Global Cyber Bi-Weekly Report - June 15, 2016
ISRAEL
BDS: Israel responsible for cyber attacks
The Boycott, Divestment & Sanctions (BDS) movement claimed that Israel was directly involved in DDoS attacks against six BDS sites in February and March despite that no smoking gun has been procured. A statement on the main website of the BDS movement states that the attacks were highly advanced, which indicates Israel’s direct involvement. Sima Vaknin-Gil, the director-general of the Ministry for Strategic Affairs and Public Diplomacy – the governmental body responsible for the fight against BDS – said at the beginning of the year that, “the ministry is interested in establishing a community of fighters” to battle the BDS campaign.
The Australia - Israel Chamber of Commerce is hosting its first Annual Cyber Summit
The first Annual Cyber Summit will be a full day event, held in Brisbane on August 15, 2016. Its aim is to provide attendees with connectivity and oversight of the various cybercrime activities, risks, and solutions. Among the key themes to be discussed are innovation and start-ups, education and awareness training; governance and risk management, child protection; and pre/post cyber risks. The last theme addresses Australia’s growing dependence on the internet and great opportunity for prosperity and daily lives in Australia that the internet provides. The internet also presents real risks, as the cyber threat landscape has evolved. It is important to know that it is not just criminals who steal or disrupt a business that pose a risk. This theme asks how we determine potential cyber risks and how we deal with them and manage their effects upon our organizations.
UNITED STATES
Federal records: reports on cyber breaches
The US Federal Reserve detected more than fifty cyber breaches between 2011 and 2015, with several incidents described internally as “espionage,” according to the US Federal Reserve records. The central bank’s staff suspected hackers or spies in many of the incidents, the records show. The computer systems of the US Federal Reserve play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets. This suggest that hacking is a major threat to the stability of the financial system.
Guilty plea for Islamic State hacker
A Kosovo citizen, Ardit Ferizi, is scheduled to enter a guilty plea on charges that he hacked computers to expose US service members’ personal data on behalf of the Islamic State. The court listings do not clarify exactly to which charge Ferizi will plead guilty. Change-of-plea hearings typically indicate a plea bargain has been reached. Ferizi, known by hacking moniker “Th3Dir3ctorY,” was leader of a group of ethnic Albanian hackers known as Kosova Hacker’s Security, according to an FBI affidavit.
http://hosted.ap.org/dynamic/stories/U/US_ISLAMIC_STATE_HACKER?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT
Cyberterrorism and the role of Silicon Valley
Director of National Intelligence James Clapper has said that new technological developments have the potential to allow terrorists to move from low-tech killings aimed at gaining attention and creating fear to high-tech sabotage, designed to disrupt the sinews and social tissue of society. As national security and war are being redefined for the digital age, Silicon Valley will need to be on the front line of counterterrorism. The recent TiEcon Annual Conference in Santa Clarita has shown that Silicon Valley may already be placing itself at the heart of the battle against terrorism.
EUROPE
United Kingdom warned about cyber capabilities of terrorist groups and rogue states
The head of the British Government and Communications Headquarters (GCHQ) has recently expressed concern about the quick development of terrorist group’s cyber capabilities. Talking at the Cheltenham Science festival, Robert Hannigan, the head of the GCHQ, warned about the fast development of cyber capabilities of terrorists and rogue states. Hannigan thinks that they could potentially target a city like London as more Internet of Things (IoT), such as control systems of cars and household appliances, are connected to the internet. He declared “We’re not quite there yet, but as the world becomes ever more connected that will become a greater risk.” Indeed, it is not too complicated for a terrorist group or rogue state to gather intelligence about critical infrastructures as well as about IoTs. These systems always have loopholes that can be exploited as we previously saw with the hack of a Cherokee Jeep or entertainment aircraft systems. With time and enough funds, a terrorist group could potentially target a connected city like London and cause major damages. Furthermore, Hannigan also talked about the importance of cyber surveillance of internet activity by the different intelligence services. Cyber surveillance has helped to prevent seven attacks against the United Kingdom in the last eighteen months.
RUSSIA
Prime Minister Medvedev: Losses from cybercrime in Russia is constantly growing
At a meeting on information security in the credit and finance field of the Russian Federation, Russian Prime Minister Dmitry Medvedev said that the damage from cybercrime in Russia is growing. To date, the world's losses are half a trillion dollars, Medvedev said.
ARAB COUNTRIES
A pro-Islamic State hacking group has issued a hit list for nearly 8,000 Americans
An organization called United Cyber Caliphate, identified as pro-Islamic State, has issued a hit list, calling on lone wolf jihadists to kill nearly 8,000 Americans in order to “take revenge for Muslims.” The list, features the names, addresses, and email addresses of 8,318 people. The organization published both English and Arabic versions of the list through the mobile messaging app Telegram. While the majority of the names on this list are located in the United States, some are in Europe, New Zealand, and the Far East. According to the website, the hacking organization called on radical supporters to “follow” those who are listed and “kill them strongly to take revenge for Muslims.” The list is believed to be the longest “kill” list that any organization affiliated with the Islamic State has ever been published.
