Plus ça change … – ICD Brief 103.

ICD Brief 103.


Greetings from Edinburgh! Here’s what greeted us on our arrival yesterday: All Under One Banner Edinburgh rally: Tens of thousands take part in pro-independence march.

This week’s trend seems to be growing outrage over cyber espionage and cybercrime and a gathering of alliances to prepare and combat it.


Spy Chips Story, Disputed by Cloud Providers, Could Stoke Growing US Tensions Over Chinese Espionage

A Bloomberg BusinessWeek report that Chinese equipment manufacturer Super Micro may have allowed microchips used for spying into U.S. data center equipment run by AWSApple and others is likely to stoke trade tensions between the two nations over alleged espionage.”

US Warns of New Hacking Spree from Group Linked to China

“The U.S. government on Wednesday warned that a hacking group widely known as cloudhopper, which Westerncybersecurity firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients.”

DHS Memo: Hackers Exploiting MSPs to Attack Customers’ Networks

“The U.S. Department of Homeland Security (DHS) is warning managed services providers (MSPs) and cloud services providers (CSPs) that cyber gangsters are exploiting them to creep unnoticed into their customers’ networks.”

Senate Passes Key Cyber Bill Cementing Cybersecurity Agency at DHS

“The Senate on Wednesday passed a key cyber bill that solidifies the Department of Homeland Security’s role as the main federal agency overseeing civilian cybersecurity.”

DHS Says Teamwork Is Improving Election Security

“A month out from the 2018 midterms, all eyes are on the Department of Homeland Security as it approaches its first real test since being given a broader election security mandate in the wake of the 2016 presidential elections.”

Banking on Cooperation: The US Government and the Finance Industry Need to Work Together to Defend the Financial Sector from Cyber Threats

“The private sector—which owns and operates the vast majority of U.S. critical infrastructure in cyberspace—and the U.S. government are in lockstep that cyber threats to critical infrastructure have national-security consequences. What more, they agree that both must do more to defend critical infrastructure in cyberspace. On Sept. 20, JPMorgan Chase CEO Jamie Dimon told CNBC that “cyber” represents the biggest threat to the global financial system. But as Dimon sounded the alarm, the Pentagon’s 2018 cyber strategy summary put the ball at least partly in his industry’s court, stating that the private sector is “on the frontlines of nation-state competition in cyberspace.”

DHS CIO Zangardi Wants Cyber, IT Hiring to Be More Limber

“John Zangardi knows cybersecurity is the emerging battle of the 21st century, and chief among his concerns is how to hire the experts needed to fight it.”

US, Montenegro Conduct Cybersecurity Exercises

“The U.S. has worked alongside cyberdefense experts within the government of Montenegro over the past several weeks to build cyberdefense capabilities.”


ASEAN Takes a Bold CybersecurityStep

“As far as technology and ministerial events go, the third ASEAN Ministerial Conference on Cybersecurity (AMCC) that met during Singapore International Cyber Week 2018 was relatively low-key. The conference was a major step forward on cyber issues in uncharacteristically quick terms for ASEAN. However, as the regional grouping looks to produce meaningful deliverables for its upcoming summit in November, it will be challenged by parallel developments in a domain that is continually being stress-tested in many ways.”


Brands to Turn Websites Black and White in Cybersecurity Campaign

“ANZ, Australia Post and NAB are turning their websites and social channels black and white from tomorrow, as part of a week-long campaign for the Australian Cyber Security Centre.The new campaign is created by Icon Agency, and seeks to build awareness around cybersecurity.”


Chinese Police Get Power to Inspect Internet Service Providers

“Under the new rule, effective from November 1, central and local public security authorities can enter the premises of all companies and entities that provide internet services and look up and copy information considered relevant to cybersecurity.”


Joint Statement by Presidents Tusk and Juncker and High Representative Mogherini on Russian Cyber Attacks

“In April the offices of the Organisation for the Prohibition of Chemical Weapons (OPCW) in The Hague were targeted by a hostile cyber operation carried out by the Russian military intelligence service (GRU). This operation was disrupted by Dutch intelligence services in partnership with the United Kingdom (UK). In addition, the UK government has indicated earlier today that it has identified that a number of cyber actors widely known to have been conducting cyber attacks around the world are, in fact, the Russian military intelligence service (GRU).

We express serious concerns about this attempt to undermine the integrity of the Organisation for the Prohibition of Chemical Weapons (OPCW), a respected internationalorganisation, hosted by the Netherlands. This aggressive act demonstrated contempt for the solemn purpose of the Organisation for the Prohibition of Chemical Weapons (OPCW), which works to eradicate weapons worldwide under a United Nations mandate. We deplore such actions, which undermine international law and international institutions. The EU will continue to strengthen the resilience of its institutions and those of its Member States, and international partners and organisations in the digital domain.”

European Cybersecurity Month 2018

“October 2018 is the sixth annual European Cyber Security Month (ECSM), an EU-promoted awareness campaign aimed at promoting cyber security and educating the public on how to protect themselves from online attacks.”


