Update to ASPI’s Critical Tech Tracker released | Iranian hackers using social media, job recruitment sites to lure Israeli spies

Good morning. It’s Thursday 29th August.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Twitter and on LinkedIn.

The Critical Technology Tracker is a large data-driven project that now covers 64 critical technologies spanning defence, space, energy, the environment, artificial intelligence, biotechnology, robotics, cyber, computing, advanced materials and key quantum technology areas. It first launched 1 March 2023 and underwent a major expansion on 28 August 2024 which took the dataset from five years (previously, 2018–2022) to 21 years (2003–2023). Australian Strategic Policy Institute
According to new research from Mandiant and Google Cloud, an Iranian hacking group has been observed using disguised social media personas to spread and share fake job recruitment websites, employment offers and other content lures to unsuspecting victims. Cyberscoop
South Korea’s president has urged authorities to do more to “eradicate” the country’s digital sex crime epidemic, amid a flood of deepfake pornography targeting young women. BBC News

ASPI’s two-decade Critical Technology Tracker
Australian Strategic Policy Institute
Dr Jennifer Wong Leung, Stephan Robin and Danielle Cave
The Critical Technology Tracker is a large data-driven project that now covers 64 critical technologies spanning defence, space, energy, the environment, artificial intelligence, biotechnology, robotics, cyber, computing, advanced materials and key quantum technology areas. It provides a leading indicator of a country’s research performance, strategic intent and potential future science and technology capability. It first launched 1 March 2023 and underwent a major expansion on 28 August 2024 which took the dataset from five years (previously, 2018–2022) to 21 years (2003–2023).

As tools for hybrid threats, apps like Telegram must be accountable
The Strategist
Fitriani
The arrest of Telegram founder Pavel Durov in France has underscored the urgent need for more regulation of messaging and social media platforms that can be exploited for hybrid operation by both states and non-state groups. Once celebrated as the ultimate tool for free communication thanks to its encryption and lax moderation practices, Telegram now stands accused by French authorities of facilitating criminal activities and possibly being exploited for hybrid threats, particularly by Russian state actors.

Wisdom of the swarm: the future of ‘super intelligence’
The Sydney Morning Herald
Angus Holland and Jackson Graham
The other major application for swarm intelligence allows machines to be less dependent on us, their masters. Then there are the military applications. “Swarming drones are a big trend for the future,” says Malcolm Davis, a senior analyst at the Australian Strategic Policy Institute. “What we should expect to see in coming wars is our legacy military systems, our tanks, our fighter aircraft, our ships and so forth, being confronted with large swarms of drones which could potentially be operating independently of human control because they’re operating under artificial intelligence.”

Byte-sized diplomacy: Countering digital foreign interference
The Interpreter
Miah Hammond-Errey
Foreign interference includes traditional espionage, intellectual property theft, cyber-intrusion, disclosure through to information activities (like mis- and disinformation) and political interference as well as coercion and control of diaspora groups. Definitions vary across borders, but it’s seen to be driven by a foreign power and involve an attempt to improperly and clandestinely interfere in society. Foreign interference has increased across the board exponentially in the past year.

New DG announced for cyber spy agency
Government News
Australian Cyber Security Centre head Abigail Bradshaw is set to begin as the new Director-General of the Australian Signals Directorate, the government’s foreign signals intelligence and cyber security agency. Subject to approval by the Federal Executive Council, Ms Bardshaw’s appointment will take effect on September 6, replacing Rachel Noble who was the first woman to head an Australian statutory intelligence agency.

Abigail Bradshaw picked as new head of Australia’s cyber intelligence agency
The Record by Recorded Future
Alexander Martin
The Australian government has selected Abigail Bradshaw to be the new head of the country’s cyber intelligence agency, the Australian Signals Directorate, amid a period of major investment in the agency’s capabilities. Bradshaw, currently the chief of the Australian Cyber Security Centre, previously held roles in the Royal Australian Navy and across the Australian government.

New cyber industry advisory board incoming
InnovationAus
Brandon How
A cybersecurity industry advisory board will be appointed in the coming months to support the delivery of the Commonwealth Cyber Uplift Plan, according to the National Cybersecurity Coordinator. Lieutenant General Michelle McGuiness on Tuesday said the advisory board will be made up of “large providers” that already support the government’s cybersecurity operations and uplift plan, alongside other industry experts.

China fast-fashion retailer Temu soared like a rocket for two years—in just a few hours, its parent company lost more than $50 billion in market value
Fortune
Jason Del Rey
The stock of PDD Holdings, parent company of the fast-growing Temu shopping app, sank more than 30% on Monday, losing more than $50 billion in market value, after the e-commerce giant posted disappointing revenue results and executives warned of rapid competition and nonbusiness challenges that may dampen growth and profits going forward. The Nasdaq-listed company, which is technically headquartered in Ireland but employs most of its workers in China, runs the Chinese online shopping giant Pinduoduo as well as Temu, the discount shopping app that has taken the U.S. and other Western markets by storm since it launched in 2022.

Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says
Reuters
Raphael Satter
A Chinese hacking group exploited a software bug to compromise several internet companies in the U.S. and abroad, a cybersecurity firm said on Tuesday. Researchers at the firm, Lumen Technologies, said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director – a software platform used to manage services for customers of Santa Clara, California-based Versa Networks. It said four U.S. victims and one Indian victim had been identified, although it declined to identify them.

CISA and partners release advisory on Iran-based cyber actors enabling ransomware attacks on US organizations
Cybersecurity and Infrastructure Security Agency
Today, CISA—in partnership with the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center —released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, targeting and exploiting U.S. and foreign organizations across multiple sectors in the U.S.

Trump’s ‘Made in USA’ bitcoin threatens China juggernaut Bitmain’s reign
Bloomberg
Ryan Weeks and Sidhartha Shukla
For years, a Chinese company has dominated one of the most lucrative corners of the cryptocurrency universe. Rising political tensions, and the prospect of Donald Trump retaking the White House, pose an unprecedented threat to that reign. Beijing-based Bitmain Technologies Ltd. has a 90% share of the market for computers used to mine Bitcoin. One top customer likens it to diamond producer De Beers at its height.

Big Tech wants AI to be regulated. Why do they oppose a California AI bill?
The Japan Times
Greg Bensinger
California legislators are set to vote on a bill as soon as this week that would broadly regulate how artificial intelligence is developed and deployed in California even as a number of tech giants have voiced broad opposition. Here is background on the bill, known as SB 1047, and why it has faced backlash from Silicon Valley technologists and some lawmakers.

The hottest sectors in climate tech? Follow the VC money
The Wall Street Journal
Lori Ioannou
Venture capitalists have gotten more cautious about funding climate-tech startups in recent years. But they see opportunities in several pockets of the sector, such as battery storage and technologies to improve the efficiency and reliability of the electric grid. This year through June 30, venture capitalists invested $19 billion across 1,235 climate-tech deals globally, with U.S. deals accounting for $6.7 billion of the total, according to data from PitchBook.

South Korea faces deepfake porn ’emergency’
BBC News
Jean Mackenzie and Nick Marsh
South Korea’s president has urged authorities to do more to “eradicate” the country’s digital sex crime epidemic, amid a flood of deepfake pornography targeting young women. Authorities, journalists and social media users recently identified a large number of chat groups where members were creating and sharing sexually explicit “deepfake” images – including some of underage girls.

Authorities must act to end Korea’s appalling deepfake epidemic
Hankyoreh
Sex crimes involving pornographic deepfakes are turning up throughout Korean society. Not only university students but also minors — including children in high school, middle school and even elementary school — are among the victims of the digitally altered images and videos of people’s photographs. Some perpetrators have been brazenly making deepfakes from official photographs of female soldiers that can only be viewed on the military’s intranet.

Telegram CEO’s brother also wanted by French authorities
Politico
French authorities issued arrest warrants for Telegram CEO Pavel Durov and his co-founder brother Nikolai in March, according to a French administrative document seen exclusively by POLITICO. The document indicates the French undercover investigation into Telegram is wider and began months earlier than previously known. The case revolves around Telegram’s refusal to cooperate with a French police inquiry into child sex abuse.

Can EU officials continue to use Telegram?
Euro News
Cynthia Kroet and Maïa de la Baume
In the wake of the French crackdown on Russian messaging app Telegram, the European Commission said it does not restrict its officials from using the application. “The only platform that is banned from corporate devices is TikTok,” a spokesperson for the institution confirmed to Euronews. France arrested the app’s CEO Pavel Durov last Saturday as part of an investigation into Telegram for allegedly not curbing offences such as fraud, drug trafficking, organised crime and promotion of terrorism on the platform.

Trump calls wind turbines bird killers. New AI tech saves them from the blades
Forbes
Carlton Reid
A European company has developed bird-detecting radar to halt wind turbines when flocks of certain birds are detected up to four miles distant. It’s EU-only at the moment—with successful testing in Portugal—but could be the sort of technology that finally nails the mallard—sorry, canard—that wind turbines kill birds. According to studies, wind turbines do kill birds—anywhere from 140,000 to 670,000 birds die in wind farm collisions in the EU each year—but there’s a far more significant avian threat: cats.

Outage shuts Dutch airport, hits public services
Raidió Teilifís Éireann
A computer outage hit a regional airport and several public services including the coastguard and military police in the Netherlands, with no immediate indications as to a cause. Planes were grounded at Eindhoven Airport in the southeast of the country, which normally takes passengers to 30 international destinations.

