US Republicans call for investigation into Temu data practices | Vietnam says SpaceX’s Starlink plans $15 Billion investment | China, South Korea, Taiwan to spend most on chip equipment
Good morning. It's Friday 27th September.
The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.
Follow us on Twitter and on LinkedIn.
House Republicans want answers from the FBI and other US agencies about how the popular Chinese online marketplace Temu handles the data of American citizens. The Record by Recorded Future
SpaceX is proposing to invest $15 billion in Vietnam tied to its Starlink satellite service in the near future, the government said, citing a meeting between the company’s Senior Vice President Tim Hughes and the Communist Party’s General Secretary To Lam. Bloomberg
Semiconductor manufacturers will spend a record $400 billion on computer chip making equipment in 2025-2027, global industry association SEMI said in estimates published on Thursday, with China, South Korea and Taiwan leading the way. Reuters
The World
China, South Korea, Taiwan to spend most on chip equipment 2025-2027, industry body says
Reuters
Semiconductor manufacturers will spend a record $400 billion on computer chip making equipment in 2025-2027, global industry association SEMI said in estimates published on Thursday, with China, South Korea and Taiwan leading the way.
Millions of vehicles could be hacked and tracked thanks to a simple website bug
WIRED
Andy Greenberg
Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.
Australia
Australia stepping up to assist Pacific cybersecurity
East Asia Forum
Anthony Adams
Australia has made a long-term commitment to developing cybersecurity capabilities across the Pacific Islands region. The emerging challenge is to ensure that Australia receives the best return on its investment across the region. With Pacific Island nations developing cybersecurity capabilities at different rates, a one size fits all approach will not work. When allocating development spending, Australia should target Pacific Island nations’ respective cybersecurity capability gaps and tailor assistance that aligns with the domestic priorities of each nation, while remaining bound to a consensus driven regional framework.
PwC reveals six staff sacked for data breaches as bad behaviour list unveiled
The Australian
David Ross
PwC Australia found six serious incidents of breaches of data privacy at the audit and consulting firm more than a year after publicly committing to reforms in the wake of a public humiliation over confidentiality breaches. In its 2024 financial results report, PwC revealed it had sacked or terminated eight staff for serious misconduct during the year, alongside a plummeting performance on the back of a damaging tax scandal.
China
CATL reigns as China's top subsidy recipient with 35% jump in first half
Nikkei Asia
Kenji Kawase
Chinese electric vehicle battery supplier CATL raked in 35% more government subsidies in the first half of this year, compared with the same period in 2023, maintaining its perch atop the league table of mainland-listed companies receiving the most financial assistance. While China's public support for its EV sector has been the focus of a Western push to raise tariffs on its electric cars, top industry player CATL took in about 3.85 billion yuan ($547 million) worth of assistance in the first six months.
USA
After TikTok inquiry, Republicans call for investigation into Temu data practices
The Record by Recorded Future
House Republicans want answers from the FBI and other US agencies about how the popular Chinese online marketplace Temu handles the data of American citizens. In a letter to the Securities and Exchange Commission and FBI, members of the Select Committee on Intelligence asked a range of questions about whether investigations are underway examining Temu and its parent company Pinduoduo.
US imposes fresh Russia- and cyber-related sanctions
Reuters
Doina Chiacu and Hannah Lang
The United States on Thursday imposed sanctions on alleged Russian money laundering operations that catered to cybercriminals and involved three illegal cryptocurrency exchanges.
US transportation and logistics firms targeted with infostealers, backdoors
Security Week
Ionut Arghire
Threat actors are compromising email accounts at transportation and shipping organizations in North America to deliver various malware families, Proofpoint reports. Starting May 2024, threat actors have been observed injecting malicious content into existing conversations within the compromised inboxes, to deliver malware such as Arechclient2, DanaBot, Lumma Stealer, NetSupport, and StealC.
CISA warns of continuing attacks on water systems after Kansas town reports incident
The Record by Recorded Future
Jonathan Greig
Government-run water systems are still at risk of attack by cybercriminals and nation-states, according to a new advisory from the U.S.’s top cybersecurity agency. The notice from the Cybersecurity and Infrastructure Security Agency (CISA) came two days after Arkansas City, Kansas reported a cybersecurity issue that forced them to switch to manual operations.
