Daily Drop (524): Xi Jinping's Military-Industrial Vision, DPRK's Failed Spy Satellite Launch, Intel Commits $25 Billion to Israeli, Starlink and LEO Constellations Face Jamming, Pacific Cable Project
06-19-23
Monday, Jun 19, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
Xi Jinping’s dream of a Chinese military-industrial complex
Analyst Comments: Xi's move to bring technocrats from the military-industrial complex into political power seems to be an effort to leverage technology and innovation for China's military advancement. It might also be a strategic move to reduce potential opposition within the party, as these new leaders lack entrenched power bases. However, it's not clear yet how effective this strategy will be, given that despite immense state control, China's defense industry reportedly remains "poorly operated". There are also potential legal and trust issues in collaboration between the private sector and the military. While the Western world is apprehensive about China's military advancements, within China, a shift towards prioritizing military power over economic growth could create internal challenges and potentially jeopardize long-term stability.
FROM THE MEDIA: In last year's Communist Party Congress, Chinese President Xi Jinping not only secured an unprecedented third term but also facilitated the rise of political leaders with deep experience in China's military-industrial complex. This appears to be part of Xi's plan to enhance China's "military-civil fusion" policy, integrating technology and innovation from the private sector with the military. Key individuals now in power include former weapons maker CEO Zhang Guoqing, aerospace technology expert Ma Xingrui, and rocket scientist Yuan Jiajun, all appointed to high-level political roles. More than a third of the Communist Party's 205-member Central Committee now have a STEM background. However, experts suggest that there could be long-term risks as China focuses more on security and less on economic growth.
READ THE STORY: FT
North Korea calls botched spy satellite launch ‘gravest failure’
Analyst Comments: The commitment to a second launch signals North Korea's continued ambition to advance its military and surveillance capabilities, despite international condemnation and UN sanctions. This development is likely to exacerbate tensions between the United States and South Korea, particularly given the technological overlap between space launches and intercontinental ballistic missiles. The situation may prompt renewed diplomatic efforts to discourage North Korea's nuclear and missile activities, although past negotiations have yielded limited results. The failed launch and subsequent pledge to try again also underscore the challenges North Korea faces in developing its desired high-tech military assets, which include a spy satellite, multi-warhead missile, nuclear submarine, solid-propellant intercontinental ballistic missile, and hypersonic missile.
FROM THE MEDIA: North Korea's top officials have pledged to make another attempt to launch a military spy satellite after their first attempt in May ended in failure, according to state media. The failed launch was described as the "gravest failure" of the year at a meeting of the ruling Worker's Party of Korea. The satellite was meant to enhance North Korea's ability to monitor the United States and South Korea, but it crashed into the sea shortly after launch due to a rocket failure. The United States and South Korea criticized the May launch, arguing that it violated UN resolutions barring Pyongyang from any tests using ballistic missile technology.
READ THE STORY: Aljazeera // ABC NEWS
Chinese hackers use G7 ruse to target Australian government officials
Analyst Comments: This incident underscores the ongoing cyber threats posed by state-sponsored actors, particularly from countries like China and Russia, which have been frequently implicated in such activities. The targeting of government officials following high-level international meetings is a clear reminder that sensitive diplomatic discussions are prime targets for cyber espionage. As cyber threats continue to evolve and intensify, governments and organizations need to be vigilant and proactive in enhancing their cyber defenses.
FROM THE MEDIA: Following last month's Group of Seven meeting in Japan, suspected China-based hackers targeted government officials from Australia, France, Singapore, and the United Kingdom in an attempt to install malicious software on their devices and steal information. The hackers sent phishing emails posing as part of Indonesia's ministries of Foreign and Economic Affairs. The email campaign attempted to trick officials into downloading a compromised Word document. Brian Hussey, vice president of cyber threat response at SentinelOne, said the campaign was well-funded and showed signs of being based in China. The attached document contained hidden policy points which China often supports, such as strict adherence to the One China policy and opposition to force being used in the South China Sea. Upon being opened, the document installed malware designed to steal information, including passwords, keystrokes, network activity, and other information, which was then sent back to the hackers.
