ICD Brief 114.
24.12.2018.-30.12.2018.
What a year! We’ve seen a global surge towards order in strategies, laws, awareness, education, alliances, authorities matched by an equal or greater number of vulnerabilities, attacks, destabilizers.
USA
Cyber Attack Disrupts Printing of Major US Newspapers
“Los Angeles Times, Chicago Tribune, Wall Street Journal and New York Times among titles affected by virus that hit shared systems. The attack on Saturday appeared to originate outside the United States, the Los Angeles Times reported.”
Trump Signs SECURE Technology Act into Law
“The White House announced on Dec. 21 that President Trump signed into law H.R. 7327, which aims to reduce Federal government supply chain threats, and also would establish a bug bounty program and vulnerability disclosure policy at the Department of Homeland Security (DHS).”H.R. 7327, the “Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act
Idaho Lab Protects US Infrastructure from Cyber Attacks
“It’s called the “Dark Side” because the 50 workers there prefer to keep the lights low so they can dim the brightness on their computer screens. Or maybe it’s because of what they do in cyber research and development.”
“Does the Department of Homeland Security (DHS) need to be hacked? Legislators seem to think so.”
Exclusive: White House mulls new year executive order to bar Huawei, ZTE purchases
“WASHINGTON (Reuters) – President Donald Trump is considering an executive order in the new year to declare a national emergency that would bar U.S. companies from using telecommunications equipment made by China’s Huawei and ZTE, three sources familiar with the situation told Reuters.”
DOD and Other Agencies Seek to Enhance Contractors’ Cyber and Supply Chain Security
“The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors and subcontractors.”
Australia
Ministers Respond to Chinese Cyber-Enable IP Theft
“Home Affairs Minister Peter Dutton and Minister for Foreign Affairs Marise Payne responded to concerns about a global campaign of cyber-enabled commercial intellectual property theft by a group known as APT10, acting on behalf of the Chinese Ministry of State Security.”
Canada
Trump’s Huawei threat a risk to Canadian and global tech in 2019 …
“Huawei clash could be a trial run for U.S.-China tech conflict that would put Canada in a difficult spot.”
China
“China’s new cybersecurity rules bring domestic financial information providers in line with regulations that have governed mainland-based foreign bureaus since 2009 and vow to punish those fabricating news or distorting the country’s monetary and fiscal policies.”
Czech Republic
Czech Government Reverses Ban on Huawei
“The Czech cyber security watchdog’s warning against Huawei devices had no tech basis, said the Czech National Security Council, after discussing the situation. The National Security Council also reversed the decision of the Prime Minister Andrej Babis for government officials to stop using Huawei phones. The council said that the Czech Republic welcomes all kinds of foreign investment.”
India
126 Arrests: The Emergence of India’s Cyber Crime Detectives Fighting Call Center Scams
“The Times of India reports that police have raided a call center in Noida Sector 63 where hundreds of fraud calls were placed every day to Americans and Canadians resulting in the theft of $50,000 per day.”
RBI[Reserve Bank o India] to set up compliance portal to track cyber fraud
“Mumbai: The Reserve Bank of India (RBI) would set up a compliance and tracking system portal to tackle the proliferation of cyber-fraud and seeks to establish a better redressal mechanism for consumers.”
Israel
Cybersecurity Practitioner – IDF’s New Instruction Opportunity
“A new and first-of-its-kind cyber course has attracted high interest in the Israeli military. The course is intended only for combatants just before they finish their army service, in order to grant them a unique opportunity – acquiring a profession for the civilian sector through a cybersecurity course.”
Japan
Japan to Increase Its Cyber Defense: NATO and CCDCOE
“The government of Japan is finally waking up to the importance of increasing the Cyber Defense of this nation. Prime Minister Shinzo Abe is especially concerned about protecting the Japanese Self Defense Forces and other important areas related to national security. For example, nuclear power installations and so forth. Hence, with Japan increasing its military budget and watching events between America, China, the Russian Federation, and others – sometimes based on truth and other times propaganda in all directions – then Japan seeks to ratchet up its Cyber Defense to meet the changing times.”
North Korea
North Korea Defector Hack: Personal Data of Almost 1,000 Leaked
“Almost 1,000 North Korean defectors have had their personal data leaked after a computer at a South Korean resettlement centre was hacked, the unification ministry said.”
Singapore
Singapore Government Launches New Bug Bounty Program
“HackerOne has partnered with the Singapore government to launch new bug bounty programs aimed at protecting public-facing websites. The initiative, which was launched late last week, comes after a number of cybersecurity incidents hit organizations and businesses across the Southeast Asian country.”
UK
UK Launches Long-Awaited Cyber Skills Strategy
“The UK government has launched a new cybersecurity skills strategy designed to reduce industry shortages, and a new independent body to help shape the future of the profession.”
Feature
Year in Review: Huawei and the Technology Cold War
Blog Post by Adam Segal Council on Foreign Relations
December 26, 2018
“2018 was the year that started the U.S.-China tech cold war. 2019 might be the year that splinters the global technology system into distinct spheres of influence.”
Your Data Was Probably Stolen in Cyberattack in 2018 – And You Should Care
Mike Snider USA Today
“When it comes to data breaches, 2018 was neither the best of times nor the worst of times. It was more a sign of the times. Billions of people were affected by data breaches and cyberattacks in 2018 – 765 million in the months of April, May and June alone – with losses surpassing tens of millions of dollars, according to global digital security firm Positive Technologies.”