Menu Close

Cyber Newsletter (#5) – January 2024

A simple method of detecting Pegasus spyware was made public

Russia/World

Kaspersky has developed a method to detect iOS spyware like Pegasus, Reign, and Predator. This marks an important evolution in the fight against sophisticated commercial spyware notoriously used against dissidents, political opposition, and civil rights activicts across the world. The researchers also released a Python3 script on GitHub for users to self-check for spyware, and recommend daily reboots, Apple’s lockdown mode, and disabling iMessage and Facetime.

This method comes as Pegasus creator NSO Group works to rehabilitate it’s image and re-enter the surveillance industry. A recent exploration by Wired details the company’s efforts to lobby and engage its technology, as the ongoing Israel war on Gaza presents opportunities for the surveillance and spyware industries. 


US Lawmakers Tell DOJ to Quit Blindly Funding ‘Predictive’ Police Tools

United States

U.S. lawmakers have raised concerns about the faciliation of the use of predictive policing tools by the U.S. Department of Justice. The DOJ has failed to convince lawmakers that it doesn’t provide federal funding for local and state authorities to buy AI-based policing software. This software has been shown to reproduce bias, engender discrimination, and lead to the overpolicing of minority neighbourhoods, creating a discriminatory feedback-loop.


Global Cyber Resilience scorecard released in Davos

World

Earlier this month, the inaugural cyber resilience global report was released at the 2024 Davos Forum. SecurityScorecard presented its analysis at the onset of Davos 2024, categorizing 189 countries into 17 regions, and giving them a score based on different factors such as endpoint security or patching cadence. The report evaluates regional levels of cyber hygiene and underscores the extent to which cybersecurity resilience is linked to trust in the economy. Key findings include that exposure to cyber risk and GDP are strongly correlated, and that only 10 threat actor groups are responsible for about 44% of global cyber incidents. These actors are concentrated in certain geopolitical hotspots; 24% of cyberattacks studied in the report originated in China, followed by Russia with 15%. They also examine the complex mix of interdependencies among industries, the critical sectors at risk (mainly information and technology), and the existence of strong global supply chain vulnerabilities (98% of organizations use a 3rd party that has been breached).


flat screen computer monitor displaying white and black screen
Photo by Mika Baumeister on Unsplash

Bitcoin price soars after the hack of the Securities and Exchange Commission X account

United States/World

On January 10, the official X account of the US Securities and Exchange Commission was hacked and exploited to manipulate the bitcoin price. Cybercriminals published a message announcing the long-awaited authorisation to market a new bitcoin investment product. Throughout thirty minutes of confusion, the bitcoin price soared to $47,900 before falling back to $6,000. X announced that it had launched an investigation, and claimed that the hack was not the result of a security breach but of the absence of MFA on the SEC account. Hackers were therefore able to easily retrieve the authentication information via a hijacked telephone number.


Swiss government websites attacked in response to Volodymyr Zelensky’s invitation to the World Economic Forum in Davos

Switzerland

cyber attack (DDoS) targeted several Swiss government websites as the World Economic Forum in Davos got underway earlier this month. The attackers, NoName group, presented the disruption as a Russian response to the Forum’s decision to welcome Ukrainian President Volodymyr Zelensky. The attack caused the targeted websites to become inaccessible, but did not result in any data leaks.


Chinese espionage actor Volt Typhoon is targeting AUKUS via Cisco routers

China

Chinese state-sponsored hackers known as Volt Typhoon have been exploiting old vulnerabilities in Cisco routers, targeting government entities in the US, UK, and Australia. One-third of the observed vulnerable Cisco devices were compromised over a 37-day period, potentially becoming part of the threat group’s botnet. This is likely an example of China’s broader strategy of targeting and stealing intelligence Western alliances oriented towards the Indo-Pacific, such as the AUKUS and Five Eyes.


brown and black abstract painting
Photo by Manuel on Unsplash

Semiconductor industries continue to grow globally

Viêt Nam, United States, Taiwan, South Korea.

Nvidia announced the creation of a new factory in Vietnam and by extension the creation of a new research center. The American company has already invested $250 million in the country but wants to extend this collaboration. Vietnam’s technological potential is colossal and the country also benefits from low labor costs. Additionally, the country’s strategic position will still allow semiconductor exports to the European Union and the United States. The Vietnamese government is keen to develop these talents, hoping to boost its number of engineers in the semiconductor field from 6,000 to 50,000 by 2030.

Competition is rife in the region, as Taiwanese semiconductor giant TSMC has recently signed a Memorandum of Understanding with its counterparts in the Czech Republic, as TSMC seeks to expand its reach into Europe further, after the success of its expansion into Germany. 

In a further contestation to Taiwanese hegemony in the region, South Korea unveiled a new $470 billion public investment plan to boost its chip industry to become an international leader by 2047. This project aims to create the largest production site in the world within South Korea. This massive investment will allowed the creation of 13 new factories to meet the constant growth in global demand. 

Across the pond, the U.S. government has announced plans to provide billions in funding for semiconductor companies both native and foreign. Indicative of the politicisation of semiconductor supply chains, part of this funding will be directed to Taiwanese company TSMC, as the U.S. continues to weaken the Chinese dominance over the global chip market. As part of its CHIPS Act, funds will be allocated to companies such as INTEL, South Korea’s Samsung Electronics and Micron. 


TIME for Kids | Fakeout

Viral deepfakes of Taylor Swift prompt U.S. bill to curb deepfake-based sexual harrassment

United States

A bipartisan group of US senators introduced a bill on Tuesday, titled the Disrupt Explicit Forged Images and Non-Consensual Edits Act of 2024, or the “Defiance Act.” The bill intends to criminalize the spread of non-consensual, sexualized images generated by artificial intelligence. The measure comes in direct response to the proliferation of pornographic AI-made images of Taylor Swift on X. The measure would allow victims depicted in nude or sexually explicit “digital forgeries” to seek a civil penalty against “individuals who produced or possessed the forgery with intent to distribute it” or anyone who received the material knowing it was not made with consent.


Association of South East Asian Nations announce guide on AI Governance

South East Asia

The Association of Southeast Asian Nations recently published a framework for artificial intelligence governance. The ASEAN guide on AI governance and ethics includes  national-level and regional-level recommendations that governments can consider implementing to design, develop, and deploy AI systems responsibly.

ASEAN is made up of Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Singapore, Thailand, and Vietnam. Critics have raised concerns regarding the imbalance of capabilities between ASEAN nations, as Singapore clearly leads whilst other nations lag behind in AI-capabilites. Challenges remain for these nations to develop capabilities and AI-readiness as differing stages of digital development bring “drastically different policy concerns and considerations.” 


Cookies: CNIL imposes €10 million fine on Yahoo

France

The French data protection authority (CNIL) accuses the American group of having tracked its users using around twenty cookies even though they had asked not to be tracked. Triggered by twenty-seven complaints, this investigation has, according to the CNIL, led to the discovery of other breaches, in particular on the Yahoo Mail service.