ICD Brief 11.
26.09.2016. – 02.10.2016.
The Department of Homeland Security on Saturday urged state election officials to seek assistance in boosting cyber security ahead of November’s elections after hackers tapped into voter registration systems in a small number of states.
In a statement, Homeland Security Secretary Jeh Johnson said 21 states have sought the Department’s assistance to improve cyber security. Johnson said hackers have been scanning state computer systems, a possible prelude to actual cyber attacks.
“The U.S. Cyber Challenge, an effort to ramp up the country’s training for in-demand cybersecurity professionals, is joining forces with an NSA-sponsored program to help students map out a career in the field. The new partnership offers users the chance to prove their expertise through taking part in competitions — considered essential by many in the field who are dubious that existing cybersecurity qualifications accurately measure hands-on ability.”
“A U.S. government bureau set up to do “secret” and “top secret” security clearance investigations has turned for help to a private company whose login credentials were used in hack attacks that looted the personal data of 22 million current and former federal employees, U.S. officials said on Friday. Their confirmation of the hiring of KeyPoint Government Solutions by the new National Background Investigations Bureau (NBIB) comes just days ahead of the bureau’s official opening, scheduled for next week.”
“Voter registration databases from all 50 states are being hawked on Deep Web marketplaces, an investigation by theInstitute for Critical Infrastructure Technology has found. Those databases could be used for all kinds of mischief, noted ICIT Senior Fellow James Scott, who collaborated with ICIT researcher Drew Spaniel on a study of voting system vulnerabilities. For example, an attacker could sour a candidate’s supporters by sending bogus robocalls, supposedly originating from the candidate, at 3 a.m.”
“The future of cybersecurity is difficult to predict. Attack surfaces change all the time, and attackers are constantly coming up with new ways to steal data and disrupt systems. However, in the chaos of it all, some patterns emerge. At the 2016 Structure Security conference, which took place from September 27-28 in San Francisco, security experts and vendors came together to discuss emerging trends and best practices. Here are some of the biggest takeaways from the event.”
“October is National Cyber Security Awareness Month (NCSAM). As the countdown to NCSAM begins, the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS), the co-founders and co-leaders of NCSAM, along with companies around the globe, are working to improve digital citizens’ awareness of the basic steps needed to stay safer and more secure online.”
“Despite billions in spending on cybersecurity, enterprise IT is less secure than it was 10 years ago, said Art Coviello, a venture partner at Rally Ventures. On Tuesday, at the first annual Structure Security conference in San Francisco, CA, Coviello explained the threat landscape facing enterprise IT and what needs to change.”
“The Department of Homeland Security (DHS) has selected a team led by The University of Texas at San Antonio (UTSA) to develop and deliver cybersecurity training through the Continuing Training Grants (CTG) Program. The team is led by UTSA’s Center for Infrastructure Assurance and Security (CIAS) in conjunction with four additional University partners making up the National Cybersecurity Preparedness Consortium (NCPC).”
“Israel’s second-largest public security company, CyberArk, said a survey it published recently showed that heightened awareness of cybersecurity threats among information technology professionals has failed to translate into greater success in defending against those threats.”
“The government approved on Tuesday the establishment of a national system to protect children surfing the internet. Henceforth, there will be one address for the public, which officials hope will lead to a significant drop in the number of victims of internet crimes. The system will be established under the auspices of the Internal Security Ministry as a combined civilian and police effort which will include headquarters, a national center, and a designated police unit to fight cyber-crime against minors.”
“NCSC is due to launch officially on 1 October 2016 and will help the healthcare sector deliver consistent quality of data security. The National Cyber Security Centre (NCSC) is set to launch officially on 1 October and will be open for business from 3 October. “The first sign that we are up and running will be the NCSC’s website, which is scheduled to go live on 4 October,” the NCSC’s Alison Whitney told the Cyber Security in Healthcare conference in London.”
“The UK’s spy agency GCHQ has launched a cyber security accelerator as part of a programme to create two “world-leading” innovation centres. The accelerator, based in Cheltenham, will see selected startups get a £5,000 grant and be able to work in the building. Startups wanting to be part of the centre’s first intake in 2017, have until October 17 to apply. The accelerator has been created by GCHQ in partnership with Wayra UK, part of Telefónica Open Future, and also the UK’s Department for Culture, Media and Sport.”
“The UK government is mandating the use of the Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol as well as HSTS and HTTPS as of Saturday in a major boost to its cybersecurity credentials. The Cabinet Office’s Government Digital Service will require the strongest DMARC policy to be the default for email services from 1 October.”
