure for the coronavirus was “misinformation that has imminent risk of danger” and that such messages would immediately be removed from the social network. President Trump has now put Mr. Zuckerberg’s comments to the test. Facebook, Twitter and YouTube have declined to remove Mr. Trump’s statements posted online in video clips and transcriptions of the briefing, saying he did not specifically direct people to pursue the unproven treatments. The New York Times
Indian authorities plan to make a contact-tracing mobile app mandatory for everything from taking public transit to going to work, raising concerns among digital rights experts about privacy and increased surveillance; meanwhile, the Italian government has decreed that the data provided through an app to facilitate tracing of persons who come in close contact with someone positive for COVID-19 will be completely anonymous and that all data will be destroyed by year’s end. Reuters & Time
Christopher Wray, prior to becoming FBI director, argued on behalf of Facebook Inc in defense of encrypted communications as the company was being pressured by the U.S. Justice Department over the issue, according to a court filing and a person familiar with the case. Reuters
ASPI ICPC
5 Steps For Keeping Supply Chains Free Of Uighur Slavery
Law360
In light of ASPI's March report identifying 83 global brands suspected of supply chain links to forced labor of Uyghurs — an ethnic minority long targeted by the Chinese government — companies should adopt certain procedures to identify red flags in their own supply chains.
The Chinese government has facilitated the mass transfer of Uyghur and other ethnic minority citizens from the far west region of Xinjiang to factories across the country. Under conditions that strongly suggest forced labour, Uyghurs are working in factories that are in the supply chains of global brands including Apple, BMW, Gap, Huawei, Nike, Samsung, Sony and Volkswagen. Read the report.
Weaponised deep fakes - National security and democracy
ASPI
@Hannah_ASPI@KMansted
Deep fake technology isn’t inherently harmful. However, ready access to deep fake technology also allows cybercriminals, political activists and nation-states to quickly create cheap, realistic forgeries.
Australia
Australian intelligence officials have no evidence of Wuhan lab link to coronavirus
The Sydney Morning Herald
Prime Minister Scott Morrison has raised doubts about speculation the coronavirus started in a Wuhan laboratory after Australian intelligence officials were unable to find any evidence to support the theory.
Coronavirus: Gatecrashing consul was one of China’s top cyber spies
The Australian
The Chinese official Andrew Forrest helped to gatecrash Health Minister Greg Hunt’s press conference was a former top cyber official for Beijing as the Chinese Communist Party waged a hacking war against Western businesses and governments.
Home Affairs says Australia likely next to sign CLOUD Act arrangement with the US
ZDNet
The department says the pending International Production Orders Bill is an important legislative reform as Australia moves forward with a bilateral CLOUD Act agreement with the United States.
Cybersecurity experts debunk COVIDSafe app surveillance claims
2GB
Independent cyber security advisors have given the government’s COVIDSafe app the green light, assuring the Australian public their privacy will remain intact.
China
This Woman Got A Visit From The Police After Posting A Video About Racism In China
BuzzFeed News
These interviews show that Chinese police are closely monitoring the social media of black people in the country and, in at least one case, apparently infiltrating WhatsApp groups for black foreigners in the country.
USA
Trump’s Disinfectant Talk Trips Up Sites’ Vows Against Misinformation
The New York Times
Mark Zuckerberg, Facebook’s chief executive, said in March that promoting bleach as a cure for the coronavirus was “misinformation that has imminent risk of danger” and that such messages would immediately be removed from the social network. President Trump has now put Mr. Zuckerberg’s comments to the test. Facebook, Twitter and YouTube have declined to remove Mr. Trump’s statements posted online in video clips and transcriptions of the briefing, saying he did not specifically direct people to pursue the unproven treatments.
We Need An “Army” Of Contact Tracers To Safely Reopen The Country. We Might Get Apps Instead.
BuzzFeed News
Without enough human contact tracers to identify infected people, the US is barreling toward a digital solution, and possible disaster.
FBI head helped Facebook defend encryption he's now fighting
Reuters
Christopher Wray, prior to becoming FBI director, argued on behalf of Facebook Inc in defense of encrypted communications as the company was being pressured by the U.S. Justice Department over the issue, according to a court filing and a person familiar with the case.
Two Children Take on Google Over Biometric Data
CPO Magazine
Two Illinois schoolchildren are suing Google for collecting biometric data including face scans of millions of school students through its classroom software tools.
After One Tweet To President Trump, This Man Got $69 Million From New York For Ventilators
BuzzFeed News
The Silicon Valley engineer, who had no background in medical supplies but was recommended by the White House, never delivered the ventilators.
