Global Cyber Bi-Weekly Report by INSS July 1 2018

ISRAEL Israel seeks global help for cyber shields The director general of Israel National Cyber Directorate (INCD), Yigal Unna, said that Israel is looking to collaborate with several countries including India to develop state-level cyber shields. Unna also said that securing the country’s cyberspace is one of the main objectives of the directorate and that Israel believes that partnership with other nations and sharing information would result in a stronger defense against cyberattacks. https://bit.ly/2tT9J08

Why is Israel’s new proposed cybersecurity law raising hackles? The cybersecurity law that was published last week would give Israel’s National Cyber Directorate—the agency charged with protecting Israel’s civilian national cyberspace—the authority to gather information and confiscate equipment without a court order, in order to foil or deal with a cyberattack. The new law comes as nations grapple with the growing threat that hackers pose to their citizens and democracies. In the past few years, there has been a “significant rise in cyber threats and their severity,” the authors of the proposed law wrote. “Cyberattacks are becoming more sophisticated, and their results are more difficult and more complex to deal with. As a result, the risk of harm to personal security, economic activity, and national security increases in a manner that requires addressing at the national level.” The proposed legislation is likely to be amended numerous times before being submitted to a vote. The proposal formalizes the processes already in place and sets up a framework of what Israel’s civilian and government sphere should be doing for cybersecurity. https://bit.ly/2yKJ636

USA NATO troops on the front line with Russia are taking new steps to protect against electronic attacks Recent NATO joint exercises in Poland and the Baltic states have been prioritizing cyber warfare far more than in previous rounds. The most recent exercises are different because Internet of Things (IoT) devices, such as personal smart phones, can be used by Russian forces to track individual soldiers and commanders. Attempts to have soldiers abide by the “no smartphone” policy have had limited success, and some commanders have resorted to novel means to enforce the policy. One Estonian commander had his soldiers jump into a lake at random only to discover some had protected their smartphones inside condoms. This shows what already is known: IoT devises in the military can and most likely will leave military forces vulnerable to cyber warfare. https://read.bi/2NiT9zI

First NATO joint air power strategy emphasizes integral role of domain Cyber warfare has now made it to the near top- of-the-list of NATO’s assessment of threats to air superiority in the next conflict. In NATO’s first ever Joint Air Power Strategy, cyber warfare is acknowledged as a threat equal to or above advanced anti-aircraft missile systems and electronic warfare systems. This is due to the debilitating effect NATO’s command and control systems could have on NATO air forces in the next conflict should it be with a state that possesses advanced cyber warfare means. https://bit.ly/2Nfnuiz

As the military’s cyber units change guard, a battle over control rages on The 2019 National Defense Authorization Act (NDAA) is causing much drama among the pentagon brass responsible for cyber warfare. At stake is the power or lack of that will rest in the hands of various generals and admirals in each of the branches of the cyber commands. The most recent NDAA also seeks to codify how and when the commander-in-chief can employ cyber warfare against an aggressor state. The NDAA also formally outlines a focused US cyber warfare strategy, which is long overdue. https://bit.ly/2KAel2o

EUROPE Younger employees are main culprits for workplace security breaches More than a third of senior executives believe that younger employees are the “main culprits” for data security breaches in the workplace, according to a new independent study about attitudes of the next generation workforce toward cybersecurity, commissioned by Centrify. The study also reveals that these same decision makers are doing very little to allay their own fears, with more than a third of 18 to 24 year-olds being able to access any files on their company network and only one in five having to request permission to access specific files. Less than half (43 percent) have access only to the files that are relevant to their work. The study, conducted by Censuswide, sought the views of 1,000 next generation workers (18 to 24 years-old) and 500 decision makers in UK organizations to discover how security, privacy, and online behavior at work impacts the lives of younger employees and the companies that they work for. https://bit.ly/2KBTdZA

Ticketmaster has revealed details of a malicious security breach Up to 40,000 British Ticketmaster users may have had their personal and payment details stolen by hackers in security breach, unnoticed by the company for five months. The company says it “identified malicious software” on a third-party product on June 23. The ticket vendor reported that its UK arm identified malicious software on a customer support product hosted by Inbenta Technologies, who operates as a third-party supplier to Ticketmaster. Ticketmaster says some of its customers’ personal or payment information may have been accessed by an unknown third party, as a result of Inbenta’s product running on Ticketmaster’s international websites. https://dailym.ai/2KpSmz5

UK government sets minimum cybersecurity standard The UK government has launched a new cybersecurity standard designed to set a baseline of mandatory security outcomes for all departments. The Minimum Cyber Security Standard that was announced this week presents a minimum set of measures that all government departments will need to follow, although the hope is that they will seek to exceed these at all times. There is some flexibility in how they achieve these measures, depending on “local context.” https://bit.ly/2tQno7X

Cyber risk at all time high for UK financial sector The proportion of financial services firms citing cyberattacks as a major source of risk has reached an all-time high, according to the latest biannual survey from the Bank of England (BoE). The bank’s Systemic Risk Survey for the first half of 2018 had cyber incidents ranked second, jointly alongside geopolitical risk, with 62 percent citing them as major risks to the UK’s financial system. The figure has increased for the third consecutive survey and is now at its highest level since records began in 2008, according to the BoE. There was also an increase of five percentage points in the proportion of respondents that cited cyberattacks as the risk most challenging to manage, to over half (51 percent). https://bit.ly/2tMGqMH

