Ukraine says Russia behind cyberattack in ‘hybrid war’ move | Facebook faces $3.2 bln UK class action over market dominance | Cambodia’s Internet May Soon Be Like China’s: State-Controlled
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor. The statement from the Ministry of Digital Development came a day after Microsoft said dozens of computer systems at an unspecified number of Ukrainian government agencies had been infected with destructive malware disguised as ransomware. That disclosure suggested the attention-grabbing defacement attack on official websites last week was a diversion. Associated Press
Social media giant Facebook, now known as Meta Platforms, faces a 2.3 billion pound plus ($3.2 billion plus) class action in Britain over allegations it abused its market dominance by exploiting the personal data of 44 million users. Reuters
There is an increasingly restrictive digital environment in Cambodia, where a new law will allow the authorities to monitor all web traffic in the country. Critics say that the decree puts Cambodia on a growing list of countries that have embraced China’s authoritarian model of internet surveillance, from Vietnam to Turkey, and that it will deepen the clash over the future of the web. The New York Times
Australia
Twitter, Snapchat warns government off undermining online anonymity
The Sydney Morning Herald
Nick Bonyhady
Social media giants Twitter and Snapchat are defending anonymity online as lawmakers and bureaucrats work on a series of proposed laws that would force Australians to verify their age before using many of the most popular sites on the internet.
China
China’s taxpayers on edge as Beijing tightens oversight with big data and artificial intelligence
South China Morning Post
He Huifeng and Jane Cai
In a bid to tighten supervision, China is proceeding with the construction of the Golden Tax IV system, under which company data, as well information from owners, executives, banks and various market regulators will all be connected and accessible for tax authorities to scrutinise.
China's Xi calls for measures against 'unhealthy' development of digital economy
Reuters
Andrew Galbraith
President Xi Jinping has called for improved regulation and governance of China's digital economy to guard against its "unhealthy" development as Beijing aims to boost the sector's contribution to the country's growth.
China technology funding hits record high on boom in semiconductors, health care amid tech war, Covid-19
South China Morning Post
Coco Feng
Funding for Chinese start-ups hit a record high last year, boosted by investments in semiconductors and health care amid a tech war and ongoing Covid-19 restrictions, while the internet and video gaming sectors fell out of favour after Beijing’s harsh regulatory crackdown.
Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns
CyberScoop
AJ Vicens
A China-based ransomware operator has been exploiting a vulnerability in Log4j software to attack internet-facing systems running a popular virtualization service, Microsoft analysts reported Monday.
USA
Lawsuit: Google, Facebook CEOs colluded in online ad sales
Associated Press
Newly unredacted documents from a state-led antitrust lawsuit against Google accuse the search giant of colluding with rival Facebook to manipulate online advertising sales. The CEOs of both companies were aware of the deal and signed off on it, the lawsuit alleges.
Twitter, Meta among tech giants subpoenaed by Jan. 6 panel
Associated Press
Farnoush Amiri
Months after requesting documents from more than a dozen social platforms, the House committee investigating the Capitol insurrection has issued subpoenas targeting Twitter, Meta, Reddit and YouTube after lawmakers said the companies’ initial responses were inadequate.
Looks like no respite for Huawei from Biden
Light Reading
Mike Dano
The White House is preparing to launch its new Alliance for the Future of the Internet in the coming weeks, and it appears increasingly likely that a major tenet of the effort will involve blocking ""untrusted"" vendors like China's Huawei from global networks
Cyber incident reporting backers pledge to resume push
The Record by Recorded Future
Martin Matishak
Proponents of legislation that would mandate certain companies report major cyberattacks vowed on Thursday that they would try to again this year, though they were short on specifics about how such a measure would ultimately be enacted into law. Bipartisan legislation to establish cyber incident reporting standards was primed to be included in the compromise version of the annual defense policy bill but was scrapped at the last minute due to Republican concerns over the measure’s scope. The worries were addressed but not in time for the provision to be incorporated in the final defense bill — infuriating its sponsors.
White House hosts open-source software security summit in light of expansive Log4j flaw
CyberScoop
Tim Starks
Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders.
FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response
CyberScoop
Tim Starks
In 2022, the FBI is looking to approach cybercrime differently. During separate public appearances on Thursday, two FBI officials said the bureau was going to change up how it deals with computer intrusions. “The FBI specifically is moving away from an indictment- and arrest-first model into the totality of imposing costs on our adversaries, and we’re making tremendous progress there,” said Bryan Vorndran, assistant director of the FBI’s cyber division. “There is a right time for indictments and arrests and certainly one of our goals to take players off the field. But at the end of the day, we’re a team member first before we’re prioritizing our own authorities.”
