Global Cyber Bi-Weekly Report - August 1, 2016
ISRAEL
Japan and Israel tighten economic relations with cyber security business collaborations
To strengthen bilateral trade, Avi Hasson, chief scientist and chair of the Israeli Innovation Authority, led a delegation this month of eleven Israeli IoT startups to Tokyo and Osaka. In September, NEC becomes the first Japanese multinational to launch an R&D Center in Israel, focusing on cyber security, as Prime Minister Shinzo Abe is encouraging stronger ties with Israel.
Israeli tech and cyber security will display their latest developments at Rio Olympics
Israel’s representation in the upcoming Summer Olympics in Rio de Janeiro extends beyond the sporting competitions to the tech arena where startups will show their prowess in security technologies, live video transmission technology, public transportation navigation, AR systems, satellite technologies, and sports tech. The Israeli company International Security and Defense Systems (ISDS), BriefCam, and the EROS-B satellite will likely snag the most attention as they take on security.
http://www.israel21c.org/israeli-tech-set-to-shine-at-rio-olympics/
UNITED STATES
US military has launched a new digital war against the Islamic State
In an effort to accelerate the pace of digital operations against the Islamic State, Adm. Michael S. Rogers, commander of the US Cyber Command, created a unit in May that is tasked with developing digital weapons that will increase efforts to damage and destroy the Islamic State’s networks, computers and cellphones. The group, called Joint Task Force Ares and led by Lt. Gen. Edward Cardon, is coordinating operations more closely with US Central Command, which is leading the military fight and working to sharpen offensive operations. Officials hope the campaign will be a significant step toward normalizing cyberspace as a tool of warfare, just like the use of airstrikes and artillery barrages.
https://www.washingtonpost.com/world/national-security/us-militarys-digital-war-against-the-islamic-state-is-off-to-a-slow-start/2016/07/15/76a3fe82-3da3-11e6-a66f-aa6c1883b6b1_story.html
Presidential Policy Directive on United States Cyber Incident Coordination
On July 26, the President Barak Obama approved a Presidential Policy Directive (PPD) on the United States’ Cyber Incident Coordination. This new PPD marks a major milestone in codifying the policy that governs the Federal government’s response to significant cyber incidents. The new directive spells out how the Federal government will coordinate its incident response activities in the event of a large-scale cyber incident.
EUROPE
Office of National Statistics published a national cybercrime survey
The United Kingdom’s Office of National Statistics (ONS) has published a national crime survey on cybercrime in the United Kingdom, showing that bank fraud is the biggest cybercrime in the country, accounting for two of every five online crimes out of the nearly six million online crime incidents reported over the past year. There were 2.5 million online crimes involving banks and credit accounts, while one million involved other types of fraud such as online shopping. There were a further two million cybercrimes, such as hacking and computer viruses. The survey also shows that one in ten adults has been a victim of a cybercrime and that class, age or location is not a factor. Paul Taylor, the head of cyber security in the UK for KPMG, the professional service firm, said that, “The cybercrime and fraud statistics in the latest ONS crime survey are deeply concerning, but not surprising. It’s clear that crime is becoming cyber enabled as our world becomes digital.”
Massive ransomware attack in the Netherlands
A surge in ransomware, which locks users’ data until they pay criminals to retrieve it, is one of the new main challenges for the Dutch police, Europol, and a coalition of cybersecurity firms. A new online portal, “No More Ransom,” has been formed. The portal aims to inform the public about the dangers of ransomware and help victims recover their data without having to pay cybercriminals ransom. The portal offers advice on how to avoid data being taken hostage by ransomware, as well as more than 160,000 decryption keys in the event of a computer being infected. Kaspersky Lab, one of the tech firms supporting the project, said the number of victims attacked by so-called crypto-ransomware was growing by an alarming rate, increasing from 131,000 in 2014/2015 to 718,000 in 2015/2016. Europol stated that “Ransomware is a top threat for EU law enforcement. Almost two-thirds of EU member states are conducting investigations into this form of attack.”
Germany presented its annual report on cybercrime
Holger Muench, head of Germany’s Federal Police (BKA), presented the latest annual report on cybercrime. Muench said the BKA does not just want to remove websites, but also catch criminals using them. Cybercrime cost Germany 40.5 million euros ($44.5 million) last year, according to the BKA’s report, a rise of 2.8 percent. The majority of the 45,000 plus cases involved computer fraud. Muench said the figures only represented a small part of the true size of cybercrime. Muench also stated that the German police will do more to fight crimes committed in the “dark net.” The dark net, which is only accessible via special web browsers, is increasingly used to procure drugs, weapons, and counterfeit money, allowing users to trade anonymously and pay with digital currencies such as Bitcoin. The German Police solved 32.8 percent of cybercrimes last year.
RUSSIA
New evidence that Russians led the hacking of the US Democrats
A Romanian hacker, who has taken responsibility for hacking the servers of the National Committee of the Democratic Party in the United States and assisted in publishing the stolen information on WikiLeaks, is, in fact, an agent of the Russian Federation’s security services. This conclusion was reached by the experts of the ThreatConnect Company, on the basis of its own investigation. According to ThreatConnect, the hacker “Guccifer-2.0” is not a single person, but rather a group of hackers associated with the Russian government. Their main objective was to distract public attention from the possible involvement of Moscow in the hacking of the servers of the National Committee of the Democratic Party.
