Executive Cyber Intelligence Bi-Weekly Report - September 15, 2015

ISRAEL

Tax benefits for employers in the cyber field

The Israeli Cabinet approved a plan to grant benefits for employers in the cyber field, at the national cyber park in Be'er Sheva. The benefit designed to attract many leading companies and thousands of employees to the park in the coming years, with the intention of achieving 2,500 employees in the next decade. The decision also designed to encourage companies to begin operating at the park immediately, in order to advance the rapid development of the ecosystem at the site.

Microsoft has finalized a deal to acquire the Israeli cybersecurity startup Adallom

Microsoft has finalized a deal to acquire the Israeli cybersecurity startup Adallom, as part of a recent buying spree to boost the company’s commercial cloud offerings. The terms of the deal were not disclosed, although reports have estimated the purchase price at between $250 million and $320 million. “Advanced threats and cybercrime will persist in this mobile-first, cloud-first era, but we remain committed to helping our customers protect their data with new and innovative identity and security capabilities,” Microsoft said.

US and CANADA

US developing economic sanctions against China

The Obama administration is developing a package of unprecedented economic sanctions against Chinese companies and individuals who have benefited from their government’s cyber theft of valuable US trade secrets. The US government has not yet decided whether to issue these sanctions, but a final call is expected soon — perhaps even within the second half of September. Issuing sanctions would represent a significant expansion in the administration’s public response to the rising wave of cyber-economic espionage initiated by Chinese hackers, who officials say have stolen everything from nuclear power plant designs to search engine source code to confidential negotiating positions of energy companies. The sanctions would mark the first use of an order signed by President Obama in April establishing the authority to freeze financial and property assets of, and bar commercial transactions with, individuals and entities overseas who engage in destructive attacks or commercial espionage in cyberspace.

EUROPE

A new French cyber defense center to simulate cyberattacks and counter threats

The French university Université Bretagne Sud (UBS) has inaugurated its new cyber defense center, the most advanced center of this type in France. After three years of research, this new emerging center will help to train the future French cyber defense specialists. Soft lights, screens, servers, virtual machines, and computers welcome you to the cyber training space. “Contrary to popular belief, it's not a computer room,” said Charles Préaux, responsible for UBS cyber training. The most complex is the crisis management methodology with several components (computer, science and technology, management, leadership). Students will learn the different aspects of cyber defense including computer forensic, cyber intelligence as well as offensive and defensive cyber strategy. A major cyberattack simulation that took five months to prepare already has taken place, testing the creative and reactive capabilities of the students. Moreover, this simulation illustrated the vulnerability of French businesses, and should encourage them to better protect themselves. The cyber defense center is also open to them and the UBS hopes that it will raise awareness of cyber threats. In addition to being an innovative space and training center for cyber security experts, it is also a laboratory engaged in multidisciplinary research programs in partnership with many companies. Since 2009 France has been building its cyber defense capabilities. With the development of cyber security programs in engineering schools and universities, national cyber security agencies, and strong cooperation, France will increase its defensive and offensive cyber capabilities in preparation for massive cyberattacks. This improvement of cyber security reflects French government priorities, which has placed cyber defense at the highest level since 2013. The last major cyber incident in France was the attack of the French TV channel, TV5Monde, following the Hacktivist cyberattacks during the OpFrance and OpCharlie campaigns earlier this year. Among European countries, France is one of the most advanced nations in terms of cyber defense.

RUSSIA

Roskomnadzor to block Yahoo

Roskomnadzor (The Russian Federal Service for Supervision of Telecom, Information Technologies and Mass Communications) will block access to most services of the American company Yahoo. According to the official representative of the Federal Service, Vadim Ampelonsky, Yahoo chose to ignore eight letters from Roskomnadzor’s supervisory authority, demanding the removal of Islamic propaganda film “Flames of War.” The film was shot by ISIS and published on the video service source of Yahoo. According to the requirements of the General Prosecutor of Russia, “Flames of War” was registered as banned information content, and from September 10, all ISPs (internet providers) are required to block access to the video to users within the territory of Russia.

