Daily Drop (575): US: Japan & South Korea, Google: Wiretapped, FBI: Space, WoofLocker, China: Espionage, Debian, Africa: CyberCrime, Germany: Huawei, Moon, Stealthy APK, EW
08-19-23
Saturday, Aug 19, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
The Spirit of Camp David: Joint Statement of Japan, the Republic of Korea, and the United States
Analyst Comments: The intricate geopolitics of the semiconductor industry, especially between the US, China, and South Korea, is underscored by Yang's remarks. South Korea, a dominant force in the global chip market, is navigating its economic interests amidst geopolitical tensions. The US's aggressive policies might inadvertently bolster China's determination to achieve technological autonomy, prompting questions about the long-term ramifications of the US's approach. Concurrently, the joint statement from Japan, the ROK, and the US marks a pivotal step in fortifying their trilateral relationship. Amidst prevailing global challenges, this alliance seeks to guarantee regional stability, economic prosperity, and tech advancement, emphasizing the importance of collective efforts for a peaceful and prosperous Indo-Pacific.
FROM THE MEDIA: Yang Hyang-ja, a South Korean legislator and former Samsung executive expressed concerns over the US's interventions in the global semiconductor industry. She cautioned that the US's efforts to curb China's access to advanced chips could strain relations with Asian allies. If the US persists with its 'America First' and anti-China policies, it might face opposition from a coalition of countries. While some believe that US measures could benefit South Korean chipmakers by limiting their Chinese rivals, Yang suggests that the US's aggressive stance might push China to fast-track its tech advancements, potentially threatening South Korea's semiconductor dominance.
In a separate development, leaders from Japan, the Republic of Korea (ROK), and the United States convened at Camp David to usher in a new phase of trilateral cooperation amidst challenges like geopolitical competition, the climate crisis, Russia's aggression towards Ukraine, and nuclear threats. They emphasized the need for unity and coordinated efforts. Key takeaways from their joint statement include strengthened cooperation across various areas, regular consultations to synchronize responses to regional challenges, concerns about China's actions in the South China Sea, commitment to North Korea's denuclearization, economic and technological collaboration, unanimous support for Ukraine against Russia's aggression, and optimism about the future of the Indo-Pacific region.
READ THE STORY: Whitehouse // NY TIMES
Google 'wiretapped' tax websites with visitor traffic trackers, lawsuit claims
Analyst Comments: The lawsuit against Google highlights the growing concerns over data privacy and the potential misuse of analytics tools. If the allegations are proven true, it could have significant implications for Google and other companies that rely on analytics for business insights.
FROM THE MEDIA: Google is facing a lawsuit for allegedly "wiretapping" several tax preparation websites and collecting sensitive personal data. The term "wiretapping" in this context refers to the Google Analytics code added by tax firms to their websites to monitor visitor traffic and demographics. The complaint, filed in San Jose, California, claims that Google gathered personal data from U.S. taxpayers using online tax filing websites such as H&R Block, TaxAct, and TaxSlayer. The lawsuit alleges that these tax preparation companies sent private tax return information to Google through Google Analytics, which was installed on their websites. The data was allegedly used to enhance Google's ad business and other business tools.
READ THE STORY: The Register
FBI: Space industry espionage is latest cyber threat
Analyst Comments: The increasing focus on the US space industry by foreign cyber spies, especially from China and Russia, underscores a strategic shift in the realm of cyber espionage. The space industry's significance, both economically and strategically, makes it a prime target. The diverse methods of espionage indicate a multi-pronged approach to extracting valuable information. Companies in the space sector must bolster their cybersecurity infrastructure and be wary of potential insider threats. Additionally, the US government's explicit naming of Beijing and Moscow suggests heightened geopolitical tensions in the race for space dominance.