Hackers planted false report on Jordan news harming Saudi-US relations
In most cases, cyberattacks are being used by criminals and terrorists in order to steal money and personal details, or to damage important infrastructure in a rival country. On June 12, however, cyberattackers used their technological skills and hacked the Petra News Agency, the official news agency of Jordan, in order to harm relations between Saudi Arabia and the United States. To accomplish their objective, the hackers planted a false post on the website of the Petra News Agency, saying that the Saudi kingdom supports Hillary Clinton’s presidential campaign. After Saudi officials saw the false report and demanded its removal, the Jordanians published a statement saying that “a technical failure” had occurred.
US Justice Department charged Iran with few cyberattack indictments
The US Justice Department has charged Iran with seven indictments for cyberattacks on US infrastructures, including banks and a dam in New York. This represents the first attempt of the Obama administration to go after state-sponsored attacks. Some argue that this might pave the way for further sanctions against the Iranian regime.
Iran and Saudi Arabia conduct mutual defacement cyberattacks on governmental websites
Iran’s top civil defense official was quoted at the beginning of June as saying the country is preparing for major cyberattacks by Saudi-Arabia. A few days later, Iran’s statistical center and registration office websites were attacked by a hacker who claimed to be from Saudi Arabia. A group that calls itself “Iran Security Team” has responded and targeted Saudi Arabia General Authority for Statistics and King Abdulaziz University. Another Iranian team hacked the website of the Saudi Commerce Ministry.
Android spyware allegedly linked to Iran
Intel’s Security Mobile Research Division exposed a recent Android spyware that was installed through an app downloaded by candidates for positions in Saudi Arabia’s government and military. The attempt is similar to previous spying attempts that were linked to Iran last May.
CHINA and ASIA PACIFIC
India to increase surveillance on instant messaging
Under the pretext of fighting terrorism and the Islamic State, India will increase the surveillance of citizens using messaging apps. According to the Indian Home Ministry, a “multiagency, multicell operation” will be deployed to combat terror. More than two dozen messaging apps related to recruitment activities of the Islamic State have been identified; among them: Viber, Live, Tango, IM+, Group Me, and Face Time. The popular chat apps Whatsapp and Telegram both use end-to-end encryption, thus, the government cannot oversee anyone using those systems.
Taiwan government website hacked
The website of Taiwan’s ruling Democratic Progressive Party (DPP) has been hacked, according to researchers from the American cyber security company FireEye Inc. The attackers allegedly sought information about the party’s policies. It redirected DPP website visitors to a spoof online address that hosted a malicious script, presumably to profile the visitors, and to select potential targets for additional attacks. Although no specific hacker group has been identified yet, the malicious script was allegedly used before by Chinese cyber espionage groups to target Taiwanese politicians.
Indonesian cyber agency to strike back against cyberattacks
Indonesia is in a state of emergency following increasing cyberattacks, mostly from within the country. Lacking adequate cyber security, Indonesia is ranked second among countries where cyberattacks are launched. According to Luhut Binsar Pandjaitan, the coordinating minister for political, legal and security affairs, cyberattacks in Indonesia rose 33 percent in 2015 compared to 2014. Pandjaitan further stated that Indonesia faces a number of cyberattacks every day and does not yet have a coordinated cyber defense. Therefore, as part of its national policy on information technology defense, the government is setting up a national cyber agency to tackle cyber related issues.
US government strikes back at North Korea
Due to indications that North Korea may have been involved in various bank robberies recently, US President Barack Obama has ordered that North Korean banks be cut off from the international banking system. The move, which was approved by the US Congress, came years after during which North Korea has been developing its nuclear and missile arsenal in defiance of international law and pressure. This is likely to be just the first move in a set of escalating sanctions aimed at North Korea.
AFRICA
Kenya records about 3,000 cyber-related crimes per month
Paul Roy Owino, the president of the Information Technology, Security and Assurance (ISACA) firm in Kenya, has said that there is a need to regulate internet use and management, especially because the use of social media to malign people has become a national security issue. Owino stated that Kenya has about 3,000 cyber-related incidences per month, according to tallies by an organization tracking internet security. The infractions range from banking fraud, money transfer (M-pesa), and interference with personal data by hackers. He added that internet banking has also been adversely affected because hackers and fraudsters are able to obtain personal and organizational data, the more reason to increase the protection of digital platforms. ISACA has signed a Memorandum of Understanding with a government ministry with the main aim of “planning to conduct ICT audits, train law enforcement officers, and continuously share intelligence and research documents we get from the government and private sector so that we can be able to curb this vice.”
