ICD Brief 139.
Greetings from Washington. This week’s ICD reports from Buenos Aires, Canberra, Ottawa, Tallinn, Silicon Valley, Paris, Tehran, Tel Aviv, Kuala Lumpur, Barcelona, Reykjavik, New Dehli, Abu Dhabi, London and New York. Significantly, it is dominated by aggressive actions, warnings of vulnerabilities and an expanding list of significant breaches.
by Michael Schmitt Just Security
“Damaging critical infrastructure is clearly out of bounds as responsible peacetime state behavior and would likely violate international law. But do these types of intrusions – seemingly intended to prepare for future operations or deter them, or both, without causing any actual harm – also run counter to applicable non-binding norms or violate international law during peacetime?”
“Stuart McGuigan’s first job as the State Department’s CIO of three months is establishing an overarching IT governance vehicle.
At the secretary of State’s direction, McGuigan convened a Digital Diplomacy Council that includes all IT leaders and projects throughout the department. It will first address cybersecurity reliability and then enterprise architecture.”
“Brig. Gen. William Hartman is slated to lead U.S. Cyber Command’s Cyber National Mission Force, according to a June 19 personnel announcement from the Pentagon. The Cyber National Mission Force plans and conducts cyber operations aimed at disrupting adversaries. The group works against specific nation-state threats and aims to engage those enemies as a means of preventing cyber intrusions. It is often described as having Cyber Command’s best operators.”
“Washington — In an effort to better capture the true scope of cyber threats to the electric grid, the Federal Energy Regulatory Commission on Thursday approved a revised reliability standard that broadens mandatory reporting requirements to include incidents that attempt to compromise the grid.” DHS
“The Homeland Security Department is looking to upgrade the software it uses to analyze biometric data on hundreds of millions of people around the globe, and it plans to store that information in Amazon’s cloud.” DHS Email Phishing Scam DHS
“Samsung has advised owners of its latest TVs to run regular virus scans. A how-to video on the Samsung Support USA Twitter account demonstrates the more than a dozen remote-control button presses required to access the sub-menu needed to activate the check.”
“Having your identity stolen can be a nightmare, and cleaning up the mess can take months. You can make life difficult for a would-be identity thief by locking down these five key aspects of your online life.”
“Power has been restored to much of Argentina and Uruguay after a massive electrical failure left tens of millions of people in the dark. Argentine media said the power cut occurred shortly after 07:00 (10:00GMT) on Sunday, causing trains to be halted and failures with traffic signalling. The blackout was prompted by a failure in an electrical grid that serves both Argentina and Uruguay.”
“It is Australia’s contribution to the Five Eyes nations’ tougher attitudes to the regulation of online communications. Information and communications technology vendors and service providers have a “mutual responsibility” to offer “further assistance” to law enforcement agencies, they said in August this year. “
“Today, Desjardins, Canada’s largest credit union and one of the world’s biggest banks, announced a security breach caused by a former employee. In a statement posted on its website, the bank said a bank employee had taken the data of 2.9 million members (2.7 million home users and 173,000 businesses and associated contacts) from its database, without authorization.”
“Defense ministry Permanent Secretary Kristjan Prikk presented the ministry’s Cross of Merit, Second Class, awarded to Maj. Gen. Linda L. Singh, of the Maryland Army National Guard Thursday.
‘Over the last four years, Maj. Gen. Singh has contributed a great deal of time and energy to strengthening the partnership between Estonia and the State of Maryland, finding new cooperation opportunities through the Maryland Army National Guard’s State Partnership Program,’Prikk said of the honor. “
“Central bankers around the world say Facebook should expect regulatory questions over its new cryptocurrency. Libra, announced earlier this week, is backed by a basket of bank deposits and short-term government securities. Fed Chairman Jerome Powell also says he’s spoken with Facebook about the digital currency.” Mark Zuckerberg’s ‘shadow bank’: The pushback against Facebook’s new cryptocurrency has already begun Business Insider
“A.M. Best said it believes cyber loss ratios are low because carriers are pricing with higher loads given the uncertainty surrounding this risk but that could change once more data is gathered. It said it expects that the “current profitability of cyber insurance will attract more competition, which will ultimately pressure profitability.”
Tactical Cyber Weapons For Future French Battlefield Ops? Breaking Defense
“PARIS AIR SHOW: Tactical commanders should have the power to unleash cyber attacks on an enemy in exactly the same way they can currently unleash an artillery barrage, says retired French Army Lt. Gen. Alain Bouquin. ‘But we must also be able to have actions on the information systems of the enemy in front of us. So it’s not only protection — resilience — it’s also active cyber capabilities aiming at the enemy systems.’”
Iceland’s Data Centers Are Booming – Here’s Why That’s a Problem MIT Technology Review
“Bitcoin miners and data scientists love cheap, green Icelandic processing power. Maybe a little too much. Local temperatures in Iceland average 41 °F (5 °C). Letting cold air in from the outside helps keep server racks cool and reduce power costs—good news for cryptocurrency miners and compute-hungry data scientists.”
“NEW DELHI: India and its strategic partner France have decided to develop effective mechanism and coordinate their efforts to combat terror in cyber space.
“LONDON (Reuters) – Iran said on Monday it had exposed a large cyber espionage network it alleged was run by the U.S. Central Intelligence Agency (CIA), and that several U.S. spies had been arrested in different countries as the result of this action.”
“Israel signed an agreement with the World Bank on Monday to support developing countries improve their cyber defense capabilities. Under the framework of the agreement, Israel will contribute $1 million to the DDP and provide technical assistance to countries in Asia, Africa, Latin America and Eastern Europe.”
Career Comeback Programme for Women in Cyber Risk Management Digital News Asia
“Yesterday, Malaysia Digital Economy Corp (MDEC), in a collaboration with Ministry of Women, Family and Community Development (KPWKM); the Ministry of Communications and Multimedia (KKMM) Department of Women Development (JPW), National Cyber Security Agency (NACSA) and TalentCorp, announced the Empowering Women in Cyber Risk Management Programme for women returning to work.”
Europe Will Enter Pre-Exascale Realm with Marenostrum 5 Next Platform
“The Barcelona Supercomputer Center will soon be the proud owners of the Europe’s first pre-exascale supercomputer. If all goes according to plan, MareNostrum 5 will almost certainly be the most powerful system in Europe when it goes into production at the end of next year.”
“A report by DarkMatter Group found cybercriminal attacks in the UAE and Middle East are both widespread, frequently undetected, and often state-sponsored”
BoE Issues Cyber Attack Warning Finextra
“Banks would struggle to defend themselves against a state-sponsored cyber attack that corrupted their records over a period of months, according to a Bank of England (BoE) official. The stark warning came from Anil Kashyap, a member of the central bank’s financial policy committee, who was addressing a UK parliamentary committee. “
“United Nations Special Rapporteur on freedom of expression David Kaye cited Herzliya-based NSO Group in his proposal to impose a moratorium on the use of surveillance technology, according to a report filed to the U.N. Human Rights Council on Tuesday. Kaye’s report articulated NSO Group’s Pegasus spyware as a ‘paradigmatic example’ of private surveillance products and their mobile device hacking capabilities.”