READ THE STORY: AFR
Intel to invest another $25 billion In Israel
Analyst Comments: Intel's $25 billion investment is a significant development for Israel's tech industry and signals a vote of confidence in the country's economy amid recent controversies. The new semiconductor manufacturing facilities will likely create more job opportunities and increase the country's export revenue. This investment can also help address the ongoing global semiconductor shortage by adding to the worldwide manufacturing capacity. Yet, Intel's massive investment comes at a time when many tech investors and companies are cautious about investing in Israel due to recent changes to the country's judicial system and ongoing human rights issues. This move by Intel could either pave the way for more international tech investments in Israel or potentially expose the company to criticism and backlash related to these controversies.
FROM THE MEDIA: Israel's Prime Minister Benjamin Netanyahu announced on Sunday that Intel plans to invest $25 billion (~90 billion New Sheqels) in semiconductor manufacturing facilities in Kiryat Gat, Israel, marking the largest foreign investment ever made in the country. This new factory, expected to open by 2027 and operate at least until 2035, will boost Intel's presence in Israel where it already employs around 12,000 people and is one of the largest private sector employers and exporters. This expansion is also expected to further diversify semiconductor production.
READ THE STORY: The Register // CTECH
Starlink is One Among Many LEO Constellations Affected by Satellite Signal Jamming
Analyst Comments: These cyberattacks on satellite constellations like Starlink highlight the growing importance of space-based assets for national security and the expanding cyber threat landscape. Cybersecurity for satellite networks is of particular concern because they are critical for global communications, military operations, navigation, and many other functions. The persistent attempts by Russian hackers to disrupt these networks demonstrate the potential vulnerabilities of satellite systems to cyberattacks. These incidents underscore the need for improved cyber defenses for satellite networks, robust detection capabilities, and effective response strategies.
FROM THE MEDIA: According to leaked documents from U.S. National Guard airman Ryan Teixeira, Russian hackers have been attempting to disrupt SpaceX's Starlink satellite constellation and similar networks for over a year. These attempts aim to complicate connections within the satellite systems, which provide internet coverage over Europe. This strategy is reportedly part of a broader effort by Russia to sabotage Ukrainian forces' internet access. Moscow is allegedly using its Tobol electronic warfare systems to interfere with Starlink's transmissions. To counteract these attempts, the U.S. Department of Defense is collaborating with various agencies, including the Secure World Foundation, to develop new security measures and defense tactics.
READ THE STORY: Cord Cutters News
Bad times are just starting for India's IT outsourcers, says JP Morgan
Analyst Comments: Intel's $25 billion investment is a significant development for Israel's tech industry and signals a vote of confidence in the country's economy amid recent controversies. The new semiconductor manufacturing facilities will likely create more job opportunities and increase the country's export revenue. This investment can also help address the ongoing global semiconductor shortage by adding to the worldwide manufacturing capacity. Yet, Intel's massive investment comes at a time when many tech investors and companies are cautious about investing in Israel due to recent changes to the country's judicial system and ongoing human rights issues. This move by Intel could either pave the way for more international tech investments in Israel or potentially expose the company to criticism and backlash related to these controversies.
FROM THE MEDIA: JP Morgan has released a report suggesting that India's IT services sector is likely to experience further weakening demand in June. The report notes increased competition and predicts a drop in win rates, pricing, and deteriorating deal terms. Furthermore, it anticipates that deferred project starts, project halts, and cancellations are likely to continue. A recovery for the industry is not likely for another six to nine months, making 2023 and 2024 financially challenging for the sector. JP Morgan has revised its revenue estimates for India's IT industry by one to three percent for Q1. It also cut its outlook for Tata Consultancy Services and Infosys.
