US Cyber Chief sounds alarm on China threat | US ramps up scrutiny of lidar technology | Anonymous Sudan claims cyber attack on French government
Good morning. It's Wednesday 13 March.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
China is hacking into rival nations’ critical infrastructure networks so it can disrupt American military activities in the Asia-Pacific and unleash societal chaos, one of the US’ most senior cybersecurity officials has warned. US CISA chief Brandon Walessaid the US, Australia and other democratic nations needed to respond to an “extremely significant shift” in Beijing’s strategy from a focus on more passive forms of espionage to laying the groundwork for offensive cyberattacks. Sydney Morning Herald
The White House announced it will investigate connected cars to assess the national security risks associated with Chinese technological advances in this area. These concerns stem from a fear that state-subsidized Chinese vehicles could flood the US market and obtain swaths of sensitive data through light detection and ranging – or lidar – sensors, which also has potential military applications. Nikkei Asia
The hacker group Anonymous Sudan has claimed responsibility for cyberattacks on several French ministerial services. Cited as being of “unprecedented intensity”, the distributed denial of service attack was first noticed on Sunday night and severely disrupted several government websites. Prime Minister Gabriel Attal’s office activated a crisis cell to deploy countermeasures, with public access to all impacted services restored by Monday afternoon. TechMonitor
Australia
Mazzucato’s mission for Australian innovation
Joseph Brookes
InnovationAus
Persistent Australian innovation problems like stagnant R&D and low economic complexity would be turned around with more ambitious and strategic “growth” policy, according to influential economist Mariana Mazzucato. Professor Mazzucato on Monday launched a week-long Australian tour that includes meetings with top policy makers and sold-out public lectures. She is arguing that Australia and other nations adopt mission-based policy, whereby the state matches grand challenges like solving the UN’s Sustainable Development Goals with well-defined missions. Under the missions, governments leverage their procurement and incentives to form genuine partnerships with the private sector and other stakeholders that share risk and reward across many cross sector projects.
Federal tech wreck probe extended to APS IT skills shortage
Julian Bajkowski
The Mandarin
A newly-widened parliamentary probe into the Australian Public Service’s expanding catalogue of technology project failures and blowouts is set to re-ignite debate about the bureaucracy’s ongoing difficulties in attracting and retaining digital talent — and whether insufficient pay and lack of career path is a major deterrent. With the future of a raft of major IT projects across agencies, ranging from Services Australia to the Australian Securities Investments Commission and Home Affairs being still largely unclear, the Joint Committee of Public Accounts and Audit has quietly roped in APS tech skills as a target for scrutiny, including current professional and specialist categorisations.
China
‘Societal chaos’: US cyber chief sounds alarm on China threat
Matthew Knott
Sydney Morning Herald
China is hacking into rival nations’ critical infrastructure networks so it can disrupt American military activities in the Asia-Pacific and unleash societal chaos, one of the United States’ most senior cybersecurity officials has warned. Brandon Wales, executive director of the US Cybersecurity and Infrastructure Security Agency, said the US, Australia and other democratic nations needed to respond to an “extremely significant shift” in Beijing’s strategy from a focus on more passive forms of espionage to laying the groundwork for offensive cyberattacks. Wales said Beijing was still intent on stealing political and intellectual property secrets, but had added a new mission of preparing for disruptive cyberattacks on adversaries’ critical infrastructure in the event of a conflict.
Why this cyber chief thinks your electric car is a security risk
Andrew Tillett
Australian Financial Review
US Cybersecurity and Infrastructure Security Agency executive director Brandon Wales warned that Chinese technology is “inherently suspect” and deserves much greater scrutiny. He also flagged that Five Eyes members and other Western nations would step up co-operation to call out cyberattacks and act against adversaries such as China, Russia, Iran and North Korea. The four countries have been dubbed an “axis of autocracy” for efforts to collaborate on disrupting the international rules-based order, but Mr Wales said there was little evidence they were working together to the same extent in cyberspace. With the Albanese government flagging new powers over critical infrastructure providers to protect them from cyberattacks, Mr Wales highlighted the risks by saying China continued to try to get into US infrastructure for “future disruptive and destructive attacks.”
