ICD Brief 3.
01.08.2016. – 17.08.2016.
USA
How DARPA is training machines to protect its digital assets with the Cyber Grand Challenge
“An ongoing Defense Advanced Research Projects Agency (DARPA) project, one with a goal of using artificial intelligence to tackle security issues, is now beginning to bear fruit and may soon muscle out the human competition in these areas.”
FBI took month to warn Democrats of suspected Russia role in hack: sources
“The FBI did not tell the Democratic National Committee that U.S officials suspected it was the target of a Russian government-backed cyber attack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters.”
DHS may increase protections for voting systems to thwart hackers
“Homeland Security Secretary Jeh Johnson said Wednesday the federal government should consider designating the U.S. election process as “critical infrastructure” to give the voting system greater protection against cyber attacks.”
New Gozi Malware Heads for U.S. Financial Institutions
“Experts at buguroo Labs, a threat intelligence startup spun out of Deloitte’s European Security Operations Center, revealed these cyber criminals are honing their attacks in Poland, Japan, and Spain before launching in the U.S. and Western Europe.”
North America Cyber Security Market: Analysis and Forecast 2016 to 2022
“Research and Markets has announced the addition of the “North America Cyber Security Market: Analysis and Forecast (2016 to 2022)” report to their offering. Cyber crimes cost have reached around $100 billion in the country. Canada and Mexico globally stand at the 13th and 17th position respectively as major sources of cyber crimes. North America needs to build a strong resilience system for managing cyber crimes.”
Obama prepares to boost U.S. military’s cyber role: sources
“The Obama administration is preparing to elevate the stature of the Pentagon’s Cyber Command, signaling more emphasis on developing cyber weapons to deter attacks, punish intruders into U.S. networks and tackle adversaries such as Islamic State, current, and former officials told Reuters.”
IoT security suffers from a lack of awareness
“Gaining awareness of devices residing on corporate networks is the first step to building a viable security architecture for the internet of things. The problem? Most CIOs don’t know what’s on those networks.”
Black Hat volunteers fight to keep hacking mayhem at bay
“Black Hat is an annual conference in Las Vegas where cyber security researchers gather to trade hacking secrets. The purpose of the conference, in theory, is to get better at stopping bad guys. But in practice, that means learning to think like a skilled hacker as new techniques are presented and taught.”
Highlights from the Black Hat Hacker Conference
“Thousands of hackers and other cybersecurity professionals converged on Las Vegas on Wednesday for the annual Black Hat conference. Here are some highlights of the day’s events.”
The world’s best cyber army doesn’t belong to Russia
“National attention is focused on Russian eavesdroppers’ possible targeting of U.S. presidential candidates and the Democratic Congressional Campaign Committee. Yet, leaked top-secret National Security Agency documents show that the Obama administration has long been involved in major bugging operations against the election campaigns — and the presidents — of even its closest allies.”
Israel
Knesset Committee praises Israel’s cyber protection but raises concerns
“The Knesset Foreign Affairs and Defense Committee (FADC) published a report on Monday praising measures put forth by the government in the field of cyber-security, a field in which Israel is considered to be a global leader. The committee suggested guidelines for the administration of the new authority responsible for Israel’s cyber-attack preparedness, but also expressed concerns that the new body, the National Cyber Authority, would not fit in well with the existing security agencies.”
82% of global IT pros admit to a shortage of cyber-security skills
“On a global scale, the UK IT industry is the least satisfied with its education system. Only 14 percent of UK IT decision makers (ITDMs) feel that the UK education system fully prepares professionals for the cyber-security industry.”
UK
“iboss Cybersecurity, the only cyber security solution that detects and contains data breaches before a loss occurs, announces a partnership with not-for-profit organisation Jisc to provide leading web filtering and monitoring solutions to UK education and research organisations. The new partnership makes iboss the preferred supplier of cloud-based web filtering and monitoring for Jisc’s member organisations and their millions of users.”