RUSSIA FBI cyber threat report: Russia is among most vulnerable countries in the world The Federal Bureau of Investigation published a report in which it analyzed the main trends in the world of cybercrime in 2017. According to the report, Russia is among seven most vulnerable countries. Outside of the United States, the largest number of reports on cybercrimes came from Canada, India, Britain, Australia, Mexico, Russia, and Brazil. http://bit.ly/2IxOiqN

Ukrainian authorities: Russia is about to strike Ukraine Russian hackers are infecting Ukrainian companies with malware to create backdoors for a large-scale coordinated attack, representatives of the Department of Cyber Police of the National Police of Ukraine told the news agency Reuters. The list of infected companies includes banks and companies in the electricity sector. According to head of Ukrainian cyber police Sergey Demedyuk, hackers intend to activate the malware simultaneously in one day to inflict a large-scale strike. Currently, law enforcement officers are working with foreign colleagues to identify the hackers. http://bit.ly/2Iy6FeU

No Russian banks comply with cybersecurity norms No credit institution in Russia complies with the norms on cybersecurity established by the regulator of the Central Bank of Russia. This was announced by Acting Director of the Information Security Department of the Central Bank Artem Sychev. Sychev also added, however, that the regulator does not cause major alarm due to the fact that two large-scale attacks using extortion programs that had been carried out recently did not affect the Russian banking system in any way, as the bank’s protection measures identified the threat on time and “did not allow it to develop.” http://bit.ly/2KxvqKo

MIDDLE EAST Saudi Arabian authority signs deal to boost cybersecurity education Saudi Arabia’s National Cyber Security Authority has signed an agreement with the Ministry of Education to allocate 1,000 scholarships over the next five years. The agreement will ensure the provision of scholarships to two-hundred students annually to pursue cybersecurity-related studies and aims to improve Saudi Arabia’s cyber security capabilities. The new agreement demonstrates Saudi Arabia’s commitment to cyber security. It will also help the kingdom meet its Vision 2030 goals through continued investment in education and training. With cybercrime on the rise, organizations in Saudi Arabia must have strategies in place to protect their assets. https://bit.ly/2Ky6yp5

Qatar Central Bank’s security strategy keeps cyberattacks at bay Cyberattacks threaten financial stability by disrupting the vital functions that the financial sector performs for the economy. Therefore, Qatar Central Bank has developed a cybersecurity strategy for Qatar’s financial sector of encrypting the databases and updating the servers of the national payment gateway and associated security standards. Qatar Central Bank has also issued a comprehensive cyber security circular to provide guidance to bank users, employees, contractors, and other authorized users in Qatar of their obligatory requirements for protecting the technology and information assets of the bank. https://bit.ly/2tIuaxq Egypt looks to monitor popular social media users On June 10, Egypt’s parliament gave preliminary approval of the bill, pending a final reading and then ratification by President Abdel Fattah al-Sisi. The bill would place social media users with at least 5,000 followers under the supervision of Egypt’s Supreme Council for Media Regulation. The council, known for its criticism of foreign media and television programs accused of violating public morals, would oversee “every personal website, blog or electronic account of any person with 5,000 followers or more.” It would also have the right to suspend or block such accounts if they “publish or broadcast false news” or information inciting “breaking the law, violence or hatred.” Mohamed Abdelsalam, director of research at the Association of Freedom of Thought and Expression (AFTE), urged social media companies to “reject the practices of the Egyptian government and stand on the side of the rights (of citizens) and civil society organizations.” https://bit.ly/2MHjuGq

AFRICA New cyber intelligence initiatives in Senegal and Nigeria NEC XON, an African system integration company, plans to build cyber facilities in Senegal and Nigeria. These facilities will provide intelligence on cyber threats within Africa, rather than previous capabilities that only tracked intercontinental threats. The services of these facilities will be used by financial organizations and law enforcement agencies. According to NEC XON, cyberattacks often originate outside Africa, but use African locations for evading location tracking. https://bit.ly/2IFin7R

South Africa company has been hacked Liberty Holdings, a financial services company in South Africa, has been hacked, exposing a large amount of its clients’ personal information. The information regulator of South Africa, invested with broad powers of investigation, is yet to be fully operational. The company and the regulator both made separate calls for the information regulator to be fast tracked toward operationalization. https://bit.ly/2tU9HF8

LATIN AMERICA Mexican banks to harvest biometric data Mexican banks have been granted an extension of nine months to harvest biometric data from their clients. In a law passed last year, all banks must collect the personnel data of their clients, fingerprints, Iris scans, and now voice and facial features. The banks BBVA and CITI expressed their satisfaction with this law, which will help them to combat identity theft. https://bit.ly/2tTyf1f

Mexican election system is vulnerable to cyber influence The Mexican election looks increasingly vulnerable to cyberattacks. Accusations by Andres Manuel Lopez Obrador against rivals have polarized the election atmosphere, making the election especially vulnerable to influence campaigns and lies. The real target of the hackers is to call into question the legitimacy of the election process. Israel Reyes, a cybersecurity advisor for the election system, says that the elections are more vulnerable than the Mexican banks. https://bloom.bg/2Kwd6UY