Global Cyber Bi-Weekly Report - Feb 1st, 2016

ISRAEL

Israel’s cyber sector is growing quickly, but is still mostly tiny startups

Although Israel’s cyber industry is growing at a breakneck pace, with the value of startup fundraising and exits growing at double-digit rates in the past year, the industry remains dominated by tiny startups without any sales or profits. According to the state-of-the-industry report released by the Israel Venture Capital Research Center on Sunday, seventy-eight cyber startups raised $540 million last year, a 20 percent increase over 2014. IVC report says fundraising and exits grew at double-digit rates last year and industry now numbers 430 companies.

Hundreds of international delegations attend CyberTech 2016 Conference

The third annual CyberTech 2016 Conference attracted state leaders, representatives of leading multinational and Israeli corporations and startups, as well as investors and entrepreneurs in the field of cyber security. A large Japanese contingent, a group of Canadian banking executives, and a delegation organized by the International Monetary Fund from developing countries were among those who attended.

Cyberattack on Israel's electrical authority

The Public Utility Authority was subjected to a cyber assault, Minister of Infrastructure, Energy, and Water, Yuval Steinitz said in a speech at the CyberTech Conference. Steinitz said that his ministry and the National Cyber Bureau handled the attack and that it was under control. The incident occurred during two consecutive days of record-breaking winter electricity consumption, with the Israel Electric Corporation reporting a demand of 12,610 megawatts on Tuesday evening as temperatures dipped to below-freezing levels. “I can tell you that the virus was identified and software was activated to neutralize it,” Steinitz said. “This is a fresh example of what we need to be prepared to face at any time,” he added.

UNITED STATES

Email of the director of US National Intelligence hacked

A personal online account linked to James Clapper, director of the US National Intelligence, was hacked in December following reports that the personal email of John Brennan, the director of the Central Intelligence Agency, had also been hacked. Brian Hale, a spokesperson for the Office of the Director of National Intelligence, said that Clapper’s office was aware of the incident and had reported it to the appropriate authorities. He declined to provide additional details.

Foreign hackers may have encrypted US government communications

A security breach recently discovered at software developer Juniper Networks has US officials worried that foreign hackers have been reading the encrypted communications of US government agencies for the past three years. The California-based Juniper Networks announced that an unauthorized backdoor had been placed in its ScreenOS software possibly in 2013, allowing an outside actor to monitor network traffic, potentially decrypt information, and even take control of firewalls. Several days later, the company provided its clients – which include various US intelligence entities – with an “emergency security patch” to close the backdoor. The federal government has yet to determine which agencies were using the affected software or if any agencies have used the patch to close the backdoor.

EUROPE

France: Orange to open a new cyber defense center and strengthen cooperation in telecommunications security

Orange, the biggest French telecom company, has recently announced that it will open a new cyber defense center in the north of France. Indeed, two weeks ago, at the International Forum for Cybersecurity in Lille, the company announced that it will soon establish a cybersecurity laboratory in the city of Lille. According to the CEO of Orange, Stephane Richard, “We need a cyber-defense expertise division and here we are well positioned in the heart of Europe.” This region of France is becoming the center of the country’s cyber defense and already has several cyber defense academic research centers. In addition, the telecommunications company recently signed a partnership with Bull, an IT company that secures mobile terminal communications. Through this partnership, Orange will be able to sell Hoox to its customers. Hoox is a smartphone built by Bull and, according to the company, is “the first integrally secured European smartphone.” France continues to strengthen its cyber security since it became a top priority of the French government in 2013; France, however, lacks cyber security professionals. About 2,600 positions currently are not filled, while last year Orange was only able to recruit about twenty additional engineers, when it really needed a hundred. In terms of cyber defense, France has great technologies, but not enough cyber security engineers to counter all the threats that it currently faces. Thus, like Great Britain, France needs to develop its academic curriculum as well as its engineering cyber defense curriculum to train future cyber experts.

RUSSIA

Ukraine says cyberattack on Kyiv airport was launched from Russia

Ukraine says that a cyberattack on Kyiv’s main airport was launched from a server in Russia. Malware found in an airport computer has prompted a review of how government computer systems are defended. Although there is no suggestion of Russian state involvement, the attack occurred during strained relations over Ukraine’s separatist conflict. “Preliminary investigations lead us to believe that the virus came from the territory of the Russian Federation,” Ukrainian military spokesman Andriy Lysenko told reporters. “That is why we have grounds to believe that it was a cyberattack,” he said.

