Whistleblower says Facebook ignored global political manipulation | More on the Zhenhua Data Leak | Florida Latinos swamped by wild conspiracy theories
Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.
"I have blood on my hands," says whistleblower. A 6,600-word internal memo from a fired Facebook data scientist details how the social network knew about specific examples of global political manipulation — and failed to act. BuzzFeed News
Biographies and service records of aircraft carrier captains and up-and-coming officers in the U.S. Navy. Real-time tweets originating from overseas U.S. military installations. Profiles and family maps of foreign leaders, including their relatives and children. Records of social media chatter among China watchers in Washington.
However, the alleged "social media warfare database" looks like public information largely scraped from social media sites. Zhenhua Data feels like a company that has done what countless other Western companies have done in the age where data is the new oil: collect it and sell it. It wasn't trying to hide. Neither was it very good at securing its own data. Washington Post & Data Breach Today
A flood of disinformation and deceptive claims is damaging Joe Biden in the nation’s biggest swing state. Politico
ASPI ICPC
Zhenhua Data leak: personal details of millions around world gathered by China tech company
The Guardian
Samantha Hoffman, an analyst from the Australian Strategic Policy Institute’s Cyber Centre, said: “What is happening is that the PRC [People’s Republic of China] and PRC-based companies are engaging in global bulk data collection to assist the Chinese party state in various objectives whether it is military, propaganda or security.”
She said: “What they’re doing isn’t so unique. It’s why they are doing it. Lots of Western tech companies collect a lot of data and that should be uncomfortable for a lot of people but at the end of the day there’s a difference between what they are doing and what Chinese companies who claim to be directly contributing to state security are doing.”
Cyber security has to be every company’s business
The Australian
@rachael_falk
All organisations that store and use personal information need to take notice. Failing to could be an expensive mistake. For boards, leadership teams and all businesses that expect customers to hand over personal information, a line is being drawn in the sand: handle it with utmost care, take reasonable steps to protect it at all times and, when there are issues, respond quickly. It is not just good business; it is the law.
Oracle set to win TikTok race as Microsoft's offer rejected
The Sydney Morning Herald
Oracle is in the box seat to make a deal with TikTok after Microsoft's offer to buy the viral social media platform's US operations was rejected, though it may not be an outright sale.
However Fergus Ryan, an analyst at the Australian Strategic Policy Institute, cautioned it was unclear what the scope of any deal with Oracle would be. "Oracle is likely to become a trusted technology partner which would seem to suggest that there is not going to be any significant transfer of assets from ByteDance to Oracle," he said. "It will be interesting to see how they propose that they are going to address all the national security issues involved in that case."
Uyghurs for sale
ASPI ICPC
The Chinese government has facilitated the mass transfer of Uyghur and other ethnic minority citizens from the far west region of Xinjiang to factories across the country. Read the report.
Viral Tweet Sparks London Protest Against China's Abuse of Uyghur Muslims
VICE
Around 80 or so demonstrators protested the persecution of Uyghur Muslims outside the Chinese embassy in Marylebone, London on Friday, spurred on by a viral tweet from a recent graduate. Sade Sawyers says she was moved to organise the impromptu protest after seeing a video about the million or so Uyghurs who are imprisoned in concentration camps in Xinjiang, China. Her call to arms post eventually gained over 30,000 retweets.
World
"I have blood on my hands": A Whistleblower Says Facebook Ignored Global Political Manipulation
BuzzFeed News
A 6,600-word internal memo from a fired Facebook data scientist details how the social network knew about specific examples of global political manipulation — and failed to act.
Hate Speech on Facebook Is Pushing Ethiopia Dangerously Close to a Genocide
VICE
Ethnic violence set off by the assassination of a popular singer has been supercharged by hate speech and incitements shared widely on the platform.
Australia
How China's database targeted Australia's space industry
Australian Financial Review
Leading figures in Australia's nascent space industry suspect their extensive profiling in a Chinese database can be linked to repeated cyber attacks, as Beijing seeks a technological advantage in the strategic sector.
NAB flags cyber attacks during the pandemic have intensified
news.com.au
One of Australia’s major banks has recorded literally millions of cyber attacks, warning online criminals are amplifying their attack on customers.
China
Does This Exposed Chinese Database Pose a Security Threat?
