Australia cyber breaches hits three-year high | FBI disrupts Chinese-linked botnet in global operation

Good morning. It’s Thursday 19th September.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Twitter and on LinkedIn.

• As total breach numbers across Australia hit a three-year high, government was the second-most breached sector in Australia during the first six months of 2024, reporting 63 incidents in total. iTnews

• In a joint global operation, the FBI disrupted the Flax Typhoon botnet, linked to China’s government, which had infected hundreds of thousands of IoT devices globally. CyberScoop

• Coordinated explosions targeting Hezbollah’s communications devices in Lebanon killed 20 and injured over 450, with Israel suspected of orchestrating the attacks, escalating tensions between the two sides. The Guardian

Digital spinach: What Australia can learn from China’s youth screen-time restrictions
The Strategist
Fergus Ryan
The social media platforms blame either the app stores or the device makers, who then point right back at the platforms. Perhaps it’s time for everyone to take responsibility? China, unexpectedly, provides a model for how this could be done. Last year, Beijing mandated a coordinated effort across app developers, app stores, and device manufacturers to create a unified ‘minor’s mode.’ This framework enforces strict rules like age-specific screen time limits, mandatory breaks, and a curfew banning use between 10 PM and 6 AM, These measures are designed to close the loopholes kids have exploited, such as using their grandparents’ accounts to dodge restrictions and indulge in late-night gaming.

Cops infiltrate ‘Ghost’ encryption app used by drug lords, mafia
POLITICO
Antoaneta Roussi
Police agencies across the world announced they had infiltrated an encrypted chat platform called Ghost, tapping into reams of private communications of criminal networks and leading to the arrest of 51 suspects so far. Authorities in Australia, Canada, France, Ireland, Italy, the Netherlands, Sweden and the United States worked with Europol and Eurojust, the European Union Agency for Criminal Justice Cooperation, to map the platform’s global infrastructure. They found servers in France and Iceland and located the owners of Ghost in Australia, where authorities arrested a 32-year-old administrator.

Gov reported 44 cyber breaches in first six months of 2024
iTnews
Eleanor Dickinson
As total breach numbers across Australia hit a three-year high. Government was the second-most breached sector in Australia during the first six months of 2024, reporting 63 incidents in total. The Office of the Australian Information Commissioner recorded 44 malicious or criminal attacks on government agencies, with the majority of these – 41 – caused by impersonation or social engineering. This represent a 65 percent increase for the government sector compared to the previous period. The majority of breaches – around 87 percent – took more than 30 days to identify.

The software war: a quieter threat to Australia’s national security
The Strategist
Peter Lees
Australia is waging a quiet yet critical battle on a new front—its software supply chains. Attacks on this battleground infiltrate deep within the software development lifecycle, exploiting vulnerabilities in third-party components or open-source software. But unlike other kinds of attacks, the fallout easily extends beyond businesses to essential systems that can underpin our nation’s economy and security. Recent high-profile breaches, like the Sisense and Okta attacks, show just how dangerous supply chain vulnerabilities can be.

Business to get cyber ‘safe harbour’ protections
The Australian Financial Review
Paul Smith
Businesses will be able to share private details with the government’s cybersecurity agencies to help fight back in the immediate aftermath of a hack, without the information being used against them in future investigations and damages claims, under laws to be introduced before the end of the year. A suite of measures will be introduced by Home Affairs and Cyber Security Minister Tony Burke in a new Cyber Act later this year, after his predecessor Clare O’Neil unveiled a national cyber strategy at the end of last year.

Instagram reveals changes for teen users, but the federal government is holding firm on its age restriction plans
ABC News
Ange Lavoiperre
Instagram’s sweeping changes for teen users have done little to blunt the political will for a social media age limit in Australia. The platform is about to change dramatically for teenagers, introducing automatic ‘teen accounts’ for underage users in Australia, the US, the UK, and Canada. Teen accounts will come with content restrictions, new rules about who can contact those users, and features designed to curb screen time.

The Australian tenants who are charged to pay their rent
The Guardian
Ariel Bogle
An increasing number of real estate agents are moving tenants’ payments on to so-called ‘rent-tech’ platforms. Renters say they have little power to say no. Created by the great-grandson of real estate giant Ray White, Ailo does offer a free option to pay rent – a method without a fee is required by law in many states – but it’s not automated like paid options, and renters have to enter their bank details anew each month. Ailo is not the only rent-tech platform that makes renters jump through hoops: on the OurProperty app, the fee-free option is paying rent in cash at Australia Post.

