No Images? Click here
Click here to subscribe to the Daily Cyber Digest. Follow us on Twitter here. Tweet your Digest suggestions to @ASPI_ICPC using #CyberDigest.
TOP 3
The Australian Signals Directorate (ASD) has appointed Rachel Noble as the new head of the Australian Cyber Security Centre (ACSC). ZD Net
Twitter suspended a handful of open-source investigators, including American college students, after their tweets about global hotspots were formally deemed a national security risk by the government of India. The Daily Beast
The U.S. government is in the late stages of an investigation into YouTube for allegedly violating children’s privacy, according to four people familiar with the matter. The Washington Post
ASPI ICPC
FEATURE REPORT: Hacking democracies
By Fergus Hanson, Sarah O'Connor, Mali Walker & Luke Courtois
Fears of 'digital iron curtain' spread as US and China dig in
Nikkei Asian Review
@nikkei_yasuota
What began as a tariff spat between the U.S. and China appears to be turning into a technology war, one that some fear could split the world along a lasting digital divide.
This Nikkei cover story used a number of datasets from ASPI ICPC’s 'Mapping China’s Tech Giants' project.
Australia
Rachel Noble to head up Australian Cyber Security Centre
ZDNet
@stilgherrian
The Australian Signals Directorate (ASD) has appointed Rachel Noble as the new head of the Australian Cyber Security Centre (ACSC). Noble is currently serving as Deputy Secretary Executive Group in the Department of Home Affairs. The Group is responsible for enterprise strategy, risk, assurance, security and ministerial, media and intelligence services. Noble has previously held a series of leadership positions in Home Affairs; Defence, including two previous roles at ASD, and the Department of the Prime Minister and Cabinet (PM&C).
Advice sought on cyber terrorism threat
AAP
@osbornep
The Morrison government is weighing up whether to expand Australia's terrorism insurance scheme to cover cyber terrorist attacks. The study was revealed in an auditor-general report released on Wednesday which looked at the management of the Terrorism Reinsurance Scheme, which has grown to $13.4 billion since being set up in 2003 in the wake of the September 11 attacks.
Facebook's cryptocurrency calls for driver's licences, stoking privacy fears
The Sydney Morning Herald
@JennieDuke @erykbagshaw
Australians will have to hand over their driver's licence to Facebook to use its new digital currency, as local regulators pledged to scrutinise the social media giant's plans to disrupt the payments sector as early as next year.
China
China's Most Advanced Big Brother Experiment Is a Bureaucratic Mess
Bloomberg
@kevindharmawan
“China has an interest in overstating its capacity to collect and analyze data, like they overstate their capacity to monitor with surveillance cameras and facial recognition,” said Jeremy Daum, a senior fellow at the Paul Tsai China Center at Yale Law School. “They want people to believe that misconduct will get caught.”
Apple explores moving 15-30% of production capacity from China: Nikkei
Reuters
Apple Inc has asked its major suppliers to assess the cost implications of moving 15%-30% of their production capacity from China to Southeast Asia as it prepares for a restructuring of its supply chain, according to a Nikkei Asian Review report on Wednesday.
USA
YouTube under federal investigation over allegations it violates
children’s privacy
The Washington Post
@tonyromm @lizzadwoskin @craigtimberg
The U.S. government is in the late stages of an investigation into YouTube for allegedly violating children’s privacy, according to four people familiar with the matter, in a probe that threatens the company with a potential fine and already has prompted the tech giant to reevaluate some of its business practices. The Federal Trade Commission launched its investigation after numerous complaints from consumer groups and privacy advocates, according to the four people, who requested anonymity because such probes are supposed to be confidential.
Three Facebook moderators break their NDAs to expose a company in crisis
The Verge
@CaseyNewton
At Facebook’s worst-performing content moderation site in North America, one contractor has died, and others say they fear for their lives.
Internet giants must stay unbiased to keep their biggest legal shield, senator proposes
The Verge
@kellymakena
On Wednesday, Sen. Josh Hawley (R-MO) is expected to introduce legislation that would heavily modify section 230 of the Communications Decency Act, adding new restrictions to the broad immunity currently enjoyed by platform companies. Under Hawley’s “Ending Support for Internet Censorship Act,” companies could be stripped of that immunity if they exhibit political bias, or moderate in a way that disadvantages a certain political candidate or viewpoint.
FBI warning: Foreign spies using social media to target
government contractors
ZD Net
@campuscodi
The US Federal Bureau of Investigations has sent a warning to private sector partners about foreign intelligence services using social media accounts to target and recruit employees with US government clearance. "FIS [foreign intelligence services] officers will use popular US-based platforms and their respective countries' social media platforms for personal and intelligence gathering/operations purposes," the FBI said in a security alert the agency sent out in April.
