ICD Brief 123.
25.02.2019.-03.03.2019.
Greetings from Washington. Dire warnings dominate our 14 country updates this week with two comprehensive features.
Key words are: expands, harden, new guidance, tighten, momentum, cooperation, legislation, offensive, cyber attack, martial law.
USA
Cyber Threats to US Infrastructure Warrant “Moonshot” Response
“Serious threats to U.S. infrastructure, and especially to the electrical grid, have grown significantly in the past year and, as National Intelligence Director Dan Coats reiterated to Congress recently, “the warning lights are blinking red.”
DHS “Transition to Practice” Program Expands from Cybersecurity
“The Homeland Security Department’s tech-to-market program focusing on the transition of innovation to commercialization is expanding from cybersecurity to include all technologies impacting national security.”
TSA, CISA Want to Retain Cybersecurity Authority
“On Tuesday, the House Committee on Homeland Security convened for a hearing on securing U.S. surface transportation from cyberattacks. Representatives from the Transportation Security Administration (TSA) and Cybersecurity and Infrastructure Security Agency (CISA)–a branch of the Department of Homeland Security (DHS)–testified that the agencies would like to continue working on cybersecurity together and retain the authority to adjust policy regarding cyberthreats when recognized.”
DNC Issues Cybersecurity Guidance for 2020 Election
“Stung by Russian hackers intent on swaying the 2016 presidential election, the Democratic National Committee (DNC) has put considerable resources into shoring up cybersecurity and on Friday releases a checklist meant to secure campaign and candidate devices.”
US Cyber Operation Blocked Internet for Russian Troll Farm on Election Day 2018: Report
“The U.S.’s main military cyber operation reportedly interfered with internet access for a major Russian troll farm on Election Day last year.”
Chicago Hardened Cybersecurity with Heightened Concerns about Electronic Voting
“Amid the ongoing 2019 mayoral elections and an increasing number of nationwide data breaches, Chicago beefed up cybersecurity controls to defend against potential voter fraud and hacking.”
Australia
Australia’s Assistance and Access Bill Increases Risks of Cyber Attacks
“The Australian Parliament recently passed the Assistance and Access Bill, which is widely recognized as an “anti-encryption” law by many U.S. tech giants. The law not only gives the country’s intelligence and law enforcement agencies access to end-to-end encrypted communications but also requires firms to create the technical capability to provide help where that capability doesn’t yet exist.”
ACSC Tightens Access Controls for Australian Government Systems
“Tighter yet more flexible controls for user authentication have been set for Australian government agencies in the new Essential Eight Maturity Model published by the Australian Cyber Security Centre (ACSC).”
China
Chinese Cybersecurity Law Is a “Loaded Weapon”, Senior US Official Says
“China’s cybersecurity law allows the state to conduct foreign espionage projects, and its legislation is comparable to a “loaded gun” that the rest of the world should not want to stand in front of, a senior US official told EURACTIV on Wednesday (26 February). But Chinese officials were adamant that this was not the case.”
Chinese Cyber Attack Group Bronze Union Targeting Weapon Tech
“Cyber attack group Bronze Union has attempted to steal data on cutting-edge weapons technologies as well as spy on dissidents and other civilian groups, according to researchers.”
EU
EU Gathers Momentum in Cybersecurity Legislation and Cooperation
“The past two years have seen a step-change in the rate at which the European Union is putting legislation in place to support improved cyber security standards, collaboration and sharing of resources, says digital commissioner’s representative”
Commission Launches Pilot Projects to Reinforce EU’s #Cybersecurity Capacity
“The European Commission is investing more than €63.5 million in four pilot projects to lay the ground work for building a European network of centres of cybersecurity expertise which will help to reinforce research and coordination of cybersecurity in the EU. The four pilots, CONCORDIA, ECHO, SPART
France
France’s New Offensive Cyber Doctrine
“Since its November 2018 announcement of the Paris Call, a code of conduct for cyber space, France has turned to the offensive. On Jan. 18, French armed forces minister Florence Parly unveiled the country’s first doctrine for offensive cyber operations. This announcement is the latest in a series of deep and fast-paced measures aimed at organizing and clarifying the defense of French interests in cyberspace.”
