Meta’s ‘biggest single takedown’ removes Chinese influence campaign | Japan’s cyber security agency suffers months-long breach | FBI, partners dismantle Qakbot infrastructure
Good morning. It's Wednesday 30th August.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Have feedback? Let us know at icpc@aspi.org.au.
Follow us on Twitter and on LinkedIn.
On Feb. 27, an article claiming that the United States was behind the bombing of the Nord Stream underwater pipelines in the Baltic Sea was published on the Substack and Blogspot blogging platforms. Within 24 hours, the article — and other versions of it — had been posted to more websites, including Reddit, Medium, Tumblr, Facebook and YouTube. The posts were part of a Chinese influence campaign that stands out as the largest such operation to date, researchers at Meta said in a report on Tuesday. The New York Times
The organisation responsible for Japan’s national defences against cyber attacks has itself been infiltrated by hackers, who may have gained access to sensitive data for as much as nine months. According to three government and private sector sources familiar with the situation, Chinese state-backed hackers were believed to be behind the attack on Japan’s National Center of Incident Readiness and Strategy for Cybersecurity, which began last autumn and was not detected until June. Financial Times
On August 29, the FBI and the Justice Department announced a multinational operation to disrupt and dismantle the malware and botnet known as Qakbot. The action, which took place in the U.S., France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, represents one of the largest U.S.-led disruptions of a botnet infrastructure used by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity. FBI
ASPI
Censors quash discussion of Singapore paper’s op-ed criticizing Xi Jinping
China Digital Times
Alexander Boyd
A Singapore paper’s publication of a blistering opinion piece criticizing Xi Jinping did not escape notice on Weibo, where netizens surreptitiously praised it. If published in most overseas Chinese-language media outlets, the article might not have made much of a stir. However, it appeared in Singapore’s flagship Chinese-language paper, Lianhe Zaobao, which is widely perceived as pro-China. A recent investigation from The Washington Post and The Australian Strategic Policy Institute found that Lianhe Zaobao “now routinely echoes some of Beijing’s most strident falsehoods” and runs regular opinion columns from sitting Party officials without noting their affiliations.
Is Elon Musk a threat to Australia?
Australian Financial Review
Nick Bonyhady
The extent to which the surprisingly sleek units from Elon Musk’s Starlink are undermining the National Broadband Network, and exciting the country’s largest phone companies, shows how the influence of the world’s richest man is growing in Australia. “I am a fan of Musk in many respects,” says Dr Malcolm Davis, a space researcher at defence think tank the Australian Strategic Policy Institute. But, “in a geopolitical sense, obviously, I have concerns. “You have one person, Elon Musk, who is unpredictable in terms of his personality and his beliefs. And I think everyone just needs to look on Twitter [now known as X] to see exactly what we’re talking about. “And he does have links with China that I think are concerning.”
Australia
Big Tech tells regulators to focus on ‘outcomes’ not algorithms
InnovationAus
Joseph Brookes
China’s post-pandemic economic recovery efforts in the first half of the year have helped ignite growth in the nation’s online population and across the entire internet market, including in e-commerce, online travel and ride-sharing services, according to the government’s latest industry survey. The survey findings published on Monday by the China Internet Network Information Centre, an agency under the Cyberspace Administration of China, showed that the total number of internet users nationwide reached 1.08 billion as of June, an increase of 11.09 million from December last year, to put the nation’s online penetration rate at 76.4 per cent.
China
Meta’s ‘biggest single takedown’ removes Chinese influence campaign
The New York Times
Sheera Frenkel
On Feb. 27, an article claiming that the United States was behind the bombing of the Nord Stream underwater pipelines in the Baltic Sea was published on the Substack and Blogspot blogging platforms. Within 24 hours, the article — and other versions of it — had been posted to more websites, including Reddit, Medium, Tumblr, Facebook and YouTube. The posts were part of a Chinese influence campaign that stands out as the largest such operation to date, researchers at Meta said in a report on Tuesday. The effort, which the company said had started with Chinese law enforcement and was discovered in 2019, was aimed at advancing China’s interests and discrediting its adversaries, such as the United States, Meta said. In total, 7,704 Facebook accounts, 954 Facebook pages, 15 Facebook groups and 15 Instagram accounts tied to the Chinese campaign were removed by Meta, which owns Facebook, Instagram and WhatsApp.
