Global Cyber Bi-Weekly Report by INSS January 1, 2017
ISRAEL
US-Israel cybersecurity collaboration legislation passed
Bipartisan legislation to strengthen collaborative cybersecurity research and development efforts between the United States and Israel was signed into law. President Barack Obama signed the US-Israel Advanced Research Partnership Act of 2016, which will expand existing joint research and create a grant for new development.
Huawei buys out Israel cybersecurity startup HexaTier for $42m
China-based telecom equipment giant Huawei has completed the acquisition of HexaTier, a cyber security startup in Israel, for $42 million, the Calcalist reported. Founded in 2009 as GreenSQL by Amir Sadeh, David Maman, and Hadar Eshel, HexaTier secures databases in the cloud. It has forty employees in Tel Aviv, California, and Boston. HexaTier’s software integrates information security systems for monitoring and supervision.
UNITED STATES
United States posts rules for addressing cyber bugs in medical devices
The US government last Tuesday issued rules for addressing cyber vulnerabilities in medical devices, providing manufacturers with guidelines for fixing security bugs in equipment, including pacemakers, insulin pumps, and imaging systems. “Cybersecurity threats are real, ever-present and continuously changing,” Suzanne Schwartz, a senior Food and Drug Administration official who helped draft the new rules, said in a blog post. “And as hackers become more sophisticated, these cybersecurity risks will evolve.”
Russian operation hacked a Vermont utility, showing risk to US electrical grid security, officials say
A code associated with the Russian hacking operation, dubbed Grizzly Steppe by the Obama administration, has been detected within the system of a Vermont utility, according to US officials. While the Russians did not actively use the code to disrupt operations, officials who spoke on the condition of anonymity to discuss the security matter, said that the discovery underscores the vulnerabilities of the nation’s electrical grid. And it raises fears in the US government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks. Officials in government and the utility industry regularly monitor the grid because it is highly computerized and any disruptions can have disastrous implications for the country’s medical and emergency services. Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.
EUROPE
Europe keeps a wary eye on Russian cyber warfare
European governments are increasingly apprehensive of Russian state-sponsored propaganda and hacking in their political and economic affairs, as US security agencies confirm Moscow’s interference in the recent presidential election. British Prime Minister Theresa May will chair a session of the National Security Council early next year to deal with suspicions of Russian cyber warfare, media reports said on Saturday. It came after the British government announced on November 1 a plan to spend £1.9 billion (Dh8.6bn) on cybersecurity. Warning of hostile “foreign actors,” Philip Hammond, the chancellor of the exchequer, said that if the United Kingdom failed to act, “we would be left with the impossible choice of turning the other cheek, ignoring the devastating consequences, or resorting to a military response.”
RUSSIA
Russian Ministry of Defense to receive latest electronic warfare equipment
Russian Ministry of Defense announced that it will be equipped with latest set of electronic warfare equipment. Instrument-United Corporation (OPK) has developed a new range of electronic warfare (EW), which will compete with its counterparts from the United States, Britain, France, and Israel. Its mass production will begin in 2017, the CEO of OPK, Alexander Yakunin, said in an interview to RIA Novosti news agency.
Russian military vehicles to become “smart”
Russian military armored vehicles will be equipped with the modern information management system “GALS-D4,” the newspaper Izvestia wrote. The unique system will facilitate the monitoring of the state and condition of combat vehicles, monitor sensors, notify the crew of any emergency, and provide a reliable navigation system. The system will ensure the security against outside penetration, as well as random and targeted cyber interference.
Obama used Cold War “Red-Line” to warn Putin
Determined to stop Russia’s interference in the presidential campaign, President Obama used the “Red Line” Cold War communication system to warn Putin after the cyberattacks on the Democratic party during the US elections. “Mess with the vote will be considered as an act of war,” Obama said to Putin, NBC reported.
MIDDLE EAST
Turkey is set to build an army of hackers for cybersecurity
The Turkish government plans to hire white-hat hackers to protect national security. The state’s information and communication technology authority has started the employment process of young security experts who will be able to apply for the positions by email. The country faced more than 90 million cyberattacks last year, and experts argue that 45 percent of the country’s computers are exposed to attacks. The country is ranked fourth in the world in the number of compromised computers.