ARAB COUNTRIES

ISIS cyberattack on emails of British government ministers

Cyber criminals from ISIS targeted senior politicians in the UK, among them, Home Secretary Theresa May and other senior politicians and hacked their emails. The attack was led by Junaid Hussain, who had been sentenced to six months in prison in 2012 after he hacked into Tony Blair's electronic diary, and was killed in Syria last month. At the beginning of the year, a group named CyberCaliphate hacked Twitter and YouTube accounts run by the Pentagon. A French TV station also was hijacked and its broadcasts were replaced by a black screen. In addition to that, hundreds of British and US military and diplomatic personnel were at risk after internet criminals claiming to be connected to ISIS leaked online their names, email addresses, and passwords.

Iranian cyberattacks on the decline

Iranian cyberattacks have decreased since the nuclear talks with the US grew more serious in 2014, according to National Security Agency Director, Admiral Mike Rogers. Nonetheless, Iran does not appear to have given up its cyber program. Iran was involved in some of the largest cyberattacks to date, including operations in 2012 that destroyed 30,000 computers at Saudi Arabian Oil Co., as well as disabling the email system at Qatari natural gas firm RasGas. Iran has denied any involvement in those hackings.

Anonymous group launched a cyberattack against ISIS

Anonymous has launched another online attack against members of ISIS. The group targeted and attacked the online network of supporters and suspected websites of ISIS. One of Anonymous sub-groups, GhostSec or Ghost Security, revealed that they have attacked thousands of publicity websites and social media accounts operated by ISIS. GhostSec organized a list of potential Twitter accounts that are being used by the jihadists; by reporting these to Twitter, they managed to remove more than 60,000 accounts connected to ISIS and its supporters. This encouraged GhostSec to launch a wide range of attack methods including Distributed Denial of Service (DDoS) attacks, brute force attacks, and SL injection. GhostSec group's explains, “Our mission is to eliminate the online presence of Islamic extremist groups such as Islamic State (IS), Al-Qaeda, Al-Nusra, Boko Haram and Al-Shabaab in an effort to stymie their recruitment and limit their ability to organize international terrorist efforts.”

CHINA and APAC

Tasmanian organizations identify cyberattacks amongst the top three types of fraud

Cyberattacks were amongst the top three types of fraud identified by Tasmanian organizations in a new Deloitte report. The Tasmanian Fraud & Corruption Survey 2015 conducted with 160 individuals across Tasmania reveals that more than one in four organizations were victims of fraud during the last two years. 29% of the organizations used data analysis to detect and prevent fraud, which enables detection of 10% of the frauds. The main causes for fraud were poor internal controls (25%), poor physical security (12%), and override of internal controls (12%). 37% indicated that their organization takes a proactive approach to preventing fraud and corruption. 64% of organizations, however, did not provide fraud and corruption awareness training to any staff and only 19% provided training to all staff. The report concludes that, “promotion of a robust anti-fraud and ethical culture would be evidenced by having both a defined fraud policy and clear codes of conduct that are communicated to employees across an organization.”

China could face US cyber sanctions

The White House is preparing “unprecedented” sanctions against companies and individuals that have profited from cyber espionage. Possibly triggered by the exposure of US federal government personnel files, the move is designed to send a message to the Chinese government over its increasing use of cyberattacks to steal government and corporate secrets. In response, China has urged the US to stop its “groundless accusations” against China. According to Chinese Foreign Ministry spokesman Hong Lei, cyber security should be an area of cooperation rather than a source of friction.

Nepal’s national cybersecurity awareness program

Following Nepal's huge growth in the number of internet users, cases of cybercrime have been increasing and the means to keep cyberspace secure and safe have become a major local and global concern. The Ministry of Information and Communications (MoIC) and Nepal Telecommunications Authority (NTA) have begun preparations to devise the national cyber strategy with the technical collaboration of International Telecommunication Union (ITU), the United Nations specialized body for telecommunication and ICT. In an ITU–NTA Workshop on National Cybersecurity Awareness in Kathmandu on September 2, Minendra Rijal, Nepal’s minister for information and communications, said the government is committed to make cyberspace safe and introduce a law to ensure the safety of children when they use the internet. “We need to have emergency response system and COP. ITU help is needed in those areas,” he added.