No one reads the terms of service. Lawmakers want to fix that with a new 'TLDR' bill.
The Washington Post
Cristiano Lima and Aaron Schaffer
A bipartisan group of lawmakers is pushing to make it easier for consumers to understand just what they’re signing away by introducing legislation Thursday that would require sites to make easy-to-digest summaries of their terms, like a nutrition label.
The Secret to Building the Next Silicon Valley
WIRED
Political leaders have been trying to replicate Silicon Valley’s high-tech magic since the invention of the microchip. A tech-curious Charles de Gaulle, then president of France, toured Palo Alto in his convertible limousine in 1960. Russian Federation President Dmitri Medvedev dressed business casual to meet and tweet with Valley social media tycoons in 2010. Hundreds of eager delegations, foreign and domestic, visited in between. “Silicon Valley,” inventor and entrepreneur Robert Metcalfe once remarked, “is the only place on earth not trying to figure out how to become Silicon Valley.”
North Asia
North Korea stole a record $400 million in cryptocurrency last year, researchers say
NBC News
Kevin Collier
North Korea stole nearly $400 million in cryptocurrency in 2021, particularly ethereum, researchers have found, indicating its national strategy of hacking and laundering digital money remains successful.
Southeast Asia
Cambodia’s Internet May Soon Be Like China’s: State-Controlled
The New York Times
Charles McDermid
There is an increasingly restrictive digital environment in Cambodia, where a new law will allow the authorities to monitor all web traffic in the country. Critics say that the decree puts Cambodia on a growing list of countries that have embraced China’s authoritarian model of internet surveillance, from Vietnam to Turkey, and that it will deepen the clash over the future of the web.
Myanmar's pro-democracy forces resist with cryptocurrency
Nikkei Asia
Myanmar's National Unity Government, a pro-democracy group, recently announced that it officially endorses domestic distribution of the cryptocurrency Tether in a move to resist Myanmar's military, which seized control of the country last February, using fintech.
South Asia
Technology policymaking in India: The need for a paradigm shift
Observer Research Foundation
Samyak Rai Leekha and Prahi Mishra
The emergence of technology policymaking in the Indian context is relatively recent. Over the past decade, the government has formulated policy and vision statements in an attempt to keep pace with evolving technologies like Artificial Intelligence (AI) and Machine Learning (ML), blockchain and cryptocurrency, and quantum tech. There isn’t even an iota of doubt regarding the intentions of these initiatives. These are designed, developed, and framed to strengthen India’s technological position globally and for India to emerge as a world leader in the coming years. However, India must recognise that the future of policymaking will be largely driven by technology and now is the time to set standard technology policy procedures in place, i.e., standardised frameworks to design, develop, and implement technology policies should be forged.
UK
Facebook faces $3.2 bln UK class action over market dominance
Reuters
Kirstin Ridley
Social media giant Facebook, now known as Meta Platforms, faces a 2.3 billion pound plus ($3.2 billion plus) class action in Britain over allegations it abused its market dominance by exploiting the personal data of 44 million users.
UK Gov’t Plans Publicity Blitz to Undermine Privacy of Your Chats
Rolling Stone
James Ball
The UK government is set to launch a multi-pronged publicity attack on end-to-end encryption, Rolling Stone has learned. One key objective: mobilizing public opinion against Facebook’s decision to encrypt its Messenger app.
Europe
Ukraine says Russia behind cyberattack in ‘hybrid war’ move
Associated Press
Yuras Karmanau
Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor. The statement from the Ministry of Digital Development came a day after Microsoft said dozens of computer systems at an unspecified number of Ukrainian government agencies had been infected with destructive malware disguised as ransomware. That disclosure suggested the attention-grabbing defacement attack on official websites last week was a diversion.
Destructive malware targeting Ukrainian organizations
Microsoft
Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to proactively protect from any malicious activity.Ukraine suspects group linked to Belarus intelligence over cyberattack
Reuters
Pavel Polityuk
Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack that hit Ukrainian government websites this week and used malware similar to that used by a group tied to Russian intelligence, a senior Ukrainian security official said.Ukraine hacks add to worries of cyber conflict with Russia
The Washington Post
Yuras Karmanau, Frank Bajak, Eric Tucker and Dasha Litvinova
Hackers on Friday temporarily shut down dozens of Ukrainian government websites, causing no major damage but adding to simmering tensions while Russia amasses troops on the Ukrainian border. Separately, in a rare gesture to the U.S. at a time of chilly relations, Russia said it had arrested members of a major ransomware gang that targeted U.S. entities.