Egypt blocks the encrypted messaging app Signal
Egypt has been increasingly tightening controls over free speech all year. Activists were able to circumvent the block of Signal through VPN. In the wake of the Islamic State’s attacks in Cairo earlier this month, local political parties have renewed their calls to pass a repressive cybersecurity law that can carry the death sentence in some cases.
Iranian officials warn about a years-old cyber threat
Senior officials from Iran’s civil defense agency warned an audience at a conference in Tehran about a joint US-Israeli attack code named Nitro Zeus. This warning came at somewhat of a surprise, as the existence of Nitro Zeus is well known and was recently featured in the documentary film “Zero Days.”
CHINA and ASIA PACIFIC
Ransomware cases rises exponentially in Singapore
Ransomware cases have risen exponentially in Singapore. Ransomware attacks mean that a hacker successfully encrypts the user’s files or locks a user’s computer, and then demands money from the user in order to regain access to the files or computer. Seventeen cases of ransomware were reported in the first eleven months of 2016, up from just two in 2015, according to the Cyber Security Agency (CSA).
Cyber threats facing APAC
According to a report by Deloitte, Singapore, Australia, Japan, New Zealand, and South Korea are the top five countries vulnerable to cyberattacks in the Asia-Pacific region, with statistics showing them nine times more vulnerable to cyberattacks than China and India. The report states that the cyber war in the Asia-Pacific region has been escalating greatly in the past few years, where cyber conflicts and cyberattacks launched by nation-states have become so frequent and, although non-violent, have the potential to turn into a major cyberwar.
China issues first cyber security strategy
China released its first cyberspace security strategy. According to the fifteen-page strategy released by the Cyberspace Administration of China, China will prioritize cyberspace sovereignty ahead of the implementation of the Cyber Security Law. According to the strategy, the government will protect cyberspace sovereignty and national security, key information infrastructure, and crack down on cyber terror and crimes. Together with China’s first Cyber Security Law, which will take effect in June 2017, the strategy defines cyberspace sovereignty and how to protect it.
Thailand arrests nine cyber warriors for hacking government sites in protest against internet laws
Thai police have detained nine suspects for hacking government websites in protest against amendments to a cybersecurity law, which critics say strengthens the authorities’ oversight of the internet. Deputy Prime Minister Prawit Wongsuwan said these nine people had been arrested in connection with the hacking. However, the police said one of the suspects has been charged with breaking the cybercrime law. Ever since Thailand’s military government seized power in a 2014 coup, it has increased online censorship, especially to block perceived insults to the royal family.
North Korea hackers could disable US Pacific Command
North Korea has been making strides in its cyberattack capacity, with the South Korean Ministry of National Defence estimating that the North has around 6,800 specialists on cyber terrorism. A cyberattack by North Koreans could potentially knock out the computer network for the US Pacific Command (USPACOM), warned a report by the Defence Agency for Technology and Quality (DATQ). A recent simulation by the Pentagon showed that a full-blown cyberattack by Pyongyang has the capacity to paralyze the control center for the USPACOM, while inflicting damage upon the power grid on the US mainland. Earlier in the month, it was revealed that the North Korean hackers apparently breached South Korean military’s intranet. This resulted in an unspecified number of military secrets being leaked. The DATQ report said Pyongyang’s cyberattack capabilities have gained a reputation among experts, following its 2013 mass attack that hit three major South Korean banks, their affiliates, three TV broadcasters, and infected some 48,000 computers with malicious codes. The attack was estimated to have caused some 900 billion won (S$1 billion) of damage. US authorities also pinpointed North Korea as the culprit behind the 2014 cyberattack on Sony Pictures.
AFRICA
Botswana hardest hit by cyber crime
According to Check Point, Botswana is the most cyberattacked country on its list of 117 at-risk nations, and is followed by Malawi in second place, Namibia in fourth, Uganda in ninth, and the Democratic Republic of Congo in tenth place. Five African countries have emerged among the top ten most-attacked countries by cybercriminals in recent months. The period saw the criminals make increasing use of ransomware attacks, using the Locky and Cryptowall viruses in November. South Africa moved up to the 31st place on the list from the 58th position in October, while Kenya dropped to 24th (from 22nd in October), and Nigeria climbed slightly to 108th position, from 116th in the previous month.
