Wave of stealthy China cyberattacks hits U.S., private networks | Huawei replaced more than 13,000 parts to overcome US tech sanctions | Russia-aligned hackers spotted targeting Ukraine, Europe, India
Good morning. It's Monday 20th March.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Have feedback? Let us know at icpc@aspi.org.au.
Follow us on Twitter and on LinkedIn.
State-sponsored hackers from China have developed techniques that evade common cybersecurity tools and enable them to burrow into government and business networks and spy on victims for years without detection, researchers with Google found. The Wall Street Journal
Huawei has replaced more than 13,000 components in its range of products with local substitutes and redesigned over 4,000 circuit boards in the past three years, founder Ren Zhengfei said, offering a glimpse of its efforts to overcome years of US sanctions. South China Morning Post
A new espionage campaign by a hacking group with suspected ties to Moscow targeted government agencies and telecom operators in Ukraine, India and Europe, researchers said Thursday. The Record by Recorded Future
ASPI
Why TikTok is getting banned by governments — and what it means for users
National Post
Tyler Dawson
The concern is basically that ByteDance could give TikTok user data to the Chinese government, or show propaganda or misinformation on the Chinese government’s behalf. In 2019, the Australian Strategic Policy Institute reported that ByteDance “collaborates with public security bureaus across China, including in Xinjiang where it plays an active role in disseminating the party-state’s propaganda on Xinjiang.”
Look beyond Washington DC for why AUKUS matters
The National Interest
Iain MacGillivray and Greg Brown
The demand for full-society cooperation and coordination is even more important for the second pillar of AUKUS. Pillar 2 promises advances and sharing in advanced weaponry and technologies—such as AI, cyber, quantum computing, and space—and for which states such as Arizona, Michigan, and Utah may play prominent roles.
World
Russia-aligned ‘Winter Vivern’ hackers spotted targeting Ukraine, Europe, India
The Record by Recorded Future
Daryna Antoniuk
A new espionage campaign by a hacking group with suspected ties to Moscow targeted government agencies and telecom operators in Ukraine, India and Europe, researchers said Thursday.
Australia
Pentagon chooses Australian firm to build hypersonic test aircraft
C4ISRNET
Courtney Albon
The U.S. Department of Defense selected Hypersonix Launch Systems, an Australian aerospace company, to develop a high-speed aircraft that can test hypersonic technologies.
Federal government expected to ban TikTok on its devices
The Sydney Morning Herald
Nick Bonyhady and Anthony Galloway
The Australian government is expected to ban the popular short form video app TikTok from its devices once a seven-month-long review of security risks posed by social media platforms is completed.
Soldiers of hate: Army investigates neo-Nazis in its ranks
The Sydney Morning Herald
Nick McKenzie
The Australian Army has launched an urgent investigation after discovering serving soldiers have links to neo-Nazi groups. The inquiry was triggered by an investigation by this masthead into white supremacist groups which features leaked recordings and conversations from encrypted forums that reveal an emerging cohort of Australian extremist leaders seeking to access firearms and ridiculing law enforcement.
China
Huawei has replaced more than 13,000 parts, redesigned 4,000 circuit boards to overcome US tech sanctions, founder says
South China Morning Post
Tracy Qu
Huawei has replaced more than 13,000 components in its range of products with local substitutes and redesigned over 4,000 circuit boards in the past three years, founder Ren Zhengfei said, offering a glimpse of its efforts to overcome years of US sanctions.
Suspected China-linked hackers exploit Fortinet zero-day in spying campaign
The Record by Recorded Future
Daryna Antoniuk
A suspected state-sponsored hacking group based in China has exploited zero-day vulnerabilities and deployed custom malware to spy on defense, government, tech, and telecom organizations, according to a new report.
China appeals for fair treatment after latest TikTok bans
Associated Press
China appealed Friday to other governments to treat its companies fairly after Britain and New Zealand joined the United States in restricting use of TikTok due to fears the Chinese-owned short video service might be a security risk.
China’s AI chatbots clam up when asked about Xi Jinping’s leadership
The Wall Street Journal
Shen Lu
A question asking whether Xi Jinping is a good leader prompted a response that the input “couldn't pass a safety review.”
China's tech giant Baidu unveils "Ernie," the Chinese answer to AI chatbot technology like ChatGPT and GPT4
CBS News
Shuai Zhang and Tucker Reals
Days after popular artificial intelligence tool ChatGPT's developer OpenAI released its latest version, GPT4, Chinese tech giant Baidu, best known for its search engine and map services in the country, revealed its AI answer to the world. In a prerecorded video presentation, Baidu's celebrity founder Robin Li showcased the "Ernie" (Enhanced Representation of Knowledge Integration) chatbot, which he said could comprehend human intentions and deliver responses approaching human level.
