ICD Brief 2.
25.07.2016. – 03.08.2016.
USA
Obama puts FBI in charge of responding to cyber attacks
“A presidential directive signed by President ObamaTuesday will put the FBI in charge of responding to all cyber threats and give the federal government a more active role in investigating, preventing and mitigating attempts to hack into U.S.-based computer networks.”
U.S. issues first government guide on responding to cyber attacks
“The White House on Tuesday issued the U.S. government’s first emergency response manual for a major cyber attack, though some officials acknowledged it lacked clear guidance on possible retaliation against hacker adversaries.”
The Missing Cybersecurity Discussion
“The Wikileaks release of the DNC’s hacked emails is a source of outrage in the media, but we are missing the bigger picture. Cybersecurity is a serious threat to our national, corporate and personal well-being, and not just because some emails and voice mails were made public. What about all of the donors whose personal and financial information was included in that release? Sue Marquette Poremba’s opinion piece.”
New identity theft insurance is free for costumers
“In 2015, 13.1 million Americans were victims of identity theft, according to an Identity Fraud Study by Javelin Strategy & Research. New account fraud increased by 113% in 2015.The article explores the different ways how one can make sure that one’s identity is insured.”
12 Crucial Lessons to Be Learned From the Russian Hacking Scandal
“Once again, hacking is front and center in the news, a reminder that businesses and individuals need to fear the long reach of cyber theft. Here is a 12-point checklist – six steps for businesses and six for individuals – to enhance cyber security. ”
Three Steps to Create A Bulletproof Cybersecurity Strategy For Government Agencies
“The list of critical data stored by government agencies is endless. From credit card data, passport numbers, drivers’ license numbers and tax information, government agencies are storing vast amounts of data that create the perfect treasure trove for hackers to exploit.How can one make sure that this will not happen?”
Cybersecurity top of mind during pre-G20 trip to Beijing
“Cybersecurity negotiations were a key part of U.S. National Security Adviser Susan Rice”s recent trip to Beijing in an effort to strengthen U.S.-China relations ahead of this year”s G20 Leaders’ Summit.”
Cybersecurity firms are booming thanks to Russian hackers
“For cyberdefense firms, the new age of information warfare – and the ensuing climate of fear – has led to a flood of cash. Analysts at research firm Gartner says the security-software market climbed to $22 billion last year, with sales growing by $1 billion for three straight years.”
What to Do About Lawless Government Hacking and the Weakening of Digital Security
“The government should pay the same care to our safety in pursuing threats online, but right now we don’t have clear, enforceable rules for government activities like hacking and “digital sabotage.” And this is no abstract question—these actions increasingly endanger everyone’s security.”
Israel
SafeBreach raises $15M to test companies” cybersecurity from a hacker”s perspective
“SafeBreach, a cybersecurity startup founded in Israel, that simulates hacks on companies’ systems to help them identify holes, has closed a $15 million series A round from existing investors Sequoia Capital and Shlomo Kramer, with participation from new entrants Deutsche Telekom Capital Partners, Hewlett Packard Pathfinder, and Maverick Ventures.”
Israel’s Energy Ministry wants cyber security lab
“The Ministry of National Infrastructure, Energy, and Water Resources wants to establish a cyber laboratory and has published a request for information (RFI) on the subject. The new laboratory will act as a testing and simulation environment for industrial operations technologies, and can be used to examine the effectiveness of various protection systems.”
The Israeli model for beating “lone-wolf” terrorism
“Israeli authorities who have faced a wave of lone-wolf attacks by Palestinian Arabs say they have made progress in identifying potential assailants in advance, a challenge now also confronting Western nations. The article explores the “Israeli method” to stop such attacks. “
Israel not protected from DNC-style hacks under new Cybersecurity laws
“Laws in the pipeline to govern cyber defense will not protect Israel’s democratic process from foreign hackers, in a case similar to the hack of the Democratic National Committee’s emails, apparently by Russia, members of the Knesset Foreign Affairs and Defense Subcommittee on Cyber Security said Monday.”
US weighs costs of implicating in DNC cyber-attack
“Wary of a global confrontation with Russia, U.S. President Barack Obama must carefully weigh how to respond to what security experts believe was Moscow’s involvement in the hacking of Democratic Party organizations, U.S. officials said.”
UK
Cyber Security One of the Fastest Growing Sectors in the IT Industry
“Cyber Security jobs continue to rise at a fast rate in the UK, according to new research. As of June 2016, the number of jobs in cyber security has risen significantly by over 90 per cent since the same point in the previous year, positioning it as one of the UK’s most sought-after IT skills.”
Brexit: Impact on Data Privacy and Cybersecurity
“This note addresses the potential impact of Brexit on data privacy and cybersecurity legislation in the UK. It is one of a series of GTM Alerts designed to assist businesses in identifying the legal issues to consider and address in response to the UK”s referendum vote of 23 June 2016 to withdraw from the European Union.”
UK education system failing to support cyber security profession
“The UK’s IT industry is the least satisfied among its international peers that the country’s education system is supporting the cyber security profession, a report has revealed.”