FROM THE MEDIA: The FBI, in conjunction with the NCSC and AFOSI, has issued a bulletin highlighting the escalating threats from nation-state-sponsored cyber espionage targeting the US space industry. Beijing and Moscow are identified as the primary culprits. These foreign entities are employing a range of tactics, from cyberattacks to strategic investments, to gain access to sensitive US space-related information. The US space sector, which is fundamental to various critical services, is witnessing rapid growth, with projections indicating that the global space economy could surpass $1 trillion by 2030. Previous incidents have shown Chinese hackers infiltrating US companies involved in space technology. While the US military suggests China's goal is to dominate space by 2045, China asserts its space ambitions are peaceful.
READ THE STORY: Cybernews // Gizmodo
WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams
Analyst Comments: WoofLocker's ability to hide malicious code within images and its advanced fingerprinting techniques make it a formidable threat. The fact that the campaign is still ongoing, despite being documented in 2020, underscores the challenges in combating such threats. The focus on adult websites as a primary host for WoofLocker also points to the continued vulnerability of such platforms. The broader implications of this toolkit, especially its potential misuse in tech support scams, emphasize the need for constant vigilance and updated cybersecurity measures.
FROM THE MEDIA: Cybersecurity researchers have discovered an updated version of a toolkit named WoofLocker, designed to execute tech support scams. Initially documented by Malwarebytes in January 2020, WoofLocker uses JavaScript in compromised websites to perform anti-bot and web traffic filtering checks. Once validated, users are redirected to a browser locker. This redirection employs steganographic techniques to hide the JavaScript code within a PNG image. If a user is detected as a bot or uninteresting traffic, a decoy PNG without malicious code is presented. The toolkit is also known as 404Browlock because accessing the browlock URL directly without proper redirection or a one-time session token results in a 404 error page. The campaign is still active, with most sites hosting WoofLocker being adult websites.
READ THE STORY: THN
Mounting Cyber Espionage and Hacking Threat from China
Analyst Comments: China's alleged involvement in various cyber espionage activities is a significant concern for global cybersecurity. The detailed account of China's hacking history, including the revelations by Mandiant, provides substantial evidence of China's potential involvement in cyber espionage. The increasing number of cyberattacks, especially on critical infrastructure like healthcare, highlights the urgent need for enhanced cybersecurity measures and international collaboration. The article also touches upon the broader implications of these attacks, emphasizing their potential impact on national security. The mention of the use of advanced tools like ChatGPT for code generation indicates that hackers are leveraging cutting-edge technologies to enhance their capabilities.
FROM THE MEDIA: Recent ransomware attacks on medical institutions in the US and India have raised concerns about the vulnerabilities of critical infrastructure. Data from the Indian Computer Emergency Response Team (CERT-In) indicates a rising trend in cyberattacks on government organizations. Western intelligence agencies have pointed toward China as a major source of these cyber threats. Notably, the American computer security firm Mandiant traced a significant number of attacks to a building in Shanghai, believed to be a base for the People’s Liberation Army’s cyber warriors. Despite China's denial of state-sponsored hacking, Western cybersecurity companies and intelligence agencies continue to accuse Chinese government-backed hackers of global digital incursions.
READ THE STORY: ModernDiplomacy
30 years on, Debian is at the heart of the world's most successful Linux distros
Analyst Comments: The article provides a well-rounded perspective on Debian's importance in the Linux world, intertwining historical context with current market dynamics. It underscores the often-underappreciated value of free software, both in terms of cost and freedom. Debian's influence, as highlighted by its derivatives and global initiatives, speaks to its enduring relevance. The comparison with Red Hat offers a nuanced understanding of the Linux landscape, emphasizing that financial success doesn't necessarily equate to widespread adoption. The Register's piece serves as a timely reminder of Debian's foundational role in shaping the Linux ecosystem over the past three decades.
