Woman dies during a ransomware attack on a German hospital / FB to curb internal debate amid employee discord / TikTok accepts deal revisions as Trump prepares to review proposal

Sep 18, 2020

Follow us on Twitter. The Daily Cyber Digest focuses on the topics we work on, including cyber, critical technologies & strategic issues like foreign interference.

German authorities are investigating the death of a patient following a ransomware attack on a hospital in Duesseldorf. ZDNet

Facebook is moving to curb internal debate around divisive political and social topics, Chief Executive Mark Zuckerberg said Thursday, after a spate of disputes and criticism that has fueled discord among staffers. WSJ

The Chinese company that owns TikTok has accepted the Trump administration’s changes to a deal designed to mitigate the White House’s concerns that the popular app poses a national security threat, two people with knowledge of the talks said. The New York Times

ASPI ICPC

Don't believe the groupchat: WhatsApp scrambles as conspiracies go viral
The New Daily
@JoshButler
Elise Thomas, a researcher at the Australian Strategic Policy Institute’s International Cyber Policy Centre, said WhatsApp was hard for experts to monitor. “It’s an unfortunate reality that platforms like Facebook respond to public pressure and negative media coverage. But because it’s a closed platform, you might get away with things on WhatsApp that you wouldn’t on Facebook,” she told The New Daily. “The platform makes people less sceptical when they get messages. If your friend sends you something, you’re less likely to fact-check it and more likely to accept it as fact. That social element is important because conspiracy theories get a foothold in groups with strong social bonds.”

China’s Epic Dash for PPE Left the World Short on Masks
Bloomberg
@SheridanAsia
The medical supplies campaign is providing the world a unique opportunity to understand how powerful it is, according to Alex Joske, who wrote a report about the organization in June for the Australian Strategic Policy Institute. “Xi has clearly given a strong push to the United Front system to do more and be bolder,” he says.

Alex Joske’s ‘The party speaks for you’.

Trump’s anti-China ‘posturing’ puts TikTok-Oracle deal in limbo, analysts say
SCMP
@tracyyyqu
“We’ve known since at least 2012 that social media networks have the power to influence the voting behaviour of millions of people. TikTok is no different,” said Fergus Ryan, an analyst at independent think tank the Australian Strategic Policy Institute.

Bart Hoogeveen @BartHoogeveen

Nigeria is in the process of updating its National Cybersecurity Policy & Strategy. Tonight I had the privilege providing a preso to the Review Ctee hosted by the 🇳🇬 Office of the National Security Adviser about Australia's trajectory between 2016 and today. @theGFCE @AusHCAbuja

World

ITU @ITU

New @ITU study estimates US$ 428 billion needed to connect the remaining 3 billion people to the Internet by 2030 itu.int/en/mediacentre… Connecting Humanity examines the necessary investments to achieve universal, affordable #broadband #ConnectivityForAll people aged 10 + above

Twitter Support @TwitterSupport

In July, we began removing Tweets associated with QAnon from Trends and recommendations and not highlighting them in conversations and Search. Impressions on this content dropped by more than 50%, decreasing the amount of unhealthy and harmful content on timelines. (2/3)

China

China’s ‘Mini Apps’ Have Big Privacy Issues, Report Says
Sixth Tone
@Xiguaken
China’s “mini apps” — third-party programs accessible within multifunctional mobile apps — may be just as bad as their larger counterparts when it comes to harvesting user data. A report Tuesday from the Nandu Personal Information Protection Research Center, a think tank under the influential Southern Metropolis Daily newspaper, enumerates the many examples of malpractice researchers found, including over-collection and over-sharing of user data and inadequate terms of service.

Adrian Zenz @adrianzenz

THREAD: My comments on Xinjiang's first-ever effort to counter allegations of forced labor, through a White Paper. Has some interesting new figures. Keys to getting the most out of it (and avoiding false readings): 1. context, 2. read between lines /1 scio.gov.cn/zfbps/32832/Do…

USA

Facebook to Curb Internal Debate Over Sensitive Issues Amid Employee Discord
The Wall Street Journal
@JeffHorwitz
Facebook Inc. is moving to curb internal debate around divisive political and social topics, Chief Executive Mark Zuckerberg said on Thursday, in the wake of a spate of disputes and criticism that has fueled discord among staff.

