Executive Cyber Intelligence Bi-Weekly Report - Oct 1, 2015
ISRAEL
UK and Israel will cooperate in the cyber field
The British Prime Minister David Cameron and the Israeli Prime Minister Benjamin Netanyahu met in London earlier this month, and announced several joint cyber projects. Cameron's office revealed that the leaders have agreed on a new Cyber cooperation package that further deepens the cooperation between the UK and Israel. The agreement covers cyber skills training in schools; attack preparedness; support to Prime Minister Netanyahu’s Convention in November 2016; and a UK industry and academic cyber mission to Israel in December. The agreement will strengthen connections between the two countries, as well as their cyber security readiness.
Israel to build new cyber college in Dimona
The State of Israel will invest more than $100 million in a new college campus for cyber security studies. The new cyber center will be built in the southern town of Dimona and is expected to initially enroll 1,000 students. Construction is slated to begin in the coming year. The students will learn aeronautics and aerospace studies in their bachelor's degree, and cyber studies in their master's degree. The plan is part of the government’s intention to turn Beersheba and the cities around it into a world cyber capital.
US
New understandings in US-China cyber talks
As the situation between the US and China escalades in the field of cyber relations, the two countries started a series of meeting in an effort to establish guidelines in order to attain stability in cyberspace. As a precursor to the meetings, the US declared that sanctions will be imposed on China due to cyberattacks on US personal and US allies. Due to recent event, Chinese cyberattacks and future sanctions by the Obama government, US-China talks have been conducted with urgency in recent weeks, when the purpose is to find middle ground between the Americans and the Chinese. The negotiations come after hackers, associated with China, attacked US government and military personnel’s information, which may put those individuals in a certain danger. On September 26th, the presidents of the US and China made the initial step to stabilize the situation between the countries by committing to prevent cyberattacks in the field of economics and commercial espionage by their countries. Obama, however, warned China of future sanctions if pro-Chinese hackers continue to attack American sites and databases. Moreover, the agreement didn’t include any mention of cyberattacks in the field of military espionage, a highly important field between the two superpowers.
The Pentagon is designing a cyber “scorecard”
On September 15th, the deputy commander of the US Cyber Command declared that the Defense Department is building a massive, electronic system to provide an overview of the vulnerabilities of the military computer networks, weapons systems, and installations, and to help officials prioritize how to fix them. Air Force Lieutenant General Kevin McLaughlin told Reuters that officials should reach an agreement on a framework within months, with the goal of turning the system into an automated “scorecard” in coming years. The effort, being led by the Pentagon's chief information officer, grew out of a critical report about cyber threats released earlier this year by the Pentagon's chief weapons tester, and escalating cyberattacks by China and Russia. The report by Michael Gilmore, the Pentagon's director of testing and evaluation, warned that nearly every major US weapons system is vulnerable to cyberattacks. McLaughlin goal is to create a fully automated system that would help defense officials instantaneously detect and respond to cyberattacks.
Hackers took fingerprints of 5.6 million US workers
Just a day before the arrival of President Xi Jinping in the US for a meeting with President Obama that focused heavily on restricting cyber espionage, the Office of Personnel Management said that the hackers who stole security dossiers from the agency also acquired the fingerprints of 5.6 million federal employees. American intelligence agencies have accused China of the attack on the agency, which is the main custodian of the government’s most important personnel records; it is unclear, however, exactly which group or organization engineered the attack. Previously, the agency said that it had lost only 1.1 million sets of fingerprints among the records of roughly 22 million individuals that were compromised.
Obama and Jinping: Agreement on cyber intrusion
On September 25th, US President Obama and President of China, Xi Jinping, took their first concrete steps toward reining in the rising threat of cyberattacks between the world’s two largest economies. The two leaders pledged that their governments would refrain from computer-enabled theft of intellectual property for commercial gain even though President Obama suggested that he might still impose sanctions if Chinese hacking persisted. In this year, Chinese online attacks compromised tens of millions of security files of federal employees. Obama’s administration will not tolerate any other breaches and thefts of intellectual property, including one at the Office of Personnel Management. During the news conference at the Rose Garden, President Obama said the two had reached a “common understanding” that neither the US nor China should engage in state-sponsored cyber intrusions to poach intellectual property, and that they would together seek “international rules of the road for appropriate conduct in cyberspace.”
Xi, who is on his first state visit to the US, vowed that “the Chinese government will not in whatever form engage in commercial theft” and noted that hacking “must be punished in accordance with law or relevant international treaties.” In a show of Beijing’s commitment, Xi called for the creation of “a high-level joint-dialogue mechanism with the United States on fighting cybercrimes.”
