Wednesday, November 24, 2021

Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets

 Russell Krupp, special counsel of Morrows Legal, has been named an accredited specialist in tax law by the Law Institute of Victoria (LIV) – a nationally recognised accreditation set to identify thought leaders and experts in taxation law. Mr Krupp is one of only 10 accredited in Victoria.

Krupp: Former ATO tax adviser receives LIV accreditation

Digital transformation – Australia as a world leader Jeremy Hirschhorn, Second Commissioner, Client Engagement Paper delivered to the 2021 Pearcey Oration and Victorian Entrepreneur Award

Service NSW is planning to introduce face verification technology across its digital channels, as the one-stop shop for government services looks to make it easier for customers to prove their identity and stamp out fraud.

Service NSW to bring facial verification to digital channels

Accenture has helped create a new passenger declaration system for the Australian government, leveraging technology from ForgeRock. 

Accenture deploys Aussie passenger identity cards using ForgeRock

Lifestyle is a concept that only the rich, and Tory MPs can afford, apparently

The ability of Tory MPs to shock with their stupidity is, it seems without limit. Here Andrew Rosindell MP tells Newsnight that great care must
Read the full article…

It is but a short step from The Telegraph’s article on children dying from Covid to something very sinister indeed.

Posted on November 12 2021

I am far from alone in being horrified by the Telegraph article and headline, summarised in the Tweet: The reality is that 108 children have
Read the full article…

Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets - The Atlantic Council: “State cyber capabilities are increasingly abiding by the “pay-to-play” model—both US/NATO all and adversaries can purchase interception and intrusion technologies from private

firms for intelligence and surveillance purposes. 

NSO Group has repeatedly made headlines in 2021 for targeting government entities in cyberspace, but there are many more companies selling similar products that are just as detrimental. These vendors are increasingly looking to foreign governments to hawk their wares, and policymakers have yet to sufficiently recognize or respond to this emerging problem. Any cyber capabilities sold to foreign governments carry a risk: these capabilities could be used against individuals and organizations in allied countries, or even in one’s home country.  Because much of this industry operates in the shadows, research into the industry in aggregate is rare. This paper analyzes active providers of interception/intrusion capabilities within the international surveillance market, cataloguing firms that have attended both ISSWorld (i.e., the Wiretapper’s Ball) and international arms fairs over the last twenty years. This dataset mostly focuses on Western firms and includes little on Chinese firms, due to historical under-attendance of Chinese firms at ISSWorld. 

However, the overarching nature of this work will help policymakers better understand the market at large, as well as the primary arms fairs at which these players operate. This paper identifies companies explicitly marketing interception/intrusion technology at arms fairs, and answers a series of questions, including: what companies are marketing interception/intrusion capabilities outside their headquartered region; which arms fairs and countries host a majority of these firms; and what companies market interception/intrusion capabilities to US and NATO adversaries?  The resulting dataset shows that there are multiple firms headquartered in Europe and the Middle East that the authors assess, with high confidence, are marketing cyber interception/intrusion capabilities to US/NATO adversaries.

 They assume that companies offering interception/intrusion capabilities pose the greatest risk, both by bolstering oppressive regimes and by the proliferation of strategic capabilities. Many such firms congregate at Milipol France, Security & Policing UK, and other arms fairs in the UK, Germany, Singapore, Israel, and Qatar.  The authors found that 75 percent of companies likely selling interception/intrusion technologies have marketed these capabilities to governments outside their home continentFive irresponsible proliferators—BTT, Cellebrite, Micro Systemation AB, Verint, and Vastech—have marketed their capabilities to US/NATO adversaries in the last ten years. This paper categorizes these companies as potentially irresponsible proliferators because of their willingness to market outside their continents to nonallied governments of the United States and NATO—specifically, Russia and China. By marketing to these parties, these firms signal that they are willing to accept or ignore the risk that their products will bolster the capabilities of client governments that might wish to threaten US/NATO national security or harm marginalized populations. This is especially the case when the client government is a direct US or NATO adversary…”

Commonwealth Bank CEO Matt Comyn has defended his move to offer cryptocurrencies to millions of customers from scepticism and concern expressed by senior regulators, saying private digital money is likely to become a permanent part of the financial system and CBA wants to influence regulation built up around it.

CBA boss defends crypto move against regulators’ concerns

CBA’s crypto police will work with regulators to target crooks

James Eyers
James EyersSenior Reporter

The company protecting Commonwealth Bank from crypto risks has a message for Australian regulators struggling with the emerging area: it is not the terrifying, lawless, opaque landscape you are imagining.