Germany
Berlin: We’ve Had No Recent Talks with Beijing on Cybersecurity
“The German government has not held talks with Beijing about cybersecurity issues in recent weeks, a spokesman said when asked about a report that Chancellor Angela Merkel was seeking a no-spying deal with China over the Huawei issue.”
Israel
Israeli Startups Shine in the $92 Billion Cybersecurity Market
“In 2018, Israeli startups received $1.19 billion or almost 20% of global VC investments in cybersecurity, up 47% from the previous year, according to a new report from Start-Up Nation Central. Another report, published today by Strategic Cyber Ventures, shows that Israel has surpassed China last year as the hottest spot for VC investments in cybersecurity companies outside of the US.”
Israel Preparing for Cyber Attack by Russia, China – Report
“Israeli intelligence and defense officials have become more conscious that the Israeli private sector and other aspects of defense face profound cyber spying challenges from Russia and China.”
Latin America
Latin American CEOs Optimistic about AI’s Potential
“CEOs in Latin America are upbeat about the opportunities presented by artificial intelligence (AI) but many are holding off on investing in such projects, according to a new study.”
NATO
“In its report, Responding to Cognitive Security Challenges, the NATO Strategic Communications Centre of Excellence details an experiment it ran to trick serving members of the armed forces. While the authors won’t say which country’s armed forces, they are at least clear about what they were trying to achieve.”
North Korea
Cyber Attacks, Not Nukes, May Be North Korea’s Most Dangerous Weapons
“Some national security and cybersecurity experts say cyber attacks, not nuclear weapons, are the biggest threat from North Korea. Politicians and political journalists cite North Korea’s nuclear weapons program as the priority for President Trump’s second summit with North Korean leader Kim Jong-un in Vietnam this week, but new research suggests the rise of “nation-state linked ransomware” is a more pressing concern that demands immediate action.”
Russia
Russia Jails Top Cyber Agent for Treason
“A military court in Moscow on Tuesday jailed a top cyber intelligence officer from Russia’s main domestic security agency on treason charges — in a remarkably murky case that has attracted speculation that it could be linked to the 2016 U.S. election.”
Singapore
New Defense Training Puts Singapore’s Cyber Challenge Into Focus
“Last week, Singapore announced a number of ongoing developments that it was undertaking with respect to the cyber defense domain. Though the announcements were with respect to just a few of the many initiatives that the Southeast Asian state has been undertaking in recent years, they nonetheless spotlighted some of the ongoing activity in the cyber defense realm.”
Thailand
Thailand Passes Internet Security Law Decried as “Cyber Martial Law”
“Thailand’s military-appointed parliament on Thursday passed a controversial cybersecurity law that gives sweeping powers to state cyber agencies, despite concerns from businesses and activists over judicial oversight and potential abuse of power.”
UK
Huawei Threat Uncovers Enemy Within UK Spy Agencies
“It is unusual to see, let alone hear, from Britain’s spymasters in public. But in the past few weeks, the UK’s intelligence chiefs have been uncharacteristically outspoken on the threat posed to national security by Huawei, the Chinese telecoms equipment maker.”
FEATURED
Cisco CISO Survey Reveals Mixed News for Cybersecurity
“Cisco has published its fifth annual 2019 CISO Benchmark Study a comprehensive survey of more than 3000 security leaders across 18 countries.”
Global Data & Privacy Update – February 2019
Mark Williamson, Isabel Ost and Charlotte Gatland of Clyde and Company in Lexology
European Union, United Kingdom February 28 2019
“Welcome to the February Global Data & Privacy Update. This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.”