Global Cyber Bi-Weekly Report by INSS October 15, 2016
ISRAEL
Israel is ready to assist India with a comprehensive and effective cyber security plan
During a recent visit to India ahead of Israel’s Homeland Security and Cyber conference, Israeli Colonel (res.) Ram Dor said that Israel is ready to assist India with a comprehensive and effective cyber security plan to counter threats from industrial hackers as well as extremist groups. Col. Dor said that the Cyber Security Plan should encompass three layers to prevent and counter cyberattacks. The first layer should involve strategizing Indian cyberspace; second, establishing a bureau to lead the team; and third, a cyber authority with Computers Emergency and Response Team (CERT). The cyberspace is like a war where attackers and defenders constantly fight each other to safeguard their interests.
UNITED STATES
Obama administration blames Russia for hacks
The Department of Homeland Security and the intelligence community say they are confident Moscow is behind the recent leaks of documents of the Democratic party. The Obama administration accused Russia of attempting to influence the US election by hacking political organizations, including the Democratic National Committee, and leaking private communications to the public. In a joint statement, the Department of Homeland Security and the Office of the Director of National Intelligence said the intelligence community is “confident” the hacks and documents published by WikiLeaks and DCLeaks.com and those claimed to have been carried out by a hacker known as Guccifer 2.0 are “consistent with the methods and motivations of Russian-directed efforts.”
The FBI secretly arrested a former National Security Agency contractor in August
According to law enforcement officials, the FBI is investigating whether a former National Security Agency (NSA) contractor stole and disclosed highly classified computer code developed by the agency to hack into foreign government networks. The arrest raises the embarrassing prospect that, for the second time in three years, a contractor for the consulting company Booz Allen Hamilton managed to steal highly damaging secret information while working for the NSA. In 2013, Edward J. Snowden, who was also a Booz Allen contractor, took a vast trove of documents from the agency, which were later passed onto journalists, exposing surveillance programs in the United States and abroad.
EUROPE
UK: British government to support cyber security startups strategy
The British government has recently announced that they will start to support cyber security startups. Indeed, during the international Cyber Week in Singapore, Conrad Prince, who is the UK Cyber Security Ambassador in the Defense and Security Organization declared, “A key additional element to our new strategy is to further support the growth of the UK’s cyber sector. We are developing mutually supportive interventions to help move ideas into products, products into startups, startups into successful UK companies, and successful UK companies into world class enterprises.” This new support to the cyber security industry is part of the United Kingdom’s new cyber security strategy to be set up in November 2016. Conrad Prince added that “The new UK National Cyber Security Strategy will be supported by £1.9 billion (US$2.3 billion).” This investment will spread over the next five years, which will raise the national Cyber Security budget to US$3.9 billion. Additionally, the government claimed that they will continue to develop their partnership with the private sector and especially with internet providers, in order to strengthen the security of their national systems and networks. The United Kingdom gets hit by 9.3 percent of the world’s distributed denial of service attacks, making it the second most targeted country in the world after the United States. Furthermore, its financial and critical infrastructure is often targeted by other cyber threats including Banking Trojan, ATM malware, phishing campaigns, and APTs. The United Kingdom is constantly improving its cyber defense and will continue to put it as one of the top priority as cyberattacks will increase in the next ten years.
France: Microsoft signs an agreement with the French company Orange Cyber Defense
A new agreement has been signed between Microsoft and the cyber security department of the company Orange Business Services. The partnership covers the training of experts in incident response, in order to conduct recovery operations of Active Directories (AD) following a cyberattack. Microsoft will provide the training yearly to Orange cyber defense experts. The Active Directory centralizes information about users and resources of a company by providing identification and authentication mechanisms. Around 95 percent of organizations use the Active Directory system, representing 550 million users worldwide. According to Guillaume Poupard, director general of the National Agency for the Security of Information Systems (ANSSI), Active Directory is a prime target in cyberattacks. Moreover, the Orange cybersecurity entity, which acquired several companies in the past few years, is now fully operational. It is positioned as the leading player on the French market. Its recent acquisition of the company Lexsi made Orange Cyber-Security the leading private CERTs in Europe.