Chinese law enforcement linked to largest covert influence operation ever discovered
The Record by Recorded Future
Alexander Martin
Meta announced on Tuesday the removal of thousands of fake accounts from Facebook that were operated as part of “the largest known cross-platform covert influence operation in the world,” and which researchers believe is linked to individuals associated with Chinese law enforcement.Pro-China influence campaign pushed talking points across more than 50 websites
NBC News
Kevin Collier
Facebook said Tuesday it has identified a sprawling online propaganda effort: a pro-China campaign that had a presence on more than 50 websites. The researchers said the broadly coordinated postings of pro-China images, videos, comments and audio files were part of a yearslong operation that researchers had previously dubbed “Spamouflage.”Adversarial Threat Report August 2023
Meta
Mack DeGeurin
Our public threat reporting began about six years ago when we first shared our findings about coordinated inauthentic behavior by a Russian covert influence operation. Since then, we have expanded our ability to respond to a wider range of adversarial behaviors as global threats have continued to evolve. To provide a more comprehensive view into the risks we tackle, we’ve also expanded our regular threat reports to include other emerging threats and our detailed insights — all in one place, as part of the quarterly reporting series.
Read ASPI’s work:
Gaming Public Opinion: The CCP’s increasingly sophisticated cyber-enabled influence operations
ASPI
Albert Zhang, Tilla Hoja and Jasmine Latimore
The Chinese Communist Party’s embrace of large-scale online influence operations and spreading of disinformation on Western social-media platforms has escalated since the first major attribution from Silicon Valley companies in 2019. While Chinese public diplomacy may have shifted to a softer tone in 2023 after many years of wolf-warrior online rhetoric, the Chinese Government continues to conduct global covert cyber-enabled influence operations. Those operations are now more frequent, increasingly sophisticated and increasingly effective in supporting the CCP’s strategic goals. They focus on disrupting the domestic, foreign, security and defence policies of foreign countries, and most of all they target democracies.China’s cyber interference narrows in on Australian politics and policy
The Strategist
Albert Zhang and Danielle Cave
ASPI has identified a multi-language network of coordinated inauthentic accounts on US-based platforms including Twitter, YouTube, Facebook, Reddit, Instagram and blog sites that we assess are likely involved in an ongoing Chinese Communist Party influence and disinformation campaign targeting Australian domestic and foreign policies, including by amplifying division over the Indigenous voice referendum, and sustained targeting of the Australian parliament, Australian companies (including the big-four banks) and our organisation, ASPI.China’s cyber interference and transnational crime groups in Southeast Asia
The Strategist
Albert Zhang and Danielle Cave
The Chinese Communist Party has a long history of engagement with criminal organisations and proxies to achieve its strategic objectives. This article provides new evidence of the development of a CCP-linked influence-for-hire industry operating in Southeast Asia. This activity involves the Chinese government’s spreading of influence and disinformation campaigns using fake personas and inauthentic accounts on social media that are linked to transnational criminal organisations.
China’s post-pandemic economic recovery spurs growth across internet sector, boosting e-commerce, ride-hailing and online travel: report
South China Morning Post
Ben Jiang
China’s post-pandemic economic recovery efforts in the first half of the year have helped ignite growth in the nation’s online population and across the entire internet market, including in e-commerce, online travel and ride-sharing services, according to the government’s latest industry survey. The survey findings published on Monday by the China Internet Network Information Centre, an agency under the Cyberspace Administration of China, showed that the total number of internet users nationwide reached 1.08 billion as of June, an increase of 11.09 million from December last year, to put the nation’s online penetration rate at 76.4 per cent.
