Daily Drop (476): China’s “Tri-ring” Approach to the Afghanistan, Debates around De-dollarisation, APT28 Targets Ukrainian Government, China Locks Down Information, US sanctions cut Huawei profits
05-1-2023
Monday, May 01, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
China’s “Tri-ring” Approach to the Afghanistan Issue and Beyond
Analyst Comments: The article provides an insightful analysis of China's approach to Afghanistan and the broader Eurasian region. It highlights China's efforts to work with its strategic partners to ensure peace and stability in Afghanistan and beyond, and its advocacy for the SCO as a platform for regional cooperation. The article also sheds light on China's engagement with Central Asian countries, which plays an important role in the country's Belt and Road Initiative. However, the article does not provide a comprehensive overview of China's foreign policy strategy, which may limit readers' understanding of the country's broader geopolitical aspirations. Overall, the article is informative and presents a coherent analysis of China's approach to Afghanistan and the wider Eurasian region.
FROM THE MEDIA: China is implementing a "tri-ring" approach to address issues related to Afghanistan and Eurasia. This strategy involves collaboration with strategic partners such as Pakistan, Russia, and Iran, ensuring peace and stability beyond Afghanistan through cooperation with neighboring countries, and promoting the role of the Shanghai Cooperation Organization (SCO) in the Eurasian region. The article emphasizes China's commitment to ensuring that the Taliban eliminates all terrorist groups and to collaborating with its partners to establish an inclusive and modest governance system in Afghanistan. Additionally, the article mentions China's endeavors to strengthen its relations with Central Asian countries in various fields, including trade, investment, interconnection, green agriculture, medical and healthcare, energy, and minerals.
READ THE STORY: Modern Diplomacy
Debates around De-dollarisation and Yuan Internationalisation
Analyst Comments: The article provides a detailed analysis of the current global currency landscape, with a focus on the growing adoption of the Chinese yuan (CNY) in international payments and the debates around de-dollarisation. The author presents a balanced view of the challenges and opportunities facing the internationalization of the CNY, including issues such as capital controls in China and the dominance of the US dollar in global trade and capital flows. While the article offers insights into the motivations and strategies of countries like China and Russia in promoting the use of the CNY, it could have provided a more nuanced analysis of the potential economic and geopolitical implications of de-dollarisation.
FROM THE MEDIA: The adoption of the Chinese yuan (CNY) in international payments is growing, and many countries, including Russia, Brazil, and Argentina, are exploring the use of the CNY, leading to debates around de-dollarisation. However, there are roadblocks to the CNY's internationalization, such as capital controls in China, and the US dollar's hegemony is likely to remain for some time. While the internationalization of the CNY seems to be very coordinated and driven by the long-term strategy of China, some countries, such as India, are "not comfortable" settling foreign trade in Chinese currency amidst tense relations with Beijing.
READ THE STORY: Modern Diplomacy
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
Analyst Comments: The recent cyber attacks on Ukrainian government bodies by Russian nation-state hackers, as reported by the Computer Emergency Response Team of Ukraine (CERT-UA), highlight the ongoing threats faced by the country's cybersecurity infrastructure. The phishing campaign, which targets government entities with fake Microsoft Outlook email accounts and instructs users to run a PowerShell command, demonstrates the sophistication of the attackers' tactics and their ability to manipulate the trust of the targeted employees. The use of PowerShell scripts to collect system information and exfiltrate data also highlights the importance of monitoring network connections and restricting users' ability to run scripts.
FROM THE MEDIA: The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a warning about cyber attacks targeting government bodies in the country. The phishing campaign, attributed to APT28, uses fake Microsoft Outlook email accounts created with the names and initials of employees of targeted government entities. The email messages provide instructions in Ukrainian to run a PowerShell command under the pretext of security updates. Running the script executes a next-stage PowerShell script designed to collect basic system information and exfiltrate details via an HTTP request to a Mocky API. Organizations have been advised to restrict users' ability to run PowerShell scripts and monitor network connections to the Mocky API.
READ THE STORY: THN
Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws
Analyst Comments: The April 2023 patches address critical vulnerabilities in widely used software products. These patches are essential in protecting users against cyber attacks that exploit these vulnerabilities. The fact that some of these vulnerabilities were already being actively exploited in real-life attacks underscores the importance of promptly applying patches to all affected systems. Failure to do so can lead to serious consequences, including data theft, system compromise, and other security breaches.
