U.S. pitches ban on Chinese tech | Telegram CEO says app to provide more data to governments | PIF hack highlights the need for cyber capacity building
Good morning. It's Tuesday 24th of September.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
The Biden administration on Monday proposed banning the import or sale of Internet-connected vehicles containing Chinese or Russian components, sounding an alarm about the potential for modern transport to be used as a tool for spying or to create domestic chaos during a conflict. The Washington Post
Messaging app Telegram will provide users’ IP addresses and phone numbers to relevant authorities in response to valid legal requests, according to Chief Executive Officer Pavel Durov. Bloomberg
The public revelation this month that the Pacific Islands Forum (PIF) Secretariat had been hacked has exposed significant cybersecurity vulnerabilities in the region. This breach, which possibly went undetected for months, has again thrust the Pacific islands into the middle of a cyber blame game between China and Australia. The Strategist
ASPI
PIF hack highlights the need for cyber capacity building
The Strategist
Fitriani and Blake Johnson
The public revelation this month that the Pacific Islands Forum (PIF) Secretariat had been hacked has exposed significant cybersecurity vulnerabilities in the region. This breach, which possibly went undetected for months, has again thrust the Pacific islands into the middle of a cyber blame game between China and Australia. Australia has since attributed the hack to a group linked to China, which China has denied, dismissing the allegations as disinformation. The incident underscores an urgent need for the Pacific nations to invest in cyber defences and capacity-building efforts to defend against and deter future actions.
Australia
AI needs to start generating returns, corporates say, before more widespread uptake
The Australian
Jared Lynch
Australian companies are demanding artificial intelligence start delivering a return on investment and delivering on its much-hyped productivity claims before they step up the adoption of the technology. That’s according to Dell’s global chief technology officer John Roese and Titanium Ventures general partner Saad Siddiqui, who both visited Australia from the US this month to meet with several leading executives at the nation’s biggest companies.
Australia’s obsession with foreign interference is a threat to its academy
Times Higher Education
Brendan Walker-Munro
The news in Australia has recently been full of the government’s efforts to double down on dealing with foreign interference, including at universities. In May, for instance, a Chinese PhD candidate was refused a student visa for alleged involvement in development of weapons of mass destruction because of his research on drones. In July, the government announced an expansion of the Countering Foreign Interference Taskforce, as well as new powers to expel suspected foreign agents.
Govt’s online identity app gets a rebrand
InnovationAus
Joseph Brookes
The Australian government’s digital identity app will be rebranded next month to avoid confusion with the popular services app ahead of the mass expansion of a $1 billion national digital identity system. The Tax Office has settled on myID as the new name for what has been known as myGovID app since its launch in 2019 and already used by 13 million people to verify their identity for service access. The changeover will occur next month and users will not need to do anything differently, with branding to change via an app update and existing accounts to carry over.
Schools overpay ransomware demands – study
The Educator
A global study of ransomware’s impact found more than half of schools paid more than the initial ransomware demand, raising concerns about the financial impact cybercrime is having on the education industry. However, fewer schools (63%) were targeted by ransomware in 2024 than the previous year (80%), suggesting principals are becoming more serious about cybersecurity. The annual sector survey report, ‘The State of Ransomware in Education 2024’, was conducted by Sophos and surveyed 15 industry segments across 14 countries. More than 5,000 respondents were surveyed in total.
China
How happy-go-lucky British vloggers are making propaganda for China as they are granted access to film from province housing a million Uyghurs in re-education camps
The Daily Mail
Taryn Pedler
British travel bloggers have been blasted for sugarcoating China's Uyghur human rights problem while claiming they are exposing Western media lies about Xianjiang. The Chinese region, which currently holds over one million Uyghurs in re-education camps, has been seen receiving a positive reception from influencers, as they make their way through the province that is usually shut off from journalists. Foreign vloggers are welcomed with open arms by the Chinese government, to the the region where Western governments and rights groups have accused authorities of subjecting Uyghurs and members of other predominantly Muslim ethnic minority groups to alleged genocide, state-imposed forced labor, and crimes against humanity.
