Global Cyber Bi-Weekly Report - April 15, 2016
ISRAEL
Cyber security experts claim Anonymous are more hype than harm
Cyber security experts claim the attacks of the anti-Israeli hacker group Anonymous are relatively more hype than harm, although expanded media coverage has increased the fear, which is out of sync with reality. Since 2013, Anonymous has tried annually to breach Israeli websites on April 7. This year it threatened to carry out cyberattacks on government offices and to leak personal details of Israeli citizens in an operation dubbed “Operation Israel.” On April 8, Anonymous released a video warning that Israel was “unworthy to exist in its current form and therefore will face the wrath of Anonymous.” The threat follows two months of cyberattacks against Israel, during which the country was subjected to 1,000 hacking attempts a minute and dozens of government and commerce websites were taken down by hackers.
.
New cyber security research center launched at the Technion
Last week a new research center for cyber security was launched at the Technion. Dr. Eviatar Matania, chief of the National Cyber Bureau, stated that “the Technion’s academic capabilities, as well as being positioned as one of the leading technological development institutions worldwide, assures the cyber security field will expand to new dimensions.” The new research center will focus on cyber security studies, such as HW and SW protection, Internet of Things (IOT) operating systems, cloud security, machine learning, autonomic systems security, and more.
UNITED STATES
Possible upgrade for the US Cyber Command: it could fight against IS
US Cyber Command is a branch of the armed forces that centralizes command of cyberspace operations and defends the information security environment. Over the past year, the US Cyber Command has continued building the capability and capacity of its 133-member cyber mission team for the past year. On April 5, 2016, Admiral Michael Rogers of the Cyber Command told members of the Senate Armed Services Committee that the status of US Cyber Command needs to be elevated, arguing the move would be more effective against a variety of threats, including the Islamic State (IS) terror group. Upgrading it to a combatant command would put it on par with the most powerful institutions in the US Defense Department; this is increasingly necessary as a growing number of enemies could possibly use cyber capabilities to cause greater harm than stealing data or disrupting online communications. The Senate Armed Service Committee Chairman John McCain said that he would push for the change in the upcoming budget bill, and criticized the Obama administration for being “detached from reality” on the country's cyber policies.
United Kingdom and United States to simulate cyberattack on nuclear plants to test resilience
The United Kingdom and the United States will stage a war-game later this year, simulating a cyberattack on a nuclear power plant, in order to test the readiness of the government and utility firms. The two countries plan to cooperate on exploring the resilience of nuclear infrastructure to a terrorist attack. This approach will echo a similar exercise that took place last year, which tested how the major banks could withstand a cyber security attack.
EUROPE
Estonia strengthens its cyber security cooperation with Japan
A few days ago, during a visit to Japan, the Estonian Prime Minister Taavi Rõivas discussed with his Japanese counterpart, Shinzo Abe, the need to strengthen cooperation in cyber security. Both leaders have decided to increase cooperation by exchanging information and learning between the two countries. According to Prime Minister Abe, “There is much we can learn from Estonia, which holds IT as the central pillar of nation-building, thereby promoting better efficiency in administration and people’s lives.” Indeed, since suffering a cyberattack against its national infrastructures in 2007, Estonia has significantly improved its cyber security, and has created a national cyber strategy. Indeed, the Estonian Cyber Security Strategy 2014-2017 is a basic document for Estonia’s cybersecurity, that evaluates threats to Estonia’s cyber security and presents measures to manage the threats. In addition to the cyber strategy, Japan also has been inspired by the Estonian digital identity card, and has developed “My number,” an exclusive twelve-digit number to be used for several administrative operations such as income, taxes, social security benefits, and so forth. Furthermore, both ministers also discussed the economic corporation agreement currently being negotiated between Japan and the European Union. This cooperation will allow both countries to learn from each other and thus strengthen their defensive capabilities as well as developing business exchange.
RUSSIA
Russia to increase the priority of IT infrastructure
Russian Prime Minister Dmitry Medvedev is expected to arrange a session of the government commission on the use of information technology, according to the press service of the Cabinet of Ministers of the Russian Federation. The main question of the forthcoming meeting would be coordination of information of government agencies, including the use of a centralized information and telecommunication infrastructure.
