Of Ooda Loops and Venn Diagrams – ICD Brief 141.

ICD Brief 141.

01.07.2019.-07.07.2019.

 

Greetings from Dulles. This may be a two week edition as I am headed to Paris and London and ports beyond on business and pleasure.

Each week’s brief is a mixture of “intent” and “execution”. This year those intentions are more specific and much more likely to move towards implementation. Witness, today’s edition emanating from Washington, Canberra, Tallinn, Brasilia, Ottawa, Beijing, Brussels, Berlin, Budapest, New Delhi, Jakarta, Tel Aviv, Tokyo, Singapore, and London.

USA

US Military Warns Outlook Users to Update Immediately Over Hack Linked to Iran                  Forbes

“Less than two weeks ago, U.S. Cyber Command launched an offensive on Iran to disable computer systems used by the country’s Revolutionary Guard Corps to control rocket and missile launches. Now, the agency has issued an unprecedented public warning that is has discovered the “active malicious use” of a Microsoft Outlook vulnerability that appears to be linked to Iran.”

New York Legislature Passes Bill that Toughens Breach Notification Standards SCMagazine

“The New York State Legislature last month passed The Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which is intended to strengthen the state’s data security laws by more explicitly defining when and how businesses must notify the public and attorney general of a data breach incident.”

US Wants to Isolate Power Grids with “Retro” Technology to Limit Cyber-Attacks             ZDNet

“The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.”

Here’s How Hackers Are Making Your Tesla, GM and Chrysler Less Vulnerable to Attack USA Today

“In March, a Tesla Model 3 was hacked.

It was all part of a three-day cybersecurity contest called Pwn2Own, an event where Tesla pays top dollar to anyone masterful enough to find previously unknown bugs. Correcting any weakness helps the electric car company protect the people who drive its vehicles, it hopes. “

The Week in Tech: What Should Your City Do if It’s Hit by Ransomware? By Jamie Condliffe         New York Times

“Imagine you’re a mayor trying to spend your city’s money wisely. You’ve heard about ransomware attacks, where hackers locking I.T. systems using encryption and demanding money for their release. But what should you do about them?”

Security Homesteads the Chip            Signal

“Bad things may come in small packages, so experts safeguard the microelectronics supply chain.”

Australia

Hoping for the Best, Planning for the Worst: The Cyber-Attack Plan Every Australian Business Needs to Have              CSO

“Has your organisation fallen victim to a hacking attack or serious data breach? They’ve become unremarkable occurrences in the digital era, in Australia and around the world. Preventing them while simultaneously planning for the worst, should your defences prove inadequate, should be on your list of standard business housekeeping chores, along with tasks such as reviewing insurance policies, keeping accounts up to date and paying superannuation contributions regularly.”

Australia Post Told to Improve Cybersecurity Practices            ITVNews

“Australia Post has been told to improve its cyber security practices after the national auditor found risk management gaps relating to two of its critical systems.”

Baltics/Estonia

Estonian Minister: Cybersecurity Cooperation of Estonia, US Has Reached a New Level                  Baltic Times

“Cooperation between Estonia and the United States in cybersecurity has been fruitful through the years and has now reached a new level, Foreign Minister Urmas Reinsalu said following consultations in Estonia between the Foreign Ministry of Estonia and the US Department of State.”

Brazil

Concern in Brazil About Messaging App Security          BNAmericas

“Can a messaging app like Telegram be hacked? The question has gained relevance in Brazil, where leaked messages between a federal judge and Lava Jato prosecutors has raised ethical questions and created a political scandal.”

Canada

Canada’s Spy Agency Says Voters Are Being Targeted By Foreign Influence Campaigns 

BuzzFeed News

“Canada’s intelligence community has identified foreign actors attempting to directly influence the upcoming federal election campaign, a Toronto Star and BuzzFeed News investigation has learned.”

N.W.T. to be 1st province or territory to use online voting in general election CBC

“N.W.T. voters can use a new website called Electorhood to access an online voting system called Simply Voting to cast their ballots. Using the site, voters in the territory can vote online from Sept. 6 up until the end of voting day on Oct. 1.”