FROM THE MEDIA: Introduced by Ian Murdock in 1993, Debian stands as a beacon of stability in the ever-evolving world of Linux. While not the oldest, Debian boasts a vast array of derivatives, including the popular Ubuntu. The dual meaning of "free" in "free software" is highlighted, emphasizing both the freedom it offers and its cost-effectiveness, especially in less affluent regions. Debian's cost-free nature has also been pivotal in the rise of cloud computing, with giants like Google relying on Debian-based systems internally. Market estimates place Ubuntu and Debian as leaders in the Linux market, collectively accounting for approximately half the market share. Furthermore, initiatives like China's "3-5-2 program" underscore Debian's global significance, aiming to replace Windows with Linux, primarily Debian and its derivatives. In comparison to Red Hat, Debian and its offshoots have a considerably larger user base, even though Red Hat often garners more media attention due to its financial achievements.
READ THE STORY: The Register
China, Russia Taking Aim at US Space Firms
Analyst Comments: It's evident that as the space industry becomes more integral to various sectors of the economy, its protection becomes paramount. The article serves as a timely reminder for U.S. space companies to be vigilant and proactive in safeguarding their intellectual property and technological advancements. The involvement of multiple U.S. agencies in issuing this warning also emphasizes the gravity of the situation.
FROM THE MEDIA: The U.S. counterintelligence officials have issued a warning about Chinese and Russian spy agencies targeting private U.S.-based space companies. The aim is to steal new technologies and hamper American advancements in the space sector. This warning was jointly released by the National Counterintelligence and Security Center, the FBI, and the Air Force Office of Special Investigations. The officials have identified the U.S. space industry as a lucrative target for foreign intelligence agencies due to its rapid growth. The global space economy is projected to grow from $469 billion in 2021 to over $1 trillion by 2030. The bulletin also highlights various tactics used by these spy agencies, including cyberattacks, attempts to gather sensitive data on satellite payloads, and efforts to disrupt satellite communications.
READ THE STORY: VOA
14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown
Analyst Comments: The integration of satellite technology into agriculture is a promising development in the face of the challenges posed by climate change. As traditional methods become less reliable due to shifting climate patterns, leveraging technology can provide farmers with the data they need to make informed decisions and optimize their yields. The potential benefits of this technology extend beyond winemaking to global food production, which is crucial given the rising threats of malnutrition and famine in various parts of the world. Policymakers and industry stakeholders should continue to invest in and promote the use of such technologies to ensure food security and sustainable agricultural practices in the future.
FROM THE MEDIA: The agriculture sector, particularly winemaking, is turning to satellite technology to adapt to the challenges posed by global warming. The decision of when to harvest grapes is vital for winemakers, and climate change is disrupting this delicate balance. In France, wine-growing regions have experienced shifts in their seasons due to global warming, with harvest dates moving up significantly. To adapt, winemakers are now using granular data from satellites to monitor the health and progress of vines in the changing climate. Startups like Ticinum Aerospace and TerraNIS are aiding vintners in using satellite technology to determine the optimal time for harvesting grapes. Beyond winemaking, satellite technology is poised to play a crucial role in global agriculture, especially as the world faces a food crisis exacerbated by climate change. Advanced satellite sensor technology can provide farmers with data about crop health, pest infestations, nutrient needs, and more, potentially transforming farming practices and mitigating the impacts of global warming on food production.
READ THE STORY: THN // The Record
Germany’s national bar association investigating ransomware attack
Analyst Comments: The cyberattack on BRAK is a stark reminder of the escalating threat of ransomware attacks on global professional entities. The magnitude of data exfiltration in this incident underscores the critical need for enhanced cybersecurity measures, particularly for organizations managing sensitive data. NoEscape's involvement and its expanding list of targets indicate a growing audacity in its cybercriminal endeavors. This incident serves as a pressing call to action for organizations worldwide to bolster their cybersecurity defenses, not only to thwart such attacks but also to safeguard their data, reputation, and stakeholder trust.
FROM THE MEDIA: The German Federal Bar (BRAK) Association, representing about 166,000 lawyers both within Germany and internationally, is investigating a cyberattack on its office located in Brussels. This attack, discovered on August 2, has been claimed by the NoEscape ransomware group. The hackers managed to encrypt BRAK's mail server and exfiltrated 160 gigabytes of data. While the organization is still ascertaining the full extent of the breach, it's operating under the assumption that significant information, especially communications from the Brussels office, has been leaked. Although BRAK maintains a separate email system for lawyers, which remains unaffected, the ransomware group has threatened to release the stolen data. Given the group's history, having targeted various entities including a Belgian hospital and manufacturing companies in the US and Netherlands since its emergence in May, the threat is significant.
