Global Cyber Bi-Weekly Report by INSS January 15, 2017
ISRAEL
Posing as young women, Hamas penetrates soldiers’ phones
Hamas has used fake identities, usually of young women, often posing as wishing to immigrate to Israel, to entice combat soldiers to be in contact with them. The Israel Defense Forces says it has identified Hamas’ methods of using fake social networking profiles to penetrate soldiers’ cellphones and extract sensitive information. After the initial contacts, the soldiers are asked to download an application for video conversations. After the soldiers download the apps, the fake women disappear and cut off contact with the soldiers.
Israeli cyber company launches GPS anti-jammer
GPSdome Ltd., an Israeli cyber company, announced that it has started shipments of its innovative, miniature, and affordable GPS anti-jammer developed to protect GPS-based systems from disruptions, following the announcement of the product last May. GPSdome CEO Ehud Sharar said, “Our affordable GPS anti-jammer has been developed for civilian applications, which cannot afford paying over $30,000 for the existing military-oriented anti-jammers.”
UNITED STATES
Senate Intelligence Committee to probe Russian meddling in election
After a steady stream of allegations that Russia interfered with the US presidential election, the Senate Select Committee on Intelligence said it will open an inquiry into “any intelligence regarding links between Russia and individuals associated with political campaigns.”
The lawmakers will summon a bevy of senior officials—via subpoena, if necessary—from both the Obama administration and the incoming Trump administration to determine any links between Russia and people with ties to either political campaign.
Student faces ten years in prison for creating and selling limitless key-logger malware
A 21-year-old college student, who won a Programmer of the Year Award in high school, pleaded guilty to charges of developing and selling custom key-logging malware that infected thousands of victims. Zachary Shames from Virginia pleaded guilty in a federal district court and now faces a maximum penalty of up to ten years in prison for his past deeds.
EUROPE
Europe prepares cyber defense to protect elections from Russian interference
Nations in Europe—including Germany and France, which will be holding elections this year—are bolstering defense to counter possible Russian cyberattacks and disinformation used to sway western politics; intelligence experts, however, say it might be too little, too late. The issue of Russian “influence operations” has taken on new urgency after US intelligence agencies released a non-classified assessment that Russia’s President Putin ordered a campaign to move the US election in favor of Donald Trump. European nations and NATO are setting up centers to identify “fake news,” bolstering cyber defense, and tracking use of social media that target Russian-speaking communities, far-right groups, political parties, voters, and decision makers.
UK spy agency’s cyber security incubator picks first seven startups
The Government Communications Headquarters’ (GCHQ) startup incubator has opened its doors and has announced its first cohort of seven startups that will participate in the three-month accelerator program. The government announced the GCHQ Cyber Accelerator initiative in September, being a cooperative effort between the GCHQ, which is the UK’s domestic signals intelligence and cyber security agency; the Department for Culture, Media, and Sport (DCMS); and Telefonica’s Wayra UK, which is running the program.
The selected teams can be seen at: http://tcrn.ch/2icP3Ns
RUSSIA
Russia intensifies military drills of its cyber forces
Electronic warfare forces of the Russia Military conducted more than 50 drills in 2016—one and a half times more than in 2015—said the press service of the Russian Ministry of Defense. Electronic warfare specialists of the Central Military District in 2016 attended more than 50 tactical exercises of different levels, which is 50 percent more than last year,” according to the statement.
Informal cooperation between Kaspersky Lab and FSB will cost the Chief of Information Security his chair
Chief of Information Security Center (CDC) of the Federal Security Service (FSB) Andrei Gerasimov, occupying the post since 2009, may soon be relieved of his duty due to internal investigation concerning one of his deputies, claimed the Kommersant newspaper. The reason was the informal cooperation of officials with private IT companies, particularly Kaspersky Lab.
Kaspersky Lab has been monitoring hacker groups involved in Democrats’ hacking
Kaspersky Lab officially announced that two hacker groups, “Cozy Bear” and “Fancy Bear,” committed attacks on the US Democratic Party network. Specialists of the IT Company declared that they have been monitoring the activities of these groups for a long time and know that these groups are engaged in hacking, particularly in attacks on official organizations in the United States, including the US government.
Russia is in top five world cyber states
Vladimir Ulyanov, head of Zecurion Analytics—a cyber, analytical center—compared the Russian capability in cyber protection to that of China and United States. Earlier the media reported that Russia is in the top five countries in the world in size and financing of its cyber forces after the United States, China, Britain, and South Korea.
Russia deployed new SIGINT system in Arctic Ocean
A new Russian radar called Sopka-2 has been deployed on the Wrangel Island, head of the press service of the Eastern Military District, Colonel Alexander Gordeyev told reporters last Wednesday. The system is deployed for electronic intelligence gathering (SIGINT) and covers the whole Arctic region, Gordeyev said.