USA
FBI, partners dismantle Qakbot infrastructure in multinational cyber takedown
FBI
On August 29, the FBI and the Justice Department announced a multinational operation to disrupt and dismantle the malware and botnet known as Qakbot. The action, which took place in the U.S., France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, represents one of the largest U.S.-led disruptions of a botnet infrastructure used by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity." The FBI neutralized this far-reaching criminal supply chain, cutting it off at the knees," said FBI Director Christopher Wray. "The victims ranged from financial institutions on the East Coast to a critical infrastructure government contractor in the Midwest to a medical device manufacturer on the West Coast."
X to allow political ads for the first time since 2019
The Hill
Rebecca Klar
X, the platform formerly known as Twitter, will allow political ads heading into the 2024 election cycle for the first time since 2019, the company announced Tuesday. The update is the latest change, including that made to the brand name, made since billionaire Elon Musk bought the platform for $44 billion in October.
Supporting people’s right to accurate and safe political discourse on X
X
Building on our commitment to free expression, we are also going to allow political advertising. Starting in the U.S., we’ll continue to apply specific policies to paid-for promoted political posts. This will include prohibiting the promotion of false or misleading content, including false or misleading information intended to undermine public confidence in an election, while seeking to preserve free and open political discourse. We’ll also provide a global advertising transparency center so that everyone can review political posts being promoted on X, in addition to robust screening processes to ensure only eligible groups and campaigns are able to advertise.
TikTok’s U.S. future still in limbo as Commerce Secretary visits China
The New York Times
Sapna Maheshwari and David McCabe
Commerce Secretary Gina Raimondo’s visit to China is putting a spotlight on the future of TikTok in the United States, where criticism of the app and its ties to Beijing reached a fever pitch this year. Despite the intense pressure on the popular short-form video app, which is owned by the Chinese technology company ByteDance, efforts to ban or regulate it in Washington have not yet borne fruit. And even with all that scrutiny, Ms. Raimondo is not planning to discuss TikTok while in China, a glaring omission that reflects the impasse at which it has left the Biden administration.
Pentagon vows to move quickly to buy more drones, citing China threat
The New York Times
Eric Lipton
The Pentagon announced on Monday that it would buy thousands of unmanned drones and other autonomous devices over the next two years, adding that it had been far too slow to embrace new technology that is “small, smart, cheap” and that could bolster the U.S. military as it prepares for possible future conflict with China. The commitment came from Kathleen Hicks, the deputy defense secretary. She said in a speech at a gathering of military contractors that the Pentagon would soon change how it buys the kind of autonomous devices that the Ukrainian military has used over the past 18 months to help defend against the Russian invasion.
Pentagon unveils ‘Replicator’ drone program to compete with China
Yahoo News
Noah Robertson
The Pentagon committed on Monday to fielding thousands of attritable, autonomous systems across multiple domains within the next two years as part of a new initiative to better compete with China. The program, dubbed Replicator, was announced by Deputy Defense Secretary Kathleen Hicks, speaking at the National Defense Industrial Association’s Emerging Technologies conference here.
Google to invest another $1.7 billion into Ohio data centers
Associated Press
Google will invest an additional $1.7 billion to support three data center campuses in central Ohio, the company announced Monday. The tech giant now operates a center in New Albany and announced in May that it would build additional centers in Columbus and Lancaster to help power its artificial intelligence technology and other tools.
Schumer to host AI forum with CEOs including Musk and Zuckerberg
The Washington Post
Cat Zakrzewski
Senate Majority Leader Charles E. Schumer in September will convene top tech executives including Tesla CEO Elon Musk, Meta CEO Mark Zuckerberg and OpenAI CEO Sam Altman for a forum on AI policy as Congress races to create guardrails for the swiftly evolving technology.
Americas
Meta's Canada news ban fails to dent Facebook usage
Reuters
Katie Paul and Steve Scherer
Meta's decision to block news links in Canada this month has had almost no impact on Canadians' usage of Facebook, data from independent tracking firms indicated on Tuesday, as the company faces scorching criticism from the Canadian government over the move. Daily active users of Facebook and time spent on the app in Canada have stayed roughly unchanged since parent company Meta started blocking news there at the start of August, according to data shared by Similarweb, a digital analytics company that tracks traffic on websites and apps, at Reuters' request.
