INSS Global Cyber Review – July 2013
This post is also available in: 
עברית (Hebrew)
Israel
Israel: An increase of cyber security to investigate incidents
94% of hackers attack discover too late after the damage was done. These things were said by Ori Rivner Head Cyber Strategy at cyber convention of Israel at The Institute for National Security Studies (INSS). According to Rivner there is a need to increase security and to investigate quickly and intensively incidents that happen. Cybercriminals understand that the information is worth money to someone and starting cooperation among parties interested in buying the information.
“Optical fiber network would endanger Israel’s security”. These things were said by Paul De Souza CEO of Cyber Security Forum Initiative. Paul warn that the Cisco and Israeli Electricity Company project to net all Israel with optical fiber can exposed Israel to criminals or terrorists take over the remote computer and cause huge damage.
U.S.A
U.S: A tense relation with China
The NY times published on July 10, 2013 that Vice President Biden opened the annual strategic talks with senior Chinese leaders in Washington by repeating the United States’ accusation that the electronic theft of American intellectual property could undermine the relationship between the world’s two largest economies. And to no one’s surprise, the Chinese have said in response that the publication of secret documents showing the extent of American surveillance of Chinese universities and other institutions undercuts the Obama administration’s case. That friction, American officials conceded in private, underscores how difficult it will be for the United States to make progress on what President Obama and his top aides have said is now a central issue between two countries whose economies are intertwined and whose militaries are in competition.
Upstream the second surveillance program of the US
The Washington Post published on July 10, 2013 that recent debate over U.S. government surveillance has focused on the information that American technology companies secretly provide to the National Security Agency. But that is only one of the ways the NSA eavesdrops on international communications. A classified NSA slide obtained by The Washington Post lists “Two