Global Cyber Bi-Weekly Report - May 15, 2016
ISRAEL
Israelis suspected in cyber fraud will be extradited to the United States
The District Court in Jerusalem has approved the extradition of Gery Shalon and Ziv Ornstein, who are suspected of cyber fraud in the United States. The two were arrested last summer after being accused of computer penetration, online gambling, securities offenses, and more. The two also have been accused together with another person of stock fraud, after running stocks of shell corporations that they had opened. They bought stocks intensely and sent numerous false emails in order to increase the stocks’ purchases, and eventually sold them at a higher value through illegal accounts. Shalon is also accused of cyber fraud, on the basis of conducting cyberattacks on two financial institutions, E*Trade and Scottrade.
Classified documents of Israel Police’s cybersecurity expert have been stolen
Highly classified documents concerning security arrangements for top police, army, and intelligence facilities have been stolen from the house of the deputy head of the cybercrime unit in the Israel Police. Although the authorities have yet to rule out the possibility that the crime was random, the sensitivity of the files, in addition to the fact the documents were the only items stolen, has led investigators to think that the thief specifically sought these files in order to monitor the police officers’ movements.
New Mossad ads call for potential cyber spies
The Israeli Mossad has run recruitment ads with a computer code for potential secret agents. The ad, appearing on several media outlets, features a photo of a screen with a computer code, and asks people to join the cyber challenge. According to Dr. Tal Pearl, a cyber expert, this recruiting method chosen by the Mossad is often used by cyber and hi-tech companies. Pearl added there are few benefits to this. It is a very strong filter, which leaves only the experts who succeed in solving the challenge; it also spares the Mossad from being flooded with candidates, getting only those who really fit the need. Moreover, as Pearl mentioned, publishing a cyber challenge renders the Mossad serious in the eyes of the recruits, as it draws only the best candidates.
UNITED STATES
Defining a cyber act of war
The US federal government has a fundamental responsibility to provide for the defense of the United States, as a new type of warfare in cyberspace is emerging as a top threat. Although in recent years, foreign actors have used sophisticated technologies to acquire the personal files of millions of federal employees, to gain access to the private information of multibillion dollar businesses, the United States does not have any clear policy for responding to a cyberattack. On May 8, Senator Mike Rounds of South Dakota introduced the Cyber Act of War Act of 2016, which would require the administration to define what constitutes an act of war in cyberspace.
EUROPE
Europol has signed a new information sharing agreement in order to fight cyber crimes
The Cyber Crime Center EC3 of the European law enforcement agency, Europol has recently signed a Memorandum of Understanding (MoU) with the Finnish security company, F-Secure. The aim on this new agreement is to strengthen the cooperation between the European agency and the private sector in order to better fight the growing threat posed by cybercrime. According to Alexandru Niculae, the spokesperson of Europol, “In accordance with Europol’s legal framework, MoUs allow for the exchange of strategic information such as expertise, statistics, trends and information on threats between the two parties concerned. MoUs do not allow for the exchange of personal data.” Indeed, the sharing of information is one of the most important components of cyber security. Cybercrime has increased significantly during the past few years, and some cyber threats have been more persistent as observed with ransomware. The cyber intelligence capabilities of the Finnish company including gathering information about new cyber threats, trends, and underground hacking communities, together with the investigative and legal frameworks of the law enforcement agency is a great way to counter cybercrime phenomenon. This type of cooperation is not new as Europol has already signed such agreements with Trend Micro and McAfee.
RUSSIA
Russian authorities to close more than 4,000 internet sites
Roskomnadzor - The Russian Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications is about to close more than 4,000 internet sites for drug selling and promotion of extremist content, announced spokesperson Vadim Ampelonsky, on May 13. This decision concerns internet sites located in the Russian internet domain of .ru. Although internet content can be announced as illegal only by the Russian court, the Ministry of Interior and Prosecutor’s General Office are also vested with the competence to close these sources.
ARAB COUNTRIES
UAE is targeted with 5 percent of global cyberattacks
The United Arab Emirates (UAE) is currently facing 5 percent of global cyberattacks, say local cyber experts. This represents a rise as high as 500 percent in comparison to the amount of cyberattacks the country faced five years ago. The most targeted sector is the financial one, followed by the gas and oil sector. Given the above, it is no surprise that the people’s trust in their nation is eroding, as noted by cyber security experts FireEye Inc. The UAE is one of the Arab nations that is actively participating in the military coalition against the Islamic State and al-Qaeda, thus making it an optimal target for terrorist cyber activists. Therefore, it is highly important that the UAE be as prepared as it can in the cyber battle arena.
CHINA and ASIA PACIFIC
China wants to become cyber superpower
The Chinese government seeks to turn their country into a global cyber superpower in order to reverse its ongoing economic downturn. According to the Chinese Prime Minister Li Keqiang, the modernization of information technology in all sectors of the Chinese economy will turn the country into a high-tech leader in the future. At the same time, Keqiang also spoke of plans to tighten control over the Internet, introduce relevant control mechanisms, and promote an “international, democratic and transparent system for internet supervision.”
South Korea and United States to jointly combat cyber threats
South Korea and the United States have agreed to cooperate on developing an artificial intelligence-based cyber security technology that will counter threats in cyberspace. According to a joint statement issued by the US Department of Homeland Security and the South Korean Ministry of Science, the two countries “intend to explore areas of mutual value and benefit, which may lead to joint activities aimed at enhancing operational readiness to support cybersecurity, and resilience.”
New Zealand holds its first Cyber Security Summit
New Zealand held its first Cyber Security Summit in Auckland on May 5, 2016. Under the motto “Keeping New Zealand’s Economy Cyber Secure,” the Summit offered an opportunity for board members, chief executives, and leaders from across the public and private sectors to discuss how the country should tackle the threat of cybercrime, and improve resilience and security.
Police allege SWIFT technicians left Bangladesh Bank vulnerable
Bangladeshi police alleged that technicians associated with the SWIFT financial network introduced vulnerabilities into the banking software that made it easier for hackers to infiltrate the systems of Bangladesh Bank. These network weaknesses allowed hackers to carry of $81 million from Bangladesh’s Central Bank in February. According to an unnamed bank official, the accused technicians made missteps and went against security protocols when they implemented the system.
AFRICA
Level of fraudulent in the Bank of Nigeria (CBN) electronic transactions has dropped substantially
The Central Bank of Nigeria (CBN), reports that the level of fraudulent electronic transactions has dropped substantially, while the value of e-transactions in the country has risen significantly in comparison to 2014. In 2015, the level of cyber fraud in the country also was reduced significantly. This reduction has been attributed to policies put in place by the CBN, which includes the mandatory registration for a Bank Verification Number (BVN) before the owner can access an account. Prior to the BVN registration, fraudsters would operate more than one account with different account details.
