U.S., U.K. and Australia to ask Facebook to halt encryption tech | HK takes stand against China’s high-tech control | Political operators impersonating Americans to flood Govt
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference
Attorney General Bill Barr, along with officials from the United Kingdom and Australia, is set to publish an open letter to Facebook CEO Mark Zuckerberg asking the company to delay plans for end-to-end encryption across its messaging services until it can guarantee the added privacy does not reduce public safety. Buzzfeed News
Hong Kong takes symbolic stand against China’s high-tech controls. For many, one fear is the city will fall into a shadow world of surveillance, censorship and digital controls that many have had firsthand experience with during regular travels to China. The New York Times
A BuzzFeed News investigation — based on an analysis of millions of comments, along with court records, business filings, and interviews with dozens of people — offers a window into how a crucial democratic process was skewed by one of the most prolific uses of political impersonation in US history. Buzzfeed News
ASPI ICPC
Australia's Cyber Strategy, version 2.0
ASPI ICPC
Back in 2016, Australia launched its first national cybersecurity strategy. The strategy covers a four-year period to 2020, and given the changes in the security environment, an update is now clearly warranted. To that end, the government has just launched a discussion paper to kick off the public consultation. The closing date for submissions on the discussion paper is 1 November. To complement the public submission process, ASPI’s International Cyber Policy Centre is initiating a public debate on what should be included in the next cybersecurity strategy. Contributions will be compiled into a report that we will deliver to the Department of Home Affairs to inform the strategy’s development. Follow the debate here.
'Chinese hackers' may have been behind major ANU cyber-attack on student records
9 News
"(The hack has) targeted lots of institutions, from our Bureau of Meteorology to our Parliament,"Fergus Hanson from the Australian Strategic Policy Institute told 9News. "It is very serious – it's the top of Australia's national security community."
Fergus Hanson on 9 News talking about the recent ANU hack. 9 News
Lessons from the ANU cyberattack
ASPI Strategist
@michael_ASPI
The ANU attack is also a reminder that systems and IT investment are not enough. Strong security awareness and practice by all the people in an organisation is essential to reducing the risk of cyber compromise.. The last lesson from the ANU experience is one for government. Naming cyber attackers, particularly when they are state actors, is an essential part of deterrence and security. Naming and shaming may not prevent a motivated state actor from conducting further attacks, but it creates awareness of real, as opposed to hypothetical, threats. It also creates the opportunity for others to speak up and act collectively against the perpetrators. And only governments really have the horsepower and status—let alone responsibility—to bring the actions of other states to public account and attention.
Rohingya Muslims return to “safety”: A regional approach
ORF
In addition, the recent report published by the Australian Strategic Policy Institute shows that Myanmar has continued to destroy areas once inhabited by the Rohingyas, well into 2019. On a disturbing level, the satellite images showed that at least 40% of villages damaged or destroyed in the anti-Rohingya campaign have been completely razed.
China
Hong Kong Takes Symbolic Stand Against China’s High-Tech Controls
The New York Times
@paulmozur @lqq91926
On the Hong Kong side, the internet is open and unfettered. On the China side, connections wither behind filters and censors that block foreign websites and scrub social media posts. The walk is short, but the virtual divide is huge. This invisible but stark technological wall has loomed as Hong Kong’s protests smolder into their fourth month. The semiautonomous city’s proximity to a society that is increasingly closed off and controlled by technology has informed protesters’ concerns about Hong Kong’s future. For many, one fear is the city will fall into a shadow world of surveillance, censorship and digital controls that many have had firsthand experience with during regular travels to China. The protests are a rare rebellion against Beijing’s vision of tech-backed authoritarianism. Unsurprisingly, they come from the only major place in China that sits outside its censorship and surveillance.
New Google Warning: 280M+ Android Users At Risk As China ‘Manipulates’ Play Store
Forbes
Stories about China and the VPN market usually focus on the use of these virtual private networks to access news sites and social media when caught behind the country’s infamous “Great Firewall.” But now there’s a twist, with new research finding that “the top 10 Google Play search results for ‘vpn’ are dominated by [Chinese] apps participating in potentially fraudulent manipulation practices.” And those apps have secured more than 280 million installs between them.”
US
Tech’s Most Controversial Startup Now Makes Drone-Killing Robots
Bloomberg
@joshuabrustein
Founded by Palmer Luckey and backed by Peter Thiel, Anduril is rekindling the connection between the American military and Silicon Valley.