RUSSIA
NSA hacking program against Russia stolen
The FBI arrested one of the contractual employees of the National Security Agency (NSA) on suspicion of stealing secret computer codes designed for cracking network systems of foreign governments, the New York Times announced, citing sources in the security services. The stolen code was designed to penetrate the foreign computer net systems including Russia’s, the source said.
MIDDLE EAST
Kaspersky Lab looks to further strengthen its Middle East operations
Kaspersky Lab has appointed a new director for the Middle East region. The company announced the appointment of Maxim Frolov as the managing director of the Middle East to strengthen partnerships with enterprises and arguably, with nations. The new director brings vast experience from Microsoft Russia in sales and distribution strategy. He also worked for Seagate Technology.
Turkey is named the country with the most infected devices
A new research by Symantec’s security division has found that Turkey has the largest number of “bot” infections. There is one bot for every 1,139 internet users in Turkey and the country contains 18.5 percent of all the bots across Europe, the Middle East, and Africa. For a full list of the rankings, click on the link below.
Cybersecurity as an economic opportunity in the Arab world
A recently published op-ed calls for unleashing the economic potential of the increasing number of cyberattacks on Arab countries. The Government and private sectors should work hand-in-hand to turn the Arab world into a leading cybersecurity exporter in the global market.
http://ameinfo.com/technology/it/cyber-security-economic-opportunity-arab-world/
CHINA and ASIA PACIFIC
India and Russia will likely sign a cybersecurity pact during the visit of Russia’s President Vladimir Putin
India and Russia will likely sign a cybersecurity pact during the visit of Russian president Vladimir Putin to Goa next week, cementing joint efforts to curb terror-related activities in the region. The pact is expected to be announced at the Indo-Russian annual summit in Goa on October 15. India had entered into a comprehensive cyber security relationship with the United States, another permanent member of the UN Security Council, during the Commercial and Strategic Dialogue in August. India and Russia have been working on closer coordination to combat radicalization through social media by groups like the Islamic State as well as Pakistan’s LeT, Hizbul Mujahideen, and Jaish-e-Mohammed. Among the issues that will be high up on the agenda for Putin and India’s Prime Minister Narendra Modi are the ways to check online propaganda and recruitment by such groups, and keeping hackers from sabotaging critical infrastructure.
India to promote indigenous expertise in cyber security and to fund start-ups
India is building its first platform for homegrown cyber security companies to promote indigenous expertise in the field and help local firms gain a larger share of the country’s digital security technology budget. The government and industry have come together to prepare a road map to create a platform for digital and cyber security products and solution companies. This includes creating a special fund for cyber security start-ups to groom them to build local solutions to tackle internet security challenges. India’s cyber security market size is about $4 billion, which is expected to grow nine-fold to $35 billion by 2025, according to Data Security Council of India (DSCI). According to Nasscom data, there are about 150 cyber security companies. However, the security landscape in India still remains considerably untouched by investors. The Nasscom data shows that only 40 percent of the security companies have received funding from global investors. According to Rama Vedashree, chief executive of DSCI, “We are working with DeITY as well as Technology Development Board to set up a special fund for cyber security start-ups.” Bryce Boland, chief technology officer for Asia-Pacific at FireEye, said that “At a national level, India is making a steady progress on cyber security awareness and leadership. However, even the United States, which is widely considered ahead of the pack on this issue, is grappling with major cyber security challenges today. Cyber security isn’t won or lost on a national level. In some ways, cyber attacks are twenty-first century plagues, and if we are to stay secure, we need widespread immunity and awareness. India is not there yet.”
