US DoJ claims Russia hacked federal prosecutors | Australia's Sky News temporarily suspended from YouTube for COVID misinformation | New US subsidies for semiconductor chips

Aug 2, 2021

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. The Associated Press
Sky News Australia has been banned from uploading content to YouTube for seven days after violating its medical misinformation policies by posting numerous videos which denied the existence of Covid-19 or encouraged people to use hydroxychloroquine or ivermectin. The Guardian
The U.S. and its allies have long pressed China to stop helping favored industries with subsidies, government preferences and other interventions. Now they are beginning to copy it. Last month, the U.S. Senate voted for direct industry subsidies with little precedent: $52 billion for new semiconductor fabrication plants, called “fabs.” The Wall Street Journal

ASPI ICPC

TikTok’s Take on Censorship
Radio Adelaide
Daria Impiombato, a co-author of the Australian Strategic Policy Institute’s report on censorship and content control on Chinese social media, joins Breakfast’s Tom Mann and Paul Davies to discuss the app and its influence from the Chinese Communist Party.

Read our report “TikTok and WeChat: Curating and controlling global information flows”.

ASPI @ASPI_org

ICYMI: Stream @MarietjeSchaake's chat with @ASPI_ICPC's @FergusHanson on the challenges posed by technology giants, the potential for a coalition of democracies and the interaction of human rights, technology and civil society Watch it now:

In-conversation with Marietje SchaakeHow can technologies be appropriately governed, and what impacts does this have on free and open societies? In this webinar, Fergus Hanson speaks to Marietje...bit.ly

World

Everyone in Your Organization Needs to Understand AI Ethics
Harvard Business Review
@beena_ammanath @reidblackman
Many organizations have come around to seeing the business imperative of an AI ethical risk program. Countless news reports — from faulty and discriminatory facial recognition to privacy violations to black box algorithms with life-altering consequences — have put it on the agendas of boards, CEOs, and Chief Data and Analytics Officers. What most leaders don’t understand, however, is that addressing these risks requires raising awareness of them across their entire organization. Those that do understand this often don’t know how to proceed.

Australia

Sky News Australia banned from YouTube for seven days over Covid misinformation
The Guardian
@meadea
Sky News Australia has been banned from uploading content to YouTube for seven days after violating its medical misinformation policies by posting numerous videos which denied the existence of Covid-19 or encouraged people to use hydroxychloroquine or ivermectin.

A recipe for bad decisions': Govt confusion over who tackles fake news
The Canberra Times
@sbasfordcanales
It's still no clearer which area of government would be in charge of tackling a targeted disinformation campaign by a foreign actor in the upcoming federal election. Officials from the Home Affairs, Finance and Attorney-General's departments, along with the Australian Electoral Commission, were asked on Friday who would take charge to counter any foreign interference campaigns on social media were they to occur.

Read Danielle Cave & Jake Wallis’s article “Defending democracies from disinformation and cyber-enabled foreign interference”.

Danielle Cave @DaniellesCave

Circling back to note this extraordinary & globally unique effort exposes the lack of leadership & coordination on cyber-enabled info ops & foreign interference. I can not see, for example, which 🇦🇺 dept/agency is in charge of leading on issues like this

Hugh Riminton @hughriminton

China‘s grubby cyber hit on Aussie researcher Vicky Xu - how the CCP goes after critics overseas. https://t.co/32edp1trYr

Facial recognition and the NSW protest crowds
Innovation Aus
NSW Police have not ruled out its use of facial recognition technology to identify thousands of protestors from a Sydney anti-lockdown rally on Saturday, despite calls from experts to pause its use. But it won’t confirm the use of the technology either.

Can Australia fix its CovidSafe app and turn the pandemic into a ‘pingdemic’?
The Guardian
@joshgnosis
The federal government is in discussions to tweak its CovidSafe app to pick up more fleeting contacts due to the more infectious Delta variant, but is refusing to adopt technology used overseas that could speed up notification of close contacts.

Removing the risks from a decentralised internet
The Strategist
@tweetinjules
Increasingly, people worry about the concentration of power in the digital environment, and the control that large companies exercise over users’ data and experiences online. The Australian government has opted to regulate ‘big tech’ for a range of online harms. But more broadly, this concern has led to calls to ‘re-decentralise’ the internet, harking back to the early days of the web before these companies which now serve as gatekeepers to the internet existed.

Australian wellness influencers are embracing conspiracy content
Business Insider
@biancahealey
A network of Australian influencers have begun to engage with conspiratorial content on their platforms.

Why healthcare security needs urgent care
Hospital and Healthcare
Australia’s healthcare sector has been the target of increased cybersecurity incidents since COVID-19 forced digital care into the spotlight. Sensitive data collected by healthcare providers, as well as their increased reliance on cloud-based services and telehealth, make the industry a prime target.

