Trump's TikTok decision expected in weeks | Russian Government Hackers turn targets to COVID vaccine research | EU's top court limits data sharing across the Atlantic
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
President Donald Trump's administration is studying the national security risks of social media applications including TikTok and WeChat, with action to address the issue expected in the coming weeks, a White House official said on Wednesday. Reuters
Russian government hackers targeting coronavirus vaccine research, UK, US and Canada warn. The hacking is aimed predominantly at “government, diplomatic, think-tank, healthcare and energy targets,” the NCSC said in the assessment. CyberScoop
Europe’s top court on Thursday struck down a trans-Atlantic agreement that allows scores of companies to move data between the European Union and the United States, causing uncertainty for businesses who rely on moving digital information seamlessly around the world. The New York Times
ASPI ICPC
Australia
Hell of a way to get there': Malcolm Turnbull welcomes Britain's Huawei backflip
The Sydney Morning Herald
Malcolm Turnbull says Britain will be feeling "anxious" about sparking retaliation from Beijing over its decision to block Huawei from its 5G network because the UK has made itself economically vulnerable to other countries with Brexit. But the former prime minister warned that China's aggressive diplomacy was weakening Beijing's hand abroad and vindicating the boycott by Australia and other countries of Huawei over security concerns.
Covid-19 is just one of the invisible enemies Australia must face
The Strategist
@KKeneally
There are three other national security threats which, just like the coronavirus, have the potential to undermine Australia’s safety, security and democracy. We still do not have a new cybersecurity strategy in place—the 2016 strategy expired in April—and we have not had a dedicated cybersecurity minister since 2018.
Telstra to stay in Hong Kong ‘anticipating’ it won't be asked for data
The Sydney Morning Herald
@zoesam93
Telstra is confident the new national security laws imposed in Hong Kong will not apply to its operations there despite concerns that the telco may be forced to provide information to Chinese authorities under certain circumstances.
China
The World’s Most Technologically Sophisticated Genocide Is Happening in Xinjiang
Foreign Policy
@rayhanasat @yonahdiamond
What makes this genocide so uniquely dangerous is its technological sophistication, allowing for efficiency in its destruction and concealment from global attention. The Uighurs have been suffering under the most advanced police state, with extensive controls and restrictions on every aspect of life—religious, familial, cultural, and social.
China’s Internet Regulator Wants Online Fan Groups to Simmer Down
Sixth Tone
Idol fans under 18 are facing a serious problem: They may not be able to partake in social media pushes to boost their beloved stars’ online popularity during their summer vacation. A new two-month campaign from the Cyberspace Administration of China will strictly monitor minors’ online activities.
USA
Trump administration action on risks posed by TikTok likely 'in weeks': official
Reuters
President Donald Trump's administration is studying the national security risks of social media applications including TikTok and WeChat, with action to address the issue expected in the coming weeks, a White House official said on Wednesday.
Facebook readies global launch of its TikTok competitor
NBC News
@dylanbyers
The global launch, which has been in the works for over a year, comes as TikTok is facing scrutiny from Washington over its handling of user data.
With Trump CIA directive, the cyber offense pendulum swings too far
Yahoo News
A recently revealed change in covert action authority may presage an escalation in the ongoing cyberwars and the distinct possibilities of excessively provocative U.S. action, retaliation on U.S. soil and attacks on financial institutions.
The CIA, Covert Action and Operations in Cyberspace
Lawfare
@bobbychesney
The CIA continues to play a critical role in the increasingly fierce gray zone competition that characterizes statecraft in cyberspace these days.
FBI Investigates Twitter Hack Amid Broader Concerns About Platform’s Security
The Wall Street Journal
Severity of attack raises alarms among U.S. lawmakers, administration officials.
The FBI Is Secretly Using A $2 Billion Travel Company As A Global Surveillance Tool
Forbes
@iblametom
The government has, on numerous occasions, secretly asked the company to actively spy on suspects’ movements, in both major and minor criminal cases.
This Company is Selling Bizarre and Expensive Spy Equipment to Police
Vice
Advanced Covert Technology has been selling surveillance tools to police for 21 years, and its latest catalog is an example of the expensive, Hollywood-style gadgets being marketed to law enforcement agencies out of the public eye.
Inside Big Tech’s Years-Long Manipulation Of American Op-Ed Pages
Big Tech
@kantrowitz
For years, the tech giants and organizations they fund have pushed op-eds from small business owners, think tanks, and academics into US newspapers without disclosing their involvement.
U.S. Army Esports Team May Have Violated the First Amendment on Twitch
Vice
@mjgault
Two civil rights lawyers say that the U.S. Army may have violated the constitution when it banned Twitch viewers for asking questions about American war crimes.
Police and CPS scrap digital data extraction forms for rape cases
The Guardian
@lexytopping
The CPS and police have been forced to scrap controversial “digital strip searches” of rape complainants, following a legal threat from two survivors of sexual abuse and sustained campaigning from privacy and human rights groups.
We need tougher action against disinformation and propaganda
The Brookings Institute
@emmalbriant
Illuminating the influence industry involves not just mapping tweets or Facebook posts, but revealing the powerful networks of companies and clients that stretch around the world, patterns of data use and technologies, funding streams, clients, and strategies—and communicating complex data for policymakers and publics in accessible ways that reveal how we respond.
North-East Asia
TikTok fined for mishandling child data in South Korea
BBC News
The KCC, the country's media watchdog, said TikTok collected data of children under 14 years old without the consent of legal guardians.
TSMC plans to halt chip supplies to Huawei in 2 months
Nikkei Asian Review
Taiwan Semiconductor Manufacturing Co. on Thursday confirmed it has suspended processing new orders from key customer Huawei Technologies to comply with U.S. export regulations, but said it can still achieve more than 20% revenue growth this year thanks to strong demand for 5G smartphones, infrastructure and high-performance computing applications.