READ THE STORY: The Register
Micron warns China's ban could cost it $4 billion annual revenue
Analyst Comments: Micron's case illustrates the uncertainties that tech companies face as they navigate increasingly complex geopolitical landscapes, with technology and data security issues often becoming entangled in broader political and economic tensions. This situation could potentially disrupt Micron's operations and profitability. Moreover, the impact could be felt across the semiconductor industry given Micron's position as a major supplier of memory chips. It also underscores the critical role of transparent and predictable regulatory environments for global businesses, especially in sectors like technology where geopolitical considerations are increasingly prominent.
FROM THE MEDIA: US-based semiconductor company Micron Technology has warned investors that its business faces significant uncertainty due to a security review by China's cybersecurity administration. The company stated that its products had failed the review, but no specific reasons for the failure were provided. Several of Micron's customers, including mobile original equipment manufacturers (OEMs), have been contacted by Chinese authorities about the future use of Micron products. Around a quarter of Micron's global revenue, which equated to about $7.7 billion for FY2022, comes from China. Micron now believes that approximately half of this revenue is at risk.
READ THE STORY: The Register
Hackers behind Microsoft outage most likely Russian-backed group aiming to ‘drive division’ in the west
Analyst Comments: The cyberattacks claimed by Anonymous Sudan exhibit tactics and resources beyond the typical capabilities of grassroots hacktivist collectives. This, coupled with their public alignment with pro-Russian threat actors, suggests the involvement of a nation-state, likely Russia. State-sponsored cyberattacks typically possess a higher level of sophistication, persistence, and funding compared to those executed by independent groups. The attacks aim to instigate fear, uncertainty, and societal division, suggesting a strategic psychological objective in addition to causing direct disruption and financial damage. It is critical for targeted entities to enhance their cybersecurity posture and for nations to cooperate in holding state-sponsored threat actors accountable. The expansion of Anonymous Sudan's Telegram channel, reaching over 60,000 followers, also underlines the challenge of controlling the spread of hacktivist ideologies and mobilization on digital platforms.
FROM THE MEDIA: Cybersecurity firm CyberCX suspects that a Russian-linked group, not the self-proclaimed Sudanese hacktivist group Anonymous Sudan, is responsible for recent attacks on Microsoft and various Australian companies. The nature of the attacks, the financial resources used, and the public alignment with pro-Russian threat actors indicate a state-backed operation. These cyber-attacks targeted sectors including healthcare, aviation, and education, with significant incidents being denial-of-service (DoS) attacks on Microsoft’s Outlook service and Australian organizations.
READ THE STORY: The Guardian // THN
Bank of China restricts Russian transfers of yuan to E.U., U.S
Analyst Comments: The restrictions by the Bank of China on the transfer of multiple currencies, including the yuan, to several Western countries, may have significant implications for the global financial system, particularly in the context of ongoing geopolitical tensions. These limitations may be seen as a response to the threat of secondary sanctions from the US and EU, which aim to cut off alternative channels used to evade existing sanctions against Russia. While the proportion of yuan transfers to the EU and US is relatively small, the restrictions could impact private investors and businesses attempting to circumvent sanctions against Russia, including Russia's exclusion from SWIFT.
FROM THE MEDIA: Starting June 13, the Bank of China has limited the ability of Russian banks' clients to transfer yuan to the EU, US, UK, and Switzerland. Only banks within the Bank of China group can now make such transfers. According to reports from Russian media outlets, the restrictions also apply to transfers in US Dollars, Euros, and Hong Kong Dollars. Experts from Russian banks believe that these limitations were imposed due to the risk of secondary sanctions on Chinese banks, which might lose their accounts in American and European banks.
READ THE STORY: Meduza
“The US can't yet compete with China on EVs” - Ford Chairman
Analyst Comments: The recent declarations from Ford's executives underscore the mounting competition in the global EV market and highlight China's substantial advancements in this sector. Notably, China's dominance is reinforced by its substantial ownership of raw materials required for EV batteries, which positions it strategically in the global supply chain. Ford's strategic investment in EV technology and its collaboration with CATL, a Chinese battery company, reflect its endeavor to quickly adapt to this evolving market dynamics. The identification of China as Ford's primary competitor, as opposed to traditional rivals such as GM and Toyota, signals a pivotal shift in the auto industry's competitive landscape. This not only illustrates the escalating importance of EV technology but also emphasizes China's increasing influence in this burgeoning market.
