ICD Brief 7.
30.08.2016. – 06.09.2016.
“President Barack Obama issued a subtle warning to Russia on Monday, noting that the United States has ‘more capacity than anybody, both offensively and defensively’ when it comes to cyber weapons. The remarks, made to reporters following the G-20 conference in Hangzhou, China, come amid signs of growing Russian interference in the Nov. 8 presidential election. U.S. officials have already pointed fingers at Russia for the recent breach of the Democratic National Committee’s servers, albeit anonymously, and law enforcement and intelligence agencies are reportedly concerned about a broader attempt by the Kremlin to disrupt or undermine the process.”
“U.S. President Barack Obama held “candid” discussions with Chinese President Xi Jinping on the thorniest issues in the relationship between the world’s two largest economies, the White House said in a statement on Saturday. Obama emphasized to Xi that China should abide by a recent arbitration ruling against its claims in the South China Sea, live up to a bilateral deal on hacking and cybersecurity issues, and uphold human rights including religious freedom.”
“The Federal Bureau of Investigation has found breaches in Illinois and Arizona’s voter registration databases and is urging states to increase computer security ahead of the Nov. 8 presidential election, according to a U.S. official familiar with the probe.”
“The US Pentagon plans to reprogram $100 million toward uncovering cyber flaws in major weapon systems, according to budget documents cited by defensenews.com.”
“Europe, Canada, USA, Australia, and others are now running training exercises to prepare for the outbreak of cyberwar. Locked Shields is the largest simulation and we take you inside.”
“It was one of the largest data breaches in U.S. history—and it happened just last year. The April 2015 data breach of the U.S. Office of Personnel Management, which exposed the personal information of millions of government employees, had major implications for HR departments worldwide. The breach compelled employers everywhere to question the safety of their data and the strength of their own network security system. Breaches of this nature are continuing to rise. According to the Identity Theft Resource Center, there was an increase in cybersecurity attacks during the first four months of 2016, compared to 2015.”
“A Romanian hacker nicknamed “Guccifer” who helped expose the existence of a private email domain Hillary Clinton used when she was U.S. secretary of state was sentenced on Thursday to 52 months in prison by a federal court in Alexandria, Virginia.”
“150 Federal cybersecurity professionals were asked to examine how agencies are using big data and advanced analytics to better understand cybersecurity trends and mitigate threats. The study found that while 81% of Feds are using big data analytics for cybersecurity in some capacity, just 45% found their efforts to be “highly effective”.”
“While Israel is a global front-runner in the development of defensive cyber-technologies, its legal framework for protecting personal data is outdated and does not address contemporary threats to data privacy, Israeli attorneys said.”
“If it seems to you like a hot new cybersecurity company springs out of Israel every week, you’re not far off. Israel is now the world’s second-largest exporter of cybersecurity products and services–second only to the US–with exports that grew from $3 billion to $6 billion in just a few years. The secret to its success: military experience. While the technology varies, many if not most of the newest companies have one thing in common: they were founded by veterans of the Israel Defense Force’s (IDF) elite cyber intelligence Unit 8200.”
“State-run cybersecurity bodies of India and the UK have signed a Memorandum of Understanding for close cooperation on counter cyberattacks these countries face.”
“The seventh annual (ISC)² Global Workforce Survey, conducted by Frost & Sullivan, predicts there will be a shortage of 1.5 million information security professionals by 2020. Such a vacuum of man-power has a knock-on effect directly impacting how businesses can respond to cyber-attacks. One in five organisations throughout the public and private sector admitted that it could take between eight days and eight weeks to repair the damage from a cyber-attack. Nearly half – 45 per cent – blamed the lack of qualified staff.”
“Apparently, 1.8 million of UK’s businesses have been victims of a cyber-attack, and that costs the country’s economy more than £147 billion, in the last year alone. This is according to a new report by Gareth Bacon, GLA Conservative London Assembly, entitled Safe & Secure: Protecting London’s data.”
“It’s not that there are less data breaches lately — it’s that they’re not being disclosed. That’s basically what Huntsman Security is saying, after it requested data about error and breaches in security through the Freedom of Information Act. Between April 2015, and March 2016, a total of 2,048 incidents were reported to the Information Commissioner’s Office (ICO).”
“OTTAWA—The former chief of Canada’s electronic spies is calling on Ottawa to develop an arsenal of cyber weapons — and give defence and intelligence agencies the green light to attack. “Cyber war” is still in its infancy, John Adams argued in a July paper, but computer viruses could soon cause as much damage to a country as conventional bombs and bullets. Canada has traditionally — at least officially — focused cyber efforts on defending against espionage and attacks from both hostile states and hackers. But Adams, the chief of the Communications Security Establishment between 2005 and 2012, is calling on the federal Liberals to rethink that approach and allow Canada to go on the offensive.”
Cassels Brock & Blackwell chairman David Peterson and Ridge Global chairman Tom Ridge announced yesterday the launch of Ridge Canada Cyber Solutions, Inc.—a managing general insurance agency that provides cyber insurance products and loss control services to Canada’s insurance agents and brokers. “With destructive cyber-attacks continuing to increase in both frequency and malicious intent, the c-suite understands how to protect against physical damage to its assets but still struggles with virtual damage, much to their peril,” Peterson said in a statement.
“China is enhancing its oversight in the data privacy and internet sectors and recently released the full text of the second draft of the Cyber Security Law. Marissa Dong, partner at leading Chinese law firm JunHe, decodes in detail the key points of this draft law and its potential impact.”
“A U.S. Chamber of Commerce study released Friday shows that China’s emerging national security regime, which decreases access to the technology market, could have a drastic impact on its economy. The business advocacy group’s report warns other countries, including the United States, European Union and Russia, that they risk similar outcomes from such policies.”
“Iran’s “National Information Network” is finally complete. On August 28, 2016 Iranian government agencies responsible for Internet policy unveiled Iran’s intranet or Shoma, as it is called in Persian. Since at least 2006 the NIN has been part of Iran’s highly controlled networked communication infrastructure, offering Iranians access to websites for key public services such as healthcare, utilities and education. So what officials “unveiled” last week is really nothing new. But the motivations behind the network — and the ways that the government is urging Iranians to use it — may be shifting.”
“The Permanent Secretary (PS) in the Ministry of Works, Transport and Communication, Prof Faustin Kamuzora, said yesterday in Dar es Salaam that developed countries through ITU have contributed the funds to help support nations and institutions that stand a better chance to fight the threat.”
“As the technology to fight cybercrime advances, cyber criminals are becoming more organized. Recent studies show that more and more cyber criminals are operating in such ways that it almost looks like they took examples from big business. ‘When you start to see malware kits that have customer service agreements and warranties associate with them, you know you’ve moved into a pretty professional space,’ Nathaniel J Gleicher, former Director for the National Security Council’s cyber security policy.”