ICD Brief 6.
20.08.2016. – 29.08.2016.
USA
CrowdStrike, other Cybersecurity Firms Integrating Industry Cooperative
“Some information security companies that were shut out of the leading system for sharing data on malicious software are revealing more about how their own systems work in hopes of rejoining the cooperative effort, a shift that should improve protections for customers throughout the industry. CrowdStrike, one of the most prominent young security companies threatened with exclusion from some shared services, said it has integrated part of its system for detecting malicious software with VirusTotal, the main industry repository for disclosing and rating risks of malware and suspect files.”
Despite Billions Spent on Cybersecurity, Companies Aren’t Truly Safe from Hacks
“Last year, private sector companies globally spent more than $75 billion on security software to safeguard their systems and data. That number is expected to grow about 7% annually, according to Gartner and other analyst firms. It doesn’t include all the massive amounts spent on fraud prevention by banks, a number that is widely underreported and expected to reach into the billions annually. But they are still not completely safe from hacks.”
Fitch: U.S. Cyber Insurance Premiums Total $1B Per New Supplemental Filing
“Fitch Ratings-Chicago-24 August 2016: Aggregating the cybersecurity statutory supplement data for the U.S. property/casualty (P/C) insurance industry finds that approximately 120 insurance groups reported writing cyber coverage in 2015 totalling approximately $1 billion in direct written premiums volume. Fitch analysed cyber insurance market share and performance in a new special report, ‘U.S. Cyber Insurance Market Share and Performance’ that analyses data from a new 2015 statutory supplement to compile company and industry statistics on cyber insurance. The largest writers according to Fitch’s analysis are American International Group, Inc. (AIG), accounting for approximately 22% of the market, Chubb Limited (CB) at 12%, and XL Group Ltd. (XL) at 11%. “
U.S. Banking Regulators Focused on Cyber Security After SWIFT Attacks
“U.S. banking regulators said on Wednesday they are focused on cyber security risks and controls for U.S. financial institutions after attacks earlier this year involving the global financial network known as SWIFT.”
U.S. Retailers Aren’t Investing in Cybersecurity Even as Breaches Persist
“As high-profile hacks like Target, Home Depot and Eddie Bauer show, U.S.-based retail stores are especially susceptible to damages caused by hackers. A new survey out Tuesday shows how much that damage usually amounts to. It also shows the consumers’ response to such breaches.”
Israel
How Israel Is Closing Down Online Terrorists
“The Israeli parliament adopted a new counter-terrorism law on June 15. According to the Ministry of Justice’s summary, the legislation will provide “law enforcement authorities with more effective tools to combat modern terrorist threats while incorporating additional checks and balances necessary to safeguard against unreasonable violations of individual human rights.”
In Israel, Cybersecurity Workers Earn Most
“In Israel, the cybersecurity industry is the most lucrative one to be in, Intel Corp. said in an eight-nation survey that also revealed an acute shortage of professionals that is driving up salaries in the sector.”
Israeli Firm to Set Up Cyber Security Academies in India
“Acting on the recent bilateral agreement on homeland security between Israel and India, a cyber security company from Israel, Vital Intelligence Group, announced on Wednesday that it will establish cyber security academies in the country. The firm is expected to kick off operations in Mumbai next April, following which the it will establish branches in New Delhi and Hyderabad. The academies will give defence training to the government and citizens.”
UK
UK is the Second Most Targeted Nation for DDOS Attacks
“The UK gets hit by 9.3 per cent of the world’s distributed denial of service (DDoS) attacks – second only to the United States. DDoS attacks deliberately overload a company’s network with fake traffic, primarily from bots, forcing it to come offline and preventing genuine users from accessing its websites or applications. The number of these attacks increased by 211 per cent in the last year, according to a report from cybersecurity firm Imperva.”
Baltics/Estonia
“On the occasion of Vice President Biden’s visit to Latvia, we, the United States of America, Estonia, Latvia, and Lithuania, reaffirmed their strategic alliance. Faced with an unpredictable security environment, they commit to deepening our cooperation and our efforts to ensure security and stability in the region, as part of NATO’s approach to collective defense.”
In Estonia, Merkel and Roivas Talk Russia and Internet
“Thursday’s visit to the St. Mary’s Cathedral in the Estonian capital, Tallinn, gave German Chancellor Angela Merkel a chance to look back on Europe’s history. On display, the cathedral has three letters Martin Luther wrote regarding the sending of preachers to Tallinn.”
France/Germany
Taking Stock of the New French-German Encryption Proposal
“France’s and Germany’s interior ministers teamed up on Tuesday to propose an EU law requiring tech companies to decrypt data for investigators. The proposal, which the European Commission will consider at a meeting next month, reflects deepening frustration with fragmented European counterterrorism operations and the investigative challenges posed by widespread encryption.”
China
Chinese Cyber Spies May Be Watching You, Experts Warn
“Cyber operations from China are still targeting and exploiting US government, defense industry, academic and private computer networks,” Mike Rogers, head of US Cyber Command said last April during testimony before a US Senate committee.”
China Sets New Tone in Drafting Cybersecurity Rules
“The committee under the government’s powerful cyberspace administration is in charge of defining cybersecurity standards. For the first time, the body earlier this year allowed select foreign companies— Microsoft Corp., Intel Corp., Cisco Systems Inc. and International Business Machines Corp.—to take an active part in drafting rules, rather than participating simply as observers, said people familiar with the discussions.”
Iran
Iran Looking to Enhance Cyber Capabilities
“While China and Russia have built up a robust profile in cyberspace, many are warning against Iran’s growing capabilities and behavior. Iran has been bolstering its cyber capabilities and activity to serve its interests.”
Iran Detects Malware in Petrochemical Plants, Says Not Linked to Recent Fires
“Iran has detected and removed malicious software from two of its petrochemical complexes, a senior military official said on Saturday, after announcing last week it was investigating whether recent petrochemical fires were caused by cyber attacks. The official said the malware at the two plants was inactive and had not played a role in the fires.”
Russia
FBI Investigating Russian Hack of New York Times Reporters, Others
“Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at The New York Times and other US news organizations, according to US officials briefed on the matter. The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies.”
Russia More Prey than Predator to Cyber Firm Wary of China
“While the West sees Russia as a cyber predator, hackers in the East increasingly view it as prey, according to online security company Kaspersky Lab, which says there’s been a sharp spike in attacks from China.”
EU
European Law Enforcement Seeking Smart Ways to Fight Cyber Crime
“Cybercrime continues to increase in volume and sophistication, but European law enforcement is fighting back, using collaboration and industry partnerships to compensate for a lack of resources. Cyber criminals are always likely to be better resourced than law enforcement. Now, national and regional police forces in Europe are switching tactics to even the odds.”
NATO
NATO to Spend €70 million on ‘cyber-refresh’
“More than a thousand industry representatives and NATO officials are expected to attend the NATO Information Assurance and Cyber Defence Symposium (NIAS) in Mons, Belgium, on 7, 8 September 2016, to learn about the Alliance’s future cyber-requirements. After hearing about NATO’s vision for its future cyber-defences, invitations for bids are expected to be released in 2017, and the first round of investments completed in 2018”
Feature
Confronting Cybersecurity Challenges Through US-Singapore Partnership – Analysis
“Cyber cooperation remains a prominent area of mutual interest between Singapore and Washington. Singapore’s Cyber Security Agency (CSA) and the US Department of Homeland Security (DHS) recently established a formal cybersecurity partnership. This agreement will improve bilateral cybersecurity and potentially create mechanisms for ASEAN nations to better address cybersecurity challenges.”