ICD Brief 40.
08.05.2017. – 14.05.2017.
Our lead this week is the WannaCry Cyber Attack to “freeze” more than 200,000 business computers for ransom in 150 countries with grave concerns for more tomorrow Monday, May 15.
USA
President Trump Signs Cybersecurity Executive Order
“President Trump signed a long-awaited executive order on Thursday designed to improve the nation’s cybersecurity. As U.S. government officials and networks have been hacked in recent years, Trump’s homeland security adviser Tom Bossert said the order is designed to fulfill the president’s pledge to “keep America safe, including in cyberspace.””
US Security Chiefs Target Russian Antivirus Company
“Top US intelligence chiefs on Thursday publicly expressed doubts about the global cyber-security firm Kaspersky Labs because of its roots in Russia. Six leading intelligence officials told a Senate hearing on external threats to the United States of their concerns over the firm’s broad presence, without specifying any particular threat.”
US Intelligence Chiefs Have Doubts About Cybersecurity Firm Over Its Russian Roots
DHS Dominates Government Infosec Awards
“Workforce issues were prominent as the Department of Homeland Security dominated the winners’ list Wednesday night at the 14th annual U.S. Government Information Security Leadership Awards ceremony. The awards, dished out by the International Information System Security Certification Consortium, or (ISC)², went to a slew of up-and-comers and veterans alike from the cybersecurity field in three U.S. agencies — but DHS dominated, with its staff or former staff winning four of six government slots.”
DHS S&T Transition to Practice Program Announces 2017 Cohort
“Eight new cybersecurity technologies developed by researchers at federally funded laboratories and academic research centers are ready for the commercial market. The Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Transition to Practice (TTP) program will showcase its 2017 cohort May 16 in Washington D.C.”
DHS Report Calls for Framework as Conclusion of a Study on Mobile Device Security
“Threats to the Government’s use of mobile devices are real and exist across all elements of the mobile ecosystem. The enhanced capabilities that mobile devices provide, the ubiquity and diversity of mobile applications, and the typical use of the devices outside the agency’s traditional network boundaries requires a security approach that differs substantially from the protections developed for desktop workstations. These are the conclusions of this study, presented to Congress as a joint effort of the Department of Homeland Security (DHS) in consultation with the National Institute of Standards and Technology (NIST) via the National Cybersecurity Center of Excellence, validated and supplemented by input from industry (vendors, carriers, and service providers), industry organizations, and academic researchers.”
Cybersecurity MOOC Cybrary Hits 1 Million Registered Users
“Free online cybersecurity training course provider Cybrary initially launched in January 2015. By April 2016, when the Greenbelt-based company raised a seed round of $1.3 million, its platform had around 500,000 registered users. It’s now clear that the company’s growth has gone into overdrive — it is celebrating one million registered users with a party later this week. We got on the phone with cofounder Ryan Corey to ask what’s behind all this growth.”
Australia
Alastair MacGibbon Confident in Australia’s Devolved Approach to Cybersecurity
“In Australia, the government operates under a devolved model where departments effectively run their own respective businesses. As a result, there is not a single overarching authority that oversees cybersecurity operations, with each government department essentially left to defend themselves.”
Budget 2017: Government Creates New Cyber Security Office
“The government will spend $10.7 million over four years to create a Cyber Security Advisory Office (CSAO). The CSAO will sit within the Digital Transformation Agency and “provide strengthened central governance and assurance for cyber security and broader project vulnerability across government,” budget documents state.”
Baltics/Estonia
Suspected Russia-Backed Hackers Target Baltic Energy Networks
“Suspected Russia-backed hackers have launched exploratory cyber attacks against the energy networks of the Baltic states, sources said, raising security concerns inside the West’s main military alliance, NATO. Lithuania, Latvia and Estonia, all members of NATO and the European Union, are on the political front line of tensions between the West and Moscow. The Baltics are locked into Russia’s power network but plan to synchronise their grids with the EU.”
China
“As the date of implementation of the China Cyber Security Law draws near, the Measures on the Security Examination of Network Products and Services was finalised and promulgated on 2 May 2017. The security examination measures will become effective 1 June 2017, that is on the same day that the Cyber Security Law comes into force. This is the first piece of regulations promulgated to support the implementation of the Cyber Security Law.”
EU
Chamber of Commerce Report Provides Recommendations for US-Eu Cybersecurity Cooperation
“The U.S. Chamber of Commerce recently released a report, which includes policy recommendations that would help align the United States and the European Union (EU), regarding frameworks, standards, and best practices for cybersecurity.”
European Commission Calls for a Swift Adoption of a Digital Single Market
“In today’s mid-term review communication the Commission has identified three main areas where further EU action is needed: (1) to develop the European Data Economy to its full potential, (2) to protect Europe’s assets by tackling cybersecurity challenges, and (3) to promote the online platforms as responsible players of a fair internet ecosystem.”