READ THE STORY: The Record
Germany to cut Huawei from networks 'irrespective of costs'
Analyst Comments: Germany's decision to remove Huawei and ZTE from its telecom networks underscores the growing global concerns about the potential security risks associated with Chinese tech firms. The reversal in Germany's stance, especially given its earlier resistance to US pressure, highlights the evolving geopolitical landscape and the increasing scrutiny of Chinese tech companies. The financial implications of this decision will be significant, but it appears that security concerns are now taking precedence over economic considerations. This move also aligns Germany more closely with the broader EU strategy, which is pushing for a unified approach to cybersecurity and the exclusion of potentially risky equipment from critical infrastructure.
FROM THE MEDIA: Germany has made a significant policy shift regarding its stance on the use of Huawei and ZTE equipment in its telecom networks. The country is now committed to removing any systems from its telecom infrastructure that could pose a security threat, regardless of the associated costs. This decision marks a notable departure from Germany's position a few years ago when it resisted US pressure to exclude Huawei from its telecoms networks. Germany's Federal Minister of the Interior, Nancy Faeser, expressed disappointment with the country's network operators for not acting swiftly to remove equipment from companies perceived as security threats. The change in stance can be attributed to the new federal government that came into power in late 2021. The removal of Huawei, which accounts for about 60% of Germany's 5G network equipment, will be costly. The European Commission is also urging all EU member states to ban telecom equipment made by Chinese companies from their networks.
READ THE STORY: The Register
Russia and India Are Racing to Put Landers on the Moon
Analyst Comments: The renewed interest in lunar exploration by multiple countries signifies the moon's strategic importance, both scientifically and geopolitically. The moon's south pole, with its water ice and constant sunlight, is particularly valuable for future long-term missions and potential moon bases. Russia's return to lunar exploration after decades and India's rapid advancements in space technology showcase the evolving dynamics of the new space race. The geopolitical implications are evident, with countries aiming to establish a presence on the moon, not just for scientific exploration but also for national prestige and potential future resource utilization.
FROM THE MEDIA: Russia and India are both preparing to land robotic spacecraft on the moon within days of each other. Russia's Luna-25 lander is set to touch down on August 21, marking its first lunar mission in nearly 50 years. Meanwhile, India's Chandrayaan-3 is aiming for a landing on August 23, hoping to be India's first successful lunar lander after its predecessor failed in 2019. Both missions target the moon's south pole region, which holds significant interest due to the presence of water ice and "peaks of eternal light" that receive almost constant solar illumination. These features could be crucial for future missions and the establishment of moon bases. The race to the moon is now more crowded than the 20th-century competition between the US and the Soviet Union, with multiple countries and commercial entities vying for lunar exploration.
READ THE STORY: Wired
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection
Analyst Comments: The use of stealthy APK compression methods by threat actors underscores the evolving tactics in the cyber threat landscape. By leveraging unconventional methods, attackers can bypass traditional detection mechanisms, posing a significant risk to Android users. The fact that these apps were not available on the Google Play Store but were still found in the wild indicates the importance of users being cautious about where they download apps and the permissions they grant.
FROM THE MEDIA: Threat actors are employing Android Package (APK) files with unconventional or unsupported compression methods to bypass malware detection, as reported by Zimperium. The firm identified 3,300 artifacts in the wild using such compression techniques, with 71 of these samples being loadable on the operating system without issues. These apps were not found on the Google Play Store, suggesting they were distributed through alternative means, such as untrusted app stores or by tricking users into sideloading them. The APKs use a method that restricts the decompilation of the application by many tools, making them harder to analyze. These APKs can be installed on Android devices running Android 9 Pie or newer. The discovery follows Google's recent revelation that threat actors are using a "versioning" technique to bypass the Play Store's malware detection.