China's invasion force could face hundreds of exploding sea drones
John Feng
Newsweek
Chinese amphibious forces who must cross the Taiwan Strait in a future invasion scenario are likely to face hundreds of naval drones, each packed with deadly explosives, according to plans reportedly underway in Taipei. The application of uncrewed surface vessels, or USVs, in the ongoing Russia-Ukraine war has peaked the interest of Taiwan's navy but especially its army, which could place an order of more than 200 units, Taiwan's Liberty Times newspaper said on March 9. The National Chung-Shan Institute of Science and Technology, Taiwan's state-owned arms developer, was awarded the contract for prototype sea drones, which are expected to be evaluated over the next two years, the paper added. USVs and other remote-controlled or autonomous systems are expected to dominate modern warfare in the years to come. In Taiwan's case, they also fit the bill of so-called asymmetric weaponry—inexpensive, mobile and highly survivable capabilities that US defense planners say the island's government should prioritize.
How livestream realtors helped make Xishuangbanna a boom town
Caiwei Chen
Rest of World
China’s property market has plummeted since the pandemic, reversing the unbridled growth of housing prices in the past two decades. Livestreaming real estate agencies, however, have helped make Xishuangbanna an exception. Located in Yunnan province in the far south of China, near the border with Myanmar and Laos, Xishuangbanna has seen a surge in property sales recently, largely driven by people from outside the city. From January to October 2023, sales totaled $1.72 billion, a 69.4% increase from the previous year. Eighty percent of the sales come from outside of Yunnan — a figure that many attribute to the influence of livestreaming real estate agencies. In 2023, Kuaishou livestreams sold $6.84 billion worth of homes, according to Chinese media outlet Jiemian.
China technology giant Xiaomi starts electric car sales
Peter Hoskins
BBC
Chinese technology giant Xiaomi says it will start deliveries of its first electric vehicle this month - its first ever foray into the competitive automotive industry. The car's price is expected to be announced on 28 March. China's fifth-largest smartphone maker says it has 59 stores in 29 cities around the country to take orders. It comes as a price war intensifies between firms like BYD and Tesla in China, the world's biggest car market. At the unveiling of the Speed Ultra 7 last year, Xiaomi's chief executive Lei Jun said the company aims to become one of the top five car makers in the world. The smartphone giant has said it will invest $10bn in its vehicles business over the next 10 years. Mr Lei said the SU7 was "super electric motor" technology which is capable of accelerating faster than some Tesla and Porsche EVs. Xiaomi is also hoping that the car's shared operating system with its phones and other devices will appeal to existing customers.
Intel survived bid to halt millions in sales to China's Huawei, sources say
Alexandra Alper
Reuters
Intel has survived an effort to halt hundreds of millions of dollars' worth of chip sales to Huawei, two people familiar with the matter said, giving one of the world's largest chipmakers more time to sell to the heavily sanctioned Chinese telecoms company. US President Joe Biden has long been under pressure to revoke a license, issued by the Trump administration, that allows Intel, opens new tab to ship advanced central processors to Huawei for use in laptops. The push came from Intel rival Advanced Micro Devices, opens new tab, which argued it was unfair that it did not receive a license to sell similar chips to Huawei and from China hawks, who are seeking to stop all sales to the Chinese firm. Intel's ability to hang on to a license to sell chips while a rival could not obtain similar permission demonstrates the uneven and uncertain terrain companies face as the U.S. seeks to limit Beijing's access to sophisticated American technology, especially to a heavily sanctioned company like Huawei.
USA
US ramps up scrutiny of China's lidar technology
Ken Moriyasu and Echo Wong
Nikkei Asia
US concerns over Chinese autonomous driving technology are hitting China's Hesai Technology as lobbyists in Washington move to cut ties with the company. The White House announced it will investigate connected cars to assess the national security risks associated with Chinese technological advances in this area. These concerns stem from a fear that state-subsidized Chinese vehicles could flood the US market and obtain swaths of sensitive data through light detection and ranging – or lidar – sensors, which also has potential military applications.
US Cybersecurity and Infrastructure Security Agency hacked
David Hollingworth
CyberDaily
The US Cybersecurity and Infrastructure Security Agency has revealed it has fallen victim to an unidentified hacker, warning that two of its systems were compromised some time in February. According to CISA, the hackers took advantage of known vulnerabilities in a pair of Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure, both network gateways. However, despite Ivanti patching two of the flaws in late January and releasing an Integrity Checker Tool, CISA remained on the alert. The agency actively questioned the efficacy of the tool in a separate advisory.
Top intel agency says China used TikTok to influence US elections
Jacob Knutson
Axios
China’s government has used the wildly popular video-sharing platform TikTok to influence recent US elections, the American intelligence community warned in its annual threat assessment on Monday. The warning comes during an election year and as the House prepares to vote on legislation to force China's ByteDance to divest from TikTok or else the platform will be banned from app stores in the US Congress is pursuing the legislation over national security concerns about the Chinese government's access to US user data and its ability to conduct influence campaigns through the platform.