FROM THE MEDIA: In April 2023, major tech companies including Apple, Microsoft, Google, and Firefox issued patches to address major security flaws in their products. Apple released iOS 16.4.1 to fix two vulnerabilities in the IOSurfaceAccelerator and WebKit, which were already being used in attacks. Microsoft released an emergency patch to fix CVE-2023-28252, an elevation-of-privilege bug in the Windows Common Log File System Driver, and CVE-2023-21554, a remote code execution vulnerability in Microsoft Message Queuing. Google issued multiple patches for its Android operating system, fixing several serious security holes, including a critical security vulnerability in the system component. Firefox fixed issues in Firefox 112, Firefox for Android 112, and Focus for Android 112. Meanwhile, SolarWinds patched two high-severity issues, and Oracle released fixes for 433 vulnerabilities, including issues in the Oracle GoldenGate Risk Matrix.
READ THE STORY: Wired
Increase in oil prices in Pakistan and its impact on consumer buying behavior
Analyst Comments: The impact of rising oil prices on consumer behavior and the overall economy of Pakistan is significant. The government should take action to stabilize prices and protect the interests of consumers. Economic policies should focus on reducing taxes on imports and incentivizing domestic alternatives through government subsidies or tax breaks for local manufacturers tapping into renewable resources such as solar power. The adoption of new technologies, such as hydrogen fuel cell technology and electric vehicles, would also help reduce transport costs for individuals and businesses.
FROM THE MEDIA: Pakistan is facing a new challenge, rising oil prices, which have caused significant issues for policymakers, businesses, and consumers. Research studies suggest that the increase in oil prices negatively impacts consumer behavior, leading to a decline in demand for non-essential goods such as clothing and personal care products. Higher fuel costs also make it more expensive to buy everyday essentials like food and other household items, increasing inflation levels. As a result, consumers are being forced to make tough choices about their spending habits, such as cutting back on discretionary purchases or switching to cheaper alternatives. The manufacturing sector is also heavily impacted by rising oil prices, which can lead to increased production costs and decreased profitability.
READ THE STORY: Modern Diplomacy
Russia hunts for spies and traitors — at home
Analyst Comments: The case of Vladimir Kara-Murza, an opposition politician who was sentenced to 25 years in prison for giving speeches in the US, Finland, and Portugal, is highlighted as an example of this trend. The author argues that treason charges have become a catch-all for the Russian government to target its opponents and that the law is being applied more broadly since the start of the war in Ukraine. The article raises concerns that anyone could be accused of treason for expressing their opinions and that the use of this charge is becoming increasingly common.
FROM THE MEDIA: Russia is increasingly using the charge of treason to convict its critics, journalists, and opposition politicians. The case of Vladimir Kara-Murza, a Russian opposition politician, who was handed 25 years in prison, highlights this trend. Eighteen years were given on account of treason for speeches he gave in the United States, Finland, and Portugal last year. The prosecution viewed Kara-Murza's words as an existential threat to Russia's safety, and the judge agreed. The verdict and sentencing set a precedent for modern Russia, broadening and formalizing its hunt for internal enemies.
READ THE STORY: Politico
Arkansas passes law banning the purchase of drones from "covered foreign entities"
Analyst Comments: The new law passed in Arkansas is a step towards improving national security by prohibiting law enforcement agencies from purchasing drones from foreign entities that pose potential risks to data security. The law's definition of a "covered foreign entity" specifically targets entities domiciled in China and Russia or under their government's influence or control. The law provides a waiver option for agencies if their drones can extend beyond four years, which could help smaller agencies afford alternative drones. However, there may be concerns about the effectiveness of the law, as it only prohibits future purchases of foreign drones, and does not mandate a replacement of existing foreign drones.
FROM THE MEDIA: Arkansas has passed a new law that prohibits law enforcement agencies from purchasing small, unmanned aircraft or drones from a "covered foreign entity" starting in 2027. The law defines a "covered foreign entity" as an individual, foreign government, or a party other than an individual or foreign government on the Consolidated Screening List or entity list designated by the United States Secretary of Commerce, domiciled in the People's Republic of China or the Russian Federation, or under the influence or control of the government of the People's Republic of China or the Russian Federation. Police departments in Arkansas have four years to phase out their use of foreign drones, which is twice the life of a standard drone, depending on its size. However, agencies can apply for a waiver through the secretary of transportation if they believe the life of their drones can extend beyond four years.
