Daily Drop (475): India Joins De-dollarization Drive, Chinese Police Stations in Europe, Zimbabwe Plans Digital Currency, Germany reopens its Mines, China Targeting US satellites
Sunday, April 30, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
India Joins China in De-dollarization Drive
Analyst Comments: The de-dollarization trend is a long-term process, and it will take many years for any currency to challenge the dominance of the US dollar. The US dollar accounts for over 58% of global foreign exchange reserves, while the Chinese yuan accounts for only 2.7%. Additionally, the US dollar is widely used for pricing and trading commodities, especially oil. The US also has significant influence over global financial institutions and trade. Despite the challenges, the de-dollarization trend is accelerating, and it could have serious consequences for the US economy. The US must prepare for a world where its currency is no longer the primary choice for global trade and investment.
FROM THE MEDIA: The de-dollarization trend is accelerating as many countries seek to reduce their dependence on the US dollar and promote greater economic sovereignty. Several countries, including China, Russia, Brazil, India, ASEAN nations, Kenya, Saudi Arabia, and the UAE, are actively pursuing de-dollarization. India, in particular, is promoting its own currency, the rupee, as an alternative to the dollar in global trade. The country has also expressed interest in exploring an alternative to the Society for Worldwide Interbank Financial Telecommunication (SWIFT) with Russia and China. This could allow India to trade with countries under US sanctions using their own currencies.
READ THE STORY: Modern Diplomacy
Secret Chinese Police Stations in Europe Are 'Tip of the Iceberg'
Analyst Comments: The revelation of the Chinese Communist Party's secret police stations operating abroad is a cause for concern as it represents the CCP's growing influence beyond China's borders. The concern extends to the Chinese authorities' ability to use these facilities to monitor diaspora communities and target suspected criminals outside of the local due process. The European nations' inability to address the Chinese Communist Party's influence operations is alarming, considering the number of secret police contact points in the region. The US has taken the first step in addressing the issue, but other nations must follow suit to prevent the CCP's overreach. It remains to be seen how much impact the criminal charges filed by the US Justice Department will have on the CCP's foreign operations.
FROM THE MEDIA: According to a watchdog group, Safeguard Defenders, the Chinese Communist Party is operating more than 100 police contact points across over 50 countries, where these facilities are being used to monitor diaspora communities and target suspected criminals outside of the local due process. European nations, in particular, are not doing enough to address the Chinese Communist Party's secret police stations, which are the tip of the iceberg for the CCP's broader influence operations. Safeguard Defenders has identified almost 50 stations in Europe, with a particularly large CCP footprint in Spain, France, and Italy. China has repeatedly dismissed reports of secret police stations. However, US authorities are seeking to address the issue, with the Justice Department this month filing the first-known criminal charges related to secret CCP police facilities abroad.
READ THE STORY: Newsweek
Zimbabwe Plans to Launch Digital Currency Backed by Gold
Analyst Comments: The move by Zimbabwe to launch a digital currency is a reflection of the growing global trend towards central bank digital currencies (CBDCs), which are being explored by many countries as a means of strengthening their national currencies and improving the efficiency of financial transactions. The use of gold reserves to back the currency is intended to provide reassurance to users and promote trust in the currency, but it remains to be seen whether this will be enough to overcome the skepticism that many Zimbabweans have towards their national currency after years of economic turmoil. The success of the new digital currency will depend on the willingness of people and businesses to adopt it and the ability of the central bank to manage its supply and maintain its value.
FROM THE MEDIA: Zimbabwe's central bank has announced plans to introduce a digital currency next month, backed by gold reserves, in an effort to strengthen the country's faltering national currency, the Zimbabwe dollar. The new digital currency will be launched on May 8 and will be fully backed by physical gold held by the Reserve Bank of Zimbabwe. People can buy the tokens and use them as a way to save their money or conduct “person-to-person and person-to-business transactions and settlements." The tokens can be purchased through banks and transactions can be made using “e-gold wallets or e-gold cards” held by banks.
READ THE STORY: VOA
The Big Dig: Germany reopens its Mines in Quest for mineral self-sufficiency
Analyst Comments: Germany aims to reduce its dependence on imported critical minerals by extracting more of them domestically. The country plans to reactivate the Käfersteige mine, which is believed to have Europe's largest deposit of fluorspar, a crucial component of electric cars. The German government has also overhauled its raw materials strategy, proposing a possible solution in a public-private "raw materials fund" to support mining, processing, and recycling projects in Germany and the EU with grants, loans, and investment guarantees. However, some experts believe that Germany's high cost of electricity and narrow focus on raw materials extraction without processing could hinder large-scale investment. Despite this, Germany's renewed interest in exploiting its mineral wealth is expected to increase self-sufficiency in critical minerals and enhance the country's green transition.