Data Breach Today
A leaked database compiled by a Chinese company has suddenly become the focus of multiple media reports, warning that it could be used as an espionage instrument by Beijing. But on closer examination, the alleged "social media warfare database" looks like public information largely scraped from social media sites. Zhenhua Data feels like a company that has done what countless other Western companies have done in the age where data is the new oil: collect it and sell it. It wasn't trying to hide. Neither was it very good at securing its own data.
USA
Chinese firm harvests social media posts, data of prominent Americans and military
Washington Post
Biographies and service records of aircraft carrier captains and up-and-coming officers in the U.S. Navy. Real-time tweets originating from overseas U.S. military installations. Profiles and family maps of foreign leaders, including their relatives and children. Records of social media chatter among China watchers in Washington.
Those digital crumbs, along with millions of other scraps of social media and online data, have been systematically collected since 2017 by a small Chinese company called Shenzhen Zhenhua Data Technology for the stated purpose of providing intelligence to Chinese military, government and commercial clients, according to a copy of the database that was left unsecured on the Internet and retrieved by an Australian cybersecurity consultancy.
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.
Google pledges to be carbon free as fires engulf California
FT
Google is promising to run all of its data centres and campuses on carbon-free energy within a decade, as the search engine group makes plans to ditch fossil fuels and acquiesce to a key demand from employees concerned about climate change. The company says it may relocate some data centres to reach the new goal of operating entirely on clean energy such as wind, solar, batteries and hydropower by 2030.
‘This is f---ing crazy’: Florida Latinos swamped by wild conspiracy theories
Politico
A flood of disinformation and deceptive claims is damaging Joe Biden in the nation’s biggest swing state.
More Aggressive and Less Ambitious: Cyber Command’s Evolving Approach
War on the Rocks
This year, U.S. Cyber Command celebrated its tenth birthday. It has much to celebrate: It achieved the status of a unified combatant command, its budget is healthy, and its commander, Gen. Paul Nakasone, is popular on both sides of the aisle. But questions remain. How does persistent engagement affect efforts to coordinate with the private sector, which, after all, owns and maintains most of the Internet? What does it mean for U.S. allies and partners? Does the commitment to preempt threats mean that U.S. cyber teams will operate on friendly foreign networks without the knowledge or consent of allies and partners? And how does Cyber Command’s approach fit within the larger Department of Defense cyber security framework?
UK
ARM: Can 'crown jewel' of UK technology be protected?
BBC
The UK government is "looking at options" to protect and ensure future investment in Cambridge-based ARM Holdings, which is being bought by US tech giant Nvidia from Japan's Softbank.
YouTube hit with UK class action style suit seeking $3BN+ for ‘unlawful’ use of kids’ data
TechCrunch
Another class action style lawsuit has been lodged against a tech giant in the UK alleging violations of privacy and seeking major damages. The latest representative action, filed against Google-owned YouTube, accuses the platform of routinely breaking UK and European data protection laws by unlawfully targeting up to five million under-13-year-olds with addictive programming and harvests their data for advertisers. UK and EU law contain specific protections for children’s data, limiting the age at which minors can legally consent to their data being processed — in the case of the UK’s Data Protection Act to aged 13.
Canada
Ottawa looks set for a fight over $1-billion compensation for Huawei equipment
The Globe and Mail
Canada is signalling it might not compensate major telecommunications providers if the federal government bans equipment made by China’s Huawei from 5G networks, setting up a potential fight over a bill that could hit $1-billion. Canada, under pressure from the United States to ban Huawei Technologies Co. Ltd .gear on security grounds, is studying whether to allow the firm into the country’s next-generation 5G networks.
Africa
Ethiopians are dipping into digital wallets
In parts of Africa, paying for food, clothes or public transport with a phone is commonplace. Mobile money is taking off in Ethiopia too, with COVID-19 as the catalyst in the nation of over 100 million.
Misc
AI ethics groups are repeating one of society’s classic mistakes
MIT Technology Review
Too many councils and advisory boards still consist mostly of people based in Europe or the United States.
IBM has built a new drug-making lab entirely in the cloud
MIT Technology Review
IBM has built a new chemistry lab called RoboRXN in the cloud. It combines AI models, a cloud computing platform, and robots to help scientists design and synthesize new molecules while working from home.
Here Are Detailed Photos of iPhone Unlocking Tech GrayKey
VICE
New pictures of the outside—and inside—of the GrayKey iPhone unlocking device have been published by the FCC.