Global Cyber Bi-Weekly Report - August 15, 2016
ISRAEL
Israeli Knesset committee praises Israel's cyber protection, yet also expresses concerns
The Knesset Foreign Affairs and Defense Committee (FADC) published a report on August 1, praising measures put forth by the government in the field of cyber-security, in which Israel is considered to be a global leader. The committee suggested guidelines for the administration of the new authority responsible for Israel's cyberattack preparedness, yet in the same breath expressed concerns regarding the coordination of the new body, the National Cyber Authority, with existing security agencies. MK Anat Berko (Likud) expressed her concerns by saying, “Since the National Cyber Authority is not a security agency and includes civilian bodies as well, I am afraid of the possibility of sensitive information leaking outside.” The report states that the cyber threat is a growing challenge to the State of Israel, but says that the government has recognized the threat in time and has started taking steps to prepare an adequate response. The new authority will consider both security and political-diplomatic implications and will properly organize the gathering of information on cyberattacks against Israeli targets.
http://www.ynetnews.com/articles/0,7340,L-4836474,00.html
The Australian Minister for Small Business, Innovation and Trade will lead a data and cyber security trade mission to Israel
The Australian Minister for Small Business, Innovation and Trade, the Hon. Philip Dalidakis MP will lead a data and cyber security trade mission from Victoria to Israel from November 13-18, 2016. This trade mission is being organized in partnership with the Australian Israel Chamber of Commerce (AICC). The trade mission program will coincide with the fourth International Conference on Homeland Security and Cyber in Tel Aviv, and will include business-to-business meetings, site visits, and networking events. Expressions of interest are sought from entities with capabilities in cyber security, including critical infrastructure protection and data and information management.
UNITED STATES
Bring cyberwarfare further out of the shadows
The penetration of the Democratic National Committee deserves a strong response from the United States. There are signs of change: A new team created by the US Cyber Command to carry out offensive cyber operations against the Islamic State, called Joint Task Force Ares, is composed of about one-hundred people, and based at Fort Meade, Maryland, home to the Cyber Command and the National Security Agency. Secrecy in military and intelligence, including offensive cyberattacks, is essential to protect operations. On July 26, President Obama approved a new presidential directive that attempts to further define cyberattacks and what constitutes a “significant cyber incident,” as well as how to respond. This seems to be a worthwhile exercise, but is hardly the last word.
Hacker releases more Democratic Party documents
A hacker believed to be tied to the Russian intelligence services made public another set of internal Democratic Party documents on August 12, including the personal cellphone numbers and email addresses of nearly 200 lawmakers. The files appeared to be less politically embarrassing and damaging than the hacker’s initial trove, which came from the Democratic National Committee. Those documents, released by WikiLeaks last month on the eve of the party’s convention, led to the resignation of the committee’s leader, Representative Debbie Wasserman Schultz.
EUROPE
The cost of cybercrimes is not accurate
The European Network and Information Security (ENISA), an agency of the European Union, recently has studied several reports in order to determine the real cost of cyberattacks, but the diversity of approaches prevents accurate calculation. These reports, consisting of two internal studies, two public studies, and two reports by ENISA partners were published in 2012 and 2013. They aimed to assess the economic impact of cyber incidents, which have affected the critical infrastructures of the EU. According to the ENISA, however, “The measurement of the real impact of incidents in terms of the costs needed for full recovery proved to be quite a challenging task.” Furthermore, the agency added that, “there's plenty of information about,” but the studies it analyzed “examines the topic from a different perspective.” Indeed, there are many ways of analyzing the cost of cybercrimes, which make the data not entirely accurate and cannot provide a proper understanding of the impact of cybercrimes on the EU. According to a study published in 2014 by the Ponemon Institute, the cost of cyberattacks could vary from 425,000 euros to 20 million euros per company per year in Germany. In order to get a better grasp of the impact of cyberattacks, the agency together with the help of external cyber experts and economists should undertake thorough research. Furthermore, a European standard of specific research methodologies may help too.
RUSSIA
The United States is considering new economic sanctions against Russia
Following President Obama’s signed decree in 2015, simplifying the imposition of sanctions against those who execute or facilitate cyberattacks against the United States, the US government is considering the introduction of new economic sanctions against Russia in retaliation for breaking into the US Democratic party’s servers. However, as the Wall Street Journal announced, referring to informed sources, officials have not yet come to a decision.