USA
Wave of stealthy China cyberattacks hits U.S., private networks, Google says
The Wall Street Journal
Robert McMillan and Dustin Volz
State-sponsored hackers from China have developed techniques that evade common cybersecurity tools and enable them to burrow into government and business networks and spy on victims for years without detection, researchers with Alphabet Inc.’s Google found.
TikTok under more U.S. pressure ahead of CEO's congressional testimony
Nikkei Asia
Rintaro Tobita
TikTok is under growing pressure in the U.S., with reports of investigations by the Justice Department and FBI emerging before the CEO is scheduled to answer questions in Congress.
TikTok’s plan to stave off government intervention: Flood D.C. with influencers
POLITICO
Hailey Fuchs
The influential social media app TikTok is flooding the nation’s capital with influencers next week as part of an 11th hour lobbying blitz to stave off the forced sale of the company.TikTok’s Chinese parent has another wildly popular app in the U.S.
The Wall Street Journal
Raffaele Huang
One of the hottest apps in the U.S. right now is TikTok’s lesser-known sibling that is also owned by Chinese parent ByteDance Ltd.
Pro-Russia hackers are increasingly targeting hospitals, researchers warns
The Record by Recorded Future
Jonathan Greig
Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as Killnet increasingly launch distributed denial of service attacks targeting healthcare organizations since November.
The US cybersecurity strategy won’t address today’s threats with regulation alone
CyberScoop
Jason Oxman
President Biden just released the administration’s national cyber strategy. Coupled with industry collaboration, it’s an effective approach that represents a new hope for a safer and more economically prosperous future. Furthermore, the strategy is a much-needed step toward a clear roadmap for collaboration between agencies and industry partners, particularly in the technology sector. Prior federal cybersecurity strategic documents have lacked specificity, materially undermining their successful implementation and inhibiting stakeholder engagement.
Trump returns to Facebook
Reuters
Sheila Dang
Former U.S. President Donald Trump posted to Facebook on Friday, marking his return to the social media platform two years after he was banned.
Americas
Deepfake ‘news’ videos ramp up misinformation in Venezuela
Financial Times
Joe Daniels and Madhumita Murgia
Last week, YouTube suspended five accounts, including House of News, that had shared government-aligned misinformation. But the emergence of deepfakes and AI-generated media represents a new frontier in Venezuela’s campaign of propaganda and misinformation, raising concerns about the potential influence on a population that has scant access to trustworthy news because of widespread censorship both on and offline.
North Asia
South Korea begins process to normalize GSOMIA intel pact with Japan
The Japan Times
Jesse Johnson
South Korea’s Defense Ministry has initiated a process to normalize a key military intelligence-sharing pact with Japan following an agreement between Prime Minister Fumio Kishida and South Korean President Yoon Suk-yeol during their breakthrough summit on Thursday.
Ukraine’s cyber defense offers lessons for Taiwan
Defense One
James Hesson and Annie Fixler
The Ukraine war has filled the world with graphic images of a surprisingly capable underdog resisting the advances of a lumbering aggressor. But while the pictures are far less compelling, the story is the same in cyberspace: Ukrainian defenders have thwarted an onslaught of Russian cyberattacks. While credit for this success goes to the resilience, persistence, and professionalism of the Ukrainians, America’s efforts to improve their cyber capacity played a key role, and offer lessons for defending Taiwan from Chinese cyberattacks.
Europe
Top EU judge expects a wave of litigation from tech giants against new tech law
Reuters
Foo Yun Chee
Tech giants will likely challenge a new European Union law aimed at reining in their power with the first cases in a potential wave of litigation expected by year-end, one of the EU's top judges said on Friday.
Netherlands to tighten export controls of chip equipment: minister
Nikkei Asia
Shoichiro Taguchi and Maya Shimizu
The Netherlands aims to respond to U.S. semiconductor restrictions on China by expanding the list of chip manufacturing equipment subject to export controls to prevent military use, the Dutch trade minister said.
UK
TikTok: Scottish Parliament 'strongly advises' MSPs to remove app for security reasons
Sky News
Jenness Mitchell
In an email on Friday, MSPs and staff at Holyrood were "strongly" advised to remove TikTok, including from personal devices used to access the Scottish Parliament's IT systems.
BBC urges staff to delete TikTok from company mobile phones
The Guardian
Matthew Weaver and Dan Milmo
The BBC has urged its staff to delete the Chinese-own social media app TikTok from corporate mobile phones.
Doctors to sue the Government over plans that could hand NHS patients medical records to a secretive US tech giant
This is Money
Luke Barr
Doctors are preparing to sue the Government over plans that could hand the confidential medical records of millions of NHS patients to a secretive US tech giant, the Mail can reveal.
