US House Bill Demands ByteDance Divestiture from TikTok | Blackcat Ransomware Site Seized, UK Agency Denies Involvement | North Korea Hacks South Korean Chip Makers
Good morning. It's Wednesday 6th March.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
Lawmakers have proposed a bill in Congress called the Protecting Americans from Foreign Adversary Controlled Applications Act, which would mandate China's ByteDance to sell off TikTok to prevent a potential ban of the app in the United States. The bill, introduced by Representatives Mike Gallagher and Raja Krishnamoorthi, asserts that TikTok, being controlled by a foreign adversary, poses a national security threat to the United States. CNBC
The website linked to hackers linked to a breach at UnitedHealth Group has been seized by international law enforcement, according to a notice on the site. However, one of the agencies supposedly involved, Europol, denied any involvement, raising suspicions that the hackers, known as ALPHV, may have orchestrated their own takedown. Reuters
North Korean hackers targeted South Korean chip equipment makers to develop semiconductors for weapons programs, per South Korea's spy agency. President Yoon Suk Yeol warned of possible cyber-attacks ahead of elections. The National Intelligence Service suggests North Korea aims to produce its own chips due to sanctions. This could fulfill needs in weapons programs, including satellites and missiles. BBC
ASPI
Leveraging innovation from diverse sources for Defence
The Strategist
Bronte Munro
In the 2023 defence strategic review, the Australian government recognised that Australia’s innovation ecosystem needed a leg up. Greater support for innovation, reinforced by faster acquisition timelines and deeper ties between government and industry is essential to meeting Australia’s national security needs. While the government is directing large scale review and reform to address this need, the potential to leverage established and highly effective innovation opportunities in allied countries, such as the US, should not be overlooked.
China
There Are Cracks in the Great Wall of Silence on China
Bloomberg
Karishma Vaswani
Two high-profile cases of foreign interference have prompted Singapore and Australia, the two governments targeted, to take the unusual step of placing issues that are usually dealt with behind closed doors in full public view. Neither state has explicitly said who is responsible, and have only made veiled references to the nation involved, but their respective media have left us in no doubt. All signs point to China, which has a variety of active foreign-influence tools to use to further its economic and political ambitions. There are meaningful lessons for other nations trying to safeguard against this kind of obstruction and push back against those behind it.
Read ASPI analyst Albert Zhang’s research on Lianhe Zaobao here.
USA
TikTok faces more heat in Washington as House members introduce legislation demanding ByteDance divestiture
CNBC
Jonathan Vanian
Lawmakers introduced a bill in Congress on Tuesday that would require China’s ByteDance to divest TikTok in order to avoid a ban of the video app in the U.S. Representatives Mike Gallagher, R-Wis., and Raja Krishnamoorthi, D-Ill., introduced the legislation, dubbed the Protecting Americans From Foreign Adversary Controlled Applications Act. The bill says TikTok is controlled by a foreign adversary and poses a threat to U.S. national security.
Gallagher, Bipartisan Coalition Introduce Legislation to Protect Americans From Foreign Adversary Controlled Applications, Including TikTok
The Select Committee on the CCP
Press Release
Competition Between the United States and the Chinese Communist Party, today introduced the Protecting Americans from Foreign Adversary Controlled Applications Act. The bill prevents app store availability or web hosting services in the U.S. for ByteDance-controlled applications, including TikTok, unless the application severs ties to entities like ByteDance that are subject to the control of a foreign adversary, as defined by Congress in Title 10.
US sanctions founder of spyware maker Intellexa for targeting Americans
TechCrunch
Lorenzo Franceschi-Bicchierai
The U.S. government announced Tuesday sanctions against the founder of the notorious spyware company Intellexa and one of his business partners. This is the first time the U.S. government has targeted specific people, in addition to companies, with sanctions related to the misuse of commercial spyware. And it signifies an escalation of the White House and U.S. government’s efforts to curb the spyware industry.
Ex-colonel accused of divulging US secrets on foreign dating website
BBC
Max Matza
A retired US Army colonel in Nebraska has been charged with sending classified information to a person through a foreign dating website. David Franklin Slater, 63, was employed until 2022 by US Strategic Command (Stratcom), which oversees the US nuclear missile arsenal. He was arrested on Saturday and will appear in court on Tuesday. Officials say he illegally transmitted documents that "could be used to the injury of the United States".
AMD Hits US Roadblock in Selling AI Chip Tailored for China
Bloomberg
Jane Lanhee Lee and Mackenzie Hawkins
Advanced Micro Devices Inc. hit a US government roadblock in attempting to sell an artificial intelligence chip tailored for the Chinese market, according to people familiar with the matter, part of Washington’s crackdown on the export of advanced technologies to the country. AMD had hoped to gain a green light from the Commerce Department to sell the AI processor to Chinese customers, according to the people, who asked not to be identified because the situation is private. The chip has lower performance than what AMD sells outside of China and was designed to meet US export restrictions, they said.