FROM THE MEDIA: Germany plans to reopen the Käfersteige mine in the Black Forest, which has been dormant for 27 years. The mine is believed to have the largest fluorspar deposit in Europe, which is an essential component for electric vehicles, including Volkswagen's ID.4. The current import of fluorspar by Germany from Mexico has led to the country's decision to boost its self-sufficiency, not only for fluorspar but also for other critical minerals needed for its green transition. The pandemic has caused Western governments to be more protective of their economies, leading to a desire for more self-reliance on critical materials to avoid risks. In this regard, Germany is planning a public-private raw materials fund and is considering other measures, such as increasing investment in recycling, establishing state stockpiles of strategic raw materials, and expanding domestic production, to make its supply chains more resilient.
READ THE STORY: FT
China Targeting US satellite program in Quest for military supremacy
Analyst Comments: The article highlights the growing threat of China's cyberwarfare capabilities targeting American satellites critical to US war-fighting operations. As a former senior analyst with the Defense Intelligence Agency (DIA), the author confirms China's increasing use of cyber hacking as a weapon to target US satellites, in addition to its other space-based military capabilities. The dependence of the US on satellites for both civilian and military purposes, including water management, power grid monitoring, and broadband access, make them vulnerable targets for China's cyber and space warfare. The author suggests that the Pentagon has been aware of this threat for many years but has been unable to deliver a viable strategy to deter US adversaries from attacking US satellites and securing US spacecraft.
FROM THE MEDIA: A leaked CIA intelligence report revealed that China is building cyberweapons to hack and hijack American satellites crucial to US military operations. The report also stated that China is exploring ways to render US satellites inoperable to disrupt and destabilize US civilian life in the event of an attack on Taiwan. China has designated space as a war-fighting domain and has doubled its number of orbiting satellites. China’s space weapons arsenal includes disruptive and destructive options such as electronic warfare jammers and anti-satellite missiles. The US military heavily relies on space for defense and key aspects of civilian life. The Pentagon has been aware of vulnerabilities in US space systems but has yet to deliver an effective strategy to deter US adversaries from attacking satellites.
READ THE STORY: NYPOST
Cyber Certainty: Investing in Resilience During a Post-Correction Market
Analyst Comments: Despite the challenges posed by market normalization, the biggest existential risk for any organization remains a data breach or a cyberattack. We are entering a new wave of innovation, with AI being used to drive efficiencies and new capabilities in every business aspect of our lives. This new innovation economy presents an area of great opportunity for investment. The role of the CISO has never been more critical, with regulatory requirements and market reaction to cyber events elevating the role to be more strategic in enhancing business productivity and success. Collaboration with the rest of the C-suite and board is key to achieving increased innovation, accelerated adoption of critical technology, cost reductions, improved reputation and customer satisfaction, and greater stakeholder trust.
FROM THE MEDIA: The cybersecurity industry has faced many challenges in the past, including economic downturns and the COVID-19 pandemic, but has continued to thrive through innovation and resilience. Despite market fluctuations, there is still a strong need for cybersecurity solutions to protect against data breaches and cyberattacks, which have global implications. The use of AI is also creating new opportunities for investment, both for cybersecurity and to safeguard the use of AI. The role of the CISO is becoming more critical, requiring collaboration with other C-suite executives to enhance business productivity, reduce costs, and improve customer satisfaction and stakeholder trust.
READ THE STORY: DARKReading
Firmware Looms as the Next Frontier for Cybersecurity
Analyst Comments: The discovery of five vulnerabilities in firmware developed by American Megatrends International (AMI) is a significant issue for several major vendors, including Dell, HP, and Nvidia, among others. The vulnerabilities affect BMCs, which are chips that sit on motherboards, allowing administrators to monitor and manipulate anything on a machine. These vulnerabilities could allow attackers to gain remote admin access to a device. The researchers from Eclypsium highlighted that firmware is a new frontier for attackers because it is a privileged component, a gray area, and exploitable. It is difficult to secure firmware, and there are visibility issues that hinder security measures. As firmware becomes more of an area of interest for attackers, it will require more than good cyber hygiene to stop them.
FROM THE MEDIA: Researchers from cybersecurity firm Eclypsium have discovered a series of five vulnerabilities in firmware developed by American Megatrends International (AMI) for processors it manufactures known as baseboard management controllers (BMCs). The vulnerabilities affect servers run by over a dozen major vendors, including Huawei, Qualcomm, Nvidia, AMD, Dell, and HP. The bugs live in BMCs, which are chips that sit on motherboards, allowing administrators to monitor and manipulate anything on a machine. Even without an Internet connection, attackers could gain remote admin access over a device by exploiting these vulnerabilities. At the Black Hat Asia event, the researchers argued that AMI's BMC bugs were evidence of a larger, more structurally problematic issue in firmware security. They said that firmware is the new frontier for attackers because it is a privileged component, a gray area, and exploitable. Firmware is becoming an area of interest for attackers because it is difficult to secure.