China seeks a homegrown alternative to Nvidia — these are some of the companies to watch
CNBC
Arjun Kharpal
Nvidia with its graphics processing units, or GPUs, has garnered the headlines, as the key piece of hardware required to train up huge AI models, such as the likes seen from OpenAI. With the U.S. attempting to restrict China’s access to cutting-edge semiconductors, Beijing has ramped up efforts to nurture its homegrown chip industry. Some of China’s tech giants inclduing Huawei, Alibaba and Baidu are among those trying to create alternatives to Nvidia.

New data reveals exactly when the Chinese government blocked ChatGPT and other AI sites
Rest of World
Joanna Chiu
Historically, tracking when exactly Chinese authorities blocked specific domains was difficult because researchers had to choose to test individual domains. But according to a newly launched platform, GFWeb, which granted Rest of World exclusive first access, the same month that the Chinese government blocked ChatGPT for the first time, authorities also blocked dozens of alternative chatbots and websites that use ChatGPT’s technology. GFWeb is now available to the public for free and continuously tests millions of websites from both inside and outside China to identify when exactly they are no longer available to users in China.

Did a Chinese University hacking competition target a real victim?
WIRED
Kim Zetter
A security conference in China may potentially using contest as a secret espionage operation to get participants to collect intelligence from an unknown target. Zhujian Cup contest was hosted last December by Northwestern Polytechnical University, a science and engineering university in Xi’an, Shaanxi, that is affiliated with China’s Ministry of Industry and Information Technology and also holds a top-secret clearance to conduct work for the Chinese government and military.

FBI joint operation takes down massive Chinese botnet, Wray says
CyberScoop
Tim Starks , AJ Vicens and Christian Vasquez
The FBI conducted a joint operation last week to take down a massive Chinese state-sponsored botnet that the attackers used to compromise hundreds of thousands of devices, target US and overseas critical infrastructure and steal data, Director Chris Wray said Wednesday. The group behind the botnet, Flax Typhoon, hijacked routers and Internet of Things devices like cameras, video recorders and storage devices.

• PRC-Linked actors compromise routers and IoT devices for botnet operations
  Australian Signal Directorate
  The FBI, Cyber National Mission Force, and National Security Agency assess that PRC-linked cyber actors have compromised thousands of Internet-connected devices, including small office/home office routers, firewalls, network-attached storage and Internet of Things devices with the goal of creating a network of compromised nodes or a “botnet” positioned for malicious activity. The actors may then use the botnet as a proxy to conceal their identities while deploying distributed denial of service attacks or compromising targeted US networks.

US election influence efforts attributed to Iran
US Office of the Director of National Intelligence
The US government agencies have learned additional details about Iran’s efforts to sow discord and shape the outcome of US elections. Iranian malicious cyber actors in late June and early July sent unsolicited emails to individuals then associated with President Biden’s campaign that contained an excerpt taken from stolen, non-public material from former President Trump’s campaign as text in the emails. Furthermore, Iranian malicious cyber actors have continued their efforts since June to send stolen, non-public material associated with former President Trump’s campaign to U.S. media organisations.

US and Japan near deal to curb chip technology exports to China
The Australian Financial Review
Demetri Sevastopulo and Leo Lewis
The US and Japan are close to a deal to curb tech exports to China’s chip industry despite alarm in Tokyo about Beijing’s threat to retaliate against Japanese companies. The White House wants to unveil new export controls before November’s presidential election, including a measure forcing non-US companies to get licences to sell products to China that would help its tech sector.

California passes election ‘deepfake’ laws, forcing social media companies to take action
The New York Times
Stuart A. Thompson
California will now require social media companies to moderate the spread of election-related impersonations powered by artificial intelligence, known as “deepfakes,” after Gov. Gavin Newsom, a Democrat, signed three new laws on the subject. The three laws, including a first-of-its kind law that imposes a new requirement on social media platforms, largely deal with banning or labeling the deepfakes. The laws are expected to face legal challenges from social media companies or groups focusing on free speech rights.