ARAB COUNTRIES
India and Saudi Arabia sign new counter-terrorism agreement
Saudi Arabia and India have recently signed an agreement for strengthened cooperation in order to better counter the terror threats faced by both countries. The event took place during a visit of the Indian Prime Minister Narendra Modi to the Saudi kingdom. The two countries agreed to enhance joint efforts against any terror operation, including those which take place in the cyberspace arena. Saudi Arabia is one of the strongest opponents of the Islamic State organization, and therefore is highly exposed to its threats. The new agreement and stronger cooperation with India will help Saudi Arabia to better protect itself.
CHINA and ASIA PACIFIC
India will involve private domain experts in handling cyber cases
With the increase in the rate of cyberattacks to 70 percent, the Indian Home Minister official said that any interested companies can present forward-thinking strategies to handle cybercrimes and strengthen capability in proactive monitoring of cyberspace in order to prevent crimes against women and children.
SingTel and Inmarset to launch new maritime cyber security service
SingTel and Inmarset are joining forces to offer cyber security tools for the maritime industry. The alliance of SingTel, Singapore’s local telecom service provider, and Inmarset, a British satellite telecommunications company that owns and operates a global satellite network, aims to reduce cyber risks for maritime companies. Trustwave, SingTel’s cyber security division, will provide software-based UTM services, which is to be integrated with Inmarset hardware. The services will include a number of cyber security defenses and will be available for maritime and offshore operators in the second half of 2016.
Hackers expose records of 55 million potential Filipino voters
A hackers group called “Anonymous Philippines” has breached the database of the Philippine Commission on Elections (COMELEC) and potentially could expose personal information of 55 million voters. Ahead of the country’s national elections on May, 9, the alleged motivation of the group was to sensitize the Commission to their security shortcomings. Trend Micro, a Philippines-based, threat-research center, investigated the incident. Despite COMELEC’s claim that there was not any leakage of sensitive information, Trend Micro found that the leaked data dumps contained massive personal data, including fingerprints of potential voters.
Australia reveals new cyber security strategy
Weeks ahead of its expected launch, Australia’s new cyber security policy has been leaked. The strategy reveals that the Australian federal government plans to strengthen five key areas to fight cybercrimes: cyber defense, education, partnerships, research & development, and awareness. The leaked documents revealed also that Australia is going to launch an information-sharing platform where organizations can monitor security threats in real time. The documents also acknowledged that the country faces a lack of security professional to protect the country from cyberattacks.
AFRICA
Nigeria records 3,500 cyberattacks and lost over $450 million in the past year
Nigeria has experienced 3,500 cyberattacks within the past year, with a success rate of over 70 percent and a loss of $450 million according to Dr. Vincent Olatunji, acting director general of the National Information Technology Development Agency, NITDA. Olatunji stated this during a recent capability and capacity-building workshop organized by NITDA in partnership with its Malaysian counterpart, Malaysia Cyber Security Agency, in Abuja. Olatunji acknowledged that the country’s GDP lost $568.51 billion in 2014, which amounts to an annual loss of $450 million, equivalent to N89.55 billion annual direct losses to the Nigerian economy, with the exchange rate of N199 to $1 at the Central Bank of Nigeria.
LATIN AMERICA
Costa Rica launches investigation after reports that hackers ‘rigged’ 2014 election
The investigation comes days after jailed hacker, Andres Sepulveda, claimed he had used propaganda and other tactics in order to influence many electoral contests across Latin America over an eight-year period from 2005 until 2013. Sepulveda told Bloomberg News that he hacked emails, phones, and websites in order to gather intelligence and give his right wing clients an illicit advantage in nine Latin American countries. Sepulveda was jailed for ten years last year, following his conviction on charges including use of malicious software, conspiracy to commit crime, violation of personal data, and espionage. Sepulveda spoke to the media after years of operating in the shadows in an apparent bid to portray himself as having been reformed.