Data of all Russian citizens will be stored in a single IT source
In the future, a single IT source will host information about all Russian citizens. This was stated by Prime Minister Dmitry Medvedev at a meeting of the Government Commission of Information Technology. This single Federal electronic register of population data should be ready by 2025, Medvedev said.
MIDDLE EAST
Iran’s proxies might build upon Iranian cyber capabilities to boost their technological capacities
While Iran’s cyber capabilities is a major source of concern, it is less clear whether Tehran is able to mobilize and facilitate independent individuals the way that Russia and China have been able to do. Are we at the brink of an improved Hezbollah cyber arm?
White House claims that Iran and North Korea joined forces to gather top secret intelligence from the United States
Speaking at a recent conference on cyberattacks, White House counter terrorism advisor, Lisa Monaco said that North Korea and Iran have shown they can carry out “destructive attacks” on critical infrastructure in the United States.
Egyptian government to announce a new division of cybersecurity
The Egyptian government has recently launched a new cybersecurity division in order to defend its institutions from cyberattacks. Harish Chib, vice president for Sophos (an international company specializing in security software and hardware), stated that further growth in this Egyptian market is expected, and that a more serious approach to IT and network security in an attempt to create a safe and fruitful ICT environment is reasonable. In order for these hopes and expectations to be realized, the government has set a few targets for the country in this field, including improving quality as well as cybersecurity readiness.
Saudi Arabia to become more vulnerable to cyber attack
A recent paper published by the cybersecurity “Global Risk Insights” website shows that the Saudi kingdom is becoming increasingly digitalized. A more technological kingdom, however, necessarily means a country with a more cyber-vulnerable infrastructure. The Saudis are threatened by more than one rival in cyberspace, due to its active approach against the Islamic State on the one side and its Shi’ite rival Iran on the other. The author of the paper concludes, and rightly so, that the Saudis have to improve their cybersecurity strategy at the same pace, if not faster, of its becoming technologically dependent. The cyberwar between the Saudi-linked and Iranian-linked hackers over the last couple of months is an example for this very need.
CHINA and ASIA PACIFIC
North Korea’s Unit 121 allegedly world’s third largest cyber unit
In the past, North Korea has been called one of the least networked and most isolated societies in the world, but now, it may actually be one of the biggest threats to international cyber security. The US Office of the National Counterintelligence has estimated that North Korea spends one-third of its total revenues on its military, and around 10 to 20 percent on militarized IT infrastructure. The most important IT division is called Unit 121, a handpicked group of highly trained hackers who solely focus on cyber espionage and cybercrime. It is hard to estimate how big this division really is, but South Korea claims that Unit 121 is now the third largest cyber unit in the world.
Hacker group brings down Thai government website
Earlier this month, Thailand’s major government website was down for a brief, but significant time period. The attack was carried out by the Thai-based hacker group “People Against the Single Gateway,” aided by members of the public. Everybody involved visited the government website at the same time and pressed the F5 refresh button in order to bring down the website.
The attack came as a protest against Thailand’s plan to establish the “Great Firewall of Thailand,” which intends to strictly monitor and police all internet services by allowing online communication just via one dedicated gateway.
Record number of visitors at RSA® Conference 2016 Asia Pacific & Japan
The RSA® Conference 2016 Asia Pacific & Japan in Singapore, which occurred on July 20-22, 2016, experienced a 26 percent increase in visitors from the 2015 conference, with record numbers counted. The conference hosted more than fifty track sessions, keynotes, and tutorials, which featured more than 85 speakers. The sessions dealt with six conference tracks: Cloud, Mobile and IoT Security, e-Fraud and Law Enforcement, Global Perspectives, Security Strategy and Data Security, Threats and Threat Actors, as well as Learning Lab. Dedicated sessions highlighted predominant Asian cybersecurity issues, as well as discussed respective threats and threat actors. These sessions were tailored to showcase key regional perspectives and takeaways for attendees to enhance their organizations’ overall cybersecurity posture.
AFRICA
Human factor in cybercrime in Nigeria
Godswill Oyegwa Uyoyou, a Nigerian IT worker, is wanted by Nigeria’s Economic and Financial Crimes Commission (EFCC) for helping cybercriminals dressed as maintenance staff to get into the bank so they could use computers to transfer cash. The theft was spotted when the stolen cash was withdrawn. Although no members of the gang have been caught, several are being tracked. Uyoyou was vital to the robbery because of the access that he had to the bank’s computer systems. This was used to siphon 6.28 billion Nigerian Naira into accounts of the criminals. John Hawes, a computer security researcher at Sophos, said the amount of cash stolen was “unusually large,” but the method the gang chose was “all too common.”
Anonymous Africa target politics website
The hacktivist group Anonymous Africa says it has inspired others to launch cyberattacks for political purposes in South Africa and across the region. Anonymous Africa targeted the South African Broadcasting Corporation for censorship while the group attacked the Gupta family’s websites because of corruption allegations swirling around the family. Anonymous Africa has told Fin24, the South African news site, that it expects other hackers to take up similar causes in the region. Anonymous Africa also said that it is currently “very focused on the ground war in Zimbabwe” amid recent civil protests in that country. “Our activists are busy with reality. The attacks helped amplify the movement and we hope to use that as the catalyst to bring spring to our part of the world,” said Anonymous Africa.