The quantum computing threat is real. Now we need to act.
CyberScoop
Susan M. Gordon, John Richardson and Mike Rogers
Cybersecurity is a top national security concern facing America. At this very moment, adversaries are carrying out “store now, decrypt later,” or SNDL, attacks against the US, wherein they are exfiltrating and storing sensitive encrypted data critical to national security, critical infrastructure, corporate enterprises and more. The intention is to steal this sensitive data to decrypt it when quantum computers can decrypt this information.

From steel to kimchi, South Korean exporters face flood of Chinese rivals
Financial Times
Christian Davies and Song Jung-a
South Korea was widely predicted to be a winner of increasing trade tensions between China and the west, as US and EU tariffs and restrictions on China’s access to next-generation energy technologies drove global buyers to Korea’s semiconductor and electric vehicle industries. The value of Korean exports has risen every month since October last year. But trade experts said much of those gains were because of surging demand for memory chips — South Korea’s leading export.

Inside the US push to steer Vietnam’s subsea cable plans away from China
Reuters
Francesco Guarascio, Phuong Nguyen and Joe Brock
The US is urging Vietnam to avoid Chinese cable-laying firm HMN Technologies and other Chinese companies in its plans to build 10 new undersea cables by 2030, sources with knowledge of the talks said. Vietnam’s five major ageing subsea connections that link it to the global internet have suffered repeated failures, making new cables a top government priority. Since January, US officials and companies have held at least a half-dozen meetings with Vietnamese and foreign officials and business executives to discuss the Southeast Asian nation’s cable strategy, according to seven people involved in or briefed about the talks.

Asia’s tech dreams meet green energy reality
Nikkei Asia
Lauly Li and Cheng Ting-Fang
AI’s rise exacerbates scramble for renewable power supplies from Taiwan to Vietnam to Malaysia. Vietnam is now a production site for most of Apple’s current product lineup as well as Samsung smartphones and Dell notebooks. Thailand meanwhile is becoming a production center for printed circuit boards, notebooks, servers and electric vehicles. Malaysia has attracted fresh investment from top chipmakers and equipment suppliers like Intel, Infineon and Lam Research. But these countries are struggling not only to provide enough green energy, in many cases they are having trouble keeping up with surging demand for electricity from any source.

Lenovo to make AI servers in India as nation’s tech push deepens
Bloomberg
Saritha Rai
Lenovo started building AI servers in India’s south, the latest boon for the rapidly growing country’s push to become a high-tech powerhouse. The company said Tuesday it has started making the large, powerful computers in Pondicherry, southeastern India, moving beyond products such as laptops and smartphones. The Chinese company will also build out its facilities in the Bangalore region, including a research lab with a focus on AI.

India has chip dreams. What it needs is a strategy
Bloomberg
Mihir Sharma
Across the world, countries are spending wagonloads of taxpayer money to develop or support their semiconductor industries. The Indian government, which has also loosened its purse strings, needs to figure out a strategy — and soon. Under Prime Minister Narendra Modi, federal budgets have generally been pretty stingy with subsidies. But $11 billion has already been set aside, and largely allocated, to various chip-related projects. News emerged last week that another $5 billion to $10 billion might follow.

Russian election interference efforts targeting Harris campaign, Microsoft finds
POLITICO
Maggie Miller
Microsoft found evidence that two “Kremlin-aligned” groups have in recent weeks spread videos including those showing Harris supporters attacking supporters of former President Donald Trump, and another video that used an actor to pose as Harris in a fictitious hit-and-run incident. Each of these videos received millions of views, according to Microsoft, and one of the videos was put out through a fake San Francisco news outlet, in an attempt to give the video more credibility.

The EU’s chips plan implodes as Intel pauses investments
POLITICO
Pieter Haeck
The European Commission’s landmark 2022 chips strategy has collapsed just as it laid out a new team to fix the bloc’s competitiveness. United States-based technology giant Intel announced late on Monday that it was pushing back the construction of a major microchips plant in Magdeburg, Germany and another investment in Poland by two years as it tries to shore up heavy losses.

Meta faces hefty EU antitrust fine over classified ads practices
Financial Times
Javier Espinoza
Meta faces a hefty EU fine over its alleged efforts to dominate the classified advertising market, as Brussels pushes to crack down on anti-competitive practices among the world’s biggest technology companies. EU regulators will claim Facebook’s parent company links its free Marketplace services with the social network in an effort to undermine its rivals, said people familiar with the matter.