Middle East
How fake media accounts in Afghanistan are used to push Taliban propaganda
The Observers
Pariesa Brody
Since the Taliban took over control of Afghanistan in August 2021, numerous accounts mimicking or trying to present themselves as media outlets have popped up online. These fake accounts share content that appears to be authentic, often using the same graphic signature and style as the real media outlet. But on closer inspection, researchers from the NGO Afghan Witness found that their posts have no basis in reality and serve to undermine opposition groups in Afghanistan and clamp down on independent media.
NZ & Pacific Islands
Parliamentary Service bans TikTok on its devices
RNZ
New Zealand is following other countries in banning the popular video-sharing app TikTok from Parliament-issued devices.
Big Tech
Who is still inside the Metaverse? Searching for friends in Mark Zuckerberg’s deserted fantasyland.
New York Magazine
Paul Murray
Indeed, Facebook’s rebrand as Meta seems to signal Mark Zuckerberg’s conviction that reality as a whole is going to fall out of favor. The metaverse wasn’t his idea — the name comes from Neal Stephenson’s 1992 novel Snow Crash — but his company has reportedly spent some $36 billion developing it. In Zuckerberg’s vision, the metaverse will be nothing less than the internet’s next iteration, one for which he will control both the hardware (Facebook bought headset maker Oculus in 2014) and the software (Meta has been snapping up companies even tangentially related to VR).
TikTok and Meta’s moderators form a united front in Germany
WIRED
Vittoria Elliott
Screening social media content to remove abuse or other banned material is one of the toughest jobs in tech, but also one of the most undervalued. Content moderators for TikTok and Meta in Germany have banded together to demand more recognition for workers who are employed to keep some of the worst content off social platforms, in a rare moment of coordinated pushback by tech workers across companies.
Artificial Intelligence
OpenAI CEO Sam Altman says AI will reshape society, acknowledges risks: 'A little bit scared of this'
ABC News
Victor Ordonez , Taylor Dunn and Eric Noll
The CEO behind the company that created ChatGPT believes artificial intelligence technology will reshape society as we know it. He believes it comes with real dangers, but can also be "the greatest technology humanity has yet developed" to drastically improve our lives.
AI injected misinformation into article claiming misinformation in 'Navalny' doc
VICE
Matthew Gault
An article claiming to identify misinformation in an Oscar-winning documentary about imprisoned Russian dissident Alexei Navalny is itself full of misinformation, thanks to the author using AI.
AI is reviving San Francisco’s tech scene. Welcome to ‘Cerebral Valley.’
The Washington Post
Nitasha Tiku
Traditionally hacker houses — a tech industry rite of passage — referred to cramped quarters shared by start-up aspirants in search of big ideas and cheaper rent. But the money and power flooding into this wave of AI is warping and intensifying the trappings of a typical Silicon Valley gold rush, now set to explode with the launch of GPT-4.
Three easy ways to make AI chatbots safer
Scientific American
Noah Giansiracusa
We have entered the brave new world of AI chatbots. This means everything from reenvisioning how students learn in school to protecting ourselves from mass-produced misinformation. It also means heeding the mounting calls to regulate AI to help us navigate an era in which computers write as fluently as people.
Misc
Mortgages, wine and renovations: Silicon Valley Bank’s deep tech ties
The New York Times
Erin Griffith, Mike Isaac and Sheera Frenkel
Before SVB failed last week and set off a global financial panic, it was known mostly as a regional, low-profile bank. But within tech’s ecosystem, the bank had molded itself to the quirks and idiosyncrasies of the industry, becoming deeply interwoven to an unusual degree into the lives and businesses of investors, entrepreneurs and executives.
Research
Phase-based tactical analysis of online operations
Carnegie Endowment for International Peace
Ben Nimmo and Eric Hutchins
The online threatscape in 2023 is characterized by an unprecedented variety of actors, types of operation, and threat response teams. Threat actors range from intelligence agencies and troll farms to child-abuse networks. Abuses range from hacking to scams, election interference to harassment. Responders include platform trust-and-safety teams, government agencies, open-source researchers, and others.
Events & Podcasts
Jobs
ICPC Senior Analyst or Analyst - China
ASPI ICPC
ASPI’s International Cyber Policy Centre (ICPC) has a unique opportunity for exceptional and experienced China-focused senior analysts or analysts to join its centre. This role will focus on original research and analysis centred around the (growing) range of topics which our ICPC China team work on. Our China team produces some of the most impactful and well-read policy-relevant research in the world, with our experts often being called upon by politicians, governments, corporates and civil society actors to provide briefings and advice.
The Daily Cyber & Tech Digest is brought to you by the team at ASPI’s International Cyber Policy Centre.