ICD Brief 141.
01.07.2019.-07.07.2019.
Greetings from Dulles. This may be a two week edition as I am headed to Paris and London and ports beyond on business and pleasure.
Each week’s brief is a mixture of “intent” and “execution”. This year those intentions are more specific and much more likely to move towards implementation. Witness, today’s edition emanating from Washington, Canberra, Tallinn, Brasilia, Ottawa, Beijing, Brussels, Berlin, Budapest, New Delhi, Jakarta, Tel Aviv, Tokyo, Singapore, and London.
USA
US Military Warns Outlook Users to Update Immediately Over Hack Linked to Iran Forbes
“Less than two weeks ago, U.S. Cyber Command launched an offensive on Iran to disable computer systems used by the country’s Revolutionary Guard Corps to control rocket and missile launches. Now, the agency has issued an unprecedented public warning
New York Legislature Passes Bill that Toughens Breach Notification Standards SCMagazine
“The New York State Legislature last month passed The Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which is intended to strengthen the state’s data security laws by more explicitly defining when and how businesses must notify the public and attorney general of a data breach incident.”
US Wants to Isolate Power Grids with “Retro” Technology to Limit Cyber-Attacks
“The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.”
Here’s How Hackers Are Making Your Tesla, GM and Chrysler Less Vulnerable to Attack USA Today
“In March, a Tesla Model 3 was hacked.
It was all part of a three-day cybersecurity contest called Pwn2Own, an event where Tesla pays top dollar to anyone masterful enough to find previously unknown bugs. Correcting any weakness helps the electric car company protect the people who drive its vehicles, it hopes. “
The Week in Tech: What Should Your City Do if It’s Hit by Ransomware? By Jamie Condliffe New York Times
“Imagine you’re a mayor trying to spend your city’s money wisely. You’ve heard about ransomware attacks, where hackers locking I.T. systems using encryption and demanding money for their release. But what should you do about them?”
Security Homesteads the Chip Signal
“Bad things may come in small packages, so experts safeguard the microelectronics supply chain.”
Australia
“Has your organisation fallen victim to a hacking attack or serious data breach? They’ve become unremarkable occurrences in the digital era, in Australia and around the world. Preventing them while simultaneously planning for the worst, should your defences prove inadequate, should be on your list of standard business housekeeping chores, along with tasks such as reviewing insurance policies, keeping accounts up to date and paying superannuation contributions regularly.”
Australia Post Told to Improve Cybersecurity Practices ITVNews
“Australia Post has been told to improve its cyber security practices after the national auditor found risk management gaps relating to two of its critical systems.”
Baltics/Estonia
Estonian Minister: Cybersecurity Cooperation of Estonia, US Has Reached a New Level Baltic Times
“Cooperation between Estonia and the United States in cybersecurity has been fruitful through the years and has now reached a new level, Foreign Minister Urmas Reinsalu said following consultations in Estonia between the Foreign Ministry of Estonia and the US Department of State.”
Brazil
Concern in Brazil About Messaging App Security BNAmericas
“Can a messaging app like Telegram be hacked? The question has gained relevance in Brazil, where leaked messages between a federal judge and Lava Jato prosecutors has raised ethical questions and created a political scandal.”
Canada
Canada’s Spy Agency Says Voters Are Being Targeted By Foreign Influence Campaigns
BuzzFeed News
“Canada’s intelligence community has identified foreign actors attempting to directly influence the upcoming federal election campaign, a Toronto Star and BuzzFeed News investigation has learned.”
N.W.T. to be 1st province or territory to use online voting in general election CBC
“N.W.T. voters can use a new website called Electorhood to access an online voting system called Simply Voting to cast their ballots. Using the site, voters in the territory can vote online from Sept. 6 up until the end of voting day on Oct. 1.”