Chainalysis, which also counts the US Federal Bureau of Investigation and Internal Revenue Service as clients, is extending an olive branch to nervous Australian regulators after opening an office in Canberra.

By helping to identify criminal activity and money laundering using cryptocurrencies, official surveillance can protect the vast majority of genuine investors and operators in decentralised computer networks, which are developing new business models for the internet.

“A lot of our work is around education and, being based in Canberra, there will be questions of discovery,” said Todd Lenfield, Chainalysis’ country manager in Australia and NZ.

“We want to have conversations with AUSTRAC about what are they looking to regulate and explain to the tax office the lessons that can be learned from what the IRS is doing. We can take experience we have got in the space, and provide a local flavour.”

When CBA jumped into the crypto deep end, confirming it would add ten crypto coins to its banking app next year, it pointed to Chainalysis helping to monitor compliance with strict ‘know your customer’ (KYC) and anti money laundering obligations, which felled CBA in 2018. It also works with Barclays in the UK; the US immigration and customs department, and Drug Enforcement Administration (DEA); and Europol, Europe’s law enforcement agency.

 US authorities have been clamping down on nefarious activity in the space. Chainalysis was involved in the investigation Russia-based OTC broker Suex which was targeted by the US Treasury department for allegedly allowing hackers to access cryptocurrency used to pay for ransomware attacks. However, criminal activity overall is low.

Its annual Crypto Crime Report is the key global source of analysis on the levels of illicit activity in the crypto economy and the 2021 report found that in 2020, just 0.34 per cent of all cryptocurrency transactions, or $10 billion in volume, were associated with illicit activity. This was down from 2.1 per cent, or $21 billion in transfers, in 2019, as legitimate activity surged.

In the eight months to the end of August 2021, the Australian Competition and Consumer Commission received 3007 reports of scams involving cryptocurrency investment, with losses of $53.2 million.

Chainalysis also works with Australian crypto exchanges Coinspot and Coinjar, which are regulated by AUSTRAC. Investigating the history of a particular bitcoin or other crypto asset can ensure it does not trace back to some illicit source.

Treasury is considering law reforms proposed by the Senate Select Committee on Australia as a Technology and Financial Centre to bring crypto-exchanges under a special licensing regime to lift consumer protections.

Financial Services Minister Jane Hume at the AFR Super & Wealth Summit on Monday. “We should tread cautiously, but not fearfully” on cryptocurrencies, she said. Louie Douvis

Mr Lenfield said Australian regulators should not be fearful about the complexities of regulating around blockchain. Indeed, the technology’s transparency could enhance regulator’s ability to track dodgy funds.

“Decisions governments or organisations make can be based on information that we have classified,” he said. “From an information perspective, it is about giving them some visibility into transactions that are taking place on the blockchain.

“With blockchain, you are not limited by [looking at] a single bank transaction. In blockchain, we can continue to monitor forever, and you can do a discovery piece to get more information around a payment.”

  The US-based company – which was valued at $US4.2 billion during a capital raising in June that was led by Coatue Management, a big Afterpay investor – has appointed two staff members in a new office in Canberra. It has three staff in Sydney and one in Brisbane.

Tax authorities will focus more aggressively on crypto if the government acts on the Senate select committee’s recommendation for the Capital Gains Tax (CGT) regime to be amended “so that digital asset transactions only create a CGT event when they genuinely result in a clearly definable capital gain or loss”.

With ASIC chairman Joe Longo telling crypto investors they are on their own, Senator Hume said on Monday that when responding to crypto the country “should tread cautiously, but not fearfully.” She said decentralised finance underpinned by blockchain technology will “present incredible opportunities” and “Australia mustn’t be left behind by fear of the unknown”.

Well positioned

Chloe White, the former national blockchain road map leader in the federal Department of Industry who has created a new consulting group, Genesis Block, said Chainalysis is well positioned to provide crypto intelligence to regulators.

“In the past, there has been talk from industry that regulators might run a ‘node’ on the blockchain, but they didn’t want to hear that,” Ms White said.

“It makes a lot of sense for Chainalysis to take care of a lot of the monitoring. They have the expertise, and they scan the blockchain globally. Regulators will need to maintain skills and knowledge and adapt, but it might not make sense for them to be doing the detailed blockchain analysis themselves.”

For banks like CBA, Mr Lenfield said a key focus was protecting reputation.

“People have seen the value in crypto, and are looking to get involved. But they want to do it safely and securely,” he said. “A lot of the risk [banks] carry is reputational. We can provide information to a trusted entity about the visibility of transactions happening on chain, so they can make policy decisions on how they want to work with it.”