UK security startup discovers one-stop-shop for cyber crime businesses
“UK information security firm Digital Shadows has discovered a service for setting up online shops that are perfectly suited for cyber criminals. This means there is effectively no barrier to setting up a cybercriminal business because all the necessary infrastructure and customer support is provided, eliminating the need for technical skills.”
The Government has some URGENT security advice for your PC
“The government is urging British businesses and consumers to ensure they keep their phones and computers updated with the latest software in an effort to lower the number of victims of cyber crime.”
Patchwork: China-themed cyber espionage group sets sights on UK enterprises
“Symantec has warned that China-themed cyber espionage group Patchwork has expanded and is now targeting UK-based companies. A report by the firm said that it has seen the group, also sometimes colourfully dubbed Dropping Elephant, using Chinese-themed content to lure victims to infected websites in the hope of installing malware on their devices.”
DNV GL’s UK cyber security laboratory fully accredited
“DNV GL’s centre of excellence for smart energy and cyber security testing expertise has achieved UKAS accreditation and CESG recognition. After several months of intense assessment, the newly-opened Technical Assurance Laboratory (DTAL) based in Peterborough has been accredited and recognised to offer Common Criteria and Commercial Product Assurance testing.”
Cyber-security not a priority for UK’s businesses
“Despite the constant warnings experts keep giving out to businesses concerning cyber-security, UK’s firms won’t be prioritising it in the next 12 months. This is according to a new quarterly survey by Close Brothers. Its key takeaway is that 63 per cent of companies decided not to invest in better security, while the other 37 percent decided to do so.”
Netherlands
Private-Public Partnership Launched to Combat Ransomware
“The public and private sector are now joining forces to stop ransomware as part of an international initiative to combat cybercrime. Groups participating in the project include Intel Security, Kaspersky Lab, the Dutch National Police, and Europol. “
China
How the Chinese Government Became the World”s Hacking Superpower
“There is a mantra among cybersecurity experts is that there’s only two types of companies: those that have been hacked by China, and those that don’t know they’ve been hacked yet. How did they China achieve this?”
More than 100 flight delayed due to cyber-attacks at Vietnam”s airports
“The cyber-attacks on Vietnam’s two major airports have affected more than 100 flights, dozens of which were delayed for up to one hour, the country’s aviation authorities said. The hackers, allegedly from China, took control of the flight information screens and displayed distorted information about the East Sea (South China Sea) and insulted Vietnam and the Philippines, according to authorities.”
Cabinet forms department for cyber security
“The Cabinet announced the formation of a new government agency dedicated to information security on Monday. The establishment of the Department of Cyber Security (資通安全處) will increase existing information security resources and will allow inter-ministerial coordination, said Cabinet spokesman Tung Chen-yuan (童振源).”
China Focus: Cyber regulation to better protect users’ interests
“A series of cyber regulations officially took effect Monday, as China aims to better protect online users’ interests and better guide the development of China’s Internet industry.”
Russia
How DNC, Clinton campaign attacks fit into Russia”s cyber-war strategy
“The well-timed leak of e-mails from the Democratic National Committee, following a long-running breach of the DNC”s network, is a masterful piece of information warfare. The leak may only be the beginning of an effort to shape the US presidential election, or it may be a backup plan triggered by the exposure of the long-running breach. But the hacking of the DNC and the direct targeting of Hillary Clinton are only parts of a much larger operation by Russia-based hackers who have breached a number of US government networks.”
By November, Russian hackers could target voting machines
“We have to accept that someone is attacking our nation’s computer systems in an apparent attempt to influence a presidential election. This kind of cyber attack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November — that our election systems and our voting machines could be vulnerable to a similar attack.”
Unleashing torrent of Cold War rhetoric, Russia denies hacking DNC
“The Kremlin has sharply denied the claims of U.S. officials and security experts that Moscow may have been involved in the hacking of Democratic National Committee emails, and said Thursday that it was “absurd” that Russia had infiltrated Hillary Clinton’s private server.”
Russia says spyware found in state computer network
“Russia”s intelligence service said on Saturday that the computer networks of 20 organizations, including state agencies and defense companies, have been infected with spyware in what it described as a targeted and coordinated attack.”
Russia has motive, capability, and form for U.S. email hack
“The Kremlin says it had zero involvement in the hacking of Democratic Party emails while U.S. officials say the hack originated in Russia. We may never know who is right, but one thing is for sure – Russia had motive, capability, and form.”
EU
EU data officials dissatisfied with final text of Privacy Shield agreement
“Data protection officials from European Union member states do not believe the European Commission’s “adequacy determination” issued in adopting the Privacy Shield framework for transatlantic data transfers resolves their original concerns, despite last-minute revisions by the U.S. Commerce Department and EU commission prior to its adoption. The member state data protection officials – under the auspices of the Article 29 Working Party – laid out their five remaining critiques of the final adequacy determination in a July 26 press release.”
NATO
NATO’s Quest for Cyber Solutions Highlighted at NITEC Conference
“As NATO grapples with mounting security threats—both conventional and irregular—the concerned alliance is tussling to deliver a unified strategy for information warfare and dominance in the face of increasingly sophisticated cyberspace technologies exploiting its vulnerabilities.”