Global Cyber Bi-Weekly Report by INSS February 1, 2017
ISRAEL
Disabling an entire enemy air force with one keystroke is not imaginary
“With one keystroke on the eve of a war, all enemy aircraft could be disabled without sending a single aircraft on a mission and without risking one human being . . . it is not beyond imagination,” former IDF Brig. Gen. Yair Cohen said about Israel’s potential cyber capabilities. Speaking at the Cybertech Tel Aviv 2017 conference, Cohen said that Israel may soon be able to achieve the same decisive outcome in war with just one keystroke that it did in its massive air strike during the Six Day War. Referencing Israel’s place among the five world cyber superpowers, Cohen said that even though Israel has not publicly declared its cyber capabilities, in 2011 officials, such as British Armed Forces Minister Nick Harvey, declared cyber as being a critical part of its armed forces. In addition to Israel and the United Kingdom, the countries which are believed to have the most developed cyber warfare capabilities are the United States, China, and Russia.
Israel sets up cyber education center to attract students to field
The facility is to have a five-year, $6 million budget, Prime Minister Netanyahu said at Tel Aviv’s Cybertech 2017 conference. The prime minister announced the creation of a National Center for Cyber Education to train young people in a sector he views as key. Its aim will be to “increase the number and raise the level of young Israelis for their future integration into the Israeli security services, industry, and the academic world,” he said in a statement released by his office. The statement added that the center will focus on “the development of programs and education for children, youth and graduates in the cyber sphere.”
UNITED STATES
India, United States sign another agreement on cyber security cooperation
The governments of India and the United States have signed a Memorandum of Understanding (MoU), promising close cooperation and exchange of information around cyber security issues. In 2011, India and the United States signed a similar MoU regarding cyber security. In September 2016, the two nations held their cyber dialogue, which focused on “exchanging and discussing international cyber policies, comparing national cyber strategies, enhancing our efforts to combat cybercrime, and fostering capacity building and research and development.” Not explicitly mentioned was a mutual concern over the growing cyber capabilities of China, which caused the United States to get India to align against China in “cyberspace behavior norm,” for example, such as not using the internet to steal intellectual property.
New cybersecurity subcommittee formed under Senate Armed Services
The Senate Armed Services Committee has a new subcommittee focused on cybersecurity, with Mike Rounds serving as chairman and Bill Nelson as ranking member. The establishment of the Cybersecurity Subcommittee follows the publication by the US intelligence community of evidence linking Russian government officials to an extensive hacking campaign aimed at US politicians. The Armed Services Committee has broad jurisdiction over national security and military policy issues, as well as the Pentagon’s budget. “You can’t just sit on your hands and do nothing,” Nelson said in a statement about the subcommittee’s establishment. “If we’re going to deter our enemies from attacking us, we have to make it painfully obvious that the consequences are going to be so severe that they won’t want to do it in the first place.”
http://bit.ly/2jzs26G
EUROPE
Europe to be hit by cyber storm of malware
VIPs and top executives at this year’s World Economic Forum in Davos were warned of a perfect storm of malware and cyber threats set to make ground in Europe. The report, entitled “The Cyber Threats: A Perfect Storm About to Hit Europe?” and compiled by Marsh & McLennan Companies (MMC) and FireEye, revealed how Europe lays exposed to the threats posed by cyberattacks. Highlighting how the cyber threat environment has “intensified dramatically,” the report points the blame at unprepared business leaders who are unable to cope with the reality of today’s cyber risks. Polling more than 750 businesses across Europe, only 31 percent said that they had a strong understanding of their cybersecurity posture and only 32 percent regarded cybersecurity as one of their top-five risks. Of huge concern is the 9 percent of companies that did not even include cyberattacks on their risk register.
NATO has become a target for more hackers worldwide
A spokesperson for NATO revealed that an average of 500 attacks cyberattacks are recorded every month. The organization recorded an increase of approximately 60 percent in the number of attacks in 2016 compared to 2015, Oana Lungescu, NATO spokesperson, told CNN. As far as the identity of the hackers is concerned, investigations were launched, but in most of the cases, finding whoever attacks NATO is difficult. “Foreign governments, criminals and terrorists can all be the source of cyberattacks, and attribution can be difficult,” Lungescu was quoted as saying. “But of course, nations have the largest resources in the cyber field, and they are responsible for the majority of targeted attacks against NATO networks.”
Companies are falling short of data protection
Many companies are falling short of data protection obligations under the General Data Protection Regulation (GDPR). DLA Piper’s Data Privacy Scorebox shows that, on average, companies are complying with 38.3 percent of GDPR principles. Companies failing to comply with the GDPR after its implementation in May 2018 could face fines as high as 4 percent of global annual turnover. The UK government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
RUSSIA
External cyberattacks on Russia are on the rise, head of Security Council says
Secretary of the Russian Security Council Nikolai Patrushev said that most of the recent attempts to hack the information systems of Russia are carried out by external forces. He indicated that most of the attacks are cases of hacking and unauthorized collecting of personal data, and most of the cyberattacks are from abroad.