The FBI is running Facebook ads targeting Russians in Washington
CNN
The FBI is running ads on Facebook in the Washington DC area seemingly designed to target and recruit Russian spies as well as those who know about their work, CNN has learned. One ad seen by CNN features a stock photo of a young woman at her graduation with her family. Russian text overlaid on the image reads, "For your future, for the future of your family."
The New Way To Hack Democracy: How Political Operators Are Impersonating Real Americans To Flood The Government With Fake Comments
Buzzfeed News
@jsvine @kevincollier
A BuzzFeed News investigation — based on an analysis of millions of comments, along with court records, business filings, and interviews with dozens of people — offers a window into how a crucial democratic process was skewed by one of the most prolific uses of political impersonation in US history. In a key part of the puzzle, two little-known firms, Media Bridge and LCX Digital, working on behalf of industry group Broadband for America, misappropriated names and personal information as part of a bid to submit more than 1.5 million statements favorable to their cause.
Attorney General Bill Barr Will Ask Zuckerberg To Halt Plans For End-To-End Encryption Across Facebook's Apps
Buzzfeed News
@RMac18 @JoeB_Tweets
Attorney General Bill Barr, along with officials from the United Kingdom and Australia, is set to publish an open letter to Facebook CEO Mark Zuckerberg asking the company to delay plans for end-to-end encryption across its messaging services until it can guarantee the added privacy does not reduce public safety.
North Asia
New Asean cyber-security centre launched to train response teams to combat online threats
The Straits Times
To help bolster regional cyber-security capabilities, Singapore has launched a new centre for Asean member states to work together to conduct research, share knowledge and train to respond to cyber threats.
Southeast Asia
Philippine minister takes to Twitter to order diplomatic protest over Chinese ships
South China Morning Post
@raissawriter
Philippine foreign secretary Teodoro Locsin Jnr on Wednesday ordered via Twitter the immediate filing of a diplomatic protest against Beijing after Chinese coastguard ships reportedly strayed near a Philippine-occupied shoal in the disputed South China Sea.
Central Asia
Researchers Say They Uncovered Uzbekistan Hacking Operations Due to Spectacularly Bad OPSEC
Vice
@KimZetter
A new threat actor Kaspersky calls SandCat, believed to be Uzbekistan’s intelligence agency, is so bad at operational security, researchers have found multiple zero-day exploits used by the group, and even caught malware the group was still developing.
UK
Facebook, WhatsApp Will Have to Share Messages With U.K.
Bloomberg
Social media platforms based in the U.S. including Facebook and WhatsApp will be forced to share users’ encrypted messages with British police under a new treaty between the two countries, according to a person familiar with the matter.
Africa
Egypt Is Using Apps to Track and Target Its Citizens, Report Says
The New York Times
A series of sophisticated cyberattacks targeting Egyptian journalists, academics, lawyers, opposition politicians and human rights activists has been traced to Egyptian government offices, a cybersecurity firm has found.
Misc
How the alt-right co-opted the OK hand sign to fool the media
The Guardian
@PoppyNoor
The alt-right’s latest trophy is the OK hand sign, which was officially recognised as a hate symbol by the Anti-Defamation League over the weekend. And on Tuesday, it was reported that a Universal Orlando Resort employee was fired after concerned parents found a photo of him making the hand sign on their six-year-old’s shoulder (their child is biracial and has autism).
The ‘OK’ symbol that has been co-opted by the alt-right.
Events
The rise of information warfare: in-conversation with Peter W. Singer
ASPI ICPC
ASPI's International Cyber Policy Centre invites you to an in-conversation with Peter W. Singer and Danielle Cave to consider the rise of information warfare. Peter Warren Singer is strategist and senior fellow at New America. He has been named by the Smithsonian as one of the nation’s 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and as an official “Mad Scientist” for the U.S. Army’s Training and Doctrine Command. A drinks and canapes reception will conclude the event. This event is kindly supported by Microsoft.
Cyber Security Hypothetical – Panel
UNSW
We invite you to join us on 22 October, in challenging paradigms and provoking discussion around this important topic that impacts and targets us all. Cyber Security Hypothetical will be led and moderated by Mr Steve Wilson and panellists will include MAJGEN Marcus Thompson, Professor Michael Frater, Mr Alastair MacGibbon, Ms Kate Carruthers and Mr Justin Warren.
.au Licensing Rules and .au Namespace Implementation Policy Consultation - October 2019
auDA
auDA is seeking the Australian community's input on proposed changes to the .au licensing rules and the .au Namespace Implementation Policy. We are asking for feedback because the .au ccTLD belongs to Australia and changes to the rules for .au domains affect the Australian community.