READ THE STORY: AO
US sanctions cut Huawei profits by half in the first quarter
Analyst Comments: The article provides a clear overview of the rising tensions between China and Taiwan and the implications for the United States. It highlights the need for a nuanced understanding of the Taiwan challenge and a precise strategy for protecting American interests. The article's emphasis on the need to focus on the campaign of coercion without violence that China is already employing against Taiwan is particularly insightful. The article provides a balanced perspective on the challenges facing Taiwan and the United States and offers practical recommendations for policymakers.
FROM THE MEDIA: The People’s Liberation Army’s increased military operations around Taiwan in recent years have sparked this spiral of rising tensions and accompanying alarm in the United States. This has led to a number of 4-star generals and admirals publicly speculating about timelines for a potential Chinese invasion of Taiwan, with several warning of a Chinese invasion between 2023-2027. President Biden has declared on four occasions that the United States would come to Taiwan’s defense in the event of an attack. The article emphasizes the need for a clear understanding of the nature of the Taiwan challenge, and a precise strategy for protecting American interests, given the stakes involved. The article suggests that for the United States, sustaining military deterrence is the minimum threshold, not the measure of success and that a deeper understanding of the sharpest stresses on Taiwan and the best tools for countering them is needed.
READ THE STORY: The Wire China
From the Soviet Union to Putin’s Russia, American Journalists Have Navigated Clampdowns
Analyst Comments: The deteriorating relationship between Russia and foreign correspondents highlights the country's lack of press freedom and increasing hostility towards independent journalism. This also raises concerns about the safety of journalists, both foreign and domestic, in Russia. The use of vague laws criminalizing the dissemination of "unreliable information" and the "discrediting" of the Russian military gives authorities more tools to silence reporters, as seen with the detention of Evan Gershkovich.
FROM THE MEDIA: Russia has threatened to retaliate against American reporters in response to the US denying visas to two Russian journalists seeking to cover the United Nations meeting. This comes four weeks after the country's arrest of Wall Street Journal reporter Evan Gershkovich, indicating a fraying relationship between the Russian government and foreign correspondents. During the 1990s, foreign journalists regularly met with Russian politicians and officials, but mounting distrust and tightening restrictions have put an end to that era. The breakdown reflects Putin's grip on the domestic press and shows how a more security-minded government is constraining what is printed and broadcast beyond Russia's borders.
READ THE STORY: WSJ
China Locks Information on the Country Inside a Black Box
Analyst Comments: China's latest moves to restrict access to economic data and information are concerning for foreign businesses and investors. The move comes at a time when US-China relations are already strained, causing many companies to consider moving operations out of China or reducing their exposure to the country. The increased restrictions on information are likely to make the Chinese market less attractive to capital and reduce the flow of information needed to navigate China's complex business environment. The broad effort to tighten the Communist Party's control on how the world views China and to close off China from foreign influence is likely to create more uncertainties and risks for foreign companies doing business in China.
FROM THE MEDIA: China's government is implementing new restrictions on information related to the country's economy, including corporate registration information, patents, procurement documents, and academic journals. Shanghai-based Wind Information Co., a crucial database widely used by investors and analysts, is experiencing disruptions due to "compliance" issues. These moves are part of a broader effort to tighten the Communist Party's control on how the world views China and to close China off from foreign influence. The push is driven by President Xi Jinping's belief that the West, particularly the US, poses existential threats to the Communist Party's hold on power. The increased restrictions on information are unnerving foreign businesses and investors already grappling with heightened geopolitical risks associated with their investments in China.
READ THE STORY: WSJ
Sophos: Hackers utilize LOLbins to attack organizations
Analyst Comments: The use of LOLBins as a technique in cyber attacks highlights the need for cybersecurity professionals to stay up-to-date with the latest threats and techniques used by attackers. The report by Sophos emphasizes that the threat environment has grown in volume and complexity to the point where there are no discernible gaps for defenders to exploit. This requires organizations to implement proactive monitoring and to take a proactive approach to cybersecurity.
FROM THE MEDIA: Sophos, a cybersecurity solutions company, has found that "Living off the Land" binaries (LOLBins) are one of the most commonly used techniques among the 500 unique tools and techniques that cyber attackers are employing in their operations. LOLBins are executables that are naturally found on operating systems, which makes them more difficult for defenders to block. Sophos analyzed over 150 Sophos Incident Response cases and identified more than 500 unique tools and techniques, including LOLBins. The report stated that unpatched vulnerabilities and compromised credentials were also commonly used root causes of attacks, with half of the investigated cases exploiting ProxyShell and Log4Shell vulnerabilities to infiltrate organizations.