READ THE STORY: THN
Electronic Warfare is here to stay
Analyst Comments: The increasing reliance on the electromagnetic spectrum for military operations underscores the importance of electronic warfare in modern defense strategies. The projected growth of the EW market indicates its significance in the defense sector. The modernization efforts by major global players further emphasize the evolving nature of warfare and the need for advanced technological solutions. Cyber warfare's emergence as a critical aspect of defense strategies highlights the blurred lines between traditional warfare and digital threats. Governments and companies must prioritize cybersecurity measures to protect their assets and maintain operational integrity in this evolving landscape.
FROM THE MEDIA: Electronic warfare (EW) is a rapidly evolving sector with significant potential for growth in terms of technology and volume. As precision weapons, advanced communications, and reliance on systems vulnerable to electronic warfare increase, the importance of EW becomes more pronounced. EW involves detecting, interpreting, controlling, or disrupting signals in the electromagnetic spectrum, such as radar, radio, or infrared transmissions, to safeguard military assets from potential threats. Modern military operations heavily depend on the electromagnetic spectrum for communication, understanding the environment, target identification, and protection. The global Electronic Warfare Systems market was valued at $16,740 million in 2022 and is projected to reach $22,060 million by 2029, growing at a CAGR of 4.0% during the review period. Factors such as the Covid-19 pandemic and the Russia-Ukraine War were considered in these market estimations. North America is expected to dominate the market share due to rising insurgencies, territorial disputes, terrorism, and unrest in various nations. Countries like Russia, China, North Korea, and Iran are modernizing their EW equipment, which will further drive market growth.
READ THE STORY: Bizz Buzz
Items of interest
Saudi Arabia, UAE compete to buy Nvidia’s chip as global AI race heats up
Analyst Comments: Their focus on purchasing high-end chips from Nvidia underscores the importance of hardware in AI advancements. The move to develop independent AI models indicates a strategic shift from relying on established U.S.-based AI systems. However, the ethical concerns raised are significant, especially considering the potential misuse of AI in nations with questionable human rights records. The global AI race is not just about technological advancement but also about the responsible and ethical application of these technologies.
FROM THE MEDIA: Saudi Arabia and the United Arab Emirates (UAE) are reportedly vying to purchase Nvidia's high-end chips to advance their artificial intelligence (AI) capabilities. Both nations have shown a keen interest in leading the AI sector, investing millions of dollars. According to a report by the Financial Times, Saudi Arabia has ordered 3,000 of Nvidia’s latest chips, with the UAE matching this order. Each chip is priced around $40,000, making Saudi Arabia's total purchase worth $120 million. The nation aims to develop its own large language model (LLM) for generative AI and is in the advanced stages of creating a supercomputer. Both countries are making these acquisitions through state-owned enterprises. They are looking to establish their AI models independently, moving away from U.S.-based AI offerings like those from OpenAI or Google. The UAE's involvement in AI began in 2017 when it established an AI Ministry.
READ THE STORY: Coingeek
How Nvidia Won AI (Video)
FROM THE MEDIA: Nvidia, originally known for its dominance in the graphics card industry in the 1990s, transformed the graphics card into a powerhouse for Artificial Intelligence (AI). In 1999, they introduced the GeForce 256, the world's first Graphics Processing Unit (GPU). This GPU was capable of processing the entire graphics pipeline on a single chip, eliminating the need for data transfers with the CPU.
Mayo Clinic’s venture in UAE, Nvidia’s blockchain AI-driven platform, ClearDATA’s new product (Video)
FROM THE MEDIA: Mayo Clinic is collaborating with Abu Dhabi Health Services Company to upgrade a hospital in Abu Dhabi. They plan to introduce advanced medical technology, including robotic surgery, in Sharjah Booth Medical City. This partnership will make Mayo Clinic a stakeholder in the new operating company, aiming to bring a new level of medical technology to the region.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.