U.S. approves licenses for Huawei to buy auto chips | Facebook said to consider forming an election commission | Police powers to hack and disrupt dark web pass Parliament
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
U.S. officials have approved license applications worth hundreds of millions of dollars for China's blacklisted telecom company Huawei to buy chips for its growing auto component business, two people familiar with the matter said. Huawei, the world's largest telecommunications equipment maker, has been hobbled by trade restrictions imposed by the Trump administration on the sale of chips and other components used in its network gear and smartphones businesses. The Biden administration has been reinforcing the hard line on exports to Huawei, denying licenses to sell chips to Huawei for use in or with 5g devices. Reuters
Facebook has approached academics and policy experts about forming a commission to advise it on global election-related matters, said five people with knowledge of the discussions, a move that would allow the social network to shift some of its political decision-making to an advisory body. The New York Times
Federal police and organised crime investigators will be able to take over the online “dark web” accounts of criminals and terrorists and hack into their networks under new powers that passed Parliament on Wednesday. The Sydney Morning Herald
ASPI ICPC
Key role for industry in critical infrastructure regime
InnovationAus
Stuart Corner
Businesses large and small across a broad swathe of the Australian economy will be affected by new legislation which sets out to protect critical infrastructure and their supply chains, and industry groups will have a key role to play ensuring their members take the necessary steps to comply with the new regulations. This was one of the key insights to emerge from a discussion on the new legislation between the director of the International Cyber Policy Centre at the Australian Strategic Policy Institute’s (ASPI) Fergus Hanson; Verizon Business Group ANZ managing client partner Derek Fittler; and InnovationAus publisher Corrie McLeod as part of the Age of Trust podcast series.
How to tell if you've been hacked by North Korea
NK News
Nils Weisensee
So-called watering hole attacks like the DailyNK hack are not as common as phishing attempts via email but are even more insidious, said Tom Uren, senior fellow at the Australian Strategic Policy Institute and editor at the information security podcast Risky Business. “In this attack, hackers compromise a website of interest to their targets, then launch attacks at visitors to the site.” Uren said there are few effective protections that internet users can take beyond keeping their hardware and software up to date, meaning that a large portion of the responsibility to keep website visitors safe is on those who run the websites.
Reuters photographer died after being left behind, Afghan general says
Reuters
Maxar Technologies provided satellite images and helped to geolocate Siddiqui’s final photographs. Nathan Ruser, a researcher at the Australian Strategic Policy Institute, assisted with analysing visuals posted on social media.
World
YouTube says it's removed 1 million videos for COVID-19 misinformation
CNET
@joan_e
But the 1 million coronavirus-related takedowns since the start of the pandemic are difficult to put in context, because of YouTube's gigantic scale.
Perspective: Tackling Misinformation on YouTube
YouTube
Misinformation has moved from the marginal to the mainstream. No longer contained to the sealed-off worlds of Holocaust deniers or 9-11 truthers, it now stretches into every facet of society, sometimes tearing through communities with blistering speed. Seemingly no topic is immune. All too frequently, we’ve seen misinformation spin up in the midst of breaking news. Following tragic events like violent attacks, theories emerge by the second on everything from a shooter’s identity to motive. In these moments, what happens in the world also happens on YouTube. We reflect the world around us, but know we can also help shape it. And that’s why we’ve made stopping the spread of misinformation one of our deepest commitments.
Clearview AI Offered Free Facial Recognition Trials To Police All Around The World
BuzzFeed News
@RMac18 @caro1inehaskins @Antonio Pequeño IV
Law enforcement agencies and government organizations from 24 countries outside the United States used a controversial facial recognition technology called Clearview AI, according to internal company data reviewed by BuzzFeed News.
Australia
Police powers to hack and disrupt dark web pass Parliament
The Sydney Morning Herald
@Gallo_Ways @katinacurtis
Federal police and organised crime investigators will be able to take over the online “dark web” accounts of criminals and terrorists and hack into their networks under new powers that passed Parliament on Wednesday.
Extraordinary' hacking powers pass Parliament
InnovationAus
@denhamsadler
Legislation handing “extraordinary” new hacking powers to Australian authorities has sailed through Parliament with support from the Opposition, despite the government not implementing some of the recommendations from the national security committee.
China
Tim Hortons China to create local unit to address data crackdown
Reuters
Tim Hortons China will create a separate entity of the coffee and fast-food chain to safeguard customer data, the blank check firm, through which it aims to list in the United States, said.
Data law will not rein in China’s ‘techno-authoritarianism’
Reuters
Michael Caster
The Personal Information Protection Law (henceforth the Law), ostensibly promoting transparency and consent, introduces a number of welcome privacy protections. Nonetheless, it is written to ensure that any advancements in data protection rights are in lockstep with the needs of a 21st-century police state and China’s ambition to influence global digital governance.