Changes to Cybersecurity Laws in the European Union and their Potential Impact on M&A Deals
“There have been two recent changes to cybersecurity laws in the European Union, specifically relating to the use of personal data of E.U. residents, which are further summarized below. M&A professionals will need to keep these two laws in mind when (a) a target company uses the personal data of E.U. residents in its ordinary course of business or (b) a U.S. acquirer needs to access the personal data of E.U. residents during the due diligence process.”
Germany
“After election hacks in the United States and France, Germany is worried it will be next. Four months before an election in which Chancellor Angela Merkel hopes to win another term, Germany’s national cyber security agency BSI warned political parties to shore up their computer defences. The head of Germany’s domestic intelligence agency last week accused Moscow of gathering a large amount of political data in cyber attacks, and said it would be up to the Kremlin whether to meddle in the Sept. 24 elections.”
India
India’s “Digital” Power System to Undergo Countrywide Cyber Security Audit
“India’s power distribution and generation system, which is being digitised by the government, is set to see a countrywide cyber security audit so that hacking in state grids and plants can be prevented. It was last week that state energy ministers held a conference piloted by Union power minister Piyush Goyal . All the participants then had agreed to the regular audits of their power systems . These audits would be done by agencies empanelled by the Computer Emergency Response Team (CERT-In), government’s cyber warrior belonging to the Department of Information Technology.”
India’s “Smart” Power System Up for Cyber Security Audit
Mumbai-Based Cyber-Security Startup Sequretek Raises Capital from GVFL and Unicorn India Ventures
“On Tuesday, Mumbai-based cyber-security startup Sequretek announced raising an undisclosed amount of funding as a part of their Series A round from GVFL and Unicorn India Ventures. The firm will use the funds for building on intelligence within their current product offerings while also looking to foray into newer markets within India and abroad.”
Israel
Former Cyber Intelligence Sleuths for Israel Now Work to Uncover Malicious Hackers
“Israel’s focus on national security for decades has created fertile ground for many former members of its famed intelligence agency to take their cyber-sleuthing and anti-hacking skills to the private sector. Outside the United States, Israel stands out for the large concentration of cybersecurity firms it has produced over the years — some of which, such as the Nasdaq-listed Check Point Software, have gone on to become global success stories.”
Israeli Cybersecurity Think Tank Brings Its Global Thought Leadership Event Series to Singapore
“Team8, Israel’s leading cybersecurity think tank and venture creation foundry, announced today it is co-hosting with Temasek, Singtel, CIO Academy and SGX its groundbreaking thought leadership series in Singapore. The global series currently held in four cities worldwide (New York, San Francisco, Tel Aviv and London) will gather prominent CIOs and CISOs to explore the rapidly evolving cyber technology arena.”
Increased Cyber Alertness in Israel’s Energy and Water Infrastructure
“In the wake of the massive cyber attack that hit 100 countries and thousands of organizations worldwide, the Ministry of Energy, the Israel Electric Company, the power plants and the energy and water infrastructure have carried out activities designed to strengthen the cyber security of the facilities. Israel is also preparing to deal with the cyber attack that hit 100 countries on Friday, disrupting public systems in various countries, and the Ministry of Energy on Saturday increased its cyber alertness in Israel’s energy and water infrastructure.”
Israel, Japan Launch New Cybersecurity Cooperation
“Israel and Japan signed in Jerusalem agreements to boost cyber security economic cooperation between the two countries, Israel’s Ministry of Economy and Industry said in a statement on Thursday. The two agreements were signed by Israeli Minister of Economy and Industry Eli Cohen and the Japanese Minister of Economy, Trade and Industry Hiroshige Seko in Jerusalem.”
Where Former Spies Go to Become Cybersecurity Startup Founders
“In a half-constructed lot in Fulton, Maryland, behind a nondescript strip mall, sits a unique startup development firm with a team comprising former intelligence officers, hackers and tech industry insiders. The brainchild of SEAL Team 6 alumnus Mike Janke, CIA officer-turned-entrepreneur Steven Witt and Silicon Valley money man Bob Ackerman, DataTribe is in the business of turning one-time spies into successful startup founders.”
NATO
Russia-Linked Hackers Impersonate NATO in Attempts to Hack Romanian Government
“An elite hacking group linked to the Russian government masqueraded as a NATO representative to send a barrage of phishing emails to diplomatic organizations in Europe, including Romania’s Foreign Ministry of Affairs, documents show.”
UK
F-Secure Expands Its Cyber Security Business in the UK
“Cyber security company F-Secure today announces it has acquired Digital Assurance – a UK based security consultancy firm offering information security assessment services to governments and companies in the financial, petrochemical, retail, communication, and defense industries. The acquisition will allow F-Secure to combine its award-winning endpoint protection and new cyber security solutions and services with Digital Assurance’s current offerings. This will make it easy for UK-based organizations to address their cyber security needs with the help of a single vendor.”