G7 cyber group warns financial sector to prep for quantum computing risks
The Record by Recorded Future
Adam Janofsky
A major intergovernmental group on Wednesday called on the financial sector to prepare for “impending threats” brought by developments in quantum computing. The G7 Cyber Expert Group, which is chaired by the U.S. Department of Treasury and the Bank of England and advises G7 finance ministers and central bank governors on cyber issues, broadly recommended that financial authorities and institutions assess quantum computing risks and develop plans to mitigate them.
Americas
Microsoft to make $2.7 billion cloud, AI investments in Brazil
Reuters
Microsoft on Thursday pledged to invest 14.7 billion reais ($2.70 billion) in Brazil over three years to enhance its cloud infrastructure and artificial intelligence in Latin America's largest economy. The amount is the largest-ever investment to be announced at once in Brazil by Microsoft, which said massive adoption of AI could add as much as 4.2 percentage points to Brazil's economic growth by the end of the decade.
North Asia
South Korea’s ubiquitous messaging app’s security gaps risk millions of users
Korea Pro
Shreyas Reddy
Millions of South Koreans rely on KakaoTalk — the country’s most popular and ubiquitous messaging app — for everything from chatting with friends and family to accessing essential services. However, new research has exposed longstanding business practices that could heighten the app’s vulnerabilities.These reported vulnerabilities potentially allow attackers — as well as Kakao — to access users’ supposedly encrypted chats, reawakening past concerns about the privacy of KakaoTalk users’ communications.
Southeast Asia
Vietnam says SpaceX’s Starlink plans $15 Billion investment
Bloomberg
Nguyen Kieu Giang
SpaceX is proposing to invest $15 billion in Vietnam tied to its Starlink satellite service in the near future, the government said, citing a meeting between the company’s Senior Vice President Tim Hughes and the Communist Party’s General Secretary To Lam.
Ukraine-Russia
Google restricts creation of new accounts in Russia, news agencies report
Reuters
Alphabet's Google has restricted the creation of new accounts for Russian users, state news agencies cited Russia's digital ministry as saying on Thursday. Google has been under pressure in Russia for several years, particularly for not taking down content Moscow considers illegal and for blocking the YouTube channels of Russian media and public figures since Moscow's invasion of Ukraine.
Sen. Ben Cardin says he was targeted by apparent deepfake call
NBC News
Frank Thorp V, Julie Tsirkin and Zoë Richards
Senate Foreign Relations Committee Chairman Ben Cardin was targeted by a caller who posed as a former top Ukrainian official during a recent Zoom call, according to a notice circulated to Senate offices and obtained by NBC News on Wednesday. The caller, who was not identified, posed as former Ukrainian Foreign Affairs Minister Dmytro Kuleba, according to the notice, which was sent to Senate offices to warn them to be cautious about similar attempts.
Europe
Italy opens greenwashing probe into Shein website
South China Morning Post
Elisa Anzolin and Helen Reid
Italy’s antitrust agency has launched an investigation into a Dublin-based company that operates Shein’s website and app over possibly misleading environmental claims made on the fast-fashion retailer’s website. The investigation targets Infinite Styles Services and accuses Shein’s website of trying “to convey an image of production and commercial sustainability of its garments through generic, vague, confusing and/or misleading environmental claims,” the antitrust agency said in a statement.
UK
Police are probing apparent cyber vandalism on Wi-Fi networks at UK train stations
Associated Press
UK transport officials and police said Thursday they are investigating a “cyber-security incident” after users of public Wi-Fi networks at the country’s biggest railway stations reported being shown anti-Muslim messages.
Admin account blamed for rail terror message hack
BBC
Paul Burnell
A hack which resulted in people accessing the Wi-Fi at 19 UK railway stations being shown a message about terror attacks has been linked to the account of an insider at the internet provider. The message was displayed on people's devices when they logged onto Network Rail's Wi-Fi system.
Big Tech
Social media platform X set to request restoration of service in Brazil, sources say
Reuters
Luciana Novaes Magalhaes and Ricardo Brito
Elon Musk's social media platform X will file documents requested by Brazil's Supreme Court and ask by this Monday that service be restored in the country, according to two people familiar with the situation. Access to the platform formerly known as Twitter has been blocked in Brazil since the end of August, following an order by Supreme Court Justice Alexandre de Moraes. The judge and the U.S. tech firm have been at loggerheads over his investigation of "digital militias" he has accused of spreading hate messages in Brazil.
