ICD Brief 47.
26.06.2017. – 02.07.2017.
Welcome to a Special Edition of the ICD Brief.
In addition to our weekly updates, we bring you a France 24 news video on France’s war on cyber attacks.
Cyber related news dominates the global media landscape. Yet there is little practical information available to individuals and institutions in the event of a cyber incident. Why?
At the heart of France’s war on cyber attacks demonstrates how the media can become an invaluable partner in educating the public.
Does this flood of facts help educate the public? What is media’s role in building public awareness? What are some successful examples?
We start our inquiry with two highly respected experts: former Chief Security Officer, State of Michigan Dan Lohrmann and international cyber journalist Rob Pegoraro.
A positive review from Dan Lohrmann: “Great video. I think the US news media can do much more to educate Americans in the same way this France-24 video covers recent cyberattacks in France.
There are occasional pieces on hacking in the US mainstream media, offered on shows like 60 Minutes covering the hacking of cars. However, by and large, more deeper dives like this France-24 piece are needed here in the US.”
Rob responds: “This is something I’ve thought a lot about (for instance, in this Yahoo Finance post from a few months ago). There are two things I want every story about cybersecurity to convey:
1) Hacks don’t just happen. There’s always a software vulnerability, a configuration screw-up, or a successful social-engineering exploit that made them possible—but if stories don’t identify what went wrong, they’ll leave most readers stuck at learned helplessness.
2) You’re not powerless to stop hacks *if you do the right things.* If you let your computer or mobile device install its updates automatically, set up two-step verification and use a password manager, you will vastly reduce your attack surface. But if your response is to change your password every few weeks, like that Facebook user in the France24 story, you’re not helping yourself much at all. “
Next week, we’ll interview Senior Security Consultant Ben Rothke,CISSP, PCI QSA and hear how reporters are gearing up to cover cyber issues at The National Press Club’s Journalism Institute in Washington DC.
Transnational
Cyberattack Hits Ukraine Then Spreads Internationally
“Computer systems from Ukraine to the United States were struck on Tuesday in an international cyberattack that was similar to a recent assault that crippled tens of thousands of machines worldwide. In Kiev, the capital of Ukraine, A.T.M.s stopped working. About 80 miles away, workers were forced to manually monitor radiation at the old Chernobyl nuclear plant when their computers failed. And tech managers at companies around the world — from Maersk, the Danish shipping conglomerate, to Merck, the drug giant in the United States — were scrambling to respond. Even an Australian factory for the chocolate giant Cadbury was affected.”
USA
Concern Raised About Duplication of Cybersecurity Centers
“A new health information cybersecurity center based in HHS could duplicate the cybersecurity center already established in DHS, the bipartisan leaders of the Senate Homeland Security and Governmental Affairs Committee have said. In its fiscal 2018 budget documents, HHS said the new Health Cybersecurity and Communications Integration Center will serve as a central point for information sharing in the healthcare sector across the government to assess cyber threats and to respond.”
US Announces Partnership with Israel on Cybersecurity
“The United States and Israel announced plans June 27 to cooperate on cybersecurity issues. Thomas Bossert, assistant to the president for Homeland Security and Counterterrorism, announced the new levels of cooperation between the two countries on domestic and international cyber policy, critical infrastructure protection, research and development, and workforce development.”
Australia
Australia’s Three-Pronged Cybersecurity Strategy
“Special adviser to the Prime Minister on cybersecurity Alastair MacGibbon has outlined the country’s high-level cyber security strategy. At CSIRO’s D61Live event — organised to coincide with Data61’s first birthday — MacGibbon outlined the three aspects of the national cyber security strategy.”
Baltics/Estonia
Ansip: Estonia Isn’t Perfect Enough to Teach Other Countries Tech
“Andrus Ansip told EURACTIV.com in an interview that Estonia’s digital success can’t be copied everywhere and the 2007 cyber security attacks there would have been worse if EU countries hadn’t shared information to help out.
Andrus Ansip is vice-president of the European Commission. He was prime minister of Estonia until 2014. Ansip spoke to EURACTIV in Tallinn as Estonia started its six-month EU Council presidency.”
China
China and Canada Strike Corporate Hacking Deal
“China has signed an agreement saying it will stop conducting state-sponsored cyberattacks aimed at stealing Canadian private-sector trade secrets and proprietary technology. This industrial espionage accord was worked out this past Friday during high-level talks in Ottawa between senior Communist Party official Wang Yongqing and Daniel Jean, the national security and intelligence adviser to Prime Minister Justin Trudeau.”
NATO
NATO Warns Cyber Attacks ‘Could Trigger Article 5’ as World Reels from Ukraine Hack
“A cyber attack against any member state would trigger Article 5 – Nato’s mutual defence clause – the alliance has warned after a massive computer hack paralysed government ministries and dozens of businesses in Ukraine before spreading around the world.”