AMD's Made-for-China AI Chips Are Too Powerful
Bloomberg
Jane Lanhee Lee
Advanced Micro Devices Inc. is the latest global tech company to try and overcome the trade walls that the US is erecting around China. Legally, of course. But it’s not going so well, as even the modified artificial intelligence accelerator that AMD fashioned specifically for China has been rebuffed by the Department of Commerce.
U.S. Health Department Intervenes in Change Healthcare Hack Crisis
The Wall Street Journal
James Rundle and Kim S. Nash
The U.S. Health and Human Services Department said it would relax certain requirements around Medicare prescriptions and consider advance payments for struggling healthcare facilities, in the first major federal government action since a cyberattack crippled the flow of money through the health system two weeks ago. UnitedHealth Group-owned Optum said it was forced to disconnect over 100 systems at its Change Healthcare unit following a ransomware attack on Feb. 21. The move brought insurance payments and other services to a halt for providers across the U.S.
Americas
Cyberattack forces Canada’s financial intelligence agency to take systems offline
The Record by Recorded Future
Alexander Martin
Canada’s financial intelligence agency FINTRAC has announced pulling its corporate systems offline due to a cyber incident that struck over the weekend. In a statement on its website, the agency said: “Over the last 24 hours, FINTRAC has and continues to manage a cyber incident. The incident does not involve the Centre's intelligence or classified systems.” The nature of the incident has not been disclosed. The agency said it was “working closely with its federal partners, including the Canadian Centre for Cyber Security, to protect and restore its systems.”
North Asia
North Korea hacked South Korea chip equipment makers, Seoul says
BBC
Mariko Oi
North Korean hackers have broken into South Korean chip equipment makers, according to South Korea's spy agency. Pyongyang is trying to make semiconductors for its weapons programs, the National Intelligence Service (NIS) says. It comes a month after President Yoon Suk Yeol warned North Korea may stage provocations such as cyber-attacks to interfere with upcoming elections. Last year, North Korea hacked into the emails of an aide to President Yoon. "We believe that North Korea might possibly be preparing to produce its own semiconductors in the face of difficulties in procuring them due to sanctions," the NIS said in a statement. It added that Pyongyang's efforts could be driven by the need to have chips for its weapons programs, including satellites and missiles.
Southeast Asia
China data leak spotlights cyber-spying across Southeast Asia
Nikkei Asia
Fiona Kelliher
Hackers at a Chinese state-linked security contractor targeted government agencies across Southeast Asia for years, a major document leak shows, revealing rare details of cyberespionage in countries where Beijing has strong political and economic ties. The hacks -- which appear to have penetrated state systems in Thailand, Vietnam, Malaysia, Indonesia, Myanmar and Cambodia, as well as private companies -- add to a long pattern of Chinese actors attacking smaller, more vulnerable neighbors to keep tabs on hot-button issues and glean information about Western tech companies operating in the region, experts said.
South & Central Asia
Indian startups ask antitrust body to order Google to restore apps after 'brazen' move
Reuters
Aditya Kalra
A group representing Indian startups has asked the country's antitrust watchdog to order Alphabet Inc's (GOOGL.O), opens new tab Google to reinstate apps it removed for policy violations, a letter seen by Reuters shows, escalating a showdown with the U.S. giant in a key market. Google on Friday removed more than 100 Indian apps, including popular ones by Matrimony.com (MATI.NS), opens new tab, for not complying with its policy of paying a service fee when in-app payment options other than Google's are used
Ukraine - Russia
Ukraine claims cyber-attack on Russian Ministry of Defence
Cyber Daily
Daniel Croft
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defence published a press release yesterday outlining the outcomes attack. “Cyber specialists of the Ministry of Defense of Ukraine implemented another successful special operation against the aggressor state of Russia - as a result of the attack, it was possible to gain access to the servers of the Ministry of Defense of the Russian Federation,” wrote the GUR. “Now the Ukrainian special service has the information protection and encryption software used by the morph, as well as an array of secret service documents of the Russian Ministry of War.
Europe
Europe’s chips research champion is cutting China ties
POLITICO
Pieter Haeck
Belgium-based Imec, a world-leading research center in microelectronics, has soured on China. Imec has "drastically reduced" its Chinese partnerships, the Flemish Economy Ministry, which oversees the microchips research center, told POLITICO. The research center will continue to phase out ongoing obligations on more mature technology. Imec's rollback is the latest example of how "China" has become a tainted word in the chips industry. European governments are closely scrutinizing the contacts that their chip companies have with China — mostly pressured by the United States, which aims to cut off China's access to advanced chips.
