US accuses hackers of stealing secrets for China | UK government failed to investigate Kremlin interference | Panel spotlights need to accelerate adoption of cyber security
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
The U.S. government accused two hackers, who it says worked with Chinese intelligence, of targeting U.S. firms involved in coronavirus research, in a wide-ranging criminal indictment that also alleged the pair stole hundreds of millions of dollars in sensitive information from companies around the world. The Wall Street Journal
British government and British intelligence failed to prepare or conduct any proper assessment of Kremlin attempts to interfere with the 2016 Brexit referendum, according to the long-delayed Russia report. The Guardian
A cyber security industry panel chaired by Telstra boss Andy Penn has handed down 60 recommendations to government, as Australia continues to weather a sustained campaign of cyber attacks from a foreign nation state, presumed to be China. Amid rising tensions with Beijing, and growing calls to ban Chinese government-linked apps including TikTok, the panel called for Australia’s digital supply chain to be better secured as a matter of urgency. The Australian
ASPI ICPC
Foreign actors targeted Facebook users during Australian 2019 election, thinktank finds
The Guardian
@murpharoo
Financially motivated actors from Kosovo, Albania and the Republic of North Macedonia used nationalistic and Islamophobic content to target and manipulate Australian Facebook users during the 2019 election, according to analysts from the Australian Strategic Policy Institute (ASPI).
Government urged to name and shame countries launching cyber attacks
The Sydney Morning Herald
A report commissioned by the federal government to inform its new cyber security strategy has urged Australia to more regularly name and shame countries that launch large-scale cyber attacks against the nation as it battles an escalating wave of hacks from China. Fergus Hanson, director of the Australian Strategic Policy Institute's International Cyber Policy Centre, agreed the government should look at attributing more attacks by state actors, but said it wasn't always appropriate to do so in the case of espionage activities by China.
Coronavirus: Andrew Forrest-linked China firms on US blacklist
The Australian
@PDGarvey @bennpackham
ASPI analyst Vicky Xiuzhong Xu said Chinese genetics companies, which had “deep ties” to the Chinese state, were pushing to expand their markets internationally during the pandemic. “They are required by Chinese law to co-operate with Chinese intelligence work. So when they’re collecting so much data, especially health data, it can be worrying,” she said.
China overtakes US to become Australia's leading research partner
The Sydney Morning Herald
Alex Joske, an analyst with the International Cyber Policy Centre, said the national security risks involved in research collaboration with China needed to be managed well, and warned they were not well understood by universities or governments. Some scientists did not understand the ways in which their research could be used in areas such as artificial intelligence and surveillance, he said. "Collaboration with China comes with more strategic and moral baggage than scientists and universities are used to".
World
U.S. Accuses Two Hackers of Stealing Secrets From American Firms for China
The Wall Street Journal
@aviswanatha @dnvolz
The U.S. government accused two hackers, who it says worked with Chinese intelligence, of targeting U.S. firms involved in coronavirus research, in a wide-ranging criminal indictment that also alleged the pair stole hundreds of millions of dollars in sensitive information from companies around the world.
ByteDance Investors Discuss TikTok Purchase
The Information
A small group of ByteDance’s U.S. investors is discussing with the company’s top management the possibility of joining forces to buy a majority stake in TikTok, said people familiar with the situation, as it grows more difficult for the Chinese-owned company to keep control of the fast-growing video app.
Australia
Chinese hackers stole Australian defence contractor data, US reveals
The Australian
@camstewarttheoz
Hackers working for Chinese spy agencies stole a massive trove of confidential documents from an Australian defence contractor last year and recently hacked an Australian solar company, the US Department of Justice has revealed.
Panel spotlights need to accelerate adoption of cyber security
The Australian
@swan_legend
A cyber security industry panel chaired by Telstra boss Andy Penn has handed down 60 recommendations to government, as Australia continues to weather a sustained campaign of cyber attacks from a foreign nation state, presumed to be China. Amid rising tensions with Beijing, and growing calls to ban Chinese government-linked apps including TikTok, the panel called for Australia’s digital supply chain to be better secured as a matter of urgency.
Why the private sector is missing out on cyber threat intelligence
The Australian Financial Review
Australia's promising Cyber Security Centre is now a sock puppet for the Australian Signals Directorate, a statutory authority within the defence department.
Business must do more for customers’ cyber security, panel warns
The Australian Financial Review
@tburton
Businesses should take more responsibility to ensure the cyber protection of their customers, an influential industry panel advising the federal government on its cyber-security strategy has said.
Minor allegedly involved in Western Australia's medical record data breach
9 News
Western Australia's Premier Mark McGowan says a 15-year-old was allegedly involved in a data breach which saw thousands of sensitive medical records leaked online.
USA
Democrats demand FBI brief Congress on foreign 'disinformation' campaign targeting 2020 election
CNN
Democratic leaders in the House and Senate wrote to FBI Director Chris Wray requesting a "defensive counterintelligence briefing" for all members about Russia's efforts to interfere in the 2020 presidential election, according to a copy of the letter released Monday.
Companies Must Move Faster to Avoid the Unfurling Commercial Cold War
The Wall Street Journal
Economic decoupling between China and the U.S—and, by extension, other Western investors and companies—will proceed at varied speeds. Technology transfer to China has been a top concern for the Trump administration since at least 2018, but companies entangled in human-rights abuses in Xinjiang are quickly moving up the ladder. Changes that might have been expected to take years are now playing out in a matter of months. Investors and companies in the West—the U.S. in particular—would do well to get ahead of the pack.