Kaspersky Lab’s head of cyber investigations and few FSB IT security deputies arrested for treason
Ruslan Stoyanov, the head of Kaspersky Lab’s department of cyber investigations, was arrested by the Federal Security Service (FSB) and accused of treason. The arrest could be related to the investigation of two of the deputy heads of the Information Security Center of the FSB. The two senior information security deputies of the FSB, Sergey Mikhailov and Dmitry Dokuchaev, were recently arrested and accused of providing information to US intelligence.
Google to sue Russia’s antimonopoly services
The Supreme Court of Russia has registered the cassation appeal of Google as part of a case in which Google is challenging the legality of the decision and determination of the Federal Antimonopoly Service of Russia, which found Google to have violated the antimonopoly legislation in the Russian market of mobile apps for Android.
Russian National Guard website subjected to cyberattack
The website of the Russian National Guard was subjected to a DDoS attack on January 26. Only late at night, the IT security managed to block more than 7,800 unique IP addresses from which the attack was launched. Earlier the Federal Security Service announced that more than 70 million cyberattacks had been launched on Russian facilities during 2016.
MIDDLE EAST
Turkish experts mark cybersecurity as essential for Turkey’s national security
The experts expect an increase in cyberattacks against Turkish authorities in 2017. The focus of Turkish capacity in cybersecurity is on developing secure software for weapon systems. The development of human resources is also highlighted as the foundation of a national cybersecurity strategy.
Theresa May and Donald Trump escalate cyberwar on ISIS
Leaders of the United Kingdom and the United States have agreed to jointly launch a series of cyberattacks against the Islamic State. The main targets are ISIS’ critical infrastructures and sensitive information. The nations also are increasing their efforts to remove beheading videos and other extremist content posted on the internet.
CHINA and ASIA PACIFIC
Chinese government engaged in “holistic” cyber effort to infiltrate US industries
In his testimony before the US-China Economic and Security Review Commission on January 26, 2017, Jeffrey Johnson, president and CEO of SquirrelWerkz, a company that analyzes Chinese-affiliated campaigns, described them as a “holistic” attempt by the Chinese government to infiltrate information technology, finance, media, and the entertainment industry. The Congress established the commission in 2000 to monitor and investigate the national security implications of the United States’ trade and economic relationship with China. According to Johnson’s testimony, the Chinese government is engaged in a systematic cyber-economic campaign across industries in the United States.
China cracks down on bids to bypass online censorship
China passed a controversial cybersecurity bill last November, tightening restrictions on online freedom of speech and imposing new rules on service providers. Companies and individuals often use VPNs to access the unfettered internet beyond China’s “Great Firewall.” Now telecom and internet service providers will no longer be allowed to set up or rent special lines such as VPNs without official approval. The new ruling of the Communist party, which oversees a vast apparatus, is designed to censor online content deemed politically sensitive. China is also blocking some western websites and the services of internet giants, including Facebook, Twitter, and Google.
Southeast Asia begins to prepare for cyber war; India turns to AI
India has turned its attention to artificial intelligence (AI) in preparation for cyber warfare. India’s tech start-up Innefu has recently signed an agreement with the government of India and is using AI to look at data provided by Indian intelligence agencies to find patterns in the past and predict future behavior. Its latest offering, Prophecy, has been able to find the main players of an incident along one of India’s borders and the connection among them by analyzing intelligence documents, including social media snippets on planned protests. Voices urging to prepare for cyber warfare is growing in Southeast Asia, which has weak information security against cyber threats.
Pyongyang’s hacking skills show progress
According to an intelligence official, North Korea hacked the website of a South Korean aerospace company earlier this month, but no serious damage occurred. North Korea’s apparent technological development, said the official, is what prompted the National Intelligence Service to investigate the matter, a task that was supposed to be handled by the Defense Security Command. The official said South Korea’s National Intelligence Service began investigating the case on January 11 and recently concluded that North Korea had infiltrated the website. The latest hack was more sophisticated than previous cyberattacks as North Korea was able to individually extract data from South Koreans who logged into the page, a scheme that is harder to detect than having an entire website paralyzed, as usually has been the case in the past.
AFRICA
New report pokes holes in Uganda’s cyber security capacity
A new report by the Global Cyber Security Capacity Center (GCSCC) has exposed loopholes in Uganda’s cyber security capacity. The report also indicated that it is at an embryonic state and that no concrete action has been taken to help the situation. The report was compiled after a three-day consultation with different government and private sector stakeholders.