Q& A: The UK government’s role in cybersecurity
“With the modern threat landscape more treacherous than ever, the government has a vital role to play in helping businesses protect UK citizens from cyber attacks. Following the launch of the National Cyber Security Centre, we spoke to Gordon Morrison, director of government relations at Intel Security, about how the government is supporting the cyber security industry in the UK and what more needs to be done.”
This security threat has hit almost half of UK businesses and it will get worse
“A new piece of research has found that approaching half of all businesses have been hit by a ransomware attack over the last year. The study from Malwarebytes questioned over 500 IT leaders from companies across the UK and Germany, as well as Canada and the US, and found that almost 40% said they’d experienced a ransomware attack during the past year.”
How Companies Should Prepare For Europe’s New Cybersecurity Rules
“Cyber breaches have dominated the headlines in the United States, with public companies, government agencies, universities, and now even political parties reporting attacks. No sector has been spared. Gazing across the Atlantic, however, the landscape appears dramatically and blissfully different. Virtually no large European company has publicly acknowledged a cyber breach. Is there an Iron Dome or magnetic force field protecting Europe against cyber attacks?”
The Chinese firm taking threats to UK national security very seriously
“In a deceptively humdrum office block on the outskirts of Banbury, Oxfordshire, a team of cybersecurity experts is working to combat the risk of surveillance and hacking attacks from China. The Cell’s technicians have the highest level of security clearance, with their personal and financial histories combed by investigating officers. Their work is overseen by a board that includes directors from GCHQ, the Cabinet Office, and the Home Office. They are employed by Huawei, one of China’s largest technology companies.”
Russia
How the Kremlin is sure to keep its fingerprints off any cyber attack
“ It has become something of a ritual over the past decade. Revelations of a cyber attack against a geopolitical foe of Russia, accusations from Western leaders, and then the inevitable Kremlin response: “Prove it.” The article explores the different methods used by Russia to cover its tracks.”
Russia Claims Western Hackers Stole Government and Defense Data
“The Russian intelligence service claims hackers penetrated computer systems in government agencies and defense companies after being accused by U.S. government officials of stealing data from the Democratic Party at the behest of Republican presidential candidate Donald Trump.”
China
This Chinese malware is making its creators $300,000 per month
“Advertisements on mobile devices aren’t just annoying, they can also be malicious. According to a report from cyber security experts, a Chinese group has spread malware to Android users that are generating over $300,000 per month in revenue.”
Security firm: Suspected Chinese malware targets PH
“Tensions in the South China Sea seemed to have escalated in cyberspace as a Finland-based security firm alleged that it has found evidence that a malware suspected from China is targeting Philippine agencies involved in the sea dispute.”
Chinese malware spying on the Philippines – security firm
“Malware traced by a security firm to China has been discovered to have spied on the Philippine government and other parties related to the territorial dispute in the West Philippine Sea. In a report released last week, Finland-based cyber security firm F-Secure identified the malware as NanHaiShu (translated as South China Sea rat), a Remote Access Trojan that can access information from infected computers to its command server.”
Iran
Hackers accessed Telegram messaging accounts in Iran – researchers
“Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters.”
Experts See Iranian Link in Attempt to Hack Syrian Dissident
“Syrian opposition activist Noura Al-Ameer was combing through her emails late one night when a message caught her eye. The sender was “Assadcrimes” and he promised information about Iranian meddling in the Middle East. But the email seemed odd.”
EU
Telefonica cyber chief calls for end to “isolated” security strategy
“Telefonica said it is the only operator so far to join the European Cyber Security Organisation, a newly formed body which aims to improve collaboration on security issues.”
NATO
US Think-Tank Suggests NATO Cyber-Attacks against Russia
“The Atlantic Council’s latest paper, alarmingly entitled ‘Arming for Deterrence: How Poland and NATO Should Counter a Resurgent Russia’. The recommendations put forward in this paper are the result of a deliberate decision (predicated upon the unfounded idea that Russia would initiate a military attack against Eastern European and Baltic nations), and that’s what makes its contents all the more disturbing.”