Singapore’s prime minister launches Cybersecurity Strategy
At the opening of the inaugural Singapore International Cyber Week (SICW), on October 10, Prime Minister Lee Hsien Loong launched Singapore’s Cybersecurity Strategy. The Strategy outlines how Singapore will continue to strengthen the resilience of the country’s cybersecurity. The Cybersecurity Strategy was developed after a consultation process with fifty stakeholders over the past year. The Strategy sets out Singapore’s vision, goals, and priorities in the area of cybersecurity and outlines the country’s commitment to building a resilient and trusted cyber environment for Singapore and Singaporeans. Cybersecurity is a key enabler for Singapore’s digitally-enabled economy and society. The four pillars underpinning the Strategy are building a resilient infrastructure; creating a safer cyberspace; developing a vibrant cybersecurity ecosystem; and strengthening international partnerships. A key focus of the Strategy is to ensure that Singapore’s essential services are protected. The government will work with key stakeholders, including private sector operators and the cybersecurity community, to strengthen the resilience of critical information infrastructure (CII) that supports these essential services. The Strategy outlines efforts by various agencies to combat cybercrime and to enhance Singapore’s standing as a trusted data hub.
China’s hostile cyber and trade war threatens national security
China continues to hack and steal intellectual property from US companies and use stolen US trade secrets to manufacture their own cut rate products. One assistant attorney for US National Security describes the Chinese hacking campaign against the United States as a real “national security emergency.” China has created what some describe as an army of hackers – numbering in the thousands – who identify and steal intellectual property from various industrial, tech or defense related companies. China then uses the stolen intellectual property to produce nearly identical products with the information it hacks. In September, 2015, China’s President Xi Jinping and President Obama pledged they would no longer condone hacking to steal commercial secrets. These diplomatic platitudes were shallow at best and subsequent efforts to resolve numerous hacking incidents and trade violations through good faith negotiations have largely been ignored. The recent US Steel case is a classic example of what the Chinese are up to. The US Steel Corporation invested millions into the research and development of innovative, lighter, and stronger steel products. China reportedly hacked into the company and stole the research. They are now manufacturing their own light grade, super strong steel. President Obama and candidates running for office can call for an immediate end to these blatantly illegal and unfair practices. It is time to tell world leaders that this administration, the next president of the United States, and the next Congress will work aggressively to secure and protect American business interests.
Kenya and South Korea sign deal on internet security
Kenya and South Korea have signed an agreement to boost Kenya’s internet and data security. A memorandum of understanding was signed in order to establish links between government departments, research stations, organizations, businesses and training centers involved in information technology. The purpose of the MoU is to enhance cooperation between the two countries in the field of ICT. The arrangement means that Kenya will benefit from South Korea’s advanced internet security, which could aid organizations like the Independent Electoral and Boundaries Commission (IEBC). The new MoU lists big data, cloud computing, training of personnel involved in ICT, cyber security, and high speed internet broadband as areas which South Korea could support Kenya. It is an addition to a set of agreements reached between Kenya and South Korea earlier in May when President Park Geun-hye of South Korea toured Nairobi.
AFRICA
Kenya opens center to combat cybercrime
The Kenya Communication Authority (CA) has established a Cyber Coordination Center, aimed at responding to critical infrastructure cyberattacks, which have led to increased insecurity in the country. “[The] Cyber Coordination Center is aimed at curbing increasing threats posed by cybercriminals in the country and the region at large which require both institutions and individuals to take all necessary measures to safeguard themselves,” said CA chairman Ngene Gituku. According to Gituku, the Center will work closely and collaborate with other national CERTs and international organizations in order to facilitate exchange of information and the knowledge needed to reduce vulnerabilities, mitigate risks, and react to threats and attacks. It will also facilitate closer collaboration locally with relevant stakeholders and globally with CERTs and international information security organizations as well as monitor cyber security issues across Africa. “There is a need for comprehensive research and coordination in order to fight these criminals in the region,” said Tyrus Kamau, information security consultant and chair of the AfricaHackOn. According to Control Risks’ cyber threat intelligence, there has been a rapid increase in advanced and persistent threats in East Africa, with Kenya alone having lost an estimated KES 2 billion (US$23 million) in 2015.