Mexico’s microchip advantage
Foreign Affairs
Chris Miller and David Talbot
Since Congress passed the CHIPS and Science Act one year ago, there has been much talk about how to shift electronics and computing supply chains away from China. In addition to the rapid buildup of domestic manufacturing capacity spurred by the CHIPS Act tax credits and incentives, the intensification of U.S.-Chinese tensions and the imposition of export controls are encouraging many multinational technology companies to relocate production and assembly outside China. The focus on diversification within Asia, however, has meant that Mexico—America’s top trading partner and arguably its most important manufacturing partner—is being largely overlooked.
Evolving threats: The state of personal data protection in Brazil
Al Jazeera
Angelica Mari
A study published in 2022 by the Regional Center of Studies for the Development of the Information Society has found that 42 percent of Brazilians are “very concerned” about their data when they shop online. As Brazil reaches the fifth anniversary of its personal data protection regulations, the authority entrusted with enforcing the rules has asked for additional resources and more cooperation to tackle the growing data challenges faced by individuals and businesses alike, including developing a data privacy culture in Brazil and addressing threats to privacy posed by cybersecurity risks and artificial intelligence.
North Asia
Japan’s cyber security agency suffers months-long breach
Financial Times
Leo Lewis
The organisation responsible for Japan’s national defences against cyber attacks has itself been infiltrated by hackers, who may have gained access to sensitive data for as much as nine months. According to three government and private sector sources familiar with the situation, Chinese state-backed hackers were believed to be behind the attack on Japan’s National Center of Incident Readiness and Strategy for Cybersecurity, which began last autumn and was not detected until June.
Southeast Asia
Behind the AI boom, an army of overseas workers in ‘digital sweatshops’
The Washington Post
Rebecca Tan and Regine Cabato
In a coastal city in the southern Philippines, thousands of young workers log online every day to support the booming business of artificial intelligence. In dingy internet cafes, jampacked office spaces or at home, they annotate the masses of data that American companies need to train their artificial intelligence models. More than 2 million people in the Philippines perform this type of “crowdwork,” according to informal government estimates, as part of AI’s vast underbelly. While AI is often thought of as human-free machine learning, the technology actually relies on the labor-intensive efforts of a workforce spread across much of the Global South and often subject to exploitation.
Cyber-scam industry booms in plain sight in Cambodia
Bangkok Post
Sui-Lee Wee
Around the world, reports of cyber-scam schemes targeting unsuspecting victims online have proliferated rapidly. Southeast Asia has become a centre of gravity for those criminal syndicates, often in remote and war-torn corners. But in Cambodia, the scam industry has been flourishing well within the reach of officials. For much of last year, dozens of nations reported that criminal gangs operating in Cambodia had lured tens of thousands of people into the country with the promise of high-paying jobs and free housing. Instead, they were forced to work for online scam mills while under intense surveillance in nondescript compounds, part of a multibillion-dollar industry that has entrapped victims on both sides.
Hundreds of thousands trafficked to work as online scammers in SE Asia, says UN report
Office of the United Nations High Commissioner for Human Rights
Hundreds of thousands of people are being forcibly engaged by organised criminal gangs into online criminality in Southeast Asia - from romance-investment scams and crypto fraud to illegal gambling - a report issued today by the UN Human Rights Office shows. Victims face a range of serious violations and abuses, including threats to their safety and security; and many have been subjected to torture and cruel, inhuman and degrading treatment or punishment, arbitrary detention, sexual violence, forced labour, and other human rights abuses, the report says.
Ukraine - Russia
Russians impersonate Washington Post and Fox News with anti-Ukraine stories
The Record by Recorded Future
Alexander Martin
Fake articles masquerading as legitimate stories from The Washington Post and Fox News were spread online by a Russian disinformation campaign attempting to undermine Western support for Ukraine, according to Meta’s latest threat report. The relatively new moves to spoof media organizations in the United States expands upon the campaign's previous concentrated targeting of Germany, France and Ukraine itself.