U.S. Cyber Infiltration of the Russian Electric
Grid: Implications for Deterrence
Lawfare
@HerbLinCyber
The New York Times’s report that the U.S. has deployed code inside Russia’s grid casts doubt on the premise that a demonstration of an offensive cyber capability will destroy its future value as an operational asset.
- Senate wants to boost oversight of Pentagon’s cyber activities Fifth Domain
- Voting machine giant lobbies for paper ballots over election security concern CNN
- Rep. Will Hurd: I'm a conservative. I was 'disinvited' to the Black Hat Conference. Here's what I want to know Fox News
- FBI And DHS Blunders Reveal Names Of Child Abuse Victims Via Facebook IDs Forbes
- Voters back moratorium on face recognition surveillance in Mass. The Boston Globe
South & Central Asia
India Bullies Twitter Into Banning Accounts of American, British Students Thousands of Miles
Away
The Daily Beast
@kpoulsen
Twitter is warning a Texas college student that it might “be obliged to take action” after some of his tweets were ruled a national security threat by the government of India eight thousand miles away. The notice issued to 21-year-old Ryan Barenklau on Saturday is part of a crackdown on a group of open-source investigators who spend their days sifting through data and imagery to glean insights on regional conflicts around the world.
UK
Chinese-owned company makes parts for British F-35 fighter jets, MoD reveals
The Telegraph
Chinese-owned company is making circuit boards for F-35 warplanes flown by Britain and the US, the Ministry of Defence has revealed. The parts, made by Exception PCB based in Gloucestershire, south west England, "control many of the F-35's core capabilities", according to publicity material produced by the MoD.
Europe
Can Australia's digital industries learn from post-Soviet Estonia?
ABC News
@tracey_shelton
In less than 30 years, Estonia has made the transformation from a struggling post-Soviet state to one of the most digitalised nations in the world. A small delivery bot drives down the footpath as a woman walks past. It has digitally streamlined an unprecedented number of public services, with 50 new government Artificial Intelligence (AI) projects set to come online by next year.
Middle East
Guardian told it was target of Saudi hacking unit after Khashoggi killing
The Guardian
Guardian staff reporter
Earlier this year, the Guardian was warned it was being targeted by a cybersecurity unit in Saudi Arabia that had been ordered to “hack” into the email accounts of journalists investigating the various crises engulfing the royal court. The potential threat was initially raised by a source in Riyadh – and this account was later supported by a copy of what appears to be a confidential internal order. This instructed a technical team to carry out the “penetration” of the Guardian’s computer servers “in complete secrecy”.
Mobile Cyberespionage Campaign ‘Bouncing Golf’ Affects Middle East
Trend Micro
Ecular Xu and Grey Guo (Mobile Threats Analysts)
We uncovered a cyberespionage campaign targeting Middle Eastern countries. We named this campaign “Bouncing Golf” based on the malware’s code in the package named “golf.”
Misc
A Plan to Stop Breaches With Dead Simple Database Encryption
WIRED
@lilyhnewman
Data breaches and exposures have become so common these days, it's difficult to keep track of them all, much less step back to mull a solution. But, perhaps out of necessity, researchers from the database giant MongoDB have spent the past two years developing a new database encryption scheme aimed squarely at reducing these damaging incidents. Their secret weapon? Radical simplicity.
Research
Cyber runs: How a cyber attack could affect U.S. financial institutions
Brookings
@DuffieDarrell & Joshua Younger
Could a cyber attack on a large bank’s wholesale depositors morph into a serious and contagious bank run? This Hutchins Center working paper by Darrell Duffie of Stanford University and Joshua Younger of J.P. Morgan Chase & Co. analyzes the financial-stability implications of such a “cyber run.”
Jobs
ASPI issue Request for Quotation - Internet Standards Testing Tool
ASPI ICPC has issued a Request for Quotation (RFQ), relating to customisation and extended development of an opensource Internet Standards Testing Tool. The RFQ is inviting quotations from development entities skilled in:
(i) Python 3 (main programming language)
(ii) Django (web framework)
(iii) PostgreSQL (database)
(iv) Celery (asynchronous tasks backend)
(v) Redis (cache backend for Django and Celery)
Please contact Alison Howe for further information and a copy of the RFQ. Closing date: 21/06/19.
Craig Newmark Cyber Journalism Fellowship
The Aspen Institute
@AspenInstitute
The Aspen Institute’s new non-resident cyber journalism fellowship will help make sense of the jargon of covering cybersecurity, national security, and technology in today’s fast-evolving landscape, helping reporters understand and translate key concepts and policy debates for their readers, viewers, and listeners.
Thank you for reading the Daily Cyber Digest. If you have any feedback, please let us know via email at icpc@aspi.org.au
Know someone who may enjoy getting this? They can sign up here.