India Inc Faces One of the Highest Cybersecurity Threats in Asia-Pacific

“Bret Hartman is the vice president and chief technology officer, Security Business Group at Cisco. He has more than three decades of experience in building information security solutions for major enterprises and institutions across the globe. Hartman began his career as a United States Air Force officer assigned to the US National Security Agency. At the agency, he helped in the creation of the ‘DoD Trusted Computer System Evaluation Criteria’ (Orange Book). An alumnus of the Massachusetts Institute of Technology (MIT), Hartman talks to THE WEEK about different aspects ranging from preparedness of organisations to dealing with cyber security threats, data privacy concerns and how visibility and control can go a long way in preventing cyber attacks.”

India Faces One Cybersecurity Incident Every 10 Minutes

“New research from the Indian Computer Emergency Response Team (CERT-In) provides some distressing news. In 2017 alone, Indian organizations reported 53,000 security incidents, or one new reported security incident every 10 minutes—and these are only those that have been reported.”


On the Forefront of Israeli CybersecurityInnovation and Investment Strategy

“An interview with Zohar Rozenberg. Zohar Rozenberg (Col. Ret.) is VP, Cyber Investments at Elron Electronic Industries. Zohar serves, as board Member of several companies and a member at R.D.C, Rafael Advanced Defense Systems’ commercialization arm, in a full partnership with Elron Electronic Industries (TASE: ELRN).”


China’s Strict New CybersecurityLaw Ensnares Japanese Companies

“China’s tough new cybersecurity legislation is causing headaches for Japanese companies doing business there as authorities demand more protections for customer information and look to keep data within the country.”


Mattis: Estonia, Denmark, the Netherlands Will Provide Cyber Contributions to Help NATO

“Mattis said to reporters at a meeting of NATO defence ministers on 3 October that the US will make its cyber warfare capabilities available to NATO as the allies denounced an alleged Russian bid to hack the Organisation for Prohibition of Chemical Weapons. He noted that the attempted attack showed how cyberattacks were becoming “more frequent, more complex and more destructive”. ‘This is why the United States, like the United Kingdom, Denmark, the Netherlands, Estonia will provide national cyber contributions to help NATO fight in this important domain,’Mattis said.”

Minister: Estonia Ready to Put Its Cyber Capabilities to NATO’s Use

“TALLINN – Estonia is prepared to make its cyber capabilities available to NATO if necessary, Defense Minister Juri Luik said on Thursday.”

Georgian, NATO Defense Ministers Meet in Brussels, Discuss Cooperation

“Defense Minister Levan Izoria participated in the NATO-Georgia Commission meeting on October 3, held in the frames of the NATO Defense Ministerial in Brussels on October 3-4.”


Russia Calls Dutch Ambassador to Account for Spies’ Deportation

 “Russia summoned the Dutch ambassador to Moscow to account for the Netherlands’ deportation of four Russian spies who were planning to hack the Organization for the Prohibition of Chemical Weapons (OPCW), RTL Nieuws reports.”

North Korea

How North Korean Рackers Stole Millions of Pounds in a String of Methodical Cyber-Heists

“A gang of digital bank robbers working for the North Korean government stole millions of pounds in a string of “complex and destructive” heists, researchers say.”  Inside the North Korean Hacking Operation Behind SWIFT Bank Attacks


Poland – New Cybersecurity Requirements

“A new Act on the National Cybersecurity System entered into force in Poland on 27 August 2018. The Act is designed to implement the measures laid down in the NIS Directive (Directive (EU) 2016/1148) and is another step (as well the GDPR, which reinforces protection of personal data) in extending the duties of companies in relation to cybersecurity.”


Singapore Can Play “Important Role” in Cybersecurity for SEA Region, Says FireEye CEO

“Singapore can play an “important role” in cybersecurity for the Southeast Asian region, particularly in the area of thought leadership, said FireEye CEO Kevin Mandia on Thursday (Oct 4).”


Abertay Graduate Develops New Approach to Cybersecurity

“Start-up CyberShell Solutions has developed early stage security analysis technology that alerts software developers to potential vulnerabilities. Unlike most cybersecurity software, which identifies problems as or after they happen, the Dundee company’s CyberSuite product helps developers address and mitigate issues before their software is commercially deployed. Company chief executive Tayyaba Nafees, who completed a cybersecurity PhD at Abertay, said she was targeting global firms with the product. “

UK Cybersecurity Agency Backs Apple and Amazon Denials Over Chinese Hacking

“Britain’s cybersecurity agency, the National Cyber Security Centre (NCSC) has backed US technology businesses Apple and Amazon in their denials of a recent story that claimed Chinese hackers had managed to infiltrate their servers.”

Defence Secretary Reveals New Generation of “Cyber Cadets”

“A new scheme to help develop the next generation of cyber security experts and protect our nation against sophisticated and evolving threats has been announced by Defence Secretary Gavin Williamson today.”

This entry was posted in Weekly Brief. Bookmark the permalink.

Comments are closed.