ICD Brief 135.
20.05.2019.-26.05.2019.
Greetings from Washington DC over Memorial Day. This week’s ICD Brief brings you updates from Canberra, Tallinn, Brasilia, Brussels, Tehran, Tokyo, Amsterdam, Kigali, Cape Town, London and Pittsburgh.
USA
U.S. Senator Convening Meetings to Warn Business, Academia of China Threat
“U.S. Senator Mark Warner said on Sunday that he has been organizing meetings between U.S. intelligence officials and the country’s business and academic communities to urge caution in their relationships with China.”
US Election Cybersecurity Staff “Strained to the Breaking Point”
“As the U.S. government prepares to defend the 2020 presidential election from cyber threats, the federal agency charged with helping administer elections, the Election Assistance Commission, says it is “strained to the breaking point,” according to Chairwoman Christy McCormick.”
DHS Warns of “Strong Concerns” that Chinese-Made Drones Are Stealing Data
“Chinese-made drones may be sending sensitive flight data to their manufacturers in China, where it can be accessed by the government there, the US Department of Homeland Security warned in an alert issued Monday obtained by CNN.”
Will the U.S. Government Draft Cybersecurity Professionals?
“Conscripting workers with specialized skills, including cybersecurity experts, is under formal discussion in Washington, and the latest Executive Order from the White House contains language that suggests the idea is being taken seriously. ‘United States Government policy must facilitate the seamless movement of cybersecurity practitioners between the public and private sector,” the EO says, “maximizing the contributions made by their diverse skills, experiences, and talents to our Nation.’”
NASA Official Credits DHS’ Cyber Tools with Transforming Its Cyber Stance
“The Continuous Diagnostics and Mitigation program launched America’s space agency into a new age of cybersecurity, a NASA official said Wednesday.”
Cyber Command’s Latest VirusTotal Upload Has Been Linked to an Active Attack
“The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop.”
Moody’s Downgrades Equifax Outlook to Negative, Cites Cybersecurity
“Moody’s has just slashed its rating outlook on Equifax, the first time cybersecurity issues have been cited as the reason for a downgrade. Moody’s lowered Equifax’s
Australia
IBM Highlights Australia’s Digital and Cybersecurity Potential
“IBM Australia and New Zealand managing director David La Rose has stated that he thinks his company can boost the Australian government to be one of the “top three” digital governments across the globe.”
Baltics/Estonia
How Estonia Set a Global Benchmark for E-Government
“Estonia has earned a reputation as the world’s most advanced digital society, with over 99 percent of its public services now available online. The former Soviet republic’s public services are powered by an extensive IT infrastructure, but Andrus Kaarelson, the government’s director of state information systems, says his country’s rapid digital development is not solely due to its technology.”
Brazil
Brazil Shuts Down Cryptocurrency Pyramid Scheme That Defrauded 55,000 of $200 Million
“Brazillian police have arrested ten people suspected of operating a cryptocurrency pyramid scheme worth 850 million reals ($210 million), local news media outlets including Correido Do Povo reported on May 21. As part of Operation Egypto, a swoop dedicated to unearthing unsanctioned financial schemes, Brazil’s tax agency joined police in orchestrating a crackdown on the figures behind Indeal, who they say amassed funds from 55,000 investors.”
EU
UK Plays Pivotal Role in EU’s New Cyber-Attack Sections Regime – ‘This Is Decisive Action’
“EU chiefs today rubber-stamped a new sanctions regime for individuals found guilty of cyber-attacks against the bloc and its allies. EU diplomats also confirmed the powers would also be ready to crackdown on any international interference in European elections next week.” Cyber criminals face new EU sanctions
Iran
Iran Says Its Intranet Almost Ready To Shield Country From ‘Harmful’ Internet Radio Farda“the Iranian branch of the U.S. government-funded Radio Free Europe/Radio Liberty(RFE/RL) external broadcast service. It broadcasts 24 hours a day in the Persian language from its headquarters in the district Hagibor of Prague, Czech Republic. Iran’s national information network (ININ) – the country’s intranet – is 80 per cent complete, the Supreme Council of the Cultural Revolution announced Sunday 19 May, ironically to mark world telecommunications day (Friday 17 May). With the ININ, Tehran hopes to cut the country’s dependency on international cyberspace.”
Japan
Government Urges Utilities in Japan to Manage Data with Care
“The government asked critical infrastructure operators Thursday to manage important data in Japan rigorously, in a bid to prevent its disclosure.”
NATO
“Mr. Stoltenberg highlighted how technologies are fundamentally changing the nature of warfare and that NATO is adapting by strengthening its capabilities and increasing its resources. The Secretary General said, “For deterrence to have full effect, potential attackers must know that we are not limited to respond in cyberspace when we are attacked in cyber space. We can and we will use the full range of capabilities at our disposal.” Bolstering cyber defences and resilience will be a top priority at the NATO Summit of Allied Heads of State and Government to be held in London on 3-4 December.” Ten Minute Video of SG NATO at Cyber Defense Pledge Conference London
Netherlands
Dutch Lecturer Researches the Person Behind the Cyber Criminal
“Research into the human factor in cyber crime is still in its infancy, both in the Netherlands and internationally. One person taking a close look at the subject is Rutger Leukfeldt, senior researcher on cyber crime at the Netherlands Institute for the Study of Crime and Law Enforcement(NSCR) and lecturer on cyber security in small and medium-sized enterprises (SMEs) at the Haagse Hogeschool in the Netherlands.”
Rwanda
Transform Africa Summit kicks-off in Kigali with a focus on digital innovation
2 minutes-long video
“The Transform Africa Summit kicks-off in Kigali, with a focus on the ability of digital innovation to transform the continent.”
South Africa
South Africa Proposes Online Porn Block
“The proposed law would block internet porn on all devices by default.The South African Law Reform Commission (SALRC) has released a new paper discussing sexual offenses in the country in an attempt to review the laws surrounding adult content and how children are being exposed to it.”
UK
Russia Running “Global Campaign” of Cyber Warfare to Target Governments, Jeremy Hunt Says
“Russia has been engaged in a systematic and malicious “global campaign” of cyber warfare targeting critical national infrastructure with Britain providing help to allied states to counter the threat, the foreign secretary is due to say in a keynote speech.”
UK Govt, Tech Industry to Collaborate on Cybersecurity of IoT Devices
“The UK government and the tech industry in the country have agreed to collaborate for improving cyber security of Internet of Things devices (IoT devices).”
Cyber Innovation at the Forefront of UK’s Approach to Modern Warfare
“Speaking this evening at the NATO Cyber Defence Pledge Conference in London, Defence Secretary Penny Mordaunt will address the need for the UK and NATO members to recognise offensive cyber as central to modern warfare. As the UK has already demonstrated against Daesh in the Middle East, it can be a vital tool to keep people in the UK and overseas safe from virtual and physical threats.”
Feature
Cyber Intelligence Tradecraft Report: The State of Cyber Intelligence Practices in the United States (Study Report Only)Carnegie Mellon University Software Engineering Institute
Abstract
“This report details the findings of a study the Software Engineering Institute (SEI) at Carnegie Mellon University conducted at the request of the United States Office of the Director of National Intelligence (ODNI). Our mission was simple: understand how organizations across sectors conduct the work of cyber intelligence and share our findings. In this report, we describe the practices of organizations that are performing well and the areas where many organizations struggle, and we identify the models, frameworks, and innovative technologies driving cyber intelligence today. We believe this report can provide a starting point to enable organizations across the country to adopt best practices, work together to fix common challenges, and reduce the risk of cyber threats to the broader cyber community. “