Fact-check of viral climate misinformation quietly removed from Facebook
Heated
A Daily Wire climate article rated “partly false” by seven scientists was brought to the highest levels at Facebook before the rating was removed.
Blacklisting of Chinese Firms Rattles American Supply Chains
The Wall Street Journal
The latest entries on the blacklist join more than three dozen entities that have been called out since October over alleged abuses in Xinjiang. The additions stand out in that some are more directly involved in the supply chains of U.S. firms, who in turn sell smartphones, accessories and clothing to American consumers. Those barred previously include surveillance-camera maker Hangzhou Hikvision Digital Technology Co., artificial-intelligence companies SenseTime Group Inc. and a number of Chinese public-security bureaus.
House votes to ban TikTok on federal devices
Politico
The House on Monday voted to bar federal employees from downloading the video-sharing app TikTok on government-issued devices as part of a $741 billion defense policy bill.
South Asia
Facebook launches its mission to make WhatsApp a big money-making venture. It’s not just about Jio.
The Economic Times
Facebook is ready to tap the business potential of WhatsApp. An India-centric monetisation plan is being carefully crafted and many steps are being unveiled. Facebook plans to make WhatsApp a money-spinner by connecting Indias businesses — including its 63 million MSMEs, and even local kirana stores — with customers. The tie-up with Jio will help, but thats not the whole story.
UK
Russia report reveals UK government failed to investigate Kremlin interference
The Guardian
British government and British intelligence failed to prepare or conduct any proper assessment of Kremlin attempts to interfere with the 2016 Brexit referendum, according to the long-delayed Russia report.
UK ministers accused of turning blind eye to any Russian interference
The Financial Times
Senior MPs and peers on the intelligence and security committee said the government appeared not to have “seen or sought evidence of successful interference in UK democratic processes”, including in the Brexit vote.
Russia report declares cyber-attacks an 'urgent threat' to UK national security
The Mirror
Russian cyber-attacks pose an "immediate and urgent threat" to the UK's national security, a long-awaited report declares today. A landmark report on Russian interference in UK democracy was finally released today after months of delay at the hands of Downing Street. The Russia report, written by MPs on the Intelligence and Security Committee of Parliament, said Russia is a "highly capable cyber actor" that "considers the UK one of its top Western intelligence targets".
EU
EU in the middle? US, China & the battle over data protection
France24
@FrancoisF24
The battle over the data in your computer is on. Amid growing momentum for a US ban on China-owned TikTok on pushback against Huawei's rollout of 5G, now come privacy concerns from a different quarter. The European Court of Justice has struck down the Privacy Shield agreement under which Europe's information can be stored on US servers, a deal worked out in the wake of Edward Snowden's revelations about Washington's mass spying on users. Where does it now leave the likes of Facebook?
Threat assessment 2020: The cyber threat against Denmark
Centre for Cyber Security
The purpose of this assessment is to inform public authority and private company decision-makers as well as citizens of the cyber threat against Denmark. Threat awareness may be used as a tool in prioritizing cyber security measures in individual public authorities and private companies and in Denmark as a whole.
Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware
Vice
The fugitive executive of the embattled payment startup Wirecard was mentioned in a brazen and bizarre attempt to purchase hacking tools and surveillance technology from an Italian company in 2013, an investigation by Motherboard and the German weekly Der Spiegel found.
Americas
Brazil will authorize payments system involving WhatsApp if rules are respected, central bank director says
Reuters
Brazil’s central bank will authorize a payments system involving Facebook Inc’s WhatsApp messaging service, to send money and make payments via chats, as long as all rules are respected, director Joao Manoel Pinho de Mello said on Monday.
Misc
How to Check Your Devices for Stalkerware
Wired
You deserve privacy. Here's how to check your phone, laptop, and online accounts to make sure no one's looking over your shoulder.
Research
The new big brother: China and digital authoritarianism
Democratic Staff Report Prepared for the use of the Committee on Foreign Relations United States Senate
The People’s Republic of China is pressing forward—at times with astounding speed and focus—to build and expand digital authoritarianism through economic, political, diplomatic, and coercive means at home and abroad.
Jobs
Program Manager/Senior Analyst
ASPI’s International Cyber Policy Centre (ICPC) has an outstanding opportunity for a talented, proactive and super efficient program manager/senior analyst to join its growing centre. The successful candidate will need to have a proven track record of leading teams and experience in project management including financial and stakeholder management (which will include industry, the Australian Government, Parliament and foreign governments). To succeed in this position candidates should have exceptional communication and problem-solving skills and experience in research, policy analysis or policy development.
Analyst
ASPI’s International Cyber Policy Centre has an outstanding opportunity for a talented and proactive allrounder to join its growing centre. The ICPC is looking for someone who is an excellent writer and researcher and who is a team player - you will need to juggle multiple research projects that could span the range of topics listed above. This is not an entry level position. Analysts in ICPC have between 5-15 years’ relevant work experience and, depending on experience, are involved in stakeholder and project management, fundraising and the management of small teams.
Director of content for Facebook’s Oversight Board
Bamboo HR
The Oversight Board is a new body that will make binding and independent decisions about the most challenging content issues on Facebook and Instagram.