China

China’s supreme court sets limits on facial recognition
TechNode
@weishengn
A Wednesday judicial interpretation released by China’s highest court sets boundaries on how businesses in China can use facial recognition technology... The interpretation prohibits businesses from forcing people to accept facial recognition applications on apps to access services. In public spaces, businesses could infringe personal rights if their use of facial recognition violated “related law and regulations,” said the interpretation.

China built the world’s largest facial recognition system. Now, it’s getting camera-shy.
The Washington Post
@evadou
Now, China is putting its freewheeling facial recognition industry on notice. Citing Guo’s case, China’s top court announced this week that consumers’ privacy must be protected from unwarranted face tracking.

China’s edtech crackdown isn’t what you think. Here’s why.
Protocol
@shenlulushen
Much of the coverage around the latest crackdown has linked it with Beijing's war on Big Tech or focused on ideological control, which has been a major aspect of Beijing's handling of the state-run school system. But when it comes to the sprawling ed tech industry, experts say what's happening looks more like an attempt to cure tech-enabled ills that have exacerbated nationwide educational — and thus social — inequality.

China’s Sputnik Moment?
Foreign Affairs
@danwwang
Then came U.S. President Donald Trump. By sanctioning entrepreneurial Chinese companies, he forced them to stop relying on U.S. technologies such as semiconductors. Now, most of them are trying to source domestic alternatives or design the necessary technologies themselves. In other words, Trump’s gambit accomplished what the Chinese government never could: aligning private companies’ incentives with the state’s goal of economic self-sufficiency.

China’s leaders agree to greater control over data, offshore listings
Australian Financial Review
@MikeSmithAFR
China’s leaders have pledged tighter supervision of overseas share listings as a crackdown on technology companies, rising geopolitical tensions and the country’s worst COVID-19 outbreak since Wuhan last year add to a growing list of concerns for foreign investors in Chinese assets. President Xi Jinping chaired a regular meeting of the Communist Party’s top decision-making body, the Politburo, late last week. Reports from the meeting suggest the government is planning to further tighten state control over the private sector.

Read our report “Mapping China's Tech Giants: Reining in China’s technology giants”.

Chinese Social Media Nationalists Attack LGBTQ Film Festival Run By Foreign Consulates
Variety
@rebeccaludavis
Nationalist users on Chinese social media platform Weibo have attacked foreign consulates in the southern capital of Guangzhou for seeking to “bring down China” with an LGBTQ film festival jointly hosted by 17 foreign governments. Such users say they have flooded the platform’s censors with reports that posts about the festival are politically problematic, seeking to get them banned.

Spyware features found in Chinese state benefits app
The Record
@campuscodi
Spyware-like features have been discovered inside an app named “Beijing One Pass” that foreign companies operating in China are forced to install on their systems in order to access a digital platform to manage employee state benefits.

China Antitrust Officials Delay Review of Nvidia’s $40 Billion Arm Acquisition
The Information
@joshua_sisco
It’s not just Chinese tech companies that are facing difficulties with China’s ruling party. Take Nvidia’s $40 billion takeover of chip designer Arm. While China’s competition regulators have been talking to the two companies since early this year, the agency’s formal review hasn’t even started yet, according to people with knowledge of the process.

Huawei, once a 5G leader, can't offer 5G in its newest phones
Light Reading
@mikeddano
Huawei newest batch of smartphones won't be able to connect to 5G networks. The development represents a shocking turnabout for a company that just a year ago claimed a global leadership position in the sale of smartphones and wireless networking equipment. The primary reason behind Huawei's 5G about-face is no secret: ongoing US sanctions against the Chinese vendor.

Livestreaming ecommerce is the next battleground for China’s nationalists
Protocol
@ZeyiYang
The No. 1 rule of sales: Don't praise your competitor's product. Rule No. 2: When you are put to a loyalty test by nationalist trolls, forget the first rule.

USA

Justice Department says Russians hacked federal prosecutors
The Associated Press
The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached.

‘Industrial Policy’ Is Back: The West Dusts Off Old Idea to Counter China
The Wall Street Journal
@greg_ip
The U.S. and its allies have long pressed China to stop helping favored industries with subsidies, government preferences and other interventions. Now they are beginning to copy it. Last month, the U.S. Senate voted for direct industry subsidies with little precedent: $52 billion for new semiconductor fabrication plants, called “fabs.”

Facebook wants to master the Metaverse
AdAge
Facebook CEO Mark Zuckerberg made his case for developing the “metaverse” during a second-quarter earnings call, a vision for the future of the social network that no longer relies on platforms such as Apple and Google for hosting Facebook properties.

A Fire in Minnesota. An Arrest in Mexico. Cameras Everywhere.
The New York Times
@kashhill
One night in the Twin Cities, shortly after the killing of George Floyd, someone set a fire in a Goodwill. That led to an international search for the culprits — and it exposed a growing system of global surveillance.