X blocks links to hacked JD Vance dossier
The Verge
Elizabeth Lopatto
X is preventing users from posting links to a newsletter containing a hacked document that’s alleged to be the Trump campaign’s research into vice presidential candidate JD Vance. The journalist who wrote the newsletter, Ken Klippenstein, has been suspended from the platform. Searches for posts containing a link to the newsletter turn up nothing.
Shein makes rare job cuts in Singapore as London IPO remains in limbo
South China Morning Post
Ann Cao
Chinese-founded fast-fashion online retailer Shein is laying off about two dozen employees at its Singapore headquarters, the company said on Wednesday, as the e-commerce firm restructures part of its business amid doubts about its initial public offering plan in London. More than 20 employees are affected by the lay-offs that are part of a restructuring of its global IT research and development centre, the company said in a statement to the South China Morning Post. The workers were notified on Wednesday.
Meta debuts augmented reality glasses and Judi Dench-voiced AI chatbot
The Guardian
Nick Robins-Early
The Meta CEO, Mark Zuckerberg, presented new augmented reality glasses at the company’s annual developer conference on Wednesday, debuting a prototype of the next phase in its expansion into smart eyewear. Zuckerberg also announced that Meta AI will be able to talk in the voice of Dame Judi Dench.
Artificial Intelligence
AI ban ordered after child protection worker used ChatGPT in Victorian court case
The Guardian
Josh Taylor
Victoria’s child protection agency has been ordered to ban staff from using generative AI services after a worker was found to have entered significant amounts of personal information, including the name of an at-risk child, into ChatGPT. The Department of Families, Fairness and Housing reported the matter to the Office of the Victorian Information Commissioner in December last year after the worker was suspected of using ChatGPT while drafting a protection application report.
Blackstone confirms $13 billion investment in Britain for AI data centre
Reuters
U.S. private equity firm Blackstone has confirmed a 10 billion pound ($13.3 billion) investment for an artificial intelligence data centre in northeast England, the British prime minister's office said on Wednesday. Construction of the AI data centre next year will create 4,000 jobs, including 1,200 roles dedicated to the construction of the site, Prime Minister Keir Starmer said during his visit in New York.
US FTC announces crackdown on deceptive AI claims, schemes
Reuters
Jody Godoy
The U.S. Federal Trade Commission announced actions against five companies on Wednesday that it said used artificial intelligence in deceptive and unfair ways. Three of the cases suspended operations at businesses that purported to help consumers generate passive income by opening e-commerce storefronts.
Research
What public discourse gets wrong about social media misinformation
Knowledge at Wharton
Hailey Reissman
The research shows that only a small fraction of people are exposed to false and radical content online, and that it’s personal preferences, not algorithms that lead people to this content.
Events & Podcasts
TSD Summit Sessions: Intelligence and evolving technology with Michael Rogers and Jason Healey
ASPI
In the third video edition of The Sydney Dialogue Summit Sessions, Jason Healey, Senior Research Scholar at the School of International and Public Affairs at Columbia University, sits down with Admiral Michael Rogers (Ret’d), Senior Advisor at Trusted Future, to discuss all things intelligence.
Tell me what you don’t know: large language models and the pathologies of intelligence analysis
Australian National University
This seminar seeks to offer a warning. Prompted by the likely increase in the use of artificial intelligence in intelligence analysis, it will raise grave concerns about the prospect of relying on large language models, including in high-stakes contexts such as the state-level resort-to-force decision-making that is the subject of this broader Defence-funded project.
Jobs
ASPI Research Internship
ASPI
Have you recently completed your studies (undergraduate or postgraduate) and want to develop your expertise in defence, foreign and national security policy, including in areas such as strategic competition, defence, deterrence, foreign interference, technology, and security? Do you want to inform the public and government on the critical strategic choices facing Australia and learn what it takes to be a professional analyst? If so, apply for the ASPI Research Internship Program! Please note that this is a paid internship program. Applications will close at midnight Friday 27 September 2024.
The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.