EUROPE
UK government invested funds to help universities set up cyber security programs
After investing hundreds of millions of pounds in their national cyber security program and setting up a national cyber reserve, as well as performing national cyberattack simulations, the UK government decided to invest £500,000 to develop cyber security skills within universities and colleges. This program will mainly help universities to teach cyber security and train future experts to work in the private and public sector in order to protect the UK from cyber threats. This new investment was announced in a speech by Ed Vaizey, UK minister for the digital economy, during which he alerted businesses of the importance of protecting themselves against cyber threats. According to the latest survey of several UK companies, 74 percent of small businesses, and 90 percent of major businesses had a breach of security in the last year. According to Vaizey, “Trust and confidence in UK online security is crucial for consumers, businesses and investors. We want to make the UK the safest place in the world to do business online and Cyber Essentials is a great and simple way firms can protect themselves.” The UK National Cyber Security Program was launched in 2011 with an initial investment of £860m over five years, while the initial funding allocation of £650m has increased since then. For several years already, UK has seen cyberattacks as a major threat to national security. Thus, for 10 years already, the UK government has constantly increased its defensive cyber capabilities in order to protect the virtual and physical infrastructures of the country as well as to develop offensive and intelligence capabilities in order to be ready for any future cyber conflict and warfare. Beyond the protection of its critical infrastructures, it seems that the UK government wants the culture of cyber security to become an integral part of the British mentality. This desire to strengthen their cyber capabilities and to alert people to the importance of cyber security at every level, is widely influenced by the United States, which probably has the biggest budget worldwide for the development of defensive and offensive cyber capabilities.
UK military intelligence seeks help on the big data issue
A high ranking UK military intelligence officer has recently asked UK industries to help solve a data overload issue that the current military organization and information technology infrastructures of the Ministry of Defense cannot handle. While speaking at the DSEI conference on 16 September, the UK chief of cyber intelligence and intelligence infrastructure of the UK's Joint Forces Command, Major General James Hockenhull, declared that the current cyber capabilities of the military's intelligence analysis organization was not capable of treating and analyzing the huge amount of data collected. Moreover, he added that the British army did not build a cyber-intelligence database in Afghanistan until 2009, three years after UK combat operations had begun. Thus, the UK military intelligence branch launched a call to all the relevant UK companies in order to find a solution that will help to process the large amount of data. Big data is probably the hardest challenge for the government and military’s cyber intelligence. IT companies have started to address this well- known problem over the past few years, but will probably need another few years to be really effective.
RUSSIA
Kremlin-backed hackers spying on Europe, Asia, and US
A new report published by Finland’s cyber security company F-Secure Labs, reveals that a Russian cyberattack group, closely linked to Russian security and intelligence services, has been involved in cyberattacks and intelligence-gathering during the past seven years. F-Secure Labs provides in-depth analysis, and links the state-sponsored hacking group called “The Dukes,” to cyberattacks against governments, including the Ministry of Defense of Georgia, the Ministries of Foreign Affairs in both Turkey and Uganda, and related organizations in the US, Europe, and Asia. The report provides a detailed account of “The Dukes” –who use a variety of unique malware toolsets to steal information by infiltrating computer networks and sending the data back to the attackers.
ARAB COUNTRIES
ISIS having difficulties with online recruiting
The war within cyberspace between ISIS and the West has more than one dimension. One is the recruiting efforts that the ISIS is constantly making among US citizens. Due to the fact that the group had failed to infiltrate US borders, it has been trying for a while to recruit US citizens inside the US, with the purpose of conducting a terror attack on US soil. On August 24th, the US army managed to target one of the group’s main online recruiters, Junaid Hussain, a.k.a Abu Hussain al-Britani. Since the British-born terrorist was killed, US officials says that ISIS has not yet made a visible effort to bolster its weakened social media recruiting efforts and that ISIS social media activity had somewhat diminished. Other intelligence officials, while confirming the decline in online chats, also caution that it is too early to read too much into it, as ISIS may have moved some of its communications to the dark web.
CHINA and APAC
Two-day cyber security conference held in India
The world of information technology is being continuously transformed and reshaped and constantly exposed to severe security challenges and new threats. Thus, the cyber security landscape changes every six months, said Tobby Simon, the founder and chairman of the Synergia Foundation, which is an independent think tank working in several fields, including the security sector. To face the changing security challenges and to bring together decision makers from policy, media, and industry from all over the world, the Synergia Foundation organized a two-day international cyber security conference called “Cyber 360° - A Synergia Conclave.” Held on September 29-30 in Bengaluru, India, the conference aimed to build a discourse on cyber security with a 360 degree perspective that goes beyond network and data breach threats to achieve resilience against modern cyber threats.
Controversial Indian National Encryption Policy (NEP) will be reworked
With the stated aim of providing “confidentiality of information in cyberspace for individuals, protection of sensitive or proprietary information for individuals and businesses, ensuring continuing reliability and integrity of nationally critical information systems and networks,” the NEP has been drafted with the aim to monitor Indians’ use of technology. A consequence of the policy would oblige Indian citizens and businesses to hand over their private encryption details on demand to government and law enforcement bodies. Furthermore, users will be expected to store encryption data in plain text for at least ninety days from the date of transaction. When the government invited the public to comment on the proposal, a wide range of people and organizations criticized the policy to be harmful to both security and privacy. In particular, the encryption data stored in plain text would make cybercrime far easier for hackers. In order to remove these misgivings, the Indian government has announced the withdrawal of the NEP draft.