Cyberattack on the Bundestag

As reported on January 30, by Der Spiegel, the cyberattack on the Bundestag, the lower house of the German parliament, was organized by the Russian secret services. The Germans claim that the Russian state hacker group Sofacy, also known as APT28, was behind the attack. According to German sources, the group is funded by the Russian government. In order to execute the attack, the hackers used a virus program, which is commonly used by Russian hackers. The report claims that an electronic letter was sent to the Bundestag, which contained a link to a website with a Trojan, which then was installed on one of the computers.

ARAB COUNTRIES

ISIS’s ‘Cyber Caliphate Army’ announces plans to hack Google

ISIS’s so-called “Cyber Caliphate Army” has made various threats in the past, including promises to attack internet targets on the anniversary of September 11. According to Terror Monitor, the Cyber Caliphate Army is planning a new team dedicated to hacking Google, called the Google Hacking Team. In August, NBC reported that the Islamic State’s Hacking Division “posted what it said was the personal information of hundreds of members of the military and government personnel, and urged terrorists to carry out attacks.” The personal information hacked included names, emails, passwords, and phone numbers of personnel from the Air Force, the Marines, NASA, and the Port Authority of New York and New Jersey.

United Arab Emirates cooperates with the United Kingdom to increase cyber security

The United Arab Emirates is increasing its cyber security and is calling on experts in the United Kingdom who have years of experience with major events such as the Olympic Games. The UK Trade and Investment’s Defense and Security Organization brought companies to Intersec, the three-day security, safety, and fire protection expo in Dubai in hopes of landing lucrative contracts in cybersecurity, infrastructure, and transport. Two years ago, the United Kingdom announced that it would be prepared to help the United Arab Emirates prepare its security for Expo 2020, including police training and surveillance equipment.

New counter-cyber center opened on Qatar

The government of Qatar had announced the opening of a new counter-cyberattacks center in order to monitor any offensive cyber activity conducted against the county. The new center was opened due to the fact that the country had faced a great deal of cybercriminal attack but nonetheless it will help it the be better prepared to the future attack conducted by any one of the terror organizations, including IS (the "Islamic State" – better known as ISIS). It may be true that Qatar have not yet encountered an attack by the cyber branch hackers of IS, but it must be prepared to any attack that could happened in the future as all the known Islamic terror organization's rivals – the U.S. and other western world countries taking part in the efforts against it. Since the Qatari regime is considered to be an infidel one, in the eyes of the radicals from IS, it is likely that to virtual weapon will be pointed at them. And as such, it is most imported that Qatar will be ready for it.

CHINA and ASIA PACIFIC

SANS to bring NetWars tournament to APAC

SANS, the global leader in information security training, will bring its NetWars Tournament to APAC. The first APAC NetWars competition will be held during the SANS Secure Singapore 2016 training event from March 28 to April 9. NetWars is a suite of interactive learning scenarios that allow information security professionals to develop, practice, and measure their skills in real world defensive, analytic, and offensive practices. Attendees will furthermore learn how the newest cyberattacks work and what can be done to prevent or mitigate them.

South Korea suspects North Korea in attempted cyberattacks

South Korea has been on high military and cyber alert since North Korea announced its successful hydrogen bomb test in early January of this year. South Korean President Park Geun-hye said the scope of threats from the North includes cyber warfare and the use of drones to infiltrate the South. Since the nuclear test, there have been news reports that computer systems of South Korean government agencies and companies had been infected with malicious codes that might have been sent by the North.

Hackers bring down Thai prison website in response to controversial death sentences

Activists from the global hacking collective Anonymous hacked Thai government websites in response to the controversial sentencing of two Burmese migrant workers to death. Win Zaw Htun and Zaw Lin were convicted of murdering two British tourists on the Thai island of Koh Tao in September 2014. Social media accounts linked to Anonymous claim that the two were wrongly convicted and that they were tortured by the Thai police in order to obtain their confessions. The same group of hacktivists already shut down almost 300 websites of the Thai Courts of Justice in protest over this incident and claimed to have defaced the websites of the Royal Thai Police earlier this year. The group also claimed to have stolen large quantities of court records and announced plans to expose corrupt legal authorities; as of yet, they have not released any more court data.

Australia lagging behind China and the United States in cyber warfare preparedness

The Australian Centre for Cyber Security released two reports on the nation’s cyber security status and preparedness. The reports demonstrated that even after the massive cyberattack on Australia’s Bureau of Meteorology computers last December, the response to cyber security has been slow. One report found that both public and private sector entities are lagging behind China and the United States in terms of cyber warfare preparedness. Presented by visiting professor, Greg Austin, the reports called for a “rapid catch-up in capabilities for military security in the information age” as the responses to threats have been “slow and fragmented.” The second report added that not enough has been done to test defense abilities in preventing cyberattacks of weapons systems.