MIDDLE EAST
Power cuts in Turkey were associated with US cyberattacks
The Turkish energy minister said that sabotage of underground power lines, as well as cyberattacks originating in the United States, caused power cuts in Istanbul and other parts of Turkey. Ankara has repeatedly accused US-based Fethullah Gülen for using a wide network of supporters in Turkey to undermine the regime, and this accusation might be linked to that general trend.
Egyptian parliament is about to discuss a significant cybercrime law
Several drafts of a cybercrime bill were submitted to parliament earlier this year, but none were passed. Shutting down Facebook pages is considered a legitimate cybercrime procedure in Egypt, with 1,045 Facebook pages closed in 2016, due to government monitoring or citizen reporting. Internet crime is regulated in Egypt through an anti-terrorism law. But while activists perceive existing legislation as very harsh, lawmakers say it does not go far enough.
Iran extends military spending on missiles, drones, and cyber warfare
Iran’s extending of military spending on missiles, drones, and cyber warfare might put the Islamic Republic in collusion with the incoming Trump administration. It also might fuel criticism from other Western states, which claim Tehran’s recent ballistic missile tests are inconsistent with a UN resolution on Iran. While the investment in ballistic missiles draws most of the attention, drones and cyber warfare signal the change in war strategy in the twenty-first century.
CHINA and ASIA PACIFIC
New Chinese cybersecurity law comes with data protection fangs
On June 1, 2017, all of China’s consumers and businesses, including financial institutions, will be held to a more stringent set of rules regarding the creation and use of personal data. The new Cybersecurity Law was passed after a third deliberation, suggesting the extent to which the government sees the importance of the internet while recognizing the real threat it poses. The guidelines under the new Cybersecurity Law does significantly strengthen the data protection and data security compliance environment in China, targets online fraud, and is aimed to protect China against internet security risks. It imposes new security and data protection obligations on “network operators,” puts restrictions on transfer of data outside China by “key information infrastructure operators,” and introduces new restrictions on critical network and cybersecurity products.
India and United States sign memorandum of understanding to continue cooperation in cybersecurity
India and the United States have signed a memorandum of understanding (MoU) on cooperation in the field of cybersecurity, The MoU is between the Indian Computer Emergency Response Team (CERT-In), under the Indian government Ministry of Electronics and Information Technology and the US Department of Homeland Security on cooperating in the field of cybersecurity. The MoU intends to promote closer cooperation and the exchange of information pertaining to cybersecurity in accordance with the relevant laws, rules, and regulations of each economy and this MoU, as well as on the basis of equality, reciprocity, and mutual benefit.
http://bit.ly/2iJ4IR2
China denies American claims that military uses two Beijing hotels as bases for cyber attacks
China has denied US media reports that China’s military is using two hotels in the Chinese capital as the bases for launching cyberattacks. The Ministry of National Defence said the reports were groundless and “an attempt to smear China. The Chinese military has not supported any hacking activities.” The Washington Times reported that two Beijing hotels owned or connected to the People’s Liberation Army were the headquarters of Chinese military hacking units. According to the report, electronic and information warfare were among China’s most secret operations, and the location of the headquarters at the hotels appeared to be following the strategic dictum of hiding in plain sight.
AFRICA
Kenya’s internet regulator website hacked
The website of the Communications Authority of Kenya (CA) has been hacked. CA is the state agency that regulates internet resources for public and private entities. Interestingly, by extension, the agency is supposed to protect all government sites from malicious attacks. The hackers also took down the National Environment Management Authority (NEMA) website for several hours, casting doubt on the preparedness of Kenyan state agencies to fight cybercrime. The website was hacked by a group referring to itself as AnonPlus. The group replaced the regulators’ homepage with a five-point hackers’ manifesto that promised to “defend freedom of information, freedom of the people and emancipation of the latter from the oppression of media and those who govern us.”
Nigeria lacks a 2017 cybersecurity strategy, but faces the most cybercrime ever seen
Cyber Security Experts Association of Nigeria (CSEAN) announced the Nigerian government is ill-prepared for cybercrime in 2017. Cybercrime changed drastically during 2016; threat actors grew in number and capability. The Nigerian government has lacked a cybersecurity budget and has overlooked the creation of a realistic strategy. For these reasons alone, CSEAN elements are worried for the cybersecurity landscape in 2017. The Nigerian cybercrime groups, CSEAN said, started using advanced tools and programs—the types typically used by “sophisticated criminals and espionage groups.” In August 2016, Interpol arrested the ringleader of a massive, international, email fraud organization. The group hacked the customer email accounts of large corporations and then used the accounts to scam the supplier or company.