“Graeme Stewart, Managing Director of LogPoint UK and Ireland, discusses the lessons UK local government can learn from Danish councils on cybersecurity and compliance.
SIEM (Security Information and Event Management) technology is growing in popularity in Europe as it tackles the global challenge of security and compliance. Within the last year, local councils have increasingly become targets for data breaches and ransomware attacks, often with large fines attached. The biggest online threats to councils online include DDOS attacks, phishing, malware and ransomware, just to name a few.”
“London, and the UK generally, is waking up to the lucrative market of cybersecurity – both at home and abroad. Darktrace, founded by former Autonomy CEO Mike Lynch, was recently valued at $400 million, firmly putting the UK back on the cyber security map. Darktrace’s director, Emily Orton, tells WIRED, its success in attracting 300 staff is down to being able to “nurture talent in this country”.”
“The legislation which allowed the Lithuanian cabinet to establish the National Cyber-Security Center (NKSC) was passed last year, formally establishing the centre, but the new entity began its operations in July this year. The NKSC was set up through a transformation of the Lithuanian Defence Ministry’s Communications and Information Systems Service.”
“Dr. Joanna Świątkowska says that a comprehensive, multi-dimensional strategy in necessary for cyber-defence, and for Poland, the need for national defence is an opportunity to build an export business in cyber-security. As recently as 2007, the authors of Poland’s National Security Strategy claimed that the country does not face any serious military conflicts. Seven years later, the diagnosis is significantly different. The main reason for such a change is the conflicts that have taken place in international security – with Russian aggression against Ukraine at the forefront.”
The Czech Republic
“The European Union’s law enforcement agency, Europol, has warned of the relentless threat of cybercrime, identifying eight major trends in an annual report: from payment fraud to crime-as-a-service which it says could be accessed by terrorist groups. In recent years, the Czech Republic, like other countries has seen a rise in cyberattacks – doubling last year since 2012.”
“Prime Minister Justin Trudeau has directed his top security officials to discuss a cyber accord with China to help protect Canadian corporations from hackers. The Prime Minister’s national-security adviser, Daniel Jean, was sent to China earlier this month to co-chair the first in a series of meetings between the two countries’ public-safety officials. These talks have become the focus of controversy because they include a possible extradition treaty.”
“China has become one of the prime targets for hackers, thanks to the limited availability of encryption and security resources. The most common perception of Chinese hackers is that of state-backed operatives targeting foreign governments, which in some cases may be accurate. However, both the government, as well as businesses in China, are plagued by cyberattacks, costing the nation billions of dollars every year.”
“A new proposal in the European Union would locally address many of the controversies over an international export control agreement that includes the United States. The European Council proposed updates to the European Union’s export controls of militarized spyware on Wednesday. Those controls were a widely derided result of the annual 41-nation Wassenaar Arrangement of which the United States is part of.”
“A new report by the NATO Cooperative Cyber Defence Centre of Excellence (CCD COE) has detailed the evolving Chinese cyber-structures, showing developments in both internal governance of information and its self-named firewall and cyber-espionage activities. The report titled, “China and Cyber: Attitudes, Strategies, Organisation” is part of the NATO CCD COE series on national organisational models for ensuring cyber-security summarise national cyber-security strategy objectives and outline the division of cyber-security tasks and responsibilities between agencies.”
“The widespread popular belief, as well as the operating assumption of US law enforcement agencies, was that it was Russian hackers who broke into the computer network serving the Democratic National Convention, as part of a cyberattack aimed at Democratic Party institutions. Apparently, as a result of tensions between Russia and the US, a cyberwar is already underway that goes beyond the ongoing activities of intelligence gathering and espionage. Causing damage to the democratic process, perhaps by means of tendentious exposure of materials liable to affect the voting patterns of target groups, for example, is an act with very broad strategic implications. State systems are traditionally mobilized in times of emergency and kinetic warfare. However, the recent cyber events occurred in routine times, and Western states must internalize that the routine itself is a guise for a cyber campaign that has widespread strategic implications.”
“Asserting that the country has a comprehensive cyber doctrine in place, India’s Deputy National Security Advisor Arvind Gupta, however, underlined the need to keep updating it to keep up with the developments in the cyber space. The Deputy NSA also said that India, the second largest user of the medium now, needs to participate in rule making rather than just being a passing spectator. He noted that in few years, India will become the largest user of the cyber space in the world.”