READ THE STORY: Backend News
Should Generative AI ChatGPT Be Made Available Unfettered Unfiltered And Likely Vile, Asks AI Ethics And AI Law
Analyst Comments: This story provides an in-depth analysis of the controversy surrounding the retention and availability of original versions of generative AI apps. It discusses the history of generative AI, how it works, and the concerns associated with it. The author uses analogies to horses to explain the concept of broken horses versus wild spirit horses, which is related to the latest in Artificial Intelligence (AI) known as generative AI.
FROM THE MEDIA: The article explores the controversy surrounding the retention and availability of the original versions of generative AI apps, such as OpenAI's ChatGPT, for experimentation and exploration. Generative AI apps generate outputs through the entry of text prompts and have gone through numerous iterations before being released to the public. The original versions of these AI apps often contain unsavory content, which the public is not keen on. OpenAI found a middle ground by refining ChatGPT before releasing it to the public. However, the question arises whether AI makers should be required to retain and make available the original version of the AI app on a limited basis, or if it should be left to their voluntary choice.
READ THE STORY: Forbes
Google Blocks 1.43 Million Malicious Apps, Bans 73,000 Bad Accounts in 2022
Analyst Comments: Google's efforts to improve its security measures and app review processes are commendable. It prevented a significant number of bad apps from being published and banned numerous bad accounts, demonstrating the company's commitment to protecting its users. However, cybercriminals continue to find ways to exploit vulnerabilities, as evidenced by the proliferation of malware-laden games. This highlights the need for constant vigilance and improved security measures to keep pace with evolving threats.
FROM THE MEDIA: Google reported that its security measures and app review processes helped prevent 1.43 million bad apps from being published in the Play Store in 2022. The company also stated that it banned 173,000 bad accounts and stopped over $2 billion in fraudulent and abusive transactions. Additionally, Google prevented 500K submitted apps from unnecessarily accessing sensitive permissions over the past three years. Google's App Security Improvements program also aided developers in fixing 500K security weaknesses, affecting approximately 300K apps with a combined install base of 250B installs. However, despite these measures, cybercriminals continue to find ways around the app storefront's security protections and publish malicious and adware apps. McAfee discovered 38 games posing as Minecraft, which contained the HiddenAds malware and were installed by at least 35 million users worldwide.
READ THE STORY: THN
US sanctions cut Huawei profits by half in the first quarter
Analyst Comments: The continued slump in profits for Huawei is not surprising given the ongoing US sanctions. The company has been forced to develop its own technology to replace parts from American companies, which will likely take time to develop and implement. The German government's consideration to remove Huawei equipment from its networks could be another blow to the company's business. Additionally, the potential sanction of Huawei's cloud products by the US could further harm the company's prospects.
FROM THE MEDIA: Chinese tech giant Huawei continues to suffer from the effects of US sanctions, reporting a plunge in profits in the first quarter of 2023. Sales have remained largely stagnant, growing only 0.8% compared to the same quarter last year, while profits dropped by 46% compared to the year-end report for 2022. Huawei's Q1 statement noted little else beyond these metrics, only saying that the results were in line with forecasts and that the company is increasing investment in R&D to innovate around US sanctions. The US banned all American technology exports to Huawei earlier this year, cutting off the company from parts produced by companies like Qualcomm. Huawei has since been developing its own enterprise resource planning (ERP) software and electronic design automation (EDA) software for chip development.
READ THE STORY: The Register
Keep calm and carry on when the supply chain goes up in flames
Analyst Comments: The advice and insights shared by incident response experts are valuable for security professionals and organizations dealing with security incidents. Being skeptical, using investigative methods, and remaining calm are all critical for effectively managing and mitigating the damage of a security incident. The importance of collaboration and sharing in detecting and preventing supply-chain attacks is also noteworthy, as it emphasizes the need for a collective effort to address this growing threat.
FROM THE MEDIA: At the RSA Conference, incident response experts discussed how to handle supply-chain attacks and other security incidents. They advised being skeptical of initial reports and using investigative and scientific methods to assess the situation. In addition, remaining calm and composed is important for navigating potentially chaotic situations during incident response. Experts also pointed out the importance of collaboration and sharing in detecting and preventing supply-chain attacks. They shared specific lessons learned from the 3CX supply-chain attack and highlighted the difficulty of detecting and determining the scope of such attacks.