English village becomes flashpoint for Labour’s data centres push
Financial Times
Joshua Oliver and Anna Gross
Data centre projects such as the one in Abbots Langley are becoming a flash point as the government seeks to boost growth by breaking down the barriers to building everything from housing to new infrastructure — an agenda that will bring national economic demands into conflict with local interests. Angela Rayner, UK deputy prime minister, will soon decide whether to allow a huge data centre to be built on the rolling field across from the Ovaltine cottages — putting this village at the centre of tensions around Labour’s ambition to increase construction and economic growth.

The widespread scam half of us don’t even know is possible
Metro
Jen Mills
A new generation of scams is replicating people’s own voices to ask for money, and they can be very convincing. New data shows that over a quarter of adults in the UK (28%) say they have been targeted by a high-tech voice cloning scam in the past year. Even more worryingly, almost half of people (46%) don’t even know it’s possible to do this, so if they are targeted they are much more likely to fall victim. A survey of over 3,000 people by Starling Bank sound that voice cloning scams, where AI is used to create the voice of a friend or family member from as little as three seconds of audio, is now a widespread problem.

Explosions linked to walkie-talkies kill 20 in fresh Lebanon attack
The Guardian
William Christou, Lorenzo Tondo and Andrew Roth
A new series of extraordinary explosions aimed at Hezbollah – this time targeting walkie-talkies – has killed at least 14 and wounded more than 450 in cities across Lebanon, as international observers warned that the simultaneous detonation of thousands of booby-trapped communications devices may constitute a war crime. The targeted detonations of the walkie-talkies came one day after more than 2,800 were injured and 12 killed by exploding pagers in an attack blamed on Israel.

• Walkie-talkies explode in new attack on Hezbollah
  WIRED
  Matt Burgess and Lily Hay Newman
  The walkie-talkie explosions appeared to have been orchestrated the same way as the attack on Tuesday, which was likely carried out by intercepting new pagers at some point in their journey through the supply chain and modifying them to add explosive material. Lebanon’s official news agency also reported exploding home solar systems less than two hours after the radio detonations began on Wednesday.

• Taiwanese firm Gold Apollo and Hungary deny links to exploded Hezbollah pagers
  The Washington Post
  Vic Chiang, Patrik Galavits and Karla Adam
  The source of the Hezbollah electronic pagers that exploded in Lebanon, killing at least 12 people and injuring as many as 2,800 others, remained a mystery on Wednesday, after a Taiwanese company and the government of Hungary denied links to the devices. Two photos published to social media after the Tuesday explosions show the burned and damaged back panels of pagers with “GOLD” written in text above a model number, “AR-9.” The design of the text matches that emblazoned on the back of the “AR-924” pager model produced by Taiwanese pager manufacturer Gold Apollo Co.

• Israel planted explosives in pagers sold to Hezbollah, officials say
  The New York Times
  Sheera Frenkel and Ronen Bergman
  The pagers, which Hezbollah had ordered from Gold Apollo in Taiwan, had been tampered with before they reached Lebanon, according to some of the officials. Most were the company’s AR924 model, though three other Gold Apollo models were also included in the shipment. The explosive material, as little as one to two ounces, was implanted next to the battery in each pager, two of the officials said. A switch was also embedded that could be triggered remotely to detonate the explosives.

Why China is succeeding in Africa where the US is failing
South China Morning Post
Wenfang Tang
China’s success in Africa is rooted in its ability to provide what African countries need, namely, infrastructure, sustainable development, economic digitalisation and local governance. China may be temporarily behind the US in developing military equipment and artificial intelligence technology, but it is leading the world in many areas, particularly infrastructure, clean energy, electric vehicles and the digital economy.

Gender bias in STEM may start in kindergarten, study says
Forbes
Kim Elsesser
Despite countless initiatives aimed at closing the gender gap in STEM, women still make up only about a third of the workforce in science, technology, engineering, and mathematics fields. While efforts to attract more women into STEM continue, new research reveals that gender stereotypes surrounding these fields take root as early as kindergarten. The recent work published in the journal Sex Roles studied children from kindergarten through third grade.