The Privacy Battle That Apple Isn’t Fighting
WIRED
@GiladEdelman
California has begun enforcing a browser-level privacy setting, but you still can’t find that option in Safari or iOS.

To Fight Vaccine Lies, Authorities Recruit an ‘Influencer Army’
The New York Times
@taylorlorenz
The White House has teamed up with TikTok stars, while some states are paying “local micro influencers” for pro-vaccine campaigns.

White House Office of Science & Technology Policy @WHOSTP

Today, @NSF announced 11 new National Artificial Intelligence Research Institutes that advance #AI innovation, make AI accessible for older Americans, and support underrepresented students in STEM education to improve equity and representation in AI research.

National Science Foundation @NSF

Today, we are announcing 11 new @NSF National Artificial Intelligence Research Institutes. The institutes will focus on #AI-based tech to help older adults lead more independent lives, improve agriculture + food supply chains, support STEM ed & more: https://t.co/DOBWjDkqry https://t.co/EyzfKDVXhB

Criminal Authorities for Enforcing Against Forced Labor in China [PDF]
US Dept of Homeland Security
DHS is aware of recent reports of companies with a presence in the United States that have committed to purchasing goods made in Xinjiang Uyghur Autonomous Region or will benefit from ventures in the Region, regardless of the risk or actual presence of forced labor in these supply chains or ventures.

The Information Technology Counter-Revolution: Cheap, Disposable, and Decentralized
War On The Rocks
Almost three decades ago, a coterie of defense wonks proclaimed that the information revolution would transform military power. They were right. But three decades later, it is time for the American military to prepare for what’s next, not try to dominate a 90s-era information battlefield..the U.S. military never fully realized the IT-RMA (information technology revolution in military affairs), and now the revolution-reaction cycle has moved on. The very capabilities that propelled the IT-RMA have become troubling vulnerabilities, leaving Washington with the worst of both worlds — campaigns that are digitally dependent enough to be vulnerable to new information threats but not advanced enough to leverage the newest data technologies.

Argo AI can now offer the public rides in its autonomous vehicles in California
TechCrunch
@kirstenkorosec
Argo AI, the autonomous vehicle technology startup backed by Ford and VW, has landed a permit in California that will allow the company to give people free rides in its self-driving vehicles on the state’s public roads.

NIST calls for help in developing framework managing risks of AI
ZDNet
@jgreigj
The National Institute of Standards and Technology (NIST) -- part of the US Department of Commerce -- is asking the public for input on an AI risk management framework, which the organization is in the process of developing as a way to "manage the risks posed by artificial intelligence."

UK

Ex-Cambridge Analytica psychologist secretly aided prominent anti-COVID vaccine group
The Daily Dot
@mikaelthalen
Leaked chat logs reveal how the former lead psychologist for Cambridge Analytica has been working behind the scenes with a notorious anti-vaccine group in the U.K.

UK Home Office set up fake website to deter asylum seekers from crossing Channel with ‘misleading’ claims
The Independent
@lizziedearden
The Home Office set up a website targeting asylum seekers with “misleading” claims to deter them from journeying to Britain, The Independent can reveal. It created a fake organisation called On The Move, complete with a logo and glossy branding, which claims to “provide migrants in transit with free, reliable and important information”.

Europe

Amazon fined $887 million over EU privacy violations
The Record
@adamjanofsky
Luxembourg’s data privacy regulator hit tech giant Amazon with a €746 million fine ($887 million) over claims that the company’s processing of personal data did not comply with the European Union’s General Data Protection Regulation. It is by far the largest-ever fine issued under the GDPR.

Kim Zetter @KimZetter

French authorities conducted forensic inv of phone belonging to French journalist and found evidence of NSO's Pegasus spyware on it. The journo's phone # was on list that Pegasus Project obtained, but the phone had not previously been analyzed by Amnesty.

« Projet Pegasus » : les analyses des autorités françaises confirment l’infection des téléphones personnels de plusieurs journalistesDes analyses techniques conduites par les autorités françaises ont confirmé la présence de traces du logiciel espion de NSO Group dans le téléphone d’un journaliste de France 24.lemonde.fr

How Google quietly funds Europe’s leading tech policy institutes
The New Statesman
@llaurieclarke @oscwilliams @kathy_swinds
Six leading academic institutes in the EU have taken tens of millions of pounds of funding from Google, Facebook, Amazon and Microsoft to research issues linked to the tech firms' business models, from privacy and data protection to AI ethics and competition in digital markets..The New Statesman has also found evidence of an inconsistent approach to transparency, with some senior academics failing to disclose their industry funding.

