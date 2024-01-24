Good morning. It's Thursday 25th January.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Twitter and on LinkedIn.

Australia, the U.K. and the U.S. have imposed financial sanctions and travel bans on a Russian hacker over his alleged role in the 2022 attack on the health insurance provider Medibank . The Record by Recorded Future News

The National Science Foundation and 10 other agencies are partnering with artificial intelligence developers to fulfill part of President Joe Biden’s executive order on AI, launching a pilot program the administration says will democratize access to research. The Verge

Artificial intelligence is expected to increase the global ransomware threat over the next two years cyber chiefs have warned in a new report published today. National Cyber Security Centre

ASPI

Taking robots and AI to war at sea

The Strategist

Malcolm Davis

There needs to be a dramatic acceleration in development of advanced autonomous systems at sea, both on and under the waves, with greater emphasis on smart and intelligent capabilities that fully employ AI, leaving humans strictly ‘on the loop’ in an oversight and managerial role, rather than directly controlling a platform remotely.

Australia

UK, US and Australia sanction Russian citizen over Medibank hack

The Record by Recorded Future News

Daryna Antoniuk

Australia, the UK and the US have imposed financial sanctions and travel bans on a Russian hacker over his alleged role in the 2022 attack on the health insurance provider Medibank. Aleksandr Ermakov, 33, was allegedly involved in the unauthorized release and publication on the dark web of Medibank customer data following an October 2022 ransomware attack, according to the Australian Signals Directorate.

UK and allies sanctions Russian cyber hacker

UK Government

Foreign, Commonwealth & Development Office and The Rt Hon Anne-Marie Trevelyan MP

The UK, US and Australia have today sanctioned a Russia-based cyber hacker in the latest wave of coordinated action aimed at cracking down on international cyber crime.

First trilateral sanctions against Russian cyber actor

US Department of State

Matthew Miller

In coordination with Australia and the United Kingdom, the United States is designating a Russian cyber actor involved in the 2022 ransomware attack against an Australian healthcare insurer. Today’s action, our first trilateral sanctions action using our respective cyber sanctions regimes, strengthens our partnership in the fight against malicious cyber actors.

Australian Defence chief meets with UK Strategic Command

Defence Connect

Robert Dougherty

Both military officials met on 22 January to discuss how both countries can maximise the UK-Australia relationship to remain ahead of adversaries, a growing cyber partnership, opportunities provided by AUKUS, and sharing of experience. “Engaging discussions with General Sir Jim Hockenhull, Commander UK Strategic Command in London,” GEN Campbell said via X.

CSIRO launches free program for SMEs innovating in digital health and medical technology​

CSIRO

Australia’s national science agency, CSIRO, is calling on start-ups and small to medium-sized enterprises looking to drive innovation in digital health and medical technologies to apply for its upcoming Innovate to Grow program. The free 10-week online program is specifically designed to assist Australian SMEs operating in critical sectors advance their innovative technologies, solutions and ideas through research and development.

Australia signs research agreement with Japan

Australian Defence Magazine

Australia and Japan have signed an agreement to enhance strategic capabilities in robotic and autonomous systems for undersea warfare. The research project between Defence Science and Technology Group and Japan’s Acquisition, Technology and Logistics Agency is the first under a bilateral research, development, test and evaluation arrangement signed in June 2023.​

China

Jack Ma, Joe Tsai replace SoftBank as Alibaba’s largest shareholders by scooping up tech giant’s tumbling shares in Hong Kong, New York

South China Morning Post

Zhou Xin

Jack Ma and Joe Tsai, the co-founders of Alibaba Group Holding, have emerged as the two largest shareholders of the e-commerce giant they founded in 1999, by aggressively scooping up its tumbling shares in New York and Hong Kong. Ma, who retired as Alibaba’s executive chairman in 2019, bought about US$50 million of stock in the fourth quarter, raising his stake beyond the 4.3 per cent reported at the end of 2021, to become the largest single shareholder, according to sources familiar with the matter.

This Chinese startup is winning the open source AI race

WIRED

Will Knight

Meta shook up the race to build more powerful artificial intelligence last July by releasing Llama 2, an AI model similar to the one behind ChatGPT, for anyone to download and use. In November, a little-known startup from Beijing, 01.AI, released its own open source model that outperforms Llama 2 and scores near the top of many leaderboards used to compare the power of AI models.

China’s EV players ramp up competition with Tesla using new tech

CNBC

Evelyn Cheng

Hot competition in China’s electric car market is pushing local automakers to sell vehicles with fancy tech that Tesla doesn’t yet offer in the country — and sometimes at lower prices. No longer are companies competing primarily on driving range. Instead, as they reveal new models at a rapid pace, they’re piling on a slew of features: in-car projectors, refrigerators and driver-assist, to name a few.