Facebook Needs Trump Even More Than Trump Needs Facebook
Bloomberg
@sarahfrier
In late 2019, during one of Mark Zuckerberg 's many trips to Washington to defend Facebook in front of Congress, he stopped for a private dinner with Donald Trump and offered the president a titillating statistic.

TikTok Accepts Deal Revisions as Trump Prepares to Review Proposal
The New York Times
@dmccabe @AnaSwanson @eringriffith @MikeIsaac
The Chinese company that owns TikTok has accepted the Trump administration’s changes to a deal designed to mitigate the White House’s concerns that the popular app poses a national security threat, two people with knowledge of the talks said. The Treasury Department, which leads a group reviewing the deal for national security purposes, provided TikTok’s owner, ByteDance, with revisions to its proposal on Wednesday, one of the people said. Some of the revisions were intended to address how TikTok’s data and source code would be handled and secured, one of the people said. The two sides have agreed in principle, but are still discussing some technical details, the other person said. The exact ownership structure of TikTok under the proposed deal is unclear. President Trump and some members of his administration have said ByteDance cannot retain a majority stake in TikTok if their concerns are to be satisfied.

ByteDance plans TikTok IPO to win U.S. deal as deadline looms: sources
Reuters
@davidshepardson, @StephenNellis & @deer_echo_
China’s ByteDance is planning a U.S. initial public offering of TikTok Global, the new company that will operate the popular short video app, should its proposed deal be cleared by the U.S. government, people familiar with the matter said on Thursday.
ByteDance says China will have to approve its U.S. TikTok deal
Reuters
@Yingzhi Yang, Brenda Goh
China will need to approve ByteDance’s proposed deal with Oracle Corp for its TikTok app, the Chinese company said on Thursday, indicating how its bid to stave off a ban in the United States could be further complicated.

Want to understand the Oracle-TikTok deal? Just look at Apple in China Quartz
The TikTok Deal Is a Defining Moment for CFIUS Barrons

Tencent’s Gaming Stakes Draw U.S. National Security Scrutiny
Bloomberg
@Jenny Leonard
The Trump administration has asked gaming companies to provide information about their data-security protocols involving Chinese technology giant Tencent Holdings Ltd., people familiar with the matter said. The Committee on Foreign Investment in the U.S., which is chaired by the Treasury Department, has sent letters to companies, including Epic Games Inc., Riot Games and others, to inquire about their security protocols in handling Americans’ personal data, said the people, who asked not to be named because the discussions are private.

Fergus Ryan, Audrey Fritz and Daria Impiombato’s ‘TikTok and WeChat: Curating and controlling global information flows’.

‘This is f---ing crazy’: Florida Latinos swamped by wild conspiracy theories
Politico
@sabrod123 @MarcACaputo
A flood of disinformation and deceptive claims is damaging Joe Biden in the nation’s biggest swing state.

CNAS Technology and National Security Program @CNAStech

.@CNAStech is launching the U.S. Nat'l Tech Strategy project today. The project aims to protect America's vital interests through stimulating long-term tech leadership in the global arena:

U.S. National Technology StrategyDeveloping strong, pragmatic and principled national security and defense policies.cnas.org

New Zealand

Zhenhua Data collection 'disquieting in the extreme' - Winston Peters
RNZ
Details of hundreds of New Zealanders - politicians, judges, business leaders, journalists and even criminals - have been collected by Chinese company Zhenhua, which has been linked to the country's military and intelligence. “It's disquieting in the extreme" - Minister of Foreign Affairs Winston Peters. Foreign Affairs Minister Winston Peters said it would be "naive" to think there was no connection with the Chinese state.

