ICD Brief 113.
10.12.2018.-16.12.2018.
Greetings from a restive and somewhat festive Washington DC. The news of the week includes:
- Senate Democrats set lineup for cyber committees
- Preparing for Cyber Conflict – Case Studies of Cyber Command by Piret Pernik ICDS, Estonia, the first publicly available comparative study of the military cyber organizations in five European countries.
- Implementing Medical Device Regulation – COCIR Half-Time Assessment – the European Union
- Orange Unveils, AI, 5G, Cybersecurity Plans France
- Warnings As Destructive ‘Shamoon’ Cyber Attacks Hit Middle East Energy Industry
A Special Section of “Consequential Reads” for our two-week holiday break.
- Mapping the Future: Dealing with Pervasive and Persistent Threats Trend Micro
- The Divide Between Silicon Valley and Washington Is a National-Security Threat
byAmy Zegart and Kevin Childs
The Atlantic
- Smart mobs in Paris: let them be social by FrenchCaldwell LLC
- Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret JENNIFER VALENTINO-DeVRIES, NATASHA SINGER, MICHAEL H. KELLER and AARON KROLIK New York Times
- Stopping Data Breaches Will Require Help from Governments Harvard Business Review by Samir C. Jain and Lisa M. Ropple Jones Day
- The Wired Guide to 5G – Klint Finley
I look forward to sharing your Comments in upcoming editions.
USA
Senate Democrats set lineup for cyber committees
“Fantasy Senate picks —Senate Minority Leader Chuck Schumer on Thursday announced Democratic committee assignments for the 116th Congress, which still must be ratified by the full chamber in January. Notable additions to the most cybersecurity-oriented panels include:”
Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing
“WASHINGTON — The cyberattack on the Marriott hotel chain that collected personal details of roughly 500 million guests was part of a Chinese intelligence-gathering effort that also hacked health insurers and the security clearance files of millions more Americans, according to two people briefed on the investigation.”
Bitcoin bomb threats sweep U.S., Canada, but lack credibility
“WASHINGTON (Reuters) – A rash of bomb threats were emailed on Thursday to hundreds of businesses, public offices and schools across the United States and Canada demanding payment in cryptocurrency, but none of the threats appeared credible, law enforcement officials said.”
Australia
Govts agree to coordinate national cyber incident response
“Australia’s federal, state and territory governments have agreed to a new structure on how they will coordinate with one another in the event of a national cyber incident.”
Estonia
Preparing for Cyber Conflict – Case Studies of Cyber Commandby Piret Pernik
“This is the first publicly available comparative study of the military cyber organisations in five European countries: Estonia, Finland, Germany, the Netherlands, and Norway.
The study examines strategic guidelines, political authorisation of international deployments, organisational set-up, the chain of command, and key functions of three categories of military cyberspace forces: cyber commands (Estonia, the Netherlands, Norway), military cyber services (Germany), and cyber defence divisions (Finland).”
EU
EU negotiators reach agreement on cybersecurity act
“Representatives from the European Commission, Council and Parliament on Monday (10 December) evening banded together to strengthen the bloc’s Cybersecurity efforts, reaching agreement on the EU’s cybersecurity act.”
Implementing Medical Device Regulation – COCIR Half-Time Assessment
“26 May 2020 is rapidly approaching; with a further 18 months to go, we are now at the midpoint for the implementation of the Medical Device Regulation. The European Commission recently published their implementing measures rolling plan for the Medical Device Regulation (MDR) and In-vitro Diagnostics Regulation (IVDR)1, following the publication of the CAMD roadmap2 last year. This makes it an appropriate time to assess where we stand in the implementation and map the way forward.”
France
Orange Unveils, AI, 5G, Cybersecurity Plans
“Stéphane Richard, Chairman and CEO of the Orange Group explained that: ’To fight digital exclusion, Orange chooses inclusive innovation: useful and simple innovations that are accessible to the greatest possible number of people. To do so, we deploy the best fixed and mobile networks across the country.”
Middle East
Warnings As Destructive ‘Shamoon’ Cyber Attacks Hit Middle East Energy Industry
“Warnings have gone out over a fresh assault on energy companies operating in the Middle East as at least two companies operating in the region were hacked with highly destructive malware designed to wipe systems and render them inoperable.”
Poland
Polish anti-terror law praised by hybrid threat expert: report
“Polish anti-terror laws have been praised as a model for creating legislation in other EU and NATO countries, according to a report.”
UK
“The NHS‘s lack of cyber security is ‘alarming’, experts have warned after they discovered huge gaps in spending and training across the health service.”
Consequential Reads
Mapping the Future: Dealing with Pervasive and Persistent Threats Trend Micro
“Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.”
The Divide Between Silicon Valley and Washington Is a National-Security Threat The Atlantic
“Closing the gap between technology leaders and policy makers will require a radically different approach from the defense establishment.”
Smart mobs in Paris: let them be social French Caldwell
“Key takeaways:
1 – With modern social technologies, political movements can coalesce in days, maybe hours
2 – The weak political center and struggling traditional political parties in France provide an opening for the emergence of more political movements enabled through social technologies\
3 – Government leaders should be prepared with strategies to predict, engage, monitor, and respond to rapidly emerging political movements”
Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret
By Jennifer Valentino-DeVries, Natasha Singer, Michael H. Keller and Aaron Krolik New York Times
“Dozens of companies use smartphone locations to help advertisers and even hedge funds. They say it’s anonymous, but the data shows how personal it is.”
Stopping Data Breaches Will Require Help from Governments Harvard Business Review
Samir C. Jain and Lisa M. Ropple are partners at Jones Day.
“Not a month goes by without a major corporation suffering a cyber attack. Often state-sponsored, these breaches are insidious, difficult to detect, and may implicate personal information relating to millions of individuals. Clearly, the current approaches to safeguarding sensitive data are insufficient. We need to reorient expectations for the role of the private sector in cybersecurity. As the risk of cyberattacks has become better appreciated, we see an increasingly punitive focus on holding corporate America solely responsible.”
The Wired Guide to 5G – Klint Finley
“The future depends on connectivity. From artificial intelligence and self-driving cars to telemedicine and mixed reality to as yet undreamt technologies, all the things we hope will make our lives easier, safer, and healthier will require high-speed, always-on internet connections. To keep up with the explosion of new connected gadgets and vehicles, not to mention the deluge of streaming video, the mobile industry is working on something called 5G—so named because it’s the fifth generation of wireless networking technology.”