USA
EXCLUSIVE U.S. approves licenses for Huawei to buy auto chips - sources
Reuters
Karen Freifeld
U.S. officials have approved license applications worth hundreds of millions of dollars for China's blacklisted telecom company Huawei to buy chips for its growing auto component business, two people familiar with the matter said. Huawei, the world's largest telecommunications equipment maker, has been hobbled by trade restrictions imposed by the Trump administration on the sale of chips and other components used in its network gear and smartphones businesses. The Biden administration has been reinforcing the hard line on exports to Huawei, denying licenses to sell chips to Huawei for use in or with 5g devices.
Facebook Said to Consider Forming an Election Commission
The New York Times
@RMac18 @MikeIsaac @sheeraf
Facebook has approached academics and policy experts about forming a commission to advise it on global election-related matters, said five people with knowledge of the discussions, a move that would allow the social network to shift some of its political decision-making to an advisory body.
Cryptocurrency advocates find Treasury’s Yellen to be a tough sell
The Washington Post
@JStein_WaPo
The former top Federal Reserve official and senior Biden adviser has expressed reservations about some of the claims floated by cryptocurrency advocates.
White House to discuss cybersecurity with top tech, energy and finance executives
The Washington Post
@Cat_Zakrzewski @Joseph_Marks_ @greene
President Biden on Wednesday is expected to meet with the chief executives of Apple, Google, JPMorgan Chase and other prominent business leaders in what the White House describes as a “call to action” to pressure top tech companies, banks and utility providers to adopt stronger cybersecurity protections. Biden, along with key members of his Cabinet and national security officials, will seek to address the “root causes of any kind of malicious cyber activity,” a senior administration official told reporters, amid a devastating wave of high-profile attacks.
Biden Summit Puts Cybersecurity in Focus
Bloomberg
Former VMware COO Sanjay Poonen joins Bloomberg's Emily Chang to discuss the state of cybersecurity and how global businesses can prepare for future threats and attacks.
The Right Way to Structure Cyber Diplomacy
War on the Rocks
Natalie Thompson Laura Bate
Today, the State Department is once again confronting the challenge of how to organize itself to cope with new international challenges — not those of wartime, but ones created by rapid technological change. There are ongoing conversations about how the department should handle cyberspace policy, as well as concerns about emerging technologies like artificial intelligence, quantum computing, next generation telecommunications, hypersonics, biotechnology, space capabilities, autonomous vehicles, and many others.
Twitter blocked and labeled Donald Trump's tweets on election fraud. They spread anyway.
USA Today
Jessica Guynn
Twitter blocked and labeled some of Donald Trump's claims of election fraud in the run-up and aftermath of the 2020 presidential election. The tweets spread on and off Twitter anyway.
Most US government agencies are using facial recognition
The Verge
Russell Brandom
A new report from the Government Accountability Office (GAO) found that 19 of the 24 US government agencies surveyed are using facial recognition in some way, illustrating how commonplace the controversial technology has become within the federal government. The list of agencies includes agencies like the Department of Defense and Department of Homeland Security (DHS) that maintain in-house systems, alongside smaller agencies that use the system to control access to high-security locations.
The Secret Bias Hidden in Mortgage-Approval Algorithms
The Markup
@eh_mah_nwel @lkirchner
An investigation by The Markup has found that lenders in 2019 were more likely to deny home loans to people of color than to White people with similar financial characteristics—even when we controlled for newly available financial factors that the mortgage industry for years has said would explain racial disparities in lending.
The Technology 202: A bomb suspect live-streamed on Facebook by the Capitol. It struck a nerve on the Hill.
The Washington Post
@viaCristiano
Lawmakers are reexamining how tech companies should handle violent material in emergency situations after the political tirade of a bomb threat suspect thrust the Capitol into chaos as it streamed on Facebook Live.
North Asia
TSMC hikes chip prices up to 20% amid supply shortage
Nikkei Asia
Yu Nakamura
Contract chipmaking giant Taiwan Semiconductor Manufacturing Co. told clients Wednesday that it plans to raise prices on products by as much as 20%, in what would be the company's steepest single increase.
Western Digital in Advanced Talks to Merge With Kioxia in $20 Billion-Plus Deal
The Wall Street Journal
@CaraRLombardo @danacimilluca
Western Digital Corp. is in advanced talks to merge with Japan’s Kioxia Holdings Corp., according to people familiar with the matter, in a deal that could be valued at more than $20 billion and further reorder the global chip industry.
Korea to lift game curfew for children
The Korea Times
Bahk Eun-ji
The government has decided to abolish the game curfew for children, 10 years after the controversial rule was established, as the outdated law is not having any positive effect and does not reflect changes in the gaming environment, relevant ministries said, Wednesday.
Southeast Asia
Top chip tool maker sticks with Singapore amid supply chain shift
Nikkei Asia
Lauly Li Cheng Ting-Fang
The world's leading chip packaging and testing equipment maker is bucking the trend of supply chain diversification by continuing to expand in Singapore, its main production base, even as major chipmakers rush to build factories in the U.S., Europe and Japan.