South & Central Asia

Benjamin Strick @BenDoBrown

A viral Twitter protest is afoot on India PM @narendramodi's b'day today. Tweets on #shameonupgov are intriguing. Out of 3669 accounts captured: - 358 were created on 1/9 - 117 on 2/9 - 145 on 17/9 - 183 on 31/8 Here is that data visualised in @Gephi. Note the bulk clusters 🤓

UK

Darren Byler @dtbyler

Open call from the UK parliament to submit evidence regarding Xinjiang camps, forced labor and complicity of UK companies; and policy recommendations for international cooperation, pressure and support for Uyghur diaspora (asylum support!). committees.parliament.uk/work/564/xinji…

Calls for UK ban on all Chinese data firms after leak reveals 40,000 Britons in intelligence files
The Telegraph
@Tony_Diver
Sir Iain Duncan Smith said TikTok and Huawei should be ejected from Britain to protect data privacy

Cyber threat to disrupt start of university term
BBC
@seanjcoughlan
Universities and colleges are being warned by the UK's cyber-security agency that rising numbers of cyber-attacks are threatening to disrupt the start of term.

Europe

First death reported following a ransomware attack on a German hospital
ZDNet
@campuscodi
German authorities are investigating the death of a patient following a ransomware attack on a hospital in Duesseldorf.

Canada

Huawei Canada draws up ‘no-backdoor no-spying’ legal pledge in bid to prevent 5G ban
The Globe and Mail
@stevenchase @robertfife
Huawei Technologies Canada has drafted a legal agreement that outlines a “no-back door and no-spying” pledge as the Chinese telecommunications giant tries to prevent the federal government from banning the use of its equipment in the country’s 5G cellular networks. The Globe and Mail has obtained a copy of the proposed no-spying agreement, marked “confidential,” which lays out the company’s legal obligations if Canada allows it to be part of the next-generation 5G cellular technology. The document appears to be the first Huawei no-spying agreement to be revealed publicly, and spells out a strict process to prove the equipment does not contain secret “backdoors” that allow outside entities to access the networks or put in malware. It also commits to reject requests for information from Chinese security agencies.

Middle East

The Simulation of Scandal: Hack-and-Leak Operations, the Gulf States, and U.S. Politics
Texas National Security Review
@jamessshires
Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be seen as the “simulation of scandal" — deliberate attempts to direct moral judgement against their target. Although “hacking” tools enable easy access to secret information, they are a double-edged sword, as their discovery means the scandal becomes about the hack itself, not about the hacked information. There are wider consequences for cyber competition in situations of constraint where both sides are strategic partners, as in the case of the United States and its allies in the Persian Gulf.

Misc

Fake Data Could Help Solve Machine Learning’s Bias Problem—if We Let It
Slate
@ToddFeathers

How is a small A.I. startup to train its models to compete? Data collection is a time-consuming and expensive process. What about a hospital chain that wants to harness A.I. to better diagnose diseases but can’t use its own patient data due to federal privacy laws and cybersecurity concerns? Or a credit scoring agency seeking to model risky behavior that doesn’t want to use sensitive consumer information? The answer, increasingly, is to use synthetic data—created by A.I., for A.I. In many cases, it’s a cheaper and faster option, but it carries a risk: The techniques used to generate realistic-looking data can also exacerbate harmful biases in that data.

Research

Policy Roundtable: Cyber Conflict as an Intelligence Contest
Texas National Security Review
@Chair: Robert Chesney and Max Smeets Contributors: Joshua Rovner, Michael Warner, Jon R. Lindsay, Michael P. Fischerkeller, Richard J. Harknett, Nina Kollars
In this policy roundtable, part of our special issue on cyber competition, the panelists explore whether cyber conflict might better be understood as a form of intelligence competition.

DigitalPeaceNow @DigitalPeaceNow

🎉IT'S OFFICIAL!🎉 We released our first Citizens on Cyberattacks report, an international snapshot of the public’s awareness of nation-sponsored cyberattacks. Learn more about global perceptions towards the threat of cyberwarfare here: bit.ly/35F6JZO #stopcyberwarfare

Daily Cyber Digest