North Asia
Virus Outbreak: Lawmakers call for more tests of crowd control app
Taipei Times
The app previously failed to accurately present crowd sizes at tourist attractions because it was not taking into consideration their maximum capacity.
Southeast Asia
Suspected Chinese hackers aim attacks at Vietnamese government officials
CyberScoop
Suspected Chinese hackers are behind a phishing campaign apparently aimed at collecting data about Vietnamese government officials amid an ongoing territorial dispute between the two nations, according to new findings.
Stop misrepresenting': Taipei calls out Roque after he says Taiwan 'is part of China'
ABS-CBN News
The Taiwan government on Wednesday expressed "strong dissatisfaction" after Presidential spokesperson Harry Roque said the island-nation is part of China. Roque earlier said that Manila will leave to Taipei to decide if an overseas Filipino worker in Taiwan needs to be deported after allegedly making "nasty, malevolent" posts against President Rodrigo Duterte on social media. Taipei rejected the deportation request, which was made by the Philippine labor officials, saying freedom of speech is enjoyed by "both citizens and migrant workers" in Taiwan.
Pacific Islands
South Asia
Indian Cyber security agency warns of email extortion fraud
TechRadar India
India's cyber security agency has issued a detailed advisory warning users about a new email extortion fraud where scammers send mails to unsuspecting people claiming that their computers have been hacked and demand money for letting go of it.
Privacy debate heats up over India contact tracing app Reuters
Indian authorities plan to make a contact-tracing mobile app mandatory for everything from taking public transit to going to work, raising concerns among digital rights experts about privacy and increased surveillance.
UK
Hancock grants GCHQ powers over NHS IT systems
Health Service Journal
The NHS must hand over information from its IT systems to the UK’s intelligence and security authority during the covid-19 pandemic after the agency was granted extra powers by Matt Hancock, HSJ can reveal. Government Communications Headquarters now has the power to make the NHS disclose any information which relates to “the security” of the health service’s networks and information systems. The move, authorised by Mr Hancock earlier this month, appears to be an attempt to strengthen the NHS’ cyber defences amid warnings from GCHQ of a growing trend in covid-19 themed cyber attacks.
Misinformation ruins lives, UK fact-checker says
Reuters
Internet and media companies should do more to tackle the spread of misinformation in Britain as falsehoods abound during the coronavirus pandemic, fact-checking organisation Full Fact said in a report on Thursday. “Bad information ruins lives, Chief Executive Will Moy said. “Here in the UK, we have seen misinformation take hold in the form of fake cures, spurious claims, conspiracy theories and financial scams.”
Europe
Italy Says App Tracing COVID-19 Will Be Anonymous
Time
The Italian government has decreed that the data provided through an app to facilitate tracing of persons who come in close contact with someone positive for COVID-19 will be completely anonymous and that all data will be destroyed by year’s end.
The Coronavirus and the Future of Big Tech
The New Yorker
The Danish politician Margrethe Vestager reflects on how the coronavirus may force a trade-off between privacy and health.
North America
Uighur-rights group gearing up for legal battle with U.K. over Huawei and 5G. Canada could be next
The Star
A newly-minted international consortium of lawyers created to fight for the rights of China’s minority Uighur population says Canada risks its reputation as a human rights champion if it allows telecommunications giant Huawei into the country’s 5G system.
Misc
Meet EventBot, a new Android malware targeting banking apps
TechCrunch
Security researchers are sounding the alarm over a newly discovered Android malware that targets banking apps and cryptocurrency wallets. The malware, which researchers at security firm Cybereason recently discovered and called EventBot, masquerades as a legitimate Android app — like Adobe Flash or Microsoft Word for Android — which abuses Android’s in-built accessibility features to obtain deep access to the device’s operating system.
Zoom admits it doesn’t have 300 million users, corrects misleading claims
The Verge
Zoom has admitted it doesn’t have 300 million daily active users. The admission came after The Verge noticed the company had quietly edited a blog post making the claim earlier this month. Zoom originally stated it had “more than 300 million daily users” and that “more than 300 million people around the world are using Zoom during this challenging time.” Zoom later deleted these references from the original blog post, and now claims “300 million daily Zoom meeting participants.”
Cyber-Criminals Increasingly Using Official reCAPTCHA Walls in Phishing Attacks
Infosecurity Magazine
New research from Barracuda Networks has revealed that cyber-criminals are increasingly using official reCAPTCHA walls to disguise malicious content from email security systems and trick unsuspecting users.