Iranian hackers using social media, job recruitment sites to lure Israeli spies
Cyberscoop
Derek B. Johnson
According to new research from Mandiant and Google Cloud, an Iranian hacking group has been observed using disguised social media personas to spread and share fake job recruitment websites, employment offers and other content lures to unsuspecting victims. The content was posted on platforms like X and Virasty — an Iranian alternative to Twitter/X — and people posing as Israeli headhunters or human resource employees directed users to job recruitment sites written in Farsi, the official language of Iran.

Iranian hackers work with ransomware gangs to extort breached orgs
Bleeping Computer
Sergiu Gatlan
An Iran-based hacking group known as Pioneer Kitten is breaching defense, education, finance, and healthcare organizations across the United States and working with affiliates of several ransomware operations to extort the victims.

The threat group (also tracked as Fox Kitten, UNC757, and Parisite) has been active since at least 2017 and is believed to have a suspected nexus to the Iranian government.

World’s police in technological arms race with Nigerian mafia
BBC
Charlie Northcott
Police units around the world have joined forces in a series of covert operations targeting one of West Africa’s most feared criminal networks – Black Axe. The mission, co-ordinated by global policing agency Interpol, led to the arrest of 300 people with links to Black Axe and other affiliated groups. Interpol called the operation a “major blow” to the Nigerian crime network, but warned that its international reach and technological sophistication mean it remains a global threat.

Social platform X edits AI chatbot after election officials warn that it spreads misinformation
AP News
Christine Fernando
The social media platform X has made a change to its AI chatbot after five secretaries of state warned it was spreading election misinformation. Top election officials from Michigan, Minnesota, New Mexico, Pennsylvania and Washington sent a letter this month to Elon Musk complaining that the platform’s AI chatbot, Grok, produced false information about state ballot deadlines shortly after President Joe Biden dropped out of the 2024 presidential race.

Zuckerberg’s new Washington game
POLITICO
Brendan Bordelon
On the surface, the apologetic letter Meta CEO Mark Zuckerberg sent to congressional Republicans on Monday looks like a capitulation in the long-simmering political wars over social media. But tech observers on both sides of the aisle say that in the wake of this summer’s Supreme Court decisions on speech and social platforms, it also represents a shrewd political calculation — a surprise move by a CEO who wants to spend the next four years out of the political winds.

Big Tech defends free speech amid government pressure
Axios
Sara Fischer
Meta CEO Mark Zuckerberg on Monday accused Biden administration officials of pressuring Facebook to “censor certain content” related to COVID-19 and said he regrets not being more outspoken about it until now. His comments come in the wake of the arrest of Telegram’s billionaire CEO and co-founder Pavel Durov, for what French authorities say is part of a criminal investigation related to illegal content shared on his platform.

Google to relaunch controversial tool for creating AI images after inaccuracies
NBC News
Todd Haselton
The Dutch data protection watchdog slapped a 290 million euro ($324 million) fine Monday on ride-hailing service Uber for allegedly transferring personal details of European drivers to the United States without adequate protection. Uber called the decision flawed and unjustified and said it would appeal.

Uber slapped with $324 million fine for sharing drivers’ personal details
Fortune
Mike Corder
Google said it will soon allow users to create images of people using its Gemini artificial intelligence tool, after pulling the AI image-generation tool in February. In a blog post on Wednesday, Dave Citron, a senior director of product on Gemini, wrote that early access to Google’s new Imagen 3 generator will be available to Gemini Advanced, Business and Enterprise users starting in English in the coming days.

China’s views on AI safety are changing — quickly
Carnegie Endowment for International Peace
Matt Sheehan
Over the past two years, China’s AI ecosystem has undergone a significant shift in how it views and discusses AI safety. For many years, some of the leading AI scientists in Western countries have been warning that future AI systems could become powerful enough to pose catastrophic risks to humanity. Concern over these risks has sparked new fields of technical research and led to the creation of governmental AI safety institutes in the United States, the United Kingdom, and elsewhere. But for most of the past five years, it was unclear whether these concerns about extreme risks were shared by Chinese scientists or policymakers.

AI has policymaking potential, but it can’t brief a minister
ANU Policy Brief
Daniel Casey
Researchers from ANU have investigated ChatGPT’s potential role in public policy. They tasked students to use the tool to write a policy brief to an Australian Government minister and report on their experience. The findings revealed the shortcomings of ChatGPT for policymaking and highlight the need the role of the new technology in teaching and evaluation.

ASPI Research Internship
ASPI
Have you recently completed your studies (undergraduate or postgraduate) and want to develop your expertise in defence, foreign and national security policy, including in areas such as strategic competition, defence, deterrence, foreign interference, technology, and security? Do you want to inform the public and government on the critical strategic choices facing Australia and learn what it takes to be a professional analyst? If so, apply for the ASPI Research Internship Program! Please note that this is a paid internship program. Applications will close at midnight Friday 27 September 2024.