READ THE STORY: DARKReading
British University Received Over £20 Million From China
Analyst Comments: The article provides a detailed account of the amount of funding received by various UK universities from Chinese entities, including those that have been blacklisted in other countries over national security concerns. The author highlights the potential risks associated with this funding, including the influence it may have on academic freedom and the possibility of infiltration by foreign entities. The author argues that the UK government should launch an inquiry into university funding sources and that universities should seek alternative funding streams to reduce dependency on Chinese funding.
FROM THE MEDIA: The Epoch Times has reported that London’s Imperial College is one of many UK universities receiving funding and donations from Chinese organizations, including companies accused of crime and human rights abuses. FOI documents reveal that Imperial College has received a total of £18,380,012 in research funding and £3,896,422 in cash donations from 20 organizations based in China, including China National Offshore Oil Corporation (CNOOC), which has been accused of human rights abuses in Burma. Other UK universities, including the University of Edinburgh and Cardiff University, have also received significant funding from China, as well as companies linked to China’s military and intelligence wings, such as CRRC Corporation Limited and the 10th Research Institute of China. The government is urged to launch an inquiry into university funding sources by experts, including Mark Sabah, UK and EU director of The Committee for Freedom in Hong Kong Foundation.
READ THE STORY: The Epoch Times
China again signals a desire to shape global IPv6 standards
Analyst Comments: China has ambitious plans to shape the IPv6 protocol and accelerate its adoption. While the new targets represent an increase on last year's goals, they may be unrealistic, given the recent dip in IPv6 adoption rates. Despite this, China is determined to promote the protocol, particularly in the areas of clouds, content delivery networks, smartphone apps, and commercial websites, and to improve the 'IPv6+' technology industry ecosystem. While China has made efforts to influence standards in the past, these have been rated as ineffectual and amateurish. The new IPv6 plan, however, shows that China has not given up on its ambition to shape the standard, probably reflecting its preference for state control of the local internet.
FROM THE MEDIA: China has announced new targets to accelerate the adoption of the IPv6 protocol. The plan, issued by the Central Network Information Office and other agencies, aims to have 750 million users and 300 million IoT devices using IPv6 by the end of 2023, with 15% of fixed networks and 55% of mobile network traffic expected to use the protocol. However, Akamai's State of the Internet report suggests IPv6 adoption rates fell from 28.1% in August 2022 to 23.3% in April 2023. The plan also calls for China to strengthen its innovation ecology and standard system and to participate actively in the formulation of international standards for the next generation of the Internet.
READ THE STORY: The Register
Chinese factory activity declines in April on weak global consumption
Analyst Comments: China's April PMI data shows that the country's post-Covid recovery is losing steam, with the manufacturing sector contracting due to factors such as insufficient market demand and a high base formed by the rapid recovery of the manufacturing industry in the first quarter. The non-manufacturing index is still solid but lower than market expectations, suggesting a continued recovery in the construction and services sectors but at a slower sequential pace. The Communist Party's politburo called for more support for economic recovery, indicating that China's economy is still facing challenges despite exceeding expectations. The weakening export markets, combined with the property sector's ongoing struggle, could hinder the recovery of employment and manufacturing investment.
FROM THE MEDIA: China's manufacturing activity contracted in April, according to official figures. The purchasing managers' index (PMI) fell to 49.2 points in April from 51.9 in March, below expectations. Meanwhile, the non-manufacturing PMI, which includes the services and construction sectors, was 56.4, down from 58.4 in March, indicating a continued expansion. The contraction in manufacturing signals that the post-Covid recovery in China's economy has somewhat lost momentum. Consumer activity is rebounding, but the property sector is struggling after a government crackdown and export markets are weakening.
READ THE STORY: FT
Hackers swap stealth for realistic checkout forms to steal credit cards
Analyst Comments: The use of fake payment forms is a growing concern for online shoppers as cybercriminals continue to find new ways to steal credit card details. These fake forms can be hard to detect, as they often look like the real thing. The fact that they are displayed as models mean that customers can interact with them without leaving the main webpage, which makes them seem more legitimate. Online shoppers need to be highly vigilant and consider using electronic payment methods or one-time private cards with charge limits that are useless in the hands of cybercriminals.
FROM THE MEDIA: According to a report by Malwarebytes, MageCart skimmers are taking over legitimate online stores' payment pages to display fake payment forms, stealing customers' credit cards. These payment forms are shown as modals, HTML content overlayed on top of the main webpage. The skimmers that infected the page are highly complex, and their code is heavily obfuscated with base64 encoding. Upon reaching the checkout page of the infected site, the malicious script displays a modal that features the brand's logo, correct language, and elegant interface elements. The modal is designed to steal customers' credit card information and send it back to the hackers. However, in the background, the threat actors have already stolen all entered details, including the credit card number, expiration date, CVV number, and cardholder name.
