Frustration and Expectation – ICD Brief 77.

by ICD Posted on March 11, 2018

ICD Brief 77.

05.03.2018.-11.03.2018.

Greetings from Washington.

It’s been a dark week in the global cybersphere dominated by frustration and growing concern with “lack of policy”, “tied hands”, “falls short” and numerous “vulnerabilities in updates from the US, Australia, Baltics/Latvia, China, the EU, Germany, India, Israel, Switzerland and the UK.

Read While US Ponders Response to Russia, Agencies’ Hands Are Tied in Cyberspace, Intelligence Chief Says and Hacking Back & The Digital Wild West  for two perspectives on why it’s not simply a question of organizing counter attacks.

And from Germany: Deutschland 4.0? Germany’s Digital Strategy Over the Next Four Years

Finally, two innovative approaches from Cuomo, senator announce legislation to regulate online political ads and Latvian Mobile Operator Invites Cyber Attackers to Have a Go. 

And good news for insurance: Commercial Cyber Liability Market Will Reach $6.2B in Written Premium by 2020: Verisk.

 

USA

While US Ponders Response to Russia, Agencies’ Hands Are Tied in Cyberspace, Intelligence Chief Says

“After senators repeatedly criticized him for the weak U.S. response to Russian cyberattacks and propaganda, the head of the intelligence community complained Tuesday that a lack of policy had stifled his agencies from taking action.”

‘It is clearly an issue for the National Security Agency and NSC at the White House,’ Coats described. ‘There has not been yet a formulation of a lead agency that would work with the Congress on legislative action or putting policy in place. There are some complicated issues here related to retaliatory action.’”

ICD: But it is not policy or a lead agency alone:

Homeland Security’s IT security continues to fall short

“The Office of Inspector General (OIG) has released its “Evaluation of DHS’ Information Security Program for Fiscal Year 2017” (pdf). In short, the Department of Homeland Security (DHS) is running outdated software, has unpatched critical vulnerabilities — including the flaw to allow WannaCry ransomware — and some workstation security patches haven’t been deployed for years.”

Cuomo, senator announce legislation to regulate online political ads

“ALBANY — Gov. Andrew M. Cuomo and U.S. Sen. Amy Klobuchar, D-Minn., made a joint announcement earlier this week calling for more scrutiny over political ads on social media and foreign interference in U.S. elections.

Australia

Microsoft Explores Australian CISOs’ Most Common Problems in Cybersecurity

“Australia needs at least another 500 more cyber graduates to meet existing demand for cybersecurity as CISOs tackle the shortage with a variety of methods that don’t necessarily require a background in computer science.”

Baltics/Latvia

Latvian Mobile Operator Invites Cyber Attackers to Have a Go

“Latvijas Mobilais Telefons (LMT), the country’s largest mobile operator, is inviting would-be belligerents to test their cyber weapons on its network — or rather, on a simulation of it, called the Mobile Cyber Range.”

 

China

China’s National Vulnerability Database Is Merely A Tool for Its Intelligence Agencies

“China’s National Vulnerability Database is being manipulated so vulnerabilities used by Chinese-linked hacking groups can be taken advantage of, according to new research from Boston-based cybersecurity firm Recorded Future.”

EU

EU Member of Parliament Eyes Vulnerability Disclosure Process

“European Union MP Marietje Schaake proposed creating an EU-wide rule describing when governments must disclose security flaws to manufacturers. Governments often use these security flaws for surveillance.”

Germany

Deutschland 4.0? Germany’s Digital Strategy Over the Next Four Years

“Last week, the members of Germany’s Social Democratic Party (SPD) voted in favor of the coalition agreement that will see Angela Merkel remain Chancellor for the next four years. Although digital and cyber issues were recurring themes during the election, the agreement leaves many questions unaddressed. Nevertheless, here’s what we can expect from the new German government over the next four years with respect to broadband roll-out, Europe’s digital economy, and cybersecurity.”

India

Demand for cyber security staff up 3 times in 1 year, to escalate: Report

“MUMBAI: With increasing incidents of large scale cyber-attacks and governmental cyber espionage, the demand for professionals in the segment has gone up three time in past 12 months, according to a report”

Israel

What Are Zero Day Exploits and Why Is Israel’s Military After Them?

“A sliver of light has been thrown onto Israel’s cyber-espionage efforts after the Motherboard website revealed letters apparently showing the government shopping for prized digital penetration opportunities known as zero-day exploits.”

Switzerland

Commercial Cyber Liability Market Will Reach $6.2B in Written Premium by 2020: Verisk

“The total commercial cyber liability market will reach $6.2 billion in written premium by 2020 after annual growth rates of 20-30 percent, Verisk predicts in a new market analysis.”

UK

UK Cybersecurity Certification Pilot Launched

“UK businesses now have the opportunity to improve their cyber security and prove they have taken steps to protect data they hold, thanks to a police-backed certification scheme.”

Feature

By: Levi Gundert

Hacking Back & The Digital Wild West

“Far from helping organizations defend themselves, hacking back will escalate an already chaotic situation.”

 

This entry was posted in Weekly Brief. Bookmark the permalink.

Comments are closed.