ASPI: Daria Impiombato, a cyber analyst at the Australian Strategic Policy Institute, has co-written several reports on China’s multilayered ways of folding local and foreign influencers into its propaganda strategy.
She said vloggers with large platforms had a responsibility to inform themselves and to be sceptical. “There needs to be a reckoning with that type of platform,” she said. “It’s like influencers who are going to Syria, just doing travel vlogs from Syria without talking about years and years of war and devastation. You can’t do that, and you can’t do that in Xinjiang either.”
Xiaomi wants India’s competition watchdog to recall report on Flipkart over sensitive data
South China Morning Post
China’s Xiaomi has asked India’s antitrust body to recall its report that found the company and Walmart’s Flipkart breached competition laws, arguing it contains commercial secrets, two people familiar with the matter said. Any recall of the Competition Commission of India report could delay its antitrust investigation, which began in 2021. In a rare move in August, the commission recalled an antitrust report on Apple after the company similarly complained commercial secrets were disclosed. Xiaomi has told the commission in an application the investigation report on Flipkart contains sensitive business data on the smartphone company which was supposed to be redacted when the document was shared with parties in the case, said the two sources familiar with the matter.
China urges vigilance against Taiwanese cyberattacks
CNA
China's national security ministry said on Monday (Sep 23) a Taiwan military-backed hacking group called Anonymous 64 has been carrying out cyberattacks against targets in China, urging people to report "anti-propaganda sabotage". Taiwan's defence ministry denied the allegations, saying China was the real disturber of the peace with its cyberattacks and military harassment. Since the beginning of this year, Anonymous 64 - which China's national security ministry said belonged to Taiwan's cyber warfare wing - has sought to upload and broadcast "content that denigrates the mainland's political system and major policies", on websites, outdoor screens and network TV stations, the national security ministry said in a blog post.
USA
U.S. pitches ban on Chinese tech in driverless and connected vehicles
The Washington Post
David J. Lynch
The Biden administration on Monday proposed banning the import or sale of Internet-connected vehicles containing Chinese or Russian components, sounding an alarm about the potential for modern transport to be used as a tool for spying or to create domestic chaos during a conflict. The move follows seven months of deliberation and increasing concern over the risk of allowing foreign adversaries to obtain data on American driving habits or to remotely control American vehicles via internet connections, said administration officials who briefed reporters ahead of the planned action.
U.S. research aided Chinese military technology, House Republicans say
The New York Times
Ana Swanson
A House committee focused on threats from China argues in a new report that U.S. federal research funding had helped to advance Chinese technologies with military applications, fueling a potential national security rival to the United States. The report argues that Chinese partnerships with U.S.-funded researchers and universities have helped to propel Beijing’s advancements in fields like hypersonic and nuclear weapons, artificial intelligence and semiconductors, and that these developments may one day influence how the two nations perform on the battlefield.
North Asia
Behind the facade: The reality of N. Korea’s construction propaganda
Daily NK
Seon Hwa
North Korea has been encouraging the production of propaganda videos for the regime, including one by a film crew sent to a major state construction project. But the production was staged to misrepresent actual conditions at the site, prompting criticism that it amounts to cheap propaganda. “A film crew was sent by the Korean Central Broadcasting Committee to the construction site of the Tanchon No. 1 Power Plant in early September. The team spent a few days filming at the site for a video to be broadcast by Korean Central Television,” a source in South Hamgyong province told The Daily NK recently.
New PondRAT malware hidden in Python packages targets software developers
The Hacker News
Ravie Lakshmanan
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in attacks related to the 3CX supply chain compromise last year. Some of these attacks are part of a persistent cyber attack campaign dubbed Operation Dream Job, wherein prospective targets are lured with enticing job offers in an attempt to trick them into downloading malware.
South & Central Asia
Hacker uses Telegram chatbots to leak data
iTnews
Christopher Bing and Munsif Vengattil
Stolen customer data including medical reports from India's biggest health insurer, Star Health, is publicly accessible via chatbots on Telegram, just weeks after Telegram's founder was accused of allowing the messenger app to facilitate crime. The purported creator of the chatbots told a security researcher, who alerted Reuters to the issue, that private details of millions of people were for sale and that samples could be viewed by asking the chatbots to divulge. Star Health and Allied Insurance, whose market capitalization exceeds US$4 billion ($5.9 billion), in a statement to Reuters said it has reported alleged unauthorised data access to local authorities.