READ THE STORY: Bleeping Computer
'BellaCiao' Showcases How Iran's Threat Groups Are Modernizing Their Malware
Analyst Comments: Iran's state-backed cyber-threat groups, including Charming Kitten, have been systematically modernizing their arsenals and upgrading tactics in recent years. The emergence of BellaCiao is another example of this trend. The unique nature of the malware dropper makes it harder to detect and trace the group's activity. The use of DNS name resolution to communicate with the C2 server in a passive manner is also an innovative tactic. Charming Kitten's victim-specific and hard-to-detect nature suggests that it aims to conduct long-term operations and evade detection during the period between the initial infiltration and the actual commencement of the attack.
FROM THE MEDIA: Iran's Charming Kitten advanced persistent threat (APT) group has been deploying a new malware dropper named "BellaCiao" in targeted attacks against organizations in the US, Europe, Turkey, and India. The group is known for spear-phishing attacks against government agencies, journalists, think tanks, and academic institutions. BellaCiao is highly customized and unique, with each sample being custom-built for each victim. This makes it harder to detect the malware and the group's activity. The dropper interacts with its command-and-control (C2) server in a unique way using DNS name resolution. This makes it even harder to detect the malware's communication with the C2 server. BellaCiao's victim-specific and hard-to-detect nature suggests that Charming Kitten aims to blend in on host systems and networks.
READ THE STORY: DARKReading
Vice Society Leaks CommScope’s Employee Data Stolen During Ransomware Attack
Analyst Comments: The CommScope ransomware attack and subsequent data leak demonstrate the vulnerability of network infrastructure giants to malicious actors. The fact that the leaked data contained sensitive information such as scans of passports and bank account details shows the severity of the attack and the potential harm that could be done to the affected individuals. The leak could also result in long-term financial harm and expose the victims to identity theft and fraud. The increasing tendency of ransomware gangs to publish stolen data on the dark web raises concerns about the long-term impact of such attacks.
FROM THE MEDIA: Hackers from the Vice Society ransomware group have leaked employee data of CommScope after discovering "unauthorized access to a portion of our IT infrastructure that we determined was the result of a ransomware incident." The attack occurred against a major network infrastructure giant located in Hickory, North Carolina, which employs more than 30,000 workers, including personnel from hospitals, schools, and US federal agencies. The leaked employee data contained sensitive information such as full names, email addresses, postal addresses, scans of passports and visas, social security numbers, and bank account details. Some employee data was unencrypted, giving hackers enough information to craft convincing phishing attacks.
READ THE STORY: CPOMAG
Items of interest
Meet Nate Fick, the State Department’s first-ever ambassador for cyberspace
Analyst Comments: This article highlights how the U.S. is gradually pulling cyberspace into the center of its national security strategy, and how the State Department is working to institutionalize in-house tech expertise. The article notes that Fick, the State Department’s inaugural ambassador-at-large for cyberspace and digital policy, has been jetting around the world, working to build like-minded coalitions with allies and partners on everything from tech standards to regulations to international norms. The article also notes that about two dozen nations have started deploying diplomatic envoys specifically to Silicon Valley to interface with the tech world directly.
FROM THE MEDIA: The U.S. has gradually pulled cyberspace into the center of its national security strategy due to the fact that tech is now on the front lines of a new great powers competition. Upon taking office in 2021, Secretary of State Antony Blinken announced that digital would be among his key areas of focus. Last year, he launched a new bureau for Cyberspace and Digital Policy, with Nate Fick at its head. Fick, the State Department’s inaugural ambassador-at-large for cyberspace and digital policy, is working to institutionalize in-house tech expertise so that foreign service officers will be as literate in cyber and digital issues as they are in economic and political ones.
READ THE STORY: FC
The A.I. Dilemma - March 9, 2023 (Video)
FROM THE MEDIA: The video discusses the dangers of artificial intelligence (AI) and the exponential growth of Golem-class AI, which has emergent capabilities that are not yet fully understood. The speakers emphasize the need for responsible deployment of AI and advocate for selectively slowing down public releases of large language models to prevent potential harm. They draw parallels to the negative impacts of social media and urge for a collective effort to shape the future of AI. The transcript also mentions the benefits of AI, such as medical discoveries, but emphasizes the need for caution and responsible use.
Russian Cyber-Aggression: War Against the West (Video)
FROM THE MEDIA: Discover Russia's history of cyber warfare tactics and their ongoing attempts to undermine the West through cyber espionage, disinformation, and targeted attacks, including their aggressive actions against Ukraine and their potential impact on global instability.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.