Executive Cyber Intelligence Bi-Weekly Report

ISRAEL

Israeli cyber sector exports soar to $3 billion in 2014

The Israel Export Institute estimates that the revenue of nearly 250 Israeli firms in the sector will increase at a rate of 10% per year. Israel sold around $2.5 billion in cyber technology to the US in 2014, according to the Israel Export & International Cooperation Institute (IEI), which claimed the ‘startup nation’ totalled $3 billion in cyber exports for the past year.

Training Israel's cyber warriors

Inside IDF computer labs, troops use a model city to practice creating mayhem: causing a nuclear reactor to overheat, taking over traffic lights and rail, cutting power, hacking missiles, creating chaos in the stock market, and more – all in preparation for the next major conflict. Graduates of the cyber warfare course in the Computer Services Directorate have built a model city they use to rehearse diverse missions like halting the cooling process in a nuclear reactor, remotely taking over trains and traffic lights to cause accidents, taking control of stock exchange computers, cutting electricity, disabling radar systems at airports, and even taking control of anti-air missile systems in order to fire them at cities they were meant to protect.

Two Israelis nabbed in massive JPMorgan cyber fraud

Israelis allegedly cooperated with two Americans in a banking hack plan to pump stock value before selling. US and Israeli authorities arrested four people in Israel and Florida on Tuesday in connection with several fraud schemes tied to last summer’s massive data breach at JPMorgan Chase & Co.

USA

Chinese hackers use US servers

A detailed computer forensic investigation by a major US security firm revealed that three recent cyber-attacks were carried out by two Chinese hacker groups known as Deep Panda and Webby. Both groups appear linked to each other and are part of a Chinese-government run cyber espionage campaign. A report on the investigation by the security firm reveals the Chinese groups conducted the attacks using seven computer hosting companies to target a US air carrier, a European telecommunications company, and a European energy firm. The report provides some of the first details on how Chinese hacking groups conduct their operations while working to thwart US intelligence and law enforcement agencies from tracking their activities. Chinese hackers also are suspected in the hack of the Office of Personnel Management that compromised the records of 22.1 million people.

US Census Bureau investigating hack after Anonymous leaks data online

The US Census Bureau confirmed on July 24 that it is investigating a breach of one of its computer systems after the hacktivist group Anonymous claimed it had hacked the agency and posted some personal information online. Census Bureau Director John H. Thompson said the Federal Audit Clearinghouse collects audit data from state and local governments, non-profit organizations, and Indian tribes on how they are spending federal awards. On Wednesday, Anonymous tweeted that it hacked asubsite of census.gov and posted four links to the information it said it stole. The information leaked online appears to include the names, email addresses, and other identifying data of some employees.

RUSSIA

Russia targeted the Pentagon

Following the announcement by American weekly Newsweek in summer 2008, about the hacking of the computer system of the electoral headquarters of Senator Barack Obama and possible Russian involvement in it, according to the White House, the same group of attackers, allegedly supported by the Russian government, has recently conducted a targeted phishing attack on the computers of the Pentagon employees. As reported on Friday, July 17, at least five computers were attacked.

ARAB COUNTRIES

Anonymous and ISIS engaged in bitter cyber warfare

While Anonymous and ISIS have been engaged in attacks on a personal level before, it now appears that Anonymous’ biggest weapon in the cyber fight is Japanese anime. According to the BBC, Anonymous is flooding ISIS-supporting Twitter profiles with pictures of characters dressed in the Japanese animation style in an effort to alter how ISIS search results are shown on Google. So far, Anonymous says it has targeted 750 Twitter accounts that have 10,000 followers or more as well as smaller accounts that are very active in promoting ISIS’s beliefs.

Bulgaria busts ‘Middle East Cyber Army’ hacker

A Syrian national living in Bulgaria has been detained in an operation by police and prosecutors against the hacker group “Middle East Cyber Army” that allegedly attacked more than 3500 websites around the world, placing messages in English and Arabic regarding the attack on French satirical magazine Charlie Hebdo. The operation against the hacker was carried out jointly by Bulgaria’s Chief Directorate for Combating Organised Crime cyber crime division and the Sofia City Prosecutor’s Office, the Interior Ministry said on July 15. The ministry said that the group of hackers had communicated via secure channels with other members to identify targets and exchange hacking tools. Preliminary information was that the group had attacked more than 3500 sites, including government and corporate websites, replacing the original content and appearance. The ministry said that items seized in the July 13 operation included computer systems, laptops, and external media containing special tools for hacking into computer systems. This and other evidence seized was undergoing forensic examination. The Syrian citizen was the subject of pre-trial proceedings, Bulgaria’s Interior Ministry said.

