ICD Brief 37.
This week’s Brief brings some surprises from Australia, Brazil, Israel and North Korea as well as news from the USA, EU, France, Sweden and the UK.
US cyberattacks may be bringing North Korean missiles down
“Experts are suggesting the in-flight failure and crash of the missile launched by North Korea on Wednesday could have been the result of a “left-of-launch” attack by the United States.”
Senate warned cyber threat to power grid “at an all time high”
“The potential for a major cyber attack against the nation’s power grid is “at an all- time high,” Gerry Cauley, president of the grid operators group North American Electric Reliability Corporation, warned during a Senate hearing Tuesday. While acknowledging hackers had yet to shut down power to U.S. power customers, Cauley pointed to a 2015 attack in Ukraine that resulted in 225,000 customers losing power for several hours.”
Fitzpatrick & Boyle Introduce Bipartisan Ukraine Cyber Security Bill
Congressmen Brian Fitzpatrick (PA-8) and Brendan F. Boyle (PA-13) introduced the Ukraine Cybersecurity Cooperation Act Thursday – legislation to encourage cooperation between the United States and Ukraine on matters of cybersecurity and require State Department reporting to Congress on best practices to protect against future cyberattacks.”
Israeli cyber security leader sets up in Victoria
“CyberGym has announced it will relocate its global headquarters to Melbourne, generating 60 new full-time jobs over the next three years.
The cyber defence organisation, half-owned by the multibillion-dollar Israel government’s Israel Electric Company (IEC), provides IT security services and real-world cyber defence training to help organisations significantly improve their cyber security.”
Cybercriminals Seized Control of Brazilian Bank for 5 Hours
“Cybercriminals for five hours one day last fall took over the online operations of a major bank and intercepted all of its online banking, mobile, point-of-sale, ATM, and investment transactions in an intricate attack that employed valid SSL digital certificates and Google Cloud to support the phony bank infrastructure.”
Cripple encryption and you weaken global and national security
“In the midst of the hullabaloo last week over Brexit and article 50 trigger-pulling, not many noticed that EU Commissioner for Justice Vera Jourová proposed the EU-wide introduction of encryption backdoors for popular social apps such as WhatsApp.”
Two new European initiatives aim to improve aviation cybersecurity
“Airbus CyberSecurity, a unit of Airbus Defense and Space, has joined forces with SITA to launch a cybersecurity initiative specifically targeted at the air transport industry.
The new incident-detection Security Operations Center Services have been customized for the specific needs of the air transport industry to alert airlines, airports, and other stakeholders about unusual cyber activity that could impact their businesses.”
Under threat, France grooms army hackers for cyber warfare
“Huddled around their computers, two dozen French 20-somethings have been typing away feverishly for seven hours. Their objective is clear. Eliminate a virus crippling the systems of a government environmental agency.
“Mission accomplished! They have done what they were asked to do. Analyze, identify and then develop a code that wipes it out,” says Patrice, a French military officer testing potential recruits at a cyber defense center in western France.”
Israel’s Cyber Warfare Outfit – Unit 8200 – Gets New Commander
“Unit 8200, the cyber warfare organisation in the Israeli Defence Forces (IDF), has a new commander. Identified only as Brigadier-General ‘K’, he replaced Brigadier-General ‘S’ at a change-of-command ceremony at the Unit 8200’s home base at Gelilot, north of Tel Aviv.”
Israel Braces for Annual Cyber Attack by Anonymous-Led Hackers
“As Israeli authorities and companies brace for an annual cyber attack expected this Friday, the country’s capability to thwart website defacements and data pilfering attempts will be put to the test.
“’There is a nice twist,” Dudu Mimran, the CTO of Telekom Innovation Laboratories at Ben-Gurion University of the Negev and BGU Cyber Security Labs, told The Jerusalem Post on Wednesday. “It’s kind of a training for Israelis.”
NK eyes cash via cybercrimes to tide over sanctions: diplomat
“North Korea is getting more dependent on cybercrimes and other illegal activities to secure foreign currency needed to finance the country’s development of weapons of mass destruction, South Korea’s vice foreign minister said Tuesday.
“North Korea is trying to use its illicit cyber activities to bypass the tightened sanctions and bring in cash to finance WMD development,” Vice Foreign Minister Ahn Chong-ghee said in his opening speech to the Inter-Regional Conference on Cyber-ICT Security in Seoul. “
UK and Swedish watchdogs warn of international cyber attack
“A large-scale cyber attack from a group targeting organizations in Japan, the United States, Sweden and many other European countries through IT services providers has been uncovered, the Swedish computer security watchdog said on Wednesday.”
Security researchers uncover new global cyber espionage campaign
“There is a new, global cyber espionage campaign, and this one demonstrates a “new level of maturity.” This is according to a new report by PwC and BAE, released after consultation with other cyber security experts, including the UK’s National Cyber Security Center.”
A Hacker’s Perspective on Cyber Security
“Just like cyber security professionals are constantly looking for ways to develop better and more secure software programs, hackers are always staying on top of the newest updates to overcome the latest defenses. To understand the importance of cyber security and how to stay ahead of hackers, it can be helpful to look at things from the opposite point of view—a hacker trying to get into your business’s system.
A recent Nuix Black Report surveyed 70 of the world’s best professional hackers and found that 88 percent of hackers can break into their desired system and get through cyber security defenses in 12 hours or less. It only takes an additional 12 hours for 81 percent of hackers to find and take valuable data.”