ICD Brief 64.
27.11.2017.-03.12.2017.
This December, we look at how nations, business and academe are responding to the changing nature of threats where the cyber dimension alters key requirements to sustain security and incentivize innovation.
Updates range from improved government efficiencies: [US] All Major Agencies Will Be on Federal Cybersecurity Dashboard by February; to advancing cybersecurity measures: New EU Rules Increases Competition and Security Between Banks and Fintech; stunning innovations: DARPA Launches Program to Transform Plants into Silent Sentinels to prosecution: Siemens, Trimble, Moody’s Breached by Chinese Hackers, US Charges and the overt: NATO Mulls “Offensive Defense” with Cyber Warfare Rules .
Highlighted for special attention is the GLOBSEC report: Future War NATO? From Hybrid War to Hyper War via Cyber War by General (Ret.d) John Allen, General (Ret.d) Philip M. Breedlove, Professor Dr Julian Lindley-French, & Admiral (Ret.d) George Zambellas. Finally, we gave up choosing and feature several articles from Signal magazine’s December edition.
USA
Congress Poised to Jam Through Reauthorization of Mass Surveillance
“Congress doesn’t have much time left on the legislative calendar for the year, but there’s still a lot on the agenda to get across the finish line. In the few remaining days, Republicans hope to pass a tax reform bill and either another short-term continuing resolution or an omnibus to fund the government. Another item on the agenda is the reauthorization of Title VII of the Foreign Intelligence Surveillance Act (FISA), including the controversial Section 702.”
All Major Agencies Will Be on Federal Cybersecurity Dashboard by February
“The dashboard will help government cyber officials work faster when a new bug is discovered.
Two federal agencies have connected to a governmentwide cybersecurity dashboard so far and all major agencies will be plugged in by the end of February, a top Homeland Security Department official told Nextgov Tuesday. The federal cybersecurity dashboard is an outgrowth of Homeland Security’s Continuous Diagnostics and Mitigation program, which helps agencies scan their networks for digital threats.”
Siemens, Trimble, Moody’s Breached by Chinese Hackers, US Charges
“U.S. prosecutors have charged three Chinese nationals affiliated with a cyber security company in China with hacking into Siemens AG, Trimble Inc and Moody’s Analytics to steal business secrets.”
FBI, DHS Warn of Hacker Mercenaries Funded by Nation-States
“Lines between government-backed hackers and cyber criminals are getting fuzzier, top officials told lawmakers Thursday. That’s one message the FBI wanted to send when it indicted two Russian intelligence officers and two criminal co-defendants for a major breach of the Yahoo email service in March, Director Christopher Wray said.”
Australia
Cisco to Develop Training Programs for Cyber Security Cooperative Research Centre
“Cisco has invested $3 million in Australia’s Cyber Security Cooperative Research Centre (CSCRC), one of 25 partners to put their weight behind the initiative. Yesterday we covered the news that Optus Business has also contributed investment funds to the tune of $3.5 million to support the Cooperative Research Centre.”
Australia “Fair Game” When It Comes to the Threat of a Cyber Attack
“Previously, organisations in Australia were protected by the country’s geographic isolation, but as business is now being carried out at scale via the internet, Tony Jarvis, chief strategist of threat prevention at security vendor Check Point, has said everyone is “fair game” when it comes to the threat of a breach.”
EU
New EU Rules Increases Competition and Security Between Banks and Fintech
“The European Commission approved rules on Monday to increase competition and toughen up security in how people pay for goods and services across the European Union, pitting banks against financial technology firms.”
Innovations
DARPA Launches Program to Transform Plants into Silent Sentinels
“DARPA launched a new program in November to replace electronic and mechanical intelligence sensors with plants. The Pentagon’s innovation cell, the Defense Advanced Research Project Agency, launched the Advanced Plant Technologies program to transform plants into “intelligence gatherers.” Using self-sustaining plant-based sensors, DARPA officials hope to bio engineer basic plants into ground sensors.”
Israel
Protecting Israel Online: How Does the Shin Bet Prepare for Cyber Attacks?
“Around four years ago, Shin Bet specialists had caught on to a carefully planned cyber offensive against Israel by one of the country’s most sophisticated adversaries (usually a euphemism for Iran, though Hezbollah and Hamas sometimes make trouble too). ”
ITU
How “Cyber” Sidelined “Development” at the ITU’s World Telecommunication Development Conference
“Cybersecurity has made the World Telecommunication Development Conference another political battleground for digital policy, threatening to sideline the very real problems that developing countries need to solve. ”
NATO
Future War NATO? From Hybrid War to Hyper War via Cyber War
“This is a paper about NATO strategy in future war. It is built around two scenarios: one in which the Alliance is defeated because it did not prepare for future war; and another in which the Alliance prevails because it did. The paper calls for the crafting of a NATO Future War Strategy (and Strategic Concept) that would convince Moscow that under absolutely no circumstances would the threshold to war be so low as to make it imaginable, let alone winnable. Or, that the threat of such a war would force the Alliance and its nations to accept unacceptable compromises over either sovereignty or security.”
NATO Mulls “Offensive Defense” with Cyber Warfare Rules
“A group of NATO allies are considering a more muscular response to state-sponsored computer hackers that could involve using cyber attacks to bring down enemy networks, officials said.”
Netherlands
Dutch Need Cybersecurity Research Institute- MP
“The Netherlands must set up a separate research institute for cybersecurity, D66 MP Kees Verhoeven said during a meeting about the budget for Justice & Security (J&V). The MP said the institute is needed because the country is dangerously behind as regards to research into cybersecurity, and because there is no real forum where research and expertise can come together.”
Visegrád 4
The State of Cyber Security in V4
“Cyber security is a horizontal policy. This means that it does not only need a department in one of the ministries, but it must be at the forefront in all public institutions, whether that be education (e.g. teaching cyber hygiene and digital skills), energy security (e.g. protecting the grid) or data protection (of citizens or of public interest). Hence, the Visegrad countries have all come to grasp with the cyber realities and have launched legislation on the delegation of competences in their public administration of cyber security.”
Feature
December Edition of Signal Magazine
“This month, articles include:Special Ops Command Woos Nontraditional Technology Developers;The NSA Braces For Perfect Storm Of Cyber Risks and When IoT Devices Go Rogue, Automation Saves the Day.”