China

China’s New Data Protection Scheme          The Diplomat

“China had held off on publicly releasing several cybersecurity and privacy regulatory measures due to fears of complicating the U.S.-China trade talks. But after the talk stalled in early May, they went out at short intervals. On June 13, the Cyberspace Administration of China released a draft regulation on outbound transfers of personal information that fleshed out the personal information (PI) protection component of the Chinese cybersecurity law.”

Surveillance Apps Are Being Secretly Installed on Phones of Visitors to China, Report Says               CNBC

“Police in China are secretly installing spy apps on phones of visitors to the country that can extract emails, texts and address contacts, according to a cross-media investigation.”

EU

Cybersecurity in Hospitals and Care Centres         OpenAccessGovernment

“Dr Peter Leitner and Stela Shiroka, at INTERSPREAD GmbH, detail cybersecurity in hospitals and care centres and their thoughts on the need for increased awareness and enhanced training capabilities in Europe.”

EC-Council Cybersecurity Masterclass Launched in 3 Major Cities in APAC with Tremendous Success EC Council Blog

“EC-Council simultaneously organized three Masterclass boot camps in three different, major cities of the Asia Pacific region: Hong Kong, Mumbai, and Bangalore. This event is the fifth boot camp in the past two months, running from June 24 to 27.”

Germany

Ursula von der Leyen’s Unfinished Cyberagency            Euroactiv

“Ursula von der Leyen, the European Council’s pick for the EU Commission boss, had been setting up her prestigious ‘Agency for Innovation in Cybersecurity’ in Germany. However, due to concerns raised by the German court of auditors, it will be her successor at the defence ministry who will have to pick up the pieces.”

Hungary

Despite Security Concerns, Huawei Commits to Hungary Emerging Europe

“Chinese telecommunication giant Huawei will participate in Hungary’s ICT sector development, despite the many security concerns that the company has faced across the world.”

India

Not a Bloodless Option for India          The Hindu

“A cyberattack may not prove to be a feasible retaliatory measure for strategists in New Delhi.”

Indonesia

Indonesian ‘Cyber-Jihadist’ Arrested for Spreading Fake News and Hate Speech on Social Media         South China Morning Post

“Indonesian police have arrested a member of the Muslim Cyber Army – a self-proclaimed cyber-jihadist network – for spreading fake news and hate speech via social media, though analysts say it will do little to dampen such propaganda as there is no shortage of people to replace him.”

Israel

Look Out for Israeli Technology as the Country Is Turning into a Cybersecurity Hub          Enterprise Talk

“With investments in cybersecurity from the across the globe, as well as the government efforts, Israel is soon to become a global leader in security.”

Japan

Cybersecurity Threat Looms Large in Japan            Japan Times

“As host of last week’s Group of 20 summit and the upcoming 2020 Olympic and Paralympic Games, Japan has had many reasons to focus on the security of the nation’s cyberdefenses. For their part, the Japanese public worries that cyberattacks from other countries pose a major threat, and they have doubts about their government’s preparedness for dealing with an attack of this kind.”

Risk

Lloyd’s of London Calls for Cyber Cover Clarity in Insurance Policies  EuroNews

“(Reuters) – Lloyd’s of London [SOLYD.UL] wants all insurance and reinsurance policies to clearly state whether coverage will be provided for losses caused by a cyber attack, saying this was in the best interest of both brokers and customers.”

Singapore

Can Singapore Become the Latest and Greatest Regional Cybersecurity Hub? Singapore Business Review

“Mass data breaches have been impacting our region, reiterating the fact that no business or nation is truly immune from cyber threats. This has been a driving force for the development of cybersecurity capabilities from within by regional governments, including Singapore’s, and businesses, by fostering the development of startups in the cybersecurity space.”

UK

Eurofins Scientific: Forensic Services Firm Paid Ransom after Cyber-Attack  BBC News

“The UK’s biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack, BBC News has learned.”

NHS Must Take Urgent Steps to Defend Against Hackers, Says White Paper

Imperial College London

“The NHS remains vulnerable to cyber-attack, and must take urgent steps to defend against threats which could risk the safety of patients.”

This entry was posted in Weekly Brief. Bookmark the permalink.

Comments are closed.