FROM THE MEDIA: Ford Motor's Executive Chairman, Bill Ford, stated that the U.S. is currently not prepared to compete with China in the production of electric vehicles (EVs). Ford emphasized China's swift and large-scale development of EVs, which they are now exporting, and asserted that the U.S. needs to prepare for the imminent arrival of these vehicles. In February, Ford announced plans to invest $3.5 billion in an EV battery plant in Michigan, which would utilize technology licensed from Chinese battery company CATL. Ford CEO Jim Farley also identified Chinese automakers as the main competitors in the EV sector, not traditional rivals like GM or Toyota.
READ THE STORY: Reuters
Pacific internet cable to Curb China aims
Analyst Comments: This coalition represents a significant effort by Japan, the U.S., and Australia to counter China's expanding influence in the Pacific region. The initiative to improve internet access in these Pacific island nations is strategically important, as it helps enhance the connectivity of these regions and assert influence over the tech infrastructure. It can be seen as a part of the broader push by the U.S., Australia, and Japan to promote a free and open Indo-Pacific region.
FROM THE MEDIA: Japan, the United States, and Australia are planning to jointly create an undersea cable to improve internet access in Pacific island nations, aiming to counter growing Chinese influence in the region. The three countries will invest around $95 million into the project, with Japan's NEC Corp. leading the endeavor, which is expected to be completed by 2025. The roughly 1,398-mile long fiber-optic cable will connect Micronesia, Nauru, and Kiribati. The project was initially spearheaded by the World Bank but was taken over by the three countries after a company previously linked with China's Huawei Technologies Co. submitted a bid, raising concerns over potential information leaks. The planned undersea cable will provide high-speed, high-quality telecommunications to over 100,000 people in the three Pacific island countries.
READ THE STORY: NWA ONLINE
Blinken meets Xi during pivotal China trip to salvage frosty ties
Analyst Comments: Blinken's visit to Beijing signifies an attempt to dial down tensions between the world's two largest economies. Despite failing to bridge substantial differences, the emphasis on open communication and bilateral stability is a positive development. Nonetheless, the stark divergence in perspectives over Taiwan underscores the fragility of these diplomatic overtures. Although the U.S. maintains a stance of "strategic ambiguity" about its response to a potential Chinese attack on Taiwan, Beijing's hardline approach only intensifies tensions. It's crucial to note that further deterioration of U.S.-China ties could have wide-reaching impacts globally, from financial markets to trade and supply chains.
FROM THE MEDIA: U.S. Secretary of State Antony Blinken concluded a crucial two-day visit to Beijing, during which he met with Chinese President Xi Jinping. The meeting was the first of its kind since 2018 and aimed to ensure that disputes between the two nations do not escalate into conflicts. Although the two sides discussed a wide range of contentious issues, including Taiwan, trade, human rights, synthetic opioids, and the situation in Ukraine, no significant progress was made in resolving their differences. However, the two delegations agreed on the importance of open communication and stabilizing bilateral relations. The visit is expected to pave the way for a potential Biden-Xi summit later this year.
READ THE STORY: Reuters
The USDA is investigating a ‘possible data breach related to the global Russian cybercriminal hack
Analyst Comments: This breach further underscores the vulnerability of governmental and corporate digital infrastructure to sophisticated cyberattacks. It also highlights the challenges faced by organizations in protecting sensitive information and the need for robust cybersecurity measures. The trend of exploiting software vulnerabilities to gain unauthorized access to sensitive data continues to pose significant risks. Organizations need to stay vigilant and ensure they promptly address any known software vulnerabilities. The attack is expected to result in stricter regulations and policies on data security and could spur investments in cybersecurity measures.