Insurance
Experts Expect Simultaneous Cyber Attacks on Multiple Firms
“Nine in 10 global cyber security and risk experts believe that cyber risk is systemic and that simultaneous attacks on multiple companies are likely in 2017, according to a study by American International Group. More than half of survey respondents say a simultaneous attack on five to 10 companies is highly likely in the next year. More than one-third estimate the likelihood of a simultaneous attack on as many as 50 companies at greater than 50 percent. Twenty percent see an even greater threat, predicting a better than even chance that as many as 100 companies will be attacked.”
Hacking Insurance “Surges” Amid Cyber Crime Fears
“Fears about hacking and data breaches are contributing to the growing market for cyber insurance policies.Indeed, such is the concern about online crime among organisations that the insurance market for cyber protection could triple to $10bn (£7.7bn) by 2020, according to figures from reinsurer Munich Re.”
Advice to Cyber Insurance Buyers: You Are Not Alone
“The cyber insurance market continues to evolve, and the number of companies buying cyber insurance continues to expand. What’s more, that expanding cyber market offers a wide variety of coverage terms at different price points. But companies interested in securing cyber insurance should know that the underwriting process requires careful diligence on their part. CFOs and risk managers need to have a firm grasp of the processes insurers use — not only to price a policy but also to determine whether they will agree to underwrite the risk at all.”
WannaCry Cyber Attack
FedEx Targeted in Cyber Attack as Hackers Hit Companies Across Globe
“Memphis-based FedEx said Friday it was taking steps to recover from a cyber attack on some of its Windows-based information technology systems. FedEx was one of numerous companies around the world that were reportedly hit by a worldwide ransomware campaign.”
US Security Officials Meet to Discuss Global Cyberattack Using Leaked NSA Tools
“Senior U.S. intelligence officials from various government agencies met late today to see what, if anything, they could do to stop the sophisticated global cyberattack using leaked NSA tools that is spreading across the globe, a senior U.S. official tells ABC News.”
Hackers Use Tools Stolen from NSA in Worldwide Cyber Attack
“Hackers used cyberweapons stolen from the US National Security Agency to strike organisations across the globe on Friday, from the UK’s National Health Service to European telecoms company Telefónica and FedEx of the US, the Financial Times has learnt.”
Australian Government Monitoring Cyber Attack
“The federal government is working to find out whether a massive global malware attack has affected any Australian organisations. Computer systems at companies and hospitals across the world were attacked on Friday, apparently part of an extortion plot. There are no confirmed reports Australian organisations have been hit.”
Cyber Attack Hits German Train Stations as Hackers Target Deutsche Bahn
“Germany’s rail network was thrown into chaos on Friday night when it fell victim to the cyber attack roiling the world. Hours after NHS hospitals were left crippled by the attack, Deutsche Bahn became the hackers’ latest high profile victim.”
Indian Companies and Government Institutions Hit by Massive Global Cyber-Attack
“A bunch of Indian companies were infected by the ransomware WannaCry as a massive cyber-attack hit PCs across 99 countries. Amongst the India companies affected by the malware were two South India banks, two Delhi-based Indian manufacturing companies, one manufacturing unit of a MNC, corporate headquarters of a Mumbai-based conglomerate and a Mumbai-based FMCG company. Over 100 PCs of Andhra Pradesh police have also been affected. “
Hacking Attacks Has Security Experts Scrambling to Contain Fallout
“Governments, companies and security experts from China to Britain on Saturday raced to contain the fallout from an audacious global cyberattack amid fears that if they do not succeed, companies will lose their data unless they meet ransom demands. The global efforts come less than a day after malicious software, transmitted via email and stolen from the National Security Agency, exposed vulnerabilities in computer systems in almost 100 countries in one of the largest “ransomware” attacks on record.”
Nations Respond to Biggest Extortion Cyberattack Ever Recorded, New Attacks Feared
“A global cyberattack described as unprecedented in scale forced a major European automaker to halt some production lines while hitting schools in China and hospitals in Indonesia on Saturday, though it appeared to die down a day after its launch. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, the cyber assault has infected tens of thousands of computers in nearly 100 countries, with Britain’s health system suffering the worst disruptions.”
UK Cyber Security Researcher Slams Brakes on Virus
“It is not often that you can halt a global hacking attack for a tenner. But when you do, you spend your money fast. Although Friday’s attack infected computers in almost 100 countries, it did not go on to spread further, thanks to an eagle-eyed UK security researcher who spotted a “kill switch” in the malware code and used it to stop the virus and collect data on infections in real time.”
Cyber-Attack: Europol Says It Was Unprecedented in Scale
“A cyber-attack that hit organisations worldwide including the UK’s National Health Service was “unprecedented”, Europe’s police agency says. Europol also warned a “complex international investigation” was required “to identify the culprits”. Ransomware encrypted data on at least 75,000 computers in 99 countries on Friday. Payments were demanded for access to be restored.”