ICD BRIEF 52.
04.09.2017. – 10.09.2017.
I write to you on the 16th anniversary of 9/11 while trying to absorb the devastation of Harvey, Irma and Jose. Yet I wish that these disasters could inspire the resilience and amazing response from the government, business and so many individuals regarding cybersecurity.
Today, we face a more long-lasting challenge: awakening the global community to work together to organize and manage cyber’s critical infrastructure before it’s too late.
In May 2016, we launched The ICD Weekly Brief to engage a broad cross-section of thinking individuals (now in 42 countries) charting a global movement from plans to execution of laws, standards, new partnerships.
This year, we invite you our readers to join us online and in real time events to build a context that represents more than the cyber sphere’s parts. We’ll leave a few questions at the end of each edition with a link. Your thoughts can be on or off the record. Each month, we will publish a report summarizing your answers on our website.
You will join our International Expert Advisors both public and private sector, in demographics, defense, energy, ethics, finance, horizon scanning, insurance, law, telecommunications, transport, soft and hard sciences. They participate as speakers in ICD events and provide their insights, knowledge and experience to our work.
Today we begin with the overarching theme of Public-Private Partnerships.
Cyber Breach at Equifax Could Affect 143 Million Consumers
“An estimated 143 million U.S. consumers could be affected by a cybersecurity attack carried out by suspected criminal hackers, national credit-reporting company Equifax said Thursday.”
White House expands power grid war to include banks, Wall Street and telecom companies
“The war game that the government and utilities hold every other year to simulate attacks on the power grid is being expanded this year to include big banks, Wall Street, and the telecommunications industry.
The expansion of the GridEx IV security exercise in November comes as presidential advisers are scrambling to draft recommendations to protect infrastructure, noting that the electric sector has been a step ahead on public-private partnerships to address cybersecurity.”
Threat Intelligence Collaboration on the Rise
“Alien Vault, which surveyed 617 participants at Black Hat USA 2017, found that IT security professionals are changing their working practices in light of emerging threats such as polymorphic malware and ransomware that can evade traditional security solutions.”
Cyber Experts Were Blocked in their Push to Patch Voting Systems in 2016
“They knew Russian operatives might try to tamper with the nation’s electronic voting systems. Many people inside the U.S. government and the Obama White House knew.”
DHS Warns of 8 Cybersecurity Vulnerabilities in Smiths Medical Wireless Infusion Pumps
“The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (DHS ICS-CERT) on Thursday issued an advisory detailing eight cybersecurity vulnerabilities found in Smiths Medical’s Medfusion 4000 wireless infusion pumps.”
‘Dolphin’ Attacks Fool Amazon, Google Voice Assistants
“Voice-controlled assistants by Amazon, Apple and Google could be hijacked by ultrasonic audio commands that humans cannot hear, research suggests. Two teams said the assistants responded to commands broadcast at high frequencies that can be heard by dolphins but are inaudible to humans.”
Recent Enforcement Development and Trends Regarding China’s Cybersecurity Law
“Since the Cybersecurity Law of China took effect three months ago, various peripheral regulations have been published by the Cyberspace Administration of China (CAC) and other related agencies. These regulations have facilitated the interpretation and implementation of the Cybersecurity Law on different subjects, such as personal information protection, cross-border data transfer and related guidelines, security assessment for internet-based new businesses and protection of critical information infrastructure
Cyber Alert: EU Minsters Test Responses in First Computer War Game
“European Union defense ministers tested their ability to respond to a potential attack by computer hackers in their first cyber war game on Thursday, based on a simulated attack on one of the bloc’s military missions abroad.”
Putin Tells Russia’s Tech Sector: Ditch Foreign Software or Lose Out
“Russian technology companies will lose out on state orders unless they switch to using home-grown software, Russian President Vladimir Putinwas quoted as saying on Friday. Putin said that, in some spheres, state institutions could not work with companies running foreign software because that represented a risk for national cyber-security.”
Britain and Singapore to Deepen Financial Sector Links
“Britain and Singapore aim to deepen collaboration in the financial sector, including in areas related to market access, cybersecurity and fintech. This was one of the outcomes of the third UK-Singapore Financial Dialogue, held in Singapore on Thursday (Sept 7). Both sides exchanged views on domestic and international financial market developments and also discussed a broad range of areas including the global economy, regulatory developments, fintech and cyber-security.”
MIT and BU Researchers Uncover Critical Security Flaw in $2B Cryptocurrency IOTA
“IOTA, a $2 billion cryptocurrency that supports Internet of things (IoT) transactions, was shown to have “serious weaknesses” according to a report recently released by researchers at MIT and Boston University. ”
Improving the Public-Private Cybersecurity Partnership
By: Justin S. Daniel
“When you need help during an emergency, you call 9-1-1—and each of your first responders has a clear role to play and works together to achieve a common goal: ensuring your well-being. According to former U.S. Secretary of Commerce Penny Pritzker, that same type of coordinated response across the public and private sectors is exactly what “we need to defend our country against major cyber-attacks.”
Survey Highlights Cybersecurity Gaps Between Government and Private Sector
“The government appears to be lagging behind the private sector in preparing for cybersecurity threats. Recently released results from a January survey from the cybersecurity firm Netwrix help to illustrate just how wide the gap is. The survey, conducted annually with respondents around the world, found an increasing number of businesses, organizations and governments of all sizes are putting more resources toward cybersecurity.”