FROM THE MEDIA: The US Department of Agriculture (USDA) is investigating a possible data breach of a department contractor linked to a broader hack on multiple federal agencies, suspected to be executed by Russian cybercriminals. The USDA confirmed that a small number of employees might be affected by this breach. The breach's impact and the contractor's services have not yet been disclosed. The list of affected US agencies, reportedly targeted by Russian-speaking hackers, now includes the USDA, the US Office of Personnel Management, and two organizations in the US Department of Energy. The hackers reportedly exploited a vulnerability in a widely-used file-transfer software called MOVEit, developed by Massachusetts-based firm Progress Software.
READ THE STORY: CNN
With a dead-time dump, Microsoft revealed DDoS as the cause of recent cloud outages
Analyst Comments: The incident might prompt organizations to review their dependency on a single cloud service provider and consider diversifying their cloud strategy. For Microsoft, the incident will likely lead to increased investments in security and prevention measures against similar attacks in the future. Importantly, Microsoft's quick response in investigating and mitigating the attack, as well as the company's assurance that no customer data was compromised, could be seen as an effective crisis management response.
FROM THE MEDIA: Microsoft has admitted that early June outages of its 365 services and Azure Cloud portal were caused by a Distributed Denial of Service (DDoS) attack. Initially, Microsoft mentioned it was reviewing its networking systems to identify the root cause, and later reported an "anomaly with increased request rates" that damaged Azure services. A group called Anonymous Sudan claimed responsibility for the outages, which Microsoft has now confirmed. Microsoft identified surges in traffic that temporarily impacted service availability and began tracking ongoing DDoS activity by the threat actor, dubbed "Storm-1359." Microsoft hasn't directly linked "Storm-1359" to Anonymous Sudan but indicated that the group aims to disrupt and seek publicity. Despite the attack, Microsoft maintains that no customer data was accessed or compromised.
READ THE STORY: The Register
Items of interest
PatrIoT: practical and agile threat research for IoT
Analyst Comments: The proposed methodology offers a practical and structured approach to IoT vulnerability research, addressing many of the current challenges in the field. Its integration of multiple aspects, from threat modeling to penetration testing, allows for a comprehensive evaluation of IoT device security. The real-world testing on seven IoT products enhances the practical relevance of the study, showcasing the methodology's applicability and effectiveness. Like any methodology, its effectiveness is context-dependent and might vary with different IoT products. Future work could extend this methodology to include more complex or specific IoT systems, as well as integrate emerging security considerations. Furthermore, while the lightweight risk-scoring approach is beneficial for expediency, it may oversimplify certain risk aspects in some cases.
FROM THE MEDIA: The study, conducted by researchers from the KTH Royal Institute of Technology, proposes a novel IoT vulnerability research methodology named PatrIoT. This approach is designed to address key challenges in the IoT cybersecurity landscape, such as a lack of comprehensive testing standards and difficulties in threat modeling for resource-constrained IoT devices. The PatrIoT methodology incorporates four key elements: logical attack surface decomposition, a compilation of the top 100 prevalent IoT weaknesses, a lightweight risk scoring approach, and step-by-step penetration testing guidelines. To assess the effectiveness of PatrIoT, the researchers applied it to seven real-world IoT products. The results suggest that PatrIoT allows for quick and efficient vulnerability research and reduces the risk of overlooking critical testing steps.
READ THE STORY: Springer
Free Exploit Development Training (beginner and advanced) (Video)
FROM THE MEDIA: It's possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?
Getting Started in Firmware Analysis & IoT Reverse Engineering (Video)
FROM THE MEDIA: The speaker highlights the prevalence of old and deprecated technology in IoT devices, emphasizing the potential vulnerabilities that can be discovered through firmware analysis. They proceed to demonstrate a practical example by downloading and examining a TP-Link router firmware. They use tools like Binwalk to extract the firmware contents and explore the file system. They mention the possibility of finding default settings, credentials, and potential vulnerabilities within the firmware.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.