READ THE STORY: The Register
China using tech to ‘oppress its own people,’ warns lawmaker looking to restrict AI exports
Analyst Comments: Rep. Green's proposed bill highlights concerns about China's use of technology to suppress its own people, and there is a growing consensus in the US that AI and other advanced technologies should be restricted from export to China. The proposed bill may help to address these concerns, but it remains to be seen whether it will be passed into law. The US and China are in the midst of geopolitical competition, and limiting China's access to advanced technology is seen as a way to maintain the US's strategic advantage.
FROM THE MEDIA: Rep. Mark Green, a Republican from Tennessee, has proposed a bill called the China Technology Transfer Control Act, which seeks to impose new limits on US technology exports to China. The bill is aimed at ensuring that the US maintains its competitive edge and keeping Beijing from using advanced systems against its own population. Green says China has used high-end technology to oppress its own citizens and erase its own history, such as the Tiananmen Square massacre. His bill seeks to impose new export restrictions on technology used to create AI systems and other technology related to robotics, biotech, computing, and internet-related services. Export restraints on those goods would be imposed when it would aid China's military, harm US national security, or allow China to carry out "violations of human rights or religious liberties" against its own people.
READ THE STORY: Fox News
Businesses Should Not Be Shocked By China’s Aggressive Decoupling Offensive
Analyst Comments: The article offers insights into China's economic decoupling from foreign companies and highlights the consequences of Western companies trading short-term gains for long-term losses. It also sheds light on how China's President Xi Jinping's increasing insecurity has driven China's offensive stance on economic decoupling. Additionally, the article discusses how external actions, such as the US maneuvering around the status of Taiwan and new regulatory bodies, have intensified China's offensive stance.
FROM THE MEDIA: China's recent acceleration of economic decoupling from foreign companies has shocked the business communities in the US and the rest of the G7 states. However, China's intention to wean itself from foreign investment has been transparent for decades, and it should be no surprise that they're proud of its role as the "world's factory." As China has adopted a more offensive stance, advanced country companies and their governments have taken on a more defensive posture. The Western companies have been unable to resist the lure of the second-largest economy and most populated nation despite its stringent adherence to a Communist policy. Maintaining the strength of China's economy is critical in its own right for President Xi Jinping. Still, most importantly, if the economy falters, it could provoke widespread social unrest and thus diminish Xi's ability to maintain the reins of power.
READ THE STORY: Forbes
Items of interest
The Quest for Longevity Is Already Over
Analyst Comments: The article provides a detailed overview of the debate surrounding the upper limit of human lifespan and the role of supercentenarians in this quest. It highlights the differing perspectives of researchers and presents their arguments in an informative and engaging way. Additionally, the article acknowledges the limitations of studying supercentenarians due to the lack of reliable data and suggests alternative areas of research that could be more useful in extending healthy lifespans.
FROM THE MEDIA: While demographer and longevity researcher Jean-Marie Robine studies supercentenarians as data points in the search for the upper limit of human lifespan, epidemiologist Jay Olshansky argues that the quest for longevity is mostly over, and we should focus on helping people live healthier lives. The article also explores the difficulty of studying supercentenarians due to a lack of reliable data and how studying frailty indicators in younger people could be more useful than studying the ultra-old.
READ THE STORY: Wired
Noam Chomsky - Manufacturing Consent (Video)
FROM THE MEDIA: In "Manufacturing Consent," Noam Chomsky argues that the primary function of the mass media in the US is to mobilize public support for the special interests that dominate the government and private sector. These interests are held by a relatively concentrated network of major corporations and conglomerates that control the major executive positions in the government, own the media, and dominate the resources needed to satisfy their interests. Chomsky outlines a propaganda model, in which the elite media sets the general framework for national and international affairs, and shapes the perception of the current world on the part of the politically active educated classes.
Noam Chomsky: On China, Artificial Intelligence, & The 2024 Presidential Election (Video)
FROM THE MEDIA: The transcript is an interview with Noam Chomsky covering various topics such as the upcoming 2024 Presidential Election, climate change, nuclear war, artificial intelligence, American democracy, and global politics. Chomsky expresses his concern about the destruction of human life on Earth due to the threat of nuclear war and the impact of climate change. He also criticizes the Republican Party, calling them a radical insurgency, and expresses doubt about American democracy surviving in any form. Chomsky also discusses the role of artificial intelligence in creating disinformation and the need for taking action to improve the financial crisis, improve American healthcare, and reduce the use of fossil fuels.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.