ICD Brief 131.
22.04.2019.-28.04.2019.
Greetings from Washington. From the Five Eyes in Glasgow to the Cyber Command in Washington DC, conferences this week bring significant updates from the Intelligence Community.
USA
Election tech vendors say they’re securing their systems. Does anyone believe them
“The last few years have been an awakening for Election Systems & Software. Before 2016, very few people were publicly pressing the company to change the way it handled its cybersecurity practices. Now, the nation’s leading manufacturer of election technology has become a lightning rod for critics.”
Japan, US Beef Up Their Cyber Alliance
“Washington and Tokyo have vowed to intensify their cooperation on cybersecurity, while signalling that the United States could come to the aid of Japan if it faced a serious computer-based attack.”
An “Increase in Clarity” in US Cyber Strategy
“In the year since the US Cyber Command was elevated to a unified combatant command there has been an “increase in clarity” on the US cyber strategy, specifically on the Department of Defense’s role, and an “alignment in the law,” US Air Force Brig. Gen. Timothy D. Haugh, commander, Cyber National Mission Force at US Cyber Command, said in Washington on April 23.”
DHS Probes Current and Future Mobile Threats
“The research arm of DHS is looking to develop cybersecurity tools for of existing and emerging wireless protocols to its arsenal of network protection capabilities for federal agencies.”
Cyber Command Paying Closer Attention to Overseas Networks in Its National Defense Mission
“U.S Cyber Command says it’s changing the way it thinks about cyber defense. The Cyber Mission Force still has the job of protecting Defense networks and domestic critical infrastructure. But to do that effectively, leaders say they need to continuously probe foreign networks for malicious activity, and they’re promising to be much more transparent about what they find.”
Australia
“Democracy at Stake”: Parties Warned Australia at Risk of US-Style Cyber Manipulation
“Former privacy tsars and technology experts have warned the major political parties they must dramatically strengthen their cybersecurity to protect the growing mountains of private data gathered on voters that could be used by foreign adversaries to manipulate elections.”
China
Amnesty Says Hong Kong Office Hit by China-Linked Cyber Attack
“Amnesty International’s Hong Kong office has been hit by a years-long cyberattack from hackers with known links to the Chinese government, the rights group said Thursday.”
EU
European Union’s New Cybersecurity Act: What Do You Need to Know?
“On 29 May 2018, the Council of the European Union issued its proposal for the regulation of the European Union Agency for Network and Information Security (“ENISA”) and information and communication technology cybersecurity certification (the “EU Cybersecurity Act”). The proposal had two areas of focus: the first being to strengthen the powers of ENISA by making it a permanent agency of the EU; the second was to establish a European cybersecurity certification framework to ensure the application of a common cybersecurity certification for information and communications technology (“ICT”) goods. The proposal was adopted on 27 March 2019. and enters into force 20 days after its publication.”
France
A Close Look at France’s New Military Cyber Strategy
“Cyber warfare has begun and France must be ready to fight it,” Florence Parly, the French minister for the armed forces, declared on Jan. 18. Parly was introducing the new French Military Cyber Strategy, which consists of two separate documents: the Ministerial Policy for Defensive Cyber Warfare(hereafter the Ministerial Policy) and the Public Elements for the Military Cyber Warfare Doctrine (hereafter the Public Elements). Together, these documents outline the French Ministry of Defense’s (ministère des Armées) doctrine on lutte informatique défensive et offensive, or defensive and offensive cyber warfare.”
India
Report Highlights Cybersecurity Implications of IoT for India
“As Future IoT reported in January 2018, India is taking the well-trodden path to digital transformation with an eye on the prize: a US$1 trillion economy by 2022. Somewhere in this grand vision is the reality of 5 billion connected IoT ecosystem.”
Insurance
DUBLIN–(BUSINESS WIRE)–Apr 26, 2019–The “Cyber Security Insurance – Global Market Outlook (2017-2026)” report has been added to ResearchAndMarkets.com’s offering. According to this report, the Global Cyber Security Insurance market accounted for $4.19 billion in 2017 and is expected to reach $35.07 billion by 2026 growing at a CAGR of 26.6%.”
Netherlands
Dutch Cybersecurity Centre to Come Out with Updated Security Guidelines
“Dutch National Cyber Security Centre NCSC is coming out with updated IT security guidelines for Transport Layer Security (TLS). A safe TLS configuration is important, the NCSC said, to secure internet connections. The revised guidelines should help make TLS configurations more future-proof, so that organisations can focus on threats that deserve daily attention.”
Singapore
Singapore’s Cybersecurity Chief Says International Norms, Partnerships Are Key Issues
“Cybersecurity is an existential issue for Singapore, Mr David Koh, chief executive of the Cyber Security Agency of Singapore told the eighth annual International Conference on Cyber Engagement (ICCE) in a keynote address in Washington on April 23.”
South Korea
South Korea Faces Growing Threats from Cryptojacking
“Many countries are more concerned with cyber-attacks than ever. There are countries that are intent on using cybercrime in order to not only undermine national security, but also to steal intellectual property and information from countries that they are at odds with. It appears as though South Korea is under an increasing amount of cyberattacks, as well.”
Tunisia
Pan-Arab Cybersecurity Unit to Be Set Up in Fight against Digital Crime
“TUNIS: A pan-Arab cybersecurity unit is to be set up for greater regional cooperation in the fight against digital crime and money laundering, the Saudi Press Agency (SPA) reported.”
UK
Naming and Shaming Nations That Launch Cyberattacks Does Work, Say Intel Chiefs
“Intelligence experts from the Five Eyes intelligence grouping – made up of the UK, the USA, Canada, Australia and New Zealand – were all speaking as part of a panel session at CYBERUK 19, the National Cyber Security Centre’s (NCSC) cybersecurity conference in Glasgow, Scotland, in a rare instance of public discussion by the alliance. “
Huawei Row: UK to Let Chinese Firm Help Build 5G Network
“The government has approved the supply of equipment by Chinese telecoms firm Huawei for the UK’s new 5G data network despite warnings of a security risk.”
NCSC Launches Cybersecurity Tool for UK Businesses and Authorities
“The NCSC (National Cyber Security Centre) has offered a new free tool to help toughen the cyber defences of small businesses, and local government.”
Feature
The Spies Who Came in From the Continent
Calder Walton Foreign Policy
“How Brexit could spell the end of Britain’s famed advantage in intelligence.”
“From John le Carré’s novels to the insatiable popular interest in James Bond, Britain has long enjoyed, and cultivated, an image of producing superior spies. This reputation is based on more than myth. For decades during and following World War II, the painstaking real-world work of British intelligence officers was one of the United Kingdom’s primary sources of power.”