UK
Blackcat ransomware site reportedly seized but UK agency denies responsibility
Reuters
James Pearson and Christopher Bing
A website used by hackers responsible for a breach at UnitedHealth Group (UNH.N), opens new tab has been replaced by a notice saying it has been seized by international law enforcement. But at least one of the agencies allegedly responsible said it had nothing to do with the seizure, raising the possibility that the hackers - who also go by the moniker ALPHV - faked their own takedown. A message posted to the website of the Blackcat hacking gang on Tuesday said it had been impounded "as part of a coordinated law enforcement action" by U.S. authorities and other law enforcement agencies. Among the logos of non-American agencies involved were those of Europol and Britain's National Crime Agency.
Britain’s AI sector expected to get £100m extra funding in budget
The Guardian
Larry Elliott
Jeremy Hunt is planning to provide a budget boost to Britain’s growing artificial intelligence sector through a doubling of funding for the Alan Turing Institute – the national body for data science and artificial intelligence. Despite being restricted in his scope for pre-election giveaways by the weakness of the public finances, the chancellor is expected to announce a five-year package of funding worth £100m.
Big Tech
Hackers steal Windows NTLM authentication hashes in phishing attacks
Bleeping Computer
Bill Toulas
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. TA577 is considered an initial access broker (IAB), previously associated with Qbot and linked to Black Basta ransomware infections. Email security firm Proofpoint reports today that although it has seen TA577 showing a preference for deploying Pikabot recently, two recent attack waves demonstrate a different tactic.
Facebook, Instagram, and Threads were all down
The Verge
Emma Roth
Facebook, Instagram, and Threads are coming back online following an outage lasting about two hours. The three Meta-owned platforms stopped working for many users starting around 10AM ET. Some users experienced issues logging in to their Meta Quest headsets, too. Facebook logged users out of their accounts, while Instagram users couldn’t refresh their feeds, and Threads displayed a message saying, “Sorry, something went wrong. Try again.” Reports on Downdetector rapidly spiked for all three platforms, while network tracker NetBlocks noted the issue’s global impact. WhatsApp appeared to be unaffected and kept working.
Elon Musk switched on X calling by default: Here’s how to switch it off
TechCrunch
Lorenzo Franceschi-Bicchierai and Zack Whittaker
In his quest to turn a simple and functioning Twitter app into X, the everything app that doesn’t do anything very well, Elon Musk launched audio and video calling on X last week — and this new feature is switched on by default, it leaks your IP address to anyone you talk with, and it’s incredibly confusing to figure out how to limit who can call you.
Artificial Intelligence
How governments can use generative AI to build trust
The Mandarin
The Mandarin
A surprisingly high proportion of people are happy for governments to use generative AI to help deliver services, but only in the right circumstances. The latest Trust Imperative survey by Salesforce and Boston Consulting Group (BCG) shows three in four citizens are comfortable with using government services that are powered by generative AI if there is sufficient human oversight. Most survey respondents are also comfortable with governments embracing GenAI in seven of nine potential use cases tested, particularly when it helps deliver a better user experience or improves internal processes. They are uncomfortable with government using GenAI technology to automate decision-making or monitor sentiment.
Misc
American Express credit cards exposed in third-party data breach
Bleeping Computer
Lawrence Abrams
American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked. This incident was not caused by a data breach at American Express, but rather at a merchant processor in which American Express Card member data was processed. In a data breach notification filed with the state of Massachusetts under "American Express Travel Related Services Company," the company warned customers their credit cards may have been stolen.
Events & Podcasts
The Sydney Dialogue
ASPI
The Sydney Dialogue was created to help bring together governments, businesses and civil society to discuss and progress policy options. We will forecast the technologies of the next decade that will change our societies, economies and national security, prioritising speakers and delegates who are willing to push the envelope. We will promote diverse views that stimulate real conversations about the best ways to seize opportunities and minimise risks.
Jobs
China Analyst or Senior Analyst
ASPI
ASPI has an exciting opportunity for an analyst or senior analyst to explore China's evolving foreign and security policy, political economy and impact on the Indo-Pacific and the world. ASPI’s China analysts conduct rigorous data-driven research, publish impactful reports that shape the public policy discourse and contribute to the wide catalogue of influential China work published by ASPI. The difference between the analyst and senior analyst levels will depend on experience level and demonstration of past work.
Junior Editor for The Strategist
ASPI
The Australian Strategic Policy Institute is seeking a junior editor for The Strategist website, Australia’s leading site for national security commentary and analysis. We are looking for a strong editor and writer who has excellent attention to detail and solid policy judgement, and who can work with ASPI staff, on writing and editing their own work. Candidates will preferably have a background in journalism, editing or security and international policy, with at least two years’ experience in a relevant field.
Deputy Director Defence Strategy & National Security
ASPI
ASPI is currently recruiting for a Deputy Director, Defence Strategy & National Security. This is an exceptional opportunity for a talented and experienced individual to contribute to the work of Australia's leading think-tank on strategic defence policy issues in a unique leadership role.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.