U.S. accuses Russia of preparing "false flag" operation to attack Ukraine
Axios
Zachary Basu
The U.S. claims to have information indicating that Russia has ""already prepositioned a group of operatives to conduct a false-flag operation in eastern Ukraine,"" laying the groundwork for a potential pretext to invade, according to a U.S. official.
Against fighting fire with fire
Revue
Nina Jankowicz
This week U.S. Deputy Secretary of State Wendy Sherman was in Europe, conducting a series of talks with Russian officials and transatlantic allies in hopes of defusing mounting tension between Russia and Ukraine. For the past several months, Russia amassed over 100,000 troops along Ukraine’s eastern border, the largest such buildup since the first time Russia invaded modern Ukraine, back in 2014. (It’s important to remember that we’ve seen this movie before; then, as now, the Kremlin was the instigator, funder, and perpetuator of the conflict.)
Ransomware gang behind attacks on 50 companies arrested in Ukraine
The Record by Recorded Future
Catalin Cimpanu
Ukrainian authorities have detained five members part of a ransomware gang that carried out attacks against more than 50 companies across Europe and the Americas. The arrests, which took place earlier this week, targeted the group’s leader, a 36-year-old Kyiv resident, his wife, and three acquaintances.
Denmark accuses Russia, China, Iran of espionage threat
Reuters
Jacob Gronholt-Pedersen
Denmark warned on Thursday of a rising espionage threat from Russia, China, Iran and others, including in the Arctic region where global powers are jostling for resources and sea routes. The Danish Security and Intelligence Service said there had been numerous examples of attempted spying on Denmark, whose active global role had helped make it a tempting target.
‘War Is Coming’: Mysterious TikTok Videos Are Scaring Sweden’s Children
Defense One
Elizabeth Braw
In Sweden, an unusual anxiety is afflicting children and young teenagers. Some can’t sleep. Some ask their parents if Russia is about to attack their country. Where did they get that idea? TikTok.
Lisbon council fined for sharing protester details with foreign embassies
BBC News
Lisbon's City Hall has been fined €1.25m ($1.4m, £1m) for passing protesters' details to the foreign embassies they had been picketing. Portugal's data commissioner said the mayor's office had committed 225 breaches of demonstrators' personal data between 2018 and 2021.Their details were shared with the the embassies of several countries.
Russia
Missile systems and tanks spotted in Russian far east, heading west
DFRLab
Michael Sheldon
In the first weeks of January 2022, video footage emerged of military equipment moving westward by rail all throughout the Eastern Military District (MD) in Russia’s far east. The footage serves in stark contrast to previous video of Russian military movement, which most commonly was filmed in the western and central parts of Russia towards the end of 2021. This newly uncovered movement came in the leadup to — and during — diplomatic talks in Geneva between the US and Russia meant to alleviate tensions over Ukraine.
Moscow court charges 8 alleged REvil ransomware hackers
ZDNet
Jonathan Greig
Eight people allegedly involved in the REvil ransomware gang were hit with charges by a court in Moscow on Saturday, according to the Russian News Agency (TASS).
The eight were arrested as part of a larger raid by Russia's Federal Security Service (FSB) and the Ministry of Internal Affairs of Russia on 25 different locations across Moscow, St. Petersburg and Lipetsk on Friday.
This year, Russia’s internet crackdown will be even worse
Atlantic Council
Justin Sherman
Russia’s domestic efforts to control the internet quite closely parallel its efforts overseas to shape information and to both weaponize the internet and undermine its global nature. As the world watches Putin’s moves in and around Ukraine, these developments—while of course not comparable to the possibility of large-scale armed conflict—are worthy of attention, given their impact on the Russian cyber and internet landscape more broadly.
Americas
The Conservatives hand Beijing a win by abandoning their China committee
The Globe and Mail
Robyn Urback
The Conservative Party of Canada revealed that it would not attempt to bring back its Special Committee on Canada-China Relations in the new year. It was a strange decision for a party whose leader has said there is “no greater threat to Canada’s interests than the rise of China.” For years, the Conservatives have hammered the Liberal cabinet for its timid and conciliatory approach to relations with Beijing: for abstaining from a motion recognizing China’s treatment of its Muslim minority as “genocide”; for dithering on whether to join other Five Eyes partners in banning or restricting Huawei’s access to our 5G network; for its apparent inertia in repatriating the two Canadians held hostage by Beijing in retaliation for the arrest of Meng Wanzhou; for failing to provide documents to the Canada-China committee on the firing of two scientists from Winnipeg’s National Microbiology Laboratory in 2020.