Russian hackers are suspected of involvement in hacking former NATO commander
Sometime before the publication of the correspondence of the US Democratic Party leaders on WikiLeaks, confidential information of former Commander of NATO forces in Europe, Philip Breedlove appeared on an obscure website called DCLeaks.com. As reported by Bloomberg, information security experts suspect Russian government hackers of hacking his e-mail, in addition to being accused of the attack on the Democratic Party.
MIDDLE EAST
Spear phishing campaigns against exiles and dissidents is arguably linked to the Iranian government
In a recent conference, security researchers have exposed the ways they tracked phishing campaigns of the Iranian government against human-rights advocates and Iranians living overseas.
Top-notch APT ‘ProjectSauron’ against Iran and Russia was exposed by Kaspersky Labs
The Advanced Persistent Threat (APT) seems to be in line with some of the best cyber espionage acts that were ever discovered, such as Duqu, Flame, Equation, and Regin. This is a very sophisticated APT that runs only in the system’s memory, uses different encryption modes on each victim, and takes advantage of virtual file systems. At the same time, the attackers have learned from previous exposures and have left almost no patterns on its victims.
Iran and Zimbabwe have become cyber allies
President Mugabe, Zimbabwe’s controversial leader, has received a major boost in his fight against cybercrime and social media in his country from Iran. In exchange, the Iranians will receive lucrative Uranium mining licenses in the country.
Saudi Arabia’s citizens must be cyber prepared
A cyber security survey recently held in Saudi Arabia by Symantec has revealed that out of the 28 million people living in the kingdom, some 6.5 were affected by cybercrime within the last year. Today, more and more Saudis residents are using more advanced technology systems in their daily lives. Hence, Eyas Hawari, country manager for Symantec Saudi Arabia, said locals have to become a lot more proactive in keeping themselves protected in the virtual arena. Although the main threat mentioned in the report is criminal, Saudi rulers and citizens must be prepared to counter cyberattacks – as the next one could be from a terror organization such as the Islamic State and alike.
CHINA and ASIA PACIFIC
Australia’s Census 2016 website shut down after cyberattacks
The Australian Census 2016 website was hit by a Denial of Service attack. The census, which is initiated by the Australian Bureau of Statistics (ABS), aims to provide a comprehensive snapshot of Australia’s people, their housing, and where they live. The bureau confirmed the attacks and shut down the website just after 7:30 pm on the census-taking day, as a precaution to ensure the integrity of the data which had already been collected. ABS suspects hacktivists behind the attack; the attacks seemed to be focused on disrupting the online system, rather than gaining access to personal details.
South Korea’s government agencies hacked
South Korea’s Prosecutor’s Office suspects North Korean hackers behind another cyberattack targeting South Korean government agencies. According to the investigations, ninety email hacking attempts against government individuals were detected as was the exposure of the passwords of 56 email accounts. The cyberattacks took place from January to June and targeted three government ministries, a government-related research institute, and defense companies.
Italian Android Remote Access Trojan targets China and Japan
Bitdefender security researcher found a new Android Remote Access Trojan (RAT) targeting smartphones with specific IMEI numbers in China and Japan. After analyzing samples of the RAT, the researchers found that the malware is designed to take screenshots, listen in to phone conversations and send the information back to command and control serves in Italy. Furthermore, the code allegedly only works on rooted devices, thus endangering 80 percent of China’s Android smartphones.
Former FBI technician pledged guilty in acting as a spy for China
Kun Shan Chun, a former FBI technician, is facing a potentially long stretch in jail after pleading guilty in Manhattan Federal Court to serving in the US as an agent of the Chinese Government. Chun joined the FBI Field Office in New York in 1997 as an electronics technician. At least since 2006, when Chun became affiliated with a Chinese technology company in a research and consultancy role, he was in contact with Chinese nationals and one government official, whom he provided sensitive and – in some instances – classified, FBI information; among the documents provided was one delineating the organizational structure and detailing surveillance techniques used by FBI agents.
AFRICA
The cost of cybercrime attacks in Nigeria
Cybercrime attacks in Nigeria cost the country an estimated NGN 127 billion per year. As a result, MainOne firm, which provides network and internet solutions, has launched a counter cyberattack service in Lagos for Nigerian businesses to check for internet attacks. The new service, developed in partnership with Radware, targets Distributed Denial of Service (DDoS) attacks, known to render online service unavailable with overwhelming internet traffic.