South Asia
The concert of democracies will shift its no-Huawei focus to India
The Print
New Delhi allowed Huawei to participate in 5G trials, but Ladakh has changed the narrative. The Chinese company may find it difficult to clear security hurdles.
Does India have offensive cyber capabilities?
MediaNama
@gunjanchawla08
The June 2020 amendment to the SCOMET list is a highly significant development, as this is the first official document that strongly suggests the existence of offensive cyber capabilities specially designed for military use in the broader ecosystem of tech regulation in India.
A Legal Framework for Digital Surveillance in the COVID-19 Pandemic
MediaNama
Alongside methods such as imposition of large-scale lockdowns, governments have rapidly repurposed digital technologies for surveillance to contain and respond to the COVID-19 pandemic.
UK
Russian government hackers targeting coronavirus vaccine research, UK, US and Canada warn
Cyber Scoop
@shanvav
The hacking is aimed predominantly at “government, diplomatic, think-tank, healthcare and energy targets,” the NCSC said in the assessment.
Europe
E.U. Court Strikes Down Trans-Atlantic Data Transfer Pact
The New York Times
@satariano
Europe’s top court on Thursday struck down a trans-Atlantic agreement that allows scores of companies to move data between the European Union and the United States, causing uncertainty for businesses who rely on moving digital information seamlessly around the world.
Spain’s intelligence service has spyware program that targeted Catalan politicians
El Pais
Pegasus, supplied by an Israeli company called NSO, is alleged to have been used in an attempt to access the handsets of parliamentary speaker Roger Torrent and deputy Ernest Maragall.
Spanish deputy PM urges investigation into Catalan spyware claims
The Guardian
Pablo Iglesias calls alleged targeting of independence movement figures unacceptable.
Austrian far-right activist Martin Sellner's YouTube account 'terminated'
DW
The leader of the far-right organization Identitarian Movement contravened YouTube's hate speech policies, according to Google, the platform's owner. Martin Sellner also had his Twitter account suspended last week.
Closing the Gap - EU Cyber Direct
EU Cyber District
The conference aimed to foster productive exchanges between different generations of scholars (emerging talents and established researchers), disciplines (law, political science, international relations, economics, IT, media studies), sectors (government, private sector, academia, NGOs) and regions (Global South-North).
North America
Canada’s Huawei-5G decision risks putting it at odds with Five Eyes allies
The Star
@Nuttallreports @joannachiu
In the wake of the United Kingdom’s move to ban Huawei from the country’s 5G infrastructure, pressure is mounting on Canada to take a decision that observers say will either distance it from longtime allies or risk further eroding its relationship with China. Ottawa is expected to make a call on the Chinese telecom giant’s involvement in 5G this year.
Misc
Hackers Convinced Twitter Employee to Help Them Hijack Accounts
Vice
@josephfcox
After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground.
‘Tough Day for Us at Twitter’
The New York Times
“Tough day for us at Twitter. We all feel terrible this happened,” Jack Dorsey, the company’s C.E.O., tweeted afterward. At the time of writing, shares in Twitter are down 5 percent in pre-market trading.
Who’s Behind Wednesday’s Epic Twitter Hack?
KrebsOnSecurity
@briankrebs
There are strong indications that this attack was perpetrated by individuals who’ve traditionally specialized in hijacking social media accounts via “SIM swapping,”.
Justin Sun Offers $1 Million Bounty in Exchange for Twitter Hackers
Coin Telegraph
@benjaminpirus
After a massive number of Twitter accounts were hacked on July 15, one of the affected, Tron founder Justin Sun, put a bounty on the heads of those responsible.
As 2020 election heated up, Google banned employee-led voter registration drives
Protocol
@issielapowsky
Google employees, including employee resource groups, would no longer be able to participate in or organize voter registration events, unless they did so in their personal capacity.
Research
Unmasking the Truth: Public Health Experts, the Coronavirus, and the Raucous Marketplace of Ideas
Carnegie Endowment
As the world continues to weather the coronavirus pandemic, reliable information from public health experts will continue to be a necessity. At the same time, these experts will still face headwinds in getting their message out to a weary or even disenchanted public.
Events
SecuriDay | Canberra 2020
Kids SecuriDay
Kids SecuriDay is going digital! Our August event is tied to National Science Week which will be going entirely digital so we will be too. The National Science Week schools theme this year is 'Deep Blue: innovations for the future of our oceans' so our theme will be pirates! We've got a stack of fun talks, workshops, competitions and games planned so keep an eye out for our upcoming announcements.
Jobs
Program Manager/Senior Analyst
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented, proactive and super efficient program manager/senior analyst to join its growing centre. The successful candidate will need to have a proven track record of leading teams and experience in project management including financial and stakeholder management (which will include industry, the Australian Government, Parliament and foreign governments). To succeed in this position candidates should have exceptional communication and problem-solving skills and experience in research, policy analysis or policy development.
Analyst
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive allrounder to join its growing centre. The ICPC is looking for someone who is an excellent writer and researcher and who is a team player - you will need to juggle multiple research projects that could span the range of topics listed above. This is not an entry level position. Analysts in ICPC have between 5-15 years’ relevant work experience and, depending on experience, are involved in stakeholder and project management, fundraising and the management of small teams.
GFCE Working Group Coordinator
GFCE
The Global Forum on Cyber Expertise (GFCE) Secretariat is seeking an organized, efficient, and communicative GFCE Working Group Coordinator to join the GFCE Secretariat’s team in its main office in The Hague, the Netherlands, starting 16 August 2020.