Trump’s TikTok reversal suggests his China policy is for sale
Josh Rogin
The Washington Post
As he runs to retake the presidency while owing hundreds of millions of dollars in legal penalties, Trump is selling such products as sneakers — as well as, critics increasingly fear, his positions on important national security issues. His sudden reversal on restricting TikTok after mending ties with a top GOP donor and TikTok investor suggests there is no foreign policy issue on which Trump can’t be moved by a high bidder.
China’s ZPMC insists its US cranes present ‘no cyber security risk’
Robert Wright
Financial Times
The world’s biggest maker of container port cranes, Chinese company ZPMC, has insisted it presents “no cyber security risk” after Republican members of the US Congress accused it of having installed suspicious equipment on cranes bound for US ports. In a letter made public last week, 10 Republican members of Congress wrote that components including “cellular modems” had been installed on ZPMC cranes made in China before they were shipped to the US for installation. Members of the congressional homeland security committee and the select committee on China wrote to ZPMC days after the White House announced plans to boost domestic US manufacturing of “ship-to-shore” cranes to improve security at ports.
US not hiding aliens or UFO technology from the public, Pentagon says
Maya Yang
The Guardian
The US is not secretly hiding alien technology or extraterrestrial beings from the public, according to a defense department report. On Friday, the Pentagon published the findings of an investigation conducted by the All-Domain Anomaly Resolution Office, a government office established in 2022 to detect and, as necessary, mitigate threats including “anomalous, unidentified space, airborne, submerged and transmedium objects”. Agency investigators, which were “granted full access to all pertinent sensitive [US government] programs”, reviewed all official government investigatory efforts since 1945. Investigators also researched classified and unclassified archives, conducted approximately 30 interviews, and collaborated with intelligence community and defense department officials responsible for controlled and special access program oversight, the report revealed.
Americas
Brazil convenes top officials and experts to discuss AI policy
Angelica Mari
Forbes
Brazil's President, Luiz Inácio Lula da Silva, wants to present the country's stance on artificial intelligence to the world later this year. The goal was highlighted during an advisory meeting last week, attended by the nation's top officials and experts. Lula chaired the inaugural meeting of the National Science and Technology Council, his advisory body on science and technology. The meeting focused on the challenges and opportunities AI presents for Brazil's development, covering topics such as risks, the technology’s impact on the job market, and data integrity. As the president of the G20 and BRICS next year, Lula stressed the importance of shaping the Global South's agenda around AI. He emphasized that Brazil cannot “follow in tow in this area” and requested a proposal from experts to be presented at the United Nations General Assembly in September.
North Asia
Japan urges foreign tech to register HQs to combat online abuse
Taishu Yuasa
Nikkei Asia
Japan's Justice and internal affairs ministries will urge dozens of foreign companies, mainly in the technology sector, to register in the country as part of efforts to curb online misinformation and harassment. Companies with operations in Japan are legally required to register their global headquarters in the country. This makes it easier for Japanese victims of online harassment and defamation to sue them for information regarding their abusers. Those that fail to comply face a fine of up to $6,800. But enforcement has been spotty, spurring calls by the ruling Liberal Democratic Party and others for better compliance. The Justice Ministry and the Internal Affairs and Communications Ministry in 2022 had told 48 other companies, including Google, Microsoft and Facebook parent Meta, to register their global headquarters in Japan.
New report highlights worrying trends in N. Korea’s illegal cyber activities
Abhishek Sharma
DailyNK
The Cybercrimes 2024 report published by Chainalysis, a blockchain data platform has again highlighted some interesting trends concerning North Korea cyberattacks. The report has identified a substantial decrease in money laundering by North Korean hackers like the Kimsuky and Lazarus. The hacked amount is almost USD 1 billion in 2023 as compared to USD 1.7 billion in 2022, a sharp decline in the total laundered amount. However, even though the stolen fund’s amount has dropped, the attempted number of hacks reported has risen sharply reaching 20, increasing by five more compared to 2022 and 11 more than in 2021.
Why North Korea finally embraced 4G mobile networks, years after rest of world
Shreyas Reddy
NK News
North Korea has recently upgraded its mobile telecommunications networks to 4G services, a technology expert confirmed, highlighting the country’s belated efforts to enhance its capabilities in response to consumer demand as mobile phone use increases. Martyn Williams, who runs the North Korea Tech blog, reported on Thursday that the mobile service provider Kangsong is now operating 4G cellular services after observing signals from the South Korean side of the border. These findings confirm recent media reports that the state-owned carrier launched a 4G network late last year after upgrading its capabilities with Chinese support.