Europe
Europe’s two-track approach to policing Big Tech
Bloomberg
Samuel Stolton and Jillian Deutsch
One reason why the digital economy is dominated by a handful of big technology companies has been their success in resisting government oversight. Now the European Union is trying to change that on two fronts simultaneously: new rules to expose the Silicon Valley giants to more competition, and tougher content moderation requirements for social media platforms and digital marketplaces including Meta Platforms Inc.’s Facebook, Alphabet Inc.’s YouTube and Amazon.com Inc. Failure to comply carries the threat of heavy fines, but the eventual impact in some areas will depend on how rigorously the laws are enforced by national governments.
UK
Cancelled flights: Air traffic disruption caused by flight data issue
BBC
Thomas Mackintosh and Emma Harrison
Widespread flight disruption that left thousands of passengers stranded was caused by some flight data received, air traffic control bosses say. The National Air Traffic Services said the data saw primary and back-up systems suspend "automatic processing". Disruptions have seen UK passengers sleeping on airport floors, or having to book alternative routes.
Middle East
Saudi Arabia reportedly sentences man to death for criticizing government on social media
CBS News
Saudi Arabia has sentenced to death a government critic who denounced alleged corruption and human rights abuses on social media, his brother and others familiar with the case told AFP on Monday. The judgement was handed down against Mohammed al-Ghamdi in July by the Specialized Criminal Court, a secretive institution established in 2008 to try terrorism cases that has a history of unfair trials resulting in death sentences.
Big Tech
Huawei agrees long-term patent deal with Ericsson despite western curbs
Financial Times
Eri Sugiura
Huawei has sealed a multiyear patent cross-licensing deal with Ericsson for 5G and other technologies as the Chinese group searches for ways to generate revenue after being banned from telecom networks or subjected to curbs in several countries. The rival equipment makers will be able to access each other’s patents essential for the “3G, 4G and 5G cellular technologies” used in network infrastructure and consumer devices, Huawei announced on Friday.
Raising Online Defenses Through Transparency and Collaboration
Meta
Guy Rosen
A recent study shows that de-platforming hate networks reduces consumption and production of hateful content on Facebook and diminishes the ability of these hate networks to operate online. We’re sharing new threat research on two of the largest known covert influence operations in the world from China and Russia, targeting 50+ apps and countries, including the US. We added new transparency features to Threads, including state-controlled media labels to help people know exactly who they interact with on the new app.
Artificial Intelligence
Google tests watermark to identify AI images
BBC
Tom Gerken & Philippa Wain
Google is trialling a digital watermark to spot images made by artificial intelligence in a bid to fight disinformation. Developed by DeepMind, Google's AI arm, SynthID will identify images generated by machines. It works by embedding changes to individual pixels in images so watermarks are invisible to the human eye, but detectable by computers. But DeepMind said it is not "foolproof against extreme image manipulation".
‘Life or death:’ AI-generated mushroom foraging books are all over Amazon
404 Media
Samantha Cole
A genre of AI-generated books on Amazon is scaring foragers and mycologists: cookbooks and identification guides for mushrooms aimed at beginners. Amazon has an AI-generated books problem that’s been documented by journalists for months. Many of these books are obviously gibberish designed to make money. But experts say that AI-generated foraging books, specifically, could actually kill people if they eat the wrong mushroom because a guidebook written by an AI prompt said it was safe.
Research
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
Mandiant
Austin Larsen, John Palmisano, John Wolfram, Mathew Potaczek and Michael Raggi
On June 15, 2023, Mandiant released a blog post detailing an 8-month-long global espionage campaign conducted by a Chinese-nexus threat group tracked as UNC4841. In this follow-up blog post, we will detail additional tactics, techniques, and procedures employed by UNC4841 that have since been uncovered through Mandiant’s incident response engagements, as well as through collaborative efforts with Barracuda Networks and our International Government partners.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.