USA

Joe Biden’s big AI science project gets pledges from Microsoft, Nvidia and others

The Verge

Emilia David

The National Science Foundation and 10 other agencies are partnering with artificial intelligence developers to fulfill part of President Joe Biden’s executive order on AI, launching a pilot program the administration says will democratize access to research. The National Artificial Intelligence Research Resource provides access to AI models, computing power, datasets, software, and training for US-based AI researchers, the NSF said in a statement.

Democratizing the future of AI R&D: NSF to launch National AI Research Resource pilot

US National Science Foundation

Today, the U.S. National Science Foundation and collaborating agencies launched the National Artificial Intelligence Research Resource pilot, a first step towards realizing the vision for a shared research infrastructure that will strengthen and democratize access to critical resources necessary to power responsible AI discovery and innovation.

The head of the government’s election security agency was swatted in December

NBC News

Kevin Collier and Michael Kosnar

The director of the Cybersecurity and Infrastructure Security Agency, the top U.S. government agency tasked with providing security and aid to U.S. election infrastructure and its officials, was the target of a swatting incident at the end of December, a spokesperson confirmed to NBC News. News of the incident comes as judges and public officials in the past few weeks have been the target of a wave of swatting calls, in which false emergencies are reported to local police departments in order to trigger an armed police response.

US regulator admits cyber-security lapse before rogue Bitcoin post

BBC

Tom Gerken

The US financial regulator has confirmed a key security procedure on its X account had been suspended for six months when hackers made a fake post about Bitcoin in January. The cryptocurrency surged in value before the post was deleted. The Securities and Exchange Commission did not have multi-factor authentication in place when hackers gained access to the account.

Pentagon moves to declassify some secret space programs and technologies

Space.com

Brett Tingley

The United States Department of Defense wants to declassify more space programs in order to boost the nation's military edge in space. As the world's superpowers continue to invest in the militarization of space, some leaders at the Pentagon believe it's time to declassify some of the secretive space programs in the United States' portfolio.

North Asia

US-China rivalry keeps South Korean chipmakers in costly limbo

Bloomberg

James Mayger and Sam Kim

A memory chip plant located halfway between Seoul and Beijing illustrates the tough choices South Korean business leaders and policymakers face as they try to limit the damage from the US technology war with China. South Korean chipmaker SK Hynix Inc. bought its Dalian plant in northeast China from Intel Corp. in a $9 billion deal in 2020 that was supposed to help the world's No. 2 memory maker shore up capacity and expand into cutting-edge chips in the world's largest chip market.

Middle East

Iranian military technology and advisers aid Houthi attacks in Red Sea, officials say

The Wall Street Journal

Benoit Faucon and Warren P. Strobel

Iran is sending increasingly sophisticated weapons to its Houthi allies in Yemen, Western officials and advisers say, enhancing their ability to attack merchant vessels and disrupt international commerce despite weeks of U.S-led airstrikes. The Houthis, once derided as a ragtag militia operating in Yemen’s arid backcountry, have emerged as one of Iran’s most capable proxies, these officials and analysts say, due to the flow of weapons from Tehran—and their own homegrown ingenuity.

Notorious spyware maker NSO Group is quietly plotting a comeback

Wired

On New Year’s Eve, NSO Group—the Israel-based company behind the Pegasus spyware, one of the world’s most sophisticated cyberweapons—quietly released a new transparency report. The 27-page document is carefully worded—even apologetic—and is intended to demonstrate resilience, progress, and responsibility to further strengthen the company’s human rights compliance program.

UK

Global ransomware threat expected to rise with AI, NCSC warns

National Cyber Security Centre

Artificial intelligence is expected to increase the global ransomware threat over the next two years cyber chiefs have warned in a new report published today. The near-term impact of AI on the cyber threat assessment, published by the National Cyber Security Centre, a part of GCHQ, concludes that AI is already being used in malicious cyber activity and will almost certainly increase the volume and impact of cyber attacks – including ransomware – in the near term.

AI will make scam emails look genuine, UK cybersecurity agency warns

The Guardian

Dan Milmo

Artificial intelligence will make it difficult to spot whether emails are genuine or sent by scammers and malicious actors, including messages that ask computer users to reset their passwords, the UK’s cybersecurity agency has warned.

AI will increase global ransomware threat, UK cyber security chiefs warn

Independent

Martyn Landi

The rise of artificial intelligence will enhance the threat posed by ransomware over the coming years, the UK’s cyber security agency has warned.

Business leaders urged to toughen up cyber attack protections

UK Government

Department for Science, Innovation and Technology, National Cyber Security Centre and Viscount Camrose

A draft Code of Practice on cyber security governance published today will help directors and senior leaders shore up their defences from cyber threats, as the government launches a new call for views from business leaders.