UK
GCHQ and HOST launch ground-breaking innovation programme to help North West businesses develop cutting-edge technologies
HOST
GCHQ, the UK's intelligence and cyber agency, is looking for five ambitious businesses to join its pioneering innovation programme to apply trailblazing technologies to national security challenges. The GCHQ Innovation Co-Lab, developed in partnership with HOST, the Home of Skills & Technology, is aimed at UK-based digital companies or a consortium of companies with innovative approaches to technology and analytics, or a vision to reach alternative markets for their products or service.
Europe
Bosch says the semiconductor supply chains in the car industry no longer work
CNBC
@Sam_L_Shead
German technology and engineering group Bosch, which is the world’s largest car-parts supplier, believes semiconductor supply chains in the automotive industry are no longer fit for purpose as the global chip shortage rages on.
Russia
Russia uses new hardware to target Navalny's anti-Kremlin app - experts
Reuters
Russia is using new digital hardware to target an online app that jailed Kremlin critic Alexei Navalny's team created to undermine the Kremlin at next month's parliamentary elections, cyber experts said.
Middle East
Privacy violated in Palestine: ISPs leave private data exposed
Access Now
Internet service providers (ISPs) in Palestine are failing to protect their customers’ privacy. Through a joint study, Privacy Violated: Protection of Customers’ Personal Information by Internet Service Providers in Palestine, ImpACT International for Human Rights Policies and Access Now explore how the absence of right-respecting and user-centric privacy policies are leaving individuals’ personal data up for grabs.
Africa
Ethiopia to build local rival to Facebook, other platforms
Reuters
Ethiopia has begun developing its own social media platform to rival Facebook , Twitter and WhatsApp, though it does not plan to block the global services, the state communications security agency said on Monday.
Misc
Why are cybercriminals targeting smaller businesses?
Tech Wire Asia
Aaron Raj
According to Interpol’s ASEAN Cyberthreat Assessment 2021 report, cybercrime’s upward trend is set to rise exponentially, with highly organized cybercriminals sharing resources and expertise to their advantage. The region’s top cyber threats include business email compromise, phishing, ransomware, e-commerce data interception, crimeware-as-a-service, cyberscams, and cryptojacking.
On YouTube, you’re never far from a dying kitten
Wired UK
K.G Orphanides
Staged animal rescue videos featuring brutal violence and cruelty are racking up millions of views on YouTube.
OnlyFans suspends plan to ban sexual content on October 1
CBS News
Aimee Picchi
OnlyFans, a social media platform where fans pay to follow individuals who post photos and videos of themselves on the platform, said it is suspending a plan that would have banned sexually explicit content on October 1… The website is reversing course after its plan to prohibit sexual content sparked a furor among some of its creators and users.
Facebook sent a ton of traffic to a Chicago Tribune story. So why is everyone mad at them?
Nieman Lab
@jbenton
There’s no way for mainstream news organizations to keep all the poison out of social media, of course. But is it too much to ask for news outlets to refrain from dropping it in ourselves? Or at least to be a little reflective when it turns out we were the ones doing the poisoning?
Facebook Considers Building NFT Features Alongside Digital Wallet
Bloomberg
@KurtWagner8
Facebook Inc. is considering building products and features related to nonfungible tokens, or NFTs, the digital assets that have taken off with the rise of blockchain technology.
Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions
The Hacker News
Ravie Lakshmanan
A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and stay under the radar.
We Talked to a Dealer Selling Ivermectin Through Shady Facebook Ads
VICE
Tim Marchman
On Monday, the same day Motherboard reported that Facebook was allowing ads making false and unproven claims to run with the keyword ""ivermectin,"" the entrepreneur set up a Facebook page for a business selling the drug directly to the public. (Ivermectin requires a prescription for human use; the fly-by-night seller is clearly promising his customers a way around that.) The Facebook page set up by the seller points to a crude website, which suggests that ivermectin is useful in the treatment and prevention of COVID-19 and provides links to purchase it via secure payment or on eBay.
Hackers exploit WhatsApp modification tool to snoop on texts, force paid subscriptions
CyberScoop
@timstarks
A malicious version of a popular modification or “mod” of the encrypted messaging app WhatsApp is carrying a mobile trojan that can launch advertisements, issue paid subscriptions and intercept text messages, security researchers said Tuesday.
Events
ASPI Webinar: Cybersecurity, critical technologies and energy: Japan and its role in the Indo-Pacific
ASPI ICPC
Tokyo is becoming more vocal in calling out cyber risks and threat actors. Just this year, Japan called out the Chinese Communist Party for malicious cyber attacks, the only country in Asia to do so. In September, the Japanese Government is expected to present their new national cybersecurity strategy. At the same time, Japan is pursuing ‘Society 5.0’, the country's national vision for a digital nation, which seeks to harness technologies such as artificial intelligence, robotics, internet of things, synthetic biology, quantum to tackle social issues including the country’s ageing population, pollution, productivity and sustainable energy. Join the Director of ASPI’s International Cyber Policy Centre Fergus Hanson on Monday 30 August at 1pm, for an online panel discussion on Japan's approach to cyber issues, technology, digital innovation and energy transition.
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.