CHINA and APAC

Cyber terrorists to increase threat to Australian infrastructures

The Australian intelligence agencies warn of a potential targeted cyberattack conducted by the “cyber caliphate” hacking group against critical infrastructures across the country, such as power stations, air traffic control towers, banks, and more. According to a Top-level security briefing, cyber terrorists are already engaging in basic acts of sabotage but could advance to targeting high symbolic value and other such targets.

Singapore, UK agree to increase cooperation in cyber security

Witnessed by Prime Minister Lee Hsien Loong and his British counterpart David Cameron, the two countries signed a Memorandum of Understanding to cooperate in four areas, including cyber security incident response and cyber security talent development.

There will also be joint cyber research and development collaboration between the UK and Singapore, with funding being doubled over three years, from £1.2 million to £2.4 million (US$5.1 million). The specific deliverables under the four areas are currently being discussed and will be finalized during the next UK-Singapore Cyber Dialogue.

EUROPE

UK: Cyber defense still top priority for government and businesses

The UK Minister of State at the Department for Culture and Media recently announced several new government initiatives. At an event organized by the think-tank Reform in London, the Minister declared, “Cyber-security underpins the digital economy. It's the lock and key of the digital economy, and we need it to keep our businesses safe, our citizens safe, and public services we all rely on safe. And if we’re going to be a world leader in technology, we should be a world leader in cyber security. So dare I say it, there’s also an important economic case to invest in cyber.” The Minister added that UK cyber security approach has changed over the past few years. After invested £860 million on a national cyber defense program based over four years, the UK started to have a better understanding of the needs in terms of cyber security. They still continue to learn about how the cyber threat landscape is evolving on a daily basis. Attack techniques are constantly changing, and attackers’ capabilities have reached an elite state of sophistication. Now, more than ever, understanding the nature of the current threats plays an indispensable role in constructing a dynamic and proactive security ecosystem. Although conventional security controls are inevitable, a new approach to security must be adopted. Today’s approach to security must not only be consistent with the most up-to-date security infrastructures and techniques, but should also include advanced intelligence systems and services that help government and organizations to evaluate threats more effectively.

Spanish intelligence services strengthen their cooperation with Microsoft to counter cyber threats

The Spanish National Intelligence Center Service recently announced to joined forces in research on cyber security issues. The Spanish agency has strengthened its cooperation in this field by signing a new agreement with Microsoft and their Government Security Program. The purpose of this agreement is to strengthen the prevention of cyber threats and the response to cyber incidents that could impact the security of the national IT infrastructure. Furthermore, this agreement aims to provide the same level of security to services that are provided electronically and physically for any offices of the Spanish Administration. This new agreement comes a few weeks after Maj. Gen. Carlos Gomez Lopez de Medina, chief of Spanish Joint Cyber Command insisted on the importance of the cooperation between the public sector, the private sector, and academia. For the past fifteen years, Spanish authorities have increased their power in terms of cyber security by developing standards and policies, but Spain still has weaknesses and remains an important target for cyber criminals, hacktivists, and hacking groups. Spain continues to strengthen its cyber security in order to protect its critical infrastructure.

AFRICA

Officers from 9 African nations attend cyber security event in Washington

Africa Command (AFRICOM) hosted 10 military officers from nine African nations during a senior leader familiarization event, which took place July 19-24, 2015. As leaders in their countries’ cyber security programs, the participants visited several government agencies and academic institutions in the national capital region to learn about America’s approach to cyber security. “The idea of this week was to expose everyone to the various training opportunities the US has in regards to cyber, to give [participants] an idea of how different portions of our government deal with cyber, and give [participants] a representation of what we call the ‘whole of government approach’ to cyber security,” said Frank Gonzalez, AFRICOM cyber engagements program manager and event organizer.