Ukraine-Russia
Fake UK news sites ‘spreading false stories’ about western firms in Ukraine
The Guardian
Ben Quinn
Fake news websites registered in the UK and made to resemble trusted British outlets are allegedly spreading disinformation about western companies operating in Ukraine. The suspected Russian propaganda operation has prompted calls by parliamentarians for a change in the law to force UK-registered news websites to reveal their ownership, as happens in the EU. While the sites – londoninsider.co.uk and talk-finance.co.uk – are in English and have been registered in the UK, their output has been picked up and disseminated in Ukraine, where the UK’s media has a reputation for reliability and trustworthiness.
How Russia spreads fake news in the Balkans
Radio Free Europe
Mirjana Jevtovic and Milos Katic
It was midnight in Tehran and 10 in the evening in Belgrade on April 13 and a massive disinformation campaign was about to be launched. At the time, Iran was just starting to unleash one of its biggest ever drone and missile attacks against Israel, ratcheting up already heightened tensions in the Middle East. With a jittery globe closely following the news, an obscure Serbian-language media outlet began churning out articles on the Iranian attack at breakneck speed -- more than 100 stories every hour -- even though facts and details were few and elusive. Much of the information appeared sourced to nothing more than Russian-language Telegram channels, the Kremlin-funded RT network, or other Russian-state-run media.
UK
Fallout from TfL cyber-attack is slow burning and potentially costly
The Guardian
Gwyn Topham
As cyber-attacks go, it could have been worse. In Nightsleeper, the new BBC thriller airing just after Transport for London revealed its systems had been breached, passengers are locked aboard as a train seized by hackers hurtles dangerously towards the capital. In real life, the troubles for TfL customers are far less dramatic. The actual physical transport services, the buses, trains and tubes – many of which are effectively remote-controlled – have been unaffected by its cyber-attack. But as TfL continues to tackle what it calls an ongoing incident – despite the recent arrest of a suspected perpetrator – the minor headaches are growing persistent.
Middle East
Middle Eastern funds are plowing billions of dollars into hottest AI start-ups
CNBC
Kate Rooney and Kevin Schmidt
Sovereign wealth funds out of the Middle East are emerging as key backers of Silicon Valley’s artificial intelligence darlings. Oil-rich nations like Saudi Arabia, United Arab Emirates, Kuwait and Qatar have been looking to diversify their economies, and are turning to tech investments as a hedge. In the past year, funding for AI companies by Middle-Eastern sovereigns has increased fivefold, according to data from Pitchbook. MGX, a new AI fund out of The United Arab Emirates, was among investors looking to get a slice of OpenAI’s latest fundraise this week, two sources told CNBC. The round is set to value OpenAI at $150 billion, said the people, who asked not to be named because the discussions are confidential.
Big Tech
Mark Zuckerberg says leaders should have technical skills if they want to call themselves a tech company
Business Insider
Sarah Jackson
What makes a tech company a tech company? According to Mark Zuckerberg, the answer is the technical skills of the people in charge. The Meta CEO shared his thoughts on tech leadership during a live episode of the "Acquired" podcast that was released Wednesday. Zuckerberg, who founded Facebook at 19 from his dorm room at Harvard, said a lack of technical chops in leadership was one of the first things he noticed when he went to Silicon Valley.
Necro Trojan infects Google Play apps with millions of downloads
Security Week
Ionut Arghire
Two applications with a combined download count of roughly 11 million in the official Google Play application store were found infected with the Necro trojan, according to a report from anti-malware vendor Kaspersky. A multi-stage loader, Necro was initially discovered in 2019, after it had infected the CamScanner – Phone PDF creator app with more than 100 million downloads in Google Play. The new variant of the malware making the rounds now is distributed through both applications in Google Play and modified versions of popular applications and games available via unofficial sources.