Southeast Asia
Malaysia: the surprise winner from US-China chip wars
Mercedes Ruehl
Financial Times
The broadening US curbs on Chinese technology, especially for chipmaking, are a key reason for neutral Malaysia’s appeal, say industry groups. America is jostling with China for global technology supremacy and has enlisted support from allies in Europe and Asia as it restricts sales of the most advanced chips and manufacturing equipment to its geopolitical rival. Chinese, Korean, Japanese, and Western firms are all rushing to invest in Malaysia’s semiconductor industry, prompting the government of Anwar Ibrahim to identify the development of Malaysia’s semiconductor industry and workforce into a “critical goal.” But the narrative has distinct vulnerabilities. These include a severe talent shortage and a failure to create a domestic semiconductor champion that can draw in others.
Philippines finds its place in US-China chip wars
Ralf Rivas
Rappler
The Biden administration is looking at the potential of its political allies like the Philippines to produce more semiconductors, as it continues to tighten knobs against China’s $190-billion chip industry. “US companies have realized that our chip supply chain is way too concentrated in just a few countries in the world,” US Commerce Secretary Gina Raimondo told Philippine business leaders in a forum in Makati City, on Tuesday, March 12. Raimondo, who is in Manila for a two-day trade and investment mission, underscored that the US will lend a hand to the Philippines to double its semiconductor assembly facilities. Electronic products are the Philippines’ top exports in terms of value, posting total earnings of $3.45 billion in January, representing 58.2% of total exports during the month.
Europe
French state cyberattack: Anonymous Sudan claims responsibility
Lauren Hurrell
Tech Monitor
The hacker group Anonymous Sudan has claimed responsibility for cyberattacks on several French ministerial services. Cited as being of “unprecedented intensity”, the distributed denial of service attack was first noticed on Sunday night and severely disrupted several government websites. Prime Minister Gabriel Attal’s office activated a crisis cell to deploy countermeasures, with public access to all impacted services restored by Monday afternoon. The ability to contain the attacks meant “the impact of these attacks has been reduced for most services and access to state websites restored”, Attal’s office announced, as specialist services including information security agency ANSSI implemented filtering measures until the attacks had ceased.
Council of Europe’s proposal for AI Convention is inadequate, EU data watchdog says
Eliza Gkritsi
Euractiv
The European Data Protection Supervisor expressed its disappointment on March 12 about a treaty on Artificial Intelligence, negotiated in Strasbourg this week, saying it has veered far from its original purpose. The so-called Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law, is touted as the world’s first of its kind. The Council of Europe, an international human rights body with 46 member countries, initially set out to develop a legally binding international convention to uphold the CoE’s human rights standards without hurting innovation in AI development. But the text has been significantly watered down from its original version in negotiations at the CoE’s ad hoc committee responsible for the convention, so much so that EDPS called it a “missed opportunity to lay down a strong and effective legal framework” for protecting human rights in AI development.
Italy to set up AI fund of 1 billion euros, PM says
Reuters
Italy plans to set up an investment fund with an initial endowment of 1 billion euros to promote AI projects, Prime Minister Giorgia Meloni said on Tuesday. Meloni and Scornajenchi were speaking at a conference on AI in Rome. Italy wants to use its presidency of the Group of Seven major democracies this year to focus on the impact of AI on jobs and inequality, while also laying down safeguards for the development of the technology. Backed by CDP Venture Capital, a unit of state lender Cassa Depositi e Prestiti, the fund could raise a further 2 billion euros from the private sector, the company's chief executive Agostino Scornajenchi said. As part of the planned legislation, to be presented in the next few weeks, Cabinet Undersecretary Alessio Butti said Rome would create a body with a supervisory and supporting role in the implementation of the national AI strategy.
UK
British authorities have never detected a breach of ransomware sanctions — but is that good or bad news?
Alexander Martin
The Record Media
The agency responsible for monitoring financial sanctions in Britain has never detected an illicit payment to an entity embargoed under the country’s counter-ransomware regime, according to information obtained by Recorded Future News. The sanctions regime explicitly prohibits victims from making any extortion payments to the 29 individuals and 5 entities listed under the United Kingdom’s cyber sanctions law — the Cyber Sanctions Regulations 2020 — unless the victim obtains a license from the Office of Financial Sanctions Implementation. That no violations have been spotted raises questions over whether the sanctions are stopping victims from making extortion payments or if the country’s monitoring efforts are just failing to catch them. The picture is further complicated by the difficulties of attributing attacks made under one group’s name to individuals or entities sanctioned under another — an issue that would likely be the subject of a lengthy legal battle.