Russia

Russia’s New Form of Organized Crime Is Menacing the World
The New York Times
In about a dozen years, ransomware has emerged as a major cyberproblem of our time, big enough for President Biden to put it at the top of his agenda with Russia’s president, Vladimir Putin, when they met in June and for lawmakers in Congress to be working on several bills that would, among other things, require victims to report attacks to the government.

Read our report “Exfiltrate, encrypt, extort: The global rise of ransomware and Australia’s policy options”.

The Americas

Christopher Parsons @caparsons

The Government of Canada issued a 'discussion guide' on how it plans to address what it identifies as harmful content online yesterday. The 'guide' is at: canada.ca/en/canadian-he… #cndpoli

Discussion guide - Canada.caThis discussion guide on online hate summarizes and outlines the Government’s overall approach.canada.ca

Middle East

Why Turkey’s Regulators Became Such a Problem for Google
The New York Times
@satariano @daiwaka
The tension between Turkey and Google reflects how growing animosity toward Silicon Valley giants is popping up even in places, like Turkey, with little history of antitrust enforcement against the industry. The efforts threaten to upend conditions — an open global internet and light-touch government regulation — that have helped fuel the growth of those companies in the past two decades. In their place could be a checkerboard of laws and regulations, where the available products and services depend on where a person logs on.

Women allege that NSO spyware was used to steal and leak their private photos
NBC News
@oliviasolon
Oueiss is one of several high-profile female journalists and activists who have allegedly been targeted and harassed by authoritarian regimes in the Middle East through hack-and-leak attacks using the Pegasus spyware, created by Israeli surveillance technology company NSO Group.

Misc

Hundreds of AI Tools Were Built to Catch Covid. None of Them Helped
MIT Technology Review
@strwbilly
"This pandemic was a big test for AI and medicine," says Driggs, who is himself working on a machine-learning tool to help doctors during the pandemic. "It would have gone a long way to getting the public on our side," he says. "But I don't think we passed that test...." If there's an upside, it is that the pandemic has made it clear to many researchers that the way AI tools are built needs to change. "The pandemic has put problems in the spotlight that we've been dragging along for some time."

How ‘Coward and Phony’ Tim Pool Became One of the Biggest Political YouTubers on the Planet
The Daily Beast
@bobsaietta
A former darling of Occupy Wall Street, Tim Pool has racked up more than a billion views and millions in earnings while dangerously whitewashing the far right.

Zoom will pay $85 million to settle lawsuit over privacy and 'zoombombing'
Engadget
@jonfingas
The settlement could also lead to payouts if the lawsuit achieves a proposed class action status, but don't expect a windfall. Subscribers would receive a refund of either 15 percent or $25, whichever was larger, while everyone else would receive as much as $15.

Elon Musk calls Apple’s App Store fees a ‘de facto global tax on the Internet’
The Verge
@jaypeters
Elon Musk has had a busy Friday on Twitter. After flatly denying that he has ever spoken to Apple CEO Tim Cook in response to a wild story alleging he demanded to take over as the company’s CEO as part of an acquisition offer, Musk has now tweeted his support of Epic Games’ fight against Apple over App Store policies.

Research

Covert propaganda operations in plain sight: The CCP united front system’s media network in Europe
Sinopis
@jirousfilip
The European operations of the China News Service (CNS), the Chinese Communist Party (CCP) united front system’s main propaganda agency, and its extensive network of media outlets in the continent have so far largely escaped the scrutiny applied to other propaganda organs. The CNS network’s dominance of Europe’s Chinese-language media landscape poses challenges for European institutions.

Read our report “The influence environment: A survey of Chinese-language media & WeChat in Australia”.

Citizen Lab @citizenlab

The deployment of NSO Group’s Pegasus spyware is, unfortunately, not new. Since 2016, the Citizen Lab + others have documented the abuse of this government-exclusive technology. To help keep track of these developing issues, we've created a living thread for all of our reports🧵

Jobs

ICPC Deputy Director – 12 month parental leave cover
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) is currently recruiting for a one-year parental leave cover for its Deputy Director position. This is an exceptional opportunity for a talented and experienced individual to contribute to the work of Australia's leading think-tank on cyber, information, technology and other national security issues in a unique leadership role.

ICPC Senior Analyst & Program Manager
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) potentially has an outstanding opportunity for a proactive, efficient and talented senior analyst & program manager to join its centre..We are looking for a senior individual with a minimum of 10-15 years of demonstrated relevant work experience who possesses excellent project management, stakeholder engagement and staff management skills. They must also possess strong knowledge - either as a generalist or a specialist - of some of the topics ICPC works across, and feel comfortable engaging with politicians, senior policymakers, business representatives and preferably also the media.

ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice. Analysts usually have at least 5 years, often 7-10 years’ of work experience. Senior analysts usually have a minimum of 15 years relevant work experience and, in addition to research, they take on a leadership role in the centre and tend to be involved in staff and project management, fundraising and stakeholder engagement.