Treat cyber risk like financial or legal issue, says UK government

Computer Weekly

The UK government has today published a draft Code of Practice on cyber security governance, aimed at directors and other business leaders and urging them to prioritise security threats as a key business risk akin to financial or legal challenges.

New cybersecurity governance code puts cyber risks on boardroom agenda

Infosecurity Magazine

James Coker

The UK government has published a new Code of Practice on cybersecurity governance, targeting directors and other senior business leaders. The draft document aims to establish cybersecurity as a key focus for businesses, on par with financial and legal risks.

Ukraine - Russia

Ukrainian hackers claim attack on Russian scientific research center

Daryna Antoniuk

Pro-Ukraine hackers have reportedly breached a Russian scientific research center, Ukraine's defense intelligence directorate said. According to GUR’s report on Wednesday, the hacker group called “BO Team” attacked the State Research Center on Space Hydrometeorology, also known as “Planeta,” and destroyed its database and valuable equipment.

Big Tech

Google cancels contract with an AI data firm that’s helped train Bard

The Verge

Emilia David

Google ended its contract with Appen, an Australian data company involved in training its large language model AI tools used in Bard, Search, and other products, even as the competition to develop generative AI tools increases. “Our decision to end the contract was made as part of our ongoing effort to evaluate and adjust many of our supplier partnerships across Alphabet to ensure our vendor operations are as efficient as possible,” Google spokesperson Courtenay Mencini said in a statement sent to The Verge.

Google’s termination of Appen contracts big ‘wake up call’ for tech workers, Alphabet Workers Union warns

The Australian

Joseph Lam

Appen’s multimillion-dollar contract loss should be “a wake-up call for workers” as artificial intelligence is increasingly eating into the roles of some of the tech industry’s most vulnerable, a major union has warned. The ASX-listed data processing company “had no prior knowledge” that Google would abruptly dump its contracts over the weekend, which were responsible for $US82.8m in revenue in 2023.

Apple wins early battle against NSO after suing spyware mercenaries for attacking iPhone users

9to5Mac

Zac Hall

Apple has won an early battle against the NSO Group in court today. Apple sued the Pegasus spyware maker in November 2021, but the Israel-based firm has been trying to export Apple’s lawsuit to its home turf. Apple’s early victory comes in the form of Judge Donato denying NSO Group’s request to dismiss the lawsuit from Apple altogether.

Artificial Intelligence

Damien Hirst and Tracey Emin among thousands of British artists used to train AI software, Midjourney

The Guardian

James Tapper

Since the emergence of Midjourney and other image generators, artists have been watching and wondering whether AI is a great opportunity or an existential threat. Now, after a list of 16,000 names emerged of artists whose work Midjourney had allegedly used to train its AI – including Bridget Riley, Damien Hirst, Rachel Whiteread, Tracey Emin, David Hockney and Anish Kapoor – the art world has issued a call to arms against the technologists.

Misc

Inside a global phone spy tool monitoring billions

404 Media

Joseph Cox

Hundreds of thousands of ordinary apps, including popular ones such as 9gag, Kik, and a series of caller ID apps, are part of a global surveillance capability that starts with ads inside each app, and ends with the apps’ users being swept up into a powerful mass monitoring tool advertised to national security agencies that can track the physical location, hobbies, and family members of people to build billions of profiles, according to a 404 Media investigation.

How the cops are boxing in ransomware hackers

Axios

Sam Sabin

The end of ransomware gangs' reliance on critical security flaws could be near, according to a new report shared exclusively with Axios. Ransomware hackers have had to turn to so-called zero-day vulnerabilities to help launch their attacks, in part because of the success of law enforcement in the last year.

Research

Engaging with artificial intelligence

Australian Cyber Security Centre

The purpose of this publication is to provide organisations with guidance on how to use AI systems securely. The paper summarises some important threats related to AI systems and prompts organisations to consider steps they can take to engage with AI while managing risk. It provides mitigations to assist both organisations that use self-hosted and third-party hosted AI systems.

The top risks from technology that we’ll be facing by the year 2040

The Conversation

Charles Weir

Bewilderingly rapid changes are happening in the technology and reach of computer systems. There are exciting advances in artificial intelligence, in the masses of tiny interconnected devices we call the “Internet of Things” and in wireless connectivity. Unfortunately, these improvements bring potential dangers as well as benefits.

Jobs

Cyber, Technology & Security Program Coordinator

ASPI

The Coordinator will coordinate CTS’s business processes, projects, stakeholder engagement and events schedule. The Coordinator will work closely with Director CTS, senior ASPI staff, other ASPI Programs and Corporate, Strategic Communications and Finance areas. The ideal candidate has 1-3 years’ experience in executive assistance, business coordination or events management roles.

Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.