Google wins challenge against $1.66 billion EU antitrust fine
Reuters
Foo Yun Chee
Google won its challenge on Wednesday against a 1.49 billion euro ($1.66 billion) antitrust fine imposed five years ago for hindering rivals in online search advertising, a week after it lost a much bigger case. The European Commission in its 2019 decision said Google had abused its dominance to prevent websites from using brokers other than its AdSense platform that provided search adverts. The practices it said were illegal took place from 2006 to 2016. The Luxembourg-based General Court mostly agreed with the EU competition enforcer’s assessments of the case, but annulled the fine.

LinkedIn scraped user data for training before updating its terms of service
TechCrunch
Kyle Wiggers
LinkedIn may have trained AI models on user data without updating its terms. LinkedIn users in the US — but not the EU, EEA, or Switzerland, likely due to those regions’ data privacy rules — have an opt-out toggle in their settings screen disclosing that LinkedIn scrapes personal data to train “content creation AI models.” The toggle isn’t new. But, as first reported by 404 Media, LinkedIn initially didn’t refresh its privacy policy to reflect the data use.

BlackRock and Microsoft plan $30bn fund to invest in AI infrastructure
Financial Times
Brooke Masters, Antoine Gara and James Fontanella-Khan
BlackRock is preparing to launch a more than $30bn artificial intelligence investment fund with technology giant Microsoft to build data centres and energy projects to meet growing demands stemming from AI. Microsoft and MGX, the Abu Dhabi-backed investment company, are general partners in the fund. Nvidia, the fast-growing chipmaker, will advise on factory design and integration.

Regulating AI is easier than you think
TIME
Paul Scharre
Governing AI will require widely sharing its benefits while keeping the most powerful AI out of the hands of bad actors. The good news is that there is already a template on how to do just that. Countries can regulate AI from the ground up by controlling access to the highly specialised chips that are needed to train the world’s most advanced AI models. Business leaders and even the UN Secretary-General António Guterres have called for an international governance framework for AI similar to that for nuclear technology.

AI experts ready ‘Humanity’s Last Exam’ to stump powerful tech
Reuters
Jeffrey Dastin and Katie Paul
A team of technology experts issued a global call on Monday seeking the toughest questions to pose to artificial intelligence systems, which increasingly have handled popular benchmark tests like child’s play. Dubbed “Humanity’s Last Exam,” the project seeks to determine when expert-level AI has arrived. It aims to stay relevant even as capabilities advance in future years, according to the organisers, a non-profit called the Center for AI Safety and the startup Scale AI.

Gender-based digital transnational repression as a global authoritarian practice
Globalization
Siena Anstisa and Émilie LaFlèche
Digital transnational repression arises when authoritarian states seek to silence dissent from nationals living abroad. Studies on digital transnational repression show that this extension of authoritarianism has negatively impacted dissidents and activists abroad and transnational political and social advocacy. In this article, we identify gender-based digital transnational repression as a form of what Marlies Glasius terms an ‘authoritarian practice’; this type of repression is used to ‘sabotage accountability’ by weaponizing gender to silence dissent and disabling access to information.

ASPI Women in Defence and Security Network 10th Anniversary Gala
ASPI
The Australian Strategic Policy Institute’s Women in Defence and Security Network is celebrating its 10-year anniversary and, to mark this significant milestone, you are invited to join us for a special gala dinner at The Marion on Wednesday, October 16. This event will be a celebration of the WDSN’s achievements over the decade and an opportunity to look back on the gains made as well as where work remains to improve the recruitment, retention development and advancement of women in the different fields of national security. Tickets are available now, with discounted tickets for students and groups.

2024 Conference on International Cyber Security
University of Leiden
This third annual academic conference of The Hague Program on International Cyber Security continues the tradition of the annual conferences of The Hague Program for Cyber Norms. It aims to give a stage to all papers that have an interesting take on the theme of navigating narratives, addressing international crisis, conflict, and the politics of cyberspace.

ASPI Research Internship
ASPI
Have you recently completed your studies (undergraduate or postgraduate) and want to develop your expertise in defence, foreign and national security policy, including in areas such as strategic competition, defence, deterrence, foreign interference, technology, and security? Do you want to inform the public and government on the critical strategic choices facing Australia and learn what it takes to be a professional analyst? If so, apply for the ASPI Research Internship Program! Please note that this is a paid internship program. Applications will close at midnight Friday 27 September 2024.

Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.