Misc
Surveillance will follow us into ‘the metaverse,’ and our bodies could be its new data source
The Washington Post
Tatum Hunter
Buzz around shared, 3-D virtual spaces that companies including Meta are pitching as the “metaverse” may only get louder from here. This year’s CES was spattered with companies billing themselves as metaverse tech, with ideas ranging from virtual customer service representatives to a food-delivery robot controlled by real people watching from a perch in virtual reality. All are angling for space in an emerging industry spearheaded by tech giants including Meta and Microsoft, both of which announced their own metaverse products in the past few months. Even Microsoft co-founder Bill Gates weighed in, saying he expects the metaverse to be part of our workplaces in the next three years.
Geopolitics keeps overruling cyber norms, so what’s the alternative?
Breaking Defense
With the proliferation of cyber technologies over the last two decades, governments and experts have been scrambling to try and come up with a set of behavioral norms. The problem, argues Laura G. Brent of the Center for a New American Security, is that cyber weapons have become a built-in part of the geopolitical strategies for governments around the world.
How Law Enforcement Gets Around Your Smartphone's Encryption
WIRED
Lily Hay Newman
Lawmakers and law enforcement agencies around the world, including in the United States, have increasingly called for backdoors in the encryption schemes that protect your data, arguing that national security is at stake. But new research indicates governments already have methods and tools that, for better or worse, let them access locked smartphones thanks to weaknesses in the security schemes of Android and iOS.
The Case for Cyber-Realism
Foreign Affairs
Dmitri Alperovitch
Although it failed in the end, the 2015 agreement between Obama and Xi offers a promising model for addressing cyberthreats. Until recently, the United States has tended to approach issues related to cyberspace as a narrow set of technical problems to be solved primarily with a combination of defensive and limited deterrence measures.Yet despite all these steps, neither North Korea nor Russia—nor any other U.S. adversary, for that matter—has ceased targeting the United States.
Research
Iranians on #SocialMedia
Atlantic Council
Holly Dagres
While humor and satire have always been part of Iranian culture, the advent of the Digital Age—the use of social media and messaging apps specifically—has shaped Iranians’ lives in ways the leadership of the Islamic Republic could never have predicted. This report will explore the social media habits of Iranians and how the clerical establishment is repressing the online space.
Project Torogoz: Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware
Citizen Lab
John Scott-Railton, Bill Marczak, Paolo Nigro Herrero, Bahr Abdul Razzak, Noura Al-Jizawi, Salvatore Solimano, and Ron Deibert
The Citizen Lab and Access Now have conducted a joint investigation into Pegasus hacking in El Salvador in collaboration with Frontline Defenders, SocialTIC, and Fundación Acceso. We confirmed 35 cases of journalists and members of civil society whose phones were successfully infected with NSO’s Pegasus spyware between July 2020 and November 2021. We shared a sample of forensic data with Amnesty International’s Security Lab which independently confirms the findings.
Chinese Influence Operations: A Machiavellian Moment
Institut de Recherche Stratégique de l'Ecole Militaire
Paul Charon and Jean-Baptiste Jeangène Vilmer
For a long time, it could be said that China, unlike Russia, sought to be loved rather than feared; that it wanted to seduce and project a positive image of itself in the world, or to inspire admiration. Today, Beijing has not renounced to seduce, nor its overall attractiveness and its ambition to shape international standards, and it is essential for the Chinese Communist Party not to lose face. And yet, Beijing is also increasingly comfortable with infiltration and coercion: its influence operations have become considerably tougher in recent years and its methods are resembling more closely the ones employed by Moscow. This is a “Machiavellian turn” inasmuch as the Party-State now seems to believe that “it is much safer to be feared than to be loved,” in the words of Machiavelli in The Prince. This is a clear Russification of Chinese influence operations. This report delves into this evolution, with the ambition to cover the whole specter of influence, from the most benign (public diplomacy) to the most malign methods, that is, interference (clandestine activities).
Jobs
ICPC Analyst / Project Lead - Cyber Capacity Building
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for a talented Analyst / Project Lead to support a new project that looks at supporting states in the Indo-Pacific in defending against cyber-enabled theft of intellectual property. The successful candidate will work in a small, high-performing team to produce original research and analysis that directly informs broader diplomatic and cyber capacity building activities on the topic of equipping countries globally with tools to defend against the use of cyber tools to steal IP for commercial purposes.Together with a project lead on Learning and Development and the Project Director, the analyst will also participate in international workshops, provide training to foreign governments and present to other external stakeholders.
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.