China
China’s New Data Protection Scheme The Diplomat
“China had held off on publicly releasing several cybersecurity and privacy regulatory measures due to fears of complicating the U.S.-China trade talks. But after the talk stalled in early May, they went out at short intervals. On June 13, the Cyberspace Administration of China released a draft regulation on outbound transfers of personal information that fleshed out the personal information (PI) protection component of the Chinese cybersecurity law.”
Surveillance Apps Are Being Secretly Installed on Phones of Visitors to China, Report Says CNBC
“Police in China are secretly installing spy apps on phones of visitors to the country that can extract emails, texts and address contacts, according to a cross-media investigation.”
EU
Cybersecurity in Hospitals and Care Centres OpenAccessGovernment
“Dr Peter Leitner and Stela Shiroka, at INTERSPREAD GmbH, detail cybersecurity in hospitals and care centres and their thoughts on the need for increased awareness and enhanced training capabilities in Europe.”
EC-Council Cybersecurity Masterclass Launched in 3 Major Cities in APAC with Tremendous Success EC Council Blog
“EC-Council simultaneously organized three Masterclass boot camps in three different, major cities of the Asia Pacific region: Hong Kong, Mumbai, and Bangalore. This event is the fifth boot camp in the past two months, running from June 24 to 27.”
Germany
Ursula von der Leyen’s Unfinished Cyberagency
“Ursula von der Leyen, the European Council’s pick for the EU Commission boss, had been setting up her prestigious ‘Agency for Innovation in Cybersecurity’ in Germany. However, due to concerns raised by the German court of auditors, it will be her successor at the defence ministry who will have to pick up the pieces.”
Hungary
Despite Security Concerns, Huawei Commits to Hungary Emerging Europe
“Chinese telecommunication giant Huawei will participate in Hungary’s ICT sector development, despite the many security concerns that the company has faced across the world.”
India
Not a Bloodless Option for India The Hindu
“A cyberattack may not prove to be a feasible retaliatory measure for strategists in New Delhi.”
Indonesia
Indonesian ‘Cyber-Jihadist’ Arrested for Spreading Fake News and Hate Speech on Social Media South China Morning Post
“Indonesian police have arrested a member of the Muslim Cyber Army – a self-proclaimed cyber-jihadist network – for spreading fake news and hate speech via social media, though analysts say it will do little to dampen such propaganda as there is no shortage of people to replace him.”
Israel
Look Out for Israeli Technology as the Country Is Turning into a Cybersecurity Hub Enterprise Talk
“With investments in cybersecurity from the across the globe, as well as the government efforts, Israel is soon to become a global leader in security.”
Japan
Cybersecurity Threat Looms Large in Japan Japan Times
“As host of last week’s Group of 20 summit and the upcoming 2020 Olympic and Paralympic Games, Japan has had many reasons to focus on the security of the nation’s cyberdefenses. For their part, the Japanese public worries that cyberattacks from other countries pose a major threat, and they have doubts about their government’s preparedness for dealing with an attack of this kind.”
Risk
Lloyd’s of London Calls for Cyber Cover Clarity in Insurance Policies EuroNews
“(Reuters) – Lloyd’s of London [SOLYD.UL] wants all insurance and reinsurance policies to clearly state whether coverage will be provided for losses caused by a cyber attack, saying this was in the best interest of both brokers and customers.”
Singapore
Can Singapore Become the Latest and Greatest Regional Cybersecurity Hub? Singapore Business Review
“Mass data breaches have been impacting our region, reiterating the fact that no business or nation is truly immune from cyber threats. This has been a driving force for the development of cybersecurity capabilities from within by regional governments, including Singapore’s, and businesses, by fostering the development of startups in the cybersecurity space.”
UK
Eurofins Scientific: Forensic Services Firm Paid Ransom after Cyber-Attack BBC News
“The UK’s biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack, BBC News has learned.”
NHS Must Take Urgent Steps to Defend Against Hackers, Says White Paper
Imperial College London
“The NHS remains vulnerable to cyber-attack, and must take urgent steps to defend against threats which could risk the safety of patients.”