Artificial Intelligence
Western countries are more pessimistic about AI
Ryan Heath
Axios
A new study by YouGov shows that workers in Asia are embracing generative AI tools for productivity to far greater degrees than Western workers — with Americans among the least positive about AI's workplace uses. Pessimism about AI in the West could reduce the competitiveness of the US and allied countries. Experts say that the earlier companies and individuals experiment with generative AI, the quicker they will find ways to improve productivity and creativity. Indians are the most likely (67%) to say that AI has improved overall productivity in their workplace over the last year, per YouGov, which conducted the poll. At the bottom of the list are Sweden (14%), the US (17%) and UK (18%).
The hacking underworld has removed all of AI’s guardrails, but the good guys are closing in
Rachel Curry
CNBC
In the artificial intelligence age, the efficiency promise is not reserved for the well-meaning workers of the world. Underground operators also gain access to newer, better ways of doing things, often to the detriment of unknowing victims. In other words, cybercriminals are using AI to execute highly targeted attacks at scale, causing people to unwittingly send money and sensitive information or simply open themselves up to theft using methods they may not have even known to look out for. Just look at the Hong Kong IT firm worker who recently transferred more than $25 million to a criminal after they used a deepfake to impersonate the company’s chief financial officer on a video call. Or a faux Taylor Swift seemingly slinging Le Creuset cookware as a way to scam Swifties. On a simpler level are believable emails, social media posts and advertisements with perfect grammar from accounts that look and feel like the real thing.
It’s sue season as AI firms face lawsuits
Aaron Raj
Techwire Asia
Ever since AI started developing content, the doors were opened for authors, writers, creators, and such to sue technology companies for copyright infringement. Even before AI, failure to attribute, acknowledge, or get permission to use existing content has resulted in some heavy lawsuits being filed. While there is no denying that AI is capable of creating content that is almost as good as the work of real talent, the reality is that the technology is only capable of doing this by learning from the best. However, in this case, learning from the best and making a profit out of it is not ethically acceptable to many. As AI capabilities improve, more authors, publishers and content creators are beginning to feel that the technology is merely copying their work or using it without their permission. Over the past few months alone, more AI firms have been facing lawsuits, not just from authors and such, but also from publishing companies and even Elon Musk himself.
Google restricts AI chatbot Gemini from answering questions on 2024 elections
Nick Robins-Early
The Guardian
Google is restricting its Gemini AI chatbot from answering election-related questions in countries where voting is taking place this year, limiting users from receiving information about candidates, political parties and other elements of politics. The company initially announced its plans for limiting election-related queries in a blog post last December, according to a Google spokesperson, and made a similar announcement regarding European Parliamentary elections in February. Google’s post on Tuesday pertained to India’s upcoming election, while TechCrunch reported that Google confirmed it is rolling out the changes globally. Google is limiting its chatbot’s capabilities ahead of a raft of high-stakes votes this year in countries including the US, India, South Africa and the UK. There is widespread concern over AI-generated disinformation and its influence on global elections, as the technology enables the use of robocalls, deepfakes and chatbot-generated propaganda.
Events & Podcasts
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
Jobs
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work.
Junior Editor for The Strategist
ASPI
The Australian Strategic Policy Institute is seeking a junior editor for The Strategist website, Australia’s leading site for national security commentary and analysis. We are looking for a strong editor and writer who has excellent attention to detail and solid policy judgement, and who can work with ASPI staff, on writing and editing their own work. Candidates will preferably have a background in journalism, editing or security and international policy, with at least two years’ experience in a relevant field.
Deputy Director Defence Strategy & National Security
ASPI
ASPI is currently recruiting for a Deputy Director, Defence Strategy & National Security. This is an exceptional opportunity for a talented and experienced individual to contribute to the work of Australia's leading think-tank on strategic defence policy issues in a unique leadership role.
Professional Development Program Coordinator
ASPI
ASPI is recruiting a Professional Development Program Coordinator. Our Program Coordinators are fundamental to the success of our professional development programs. As a key team member, you will be tasked with nurturing collaborative relationships across Defence, National Security, the National Intelligence Community, and the broader ASPI community.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.