Artificial Intelligence
AI has a ‘special place’ in French government, says new AI and digital minister
EURACTIV
Théophane Hartmann
“AI will take on a very special place in my work” as a member of the new French government, said Clara Chappaz, newly-appointed secretary of state for artificial intelligence (AI) and digital technologies, on Monday (23 September). The former ministry for the digital transition and telecommunications has been renamed the ministry of artificial intelligence and digital technologies. The change sends a clear message to the world and to EU countries that France will continue to support innovative companies, especially in AI, Chappaz said. Speaking at a handover ceremony before an audience of officials on Monday, Chappaz referenced the upcoming Paris AI Action Summit in February 2025, which will focus on shaping global AI governance.
Why AI is a double-edged sword for cybersecurity
The Australian Financial Review
Dr. Dorit Dor
This content is produced in commercial partnership with Check Point Software Technologies. The rapid emergence of AI as a mainstream business tool has brought both opportunities and challenges for organisations of all sizes. On one hand, the technology promises to deliver significant improvements in productivity and process efficiency. However, on the other, it’s arming cybercriminals with powerful new capabilities that can enhance their ability to cause damage, and lowers the barrier of entry into the cybercrime ecosystem.
Misc
Telegram CEO Durov says app to provide more data to governments
Bloomberg
Jeff Stone
Messaging app Telegram will provide users’ IP addresses and phone numbers to relevant authorities in response to valid legal requests, according to Chief Executive Officer Pavel Durov. The platform changed its terms of service to deter criminals from abusing it, Durov said in a post on Telegram Monday. The move comes less than a month after his arrest in France, where he faces charges of alleged complicity in the spread of child sexual abuse materials. The move represents a marked difference from Telegram’s approach to government requests for data and its reputation for lax moderation. The United Arab Emirates-based platform has been notoriously non-responsive to takedown requests from governments around the world, and often ignored requests for information about suspected criminals.
How did they get my data? The hidden web behind telemarketers
InnovationAus
Dr Priya Dev
Last year, I started getting a lot of unsolicited phone calls, mainly from people trying to sell me things. This came as a surprise because, as a data scientist, I am very careful about what personal information I let out into the world. So I set out to discover what had happened. My investigation took several months. It eventually led me to the labyrinthine world of data brokers. In today’s digital age, where personal data is a new kind of gold, these companies wield significant power, creating networks where our personal information is shared between brokers and telemarketers as easily as TikTok videos. Their businesses profit from the data they collect, and many of the calls they enable come from scammers. This comes at an enormous cost: in 2023, Australians lost $2.7 billion to scams. This highlights the urgent need for stronger privacy protections to limit how our personal data is collected and shared.
Remotely exploding pagers highlight supply chain risks
The Strategist
Jason Van der Schyff
The attacks against Hezbollah using weaponised pagers and walkie talkies serve as a stark reminder of the dangers of compromised supply chains and why Australia must secure its own against the threats from China. While the full details about the devices are yet to emerge, the operation—presumed to be carried out by Israel though not declared as such—indicates what could happen if supply chains were exploited in more subtle but equally insidious ways. For nations like Australia, the consequences could be just as catastrophic.
Global infostealer malware operation targets crypto users, gamers
Bleeping Computer
Bill Toulas
A massive infostealer malware operation encompassing thirty campaigns targeting a broad spectrum of demographics and system platforms has been uncovered, attributed to a cybercriminal group named "Marko Polo." The threat actors use a variety of distribution channels, including malvertising, spearphishing, and brand impersonation in online gaming, cryptocurrency, and software, to spread 50 malware payloads, including AMOS, Stealc, and Rhadamanthys. According to Recorded Future's Insikt Group, which has been tracking the Marko Polo operation, the malware campaign has impacted thousands, with potential financial losses in the millions.
Jobs
ASPI Research Internship
ASPI
Have you recently completed your studies (undergraduate or postgraduate) and want to develop your expertise in defence, foreign and national security policy, including in areas such as strategic competition, defence, deterrence, foreign interference, technology, and security? Do you want to inform the public and government on the critical strategic choices facing Australia and learn what it takes to be a professional analyst? If so, apply for the ASPI Research Internship Program! Please note that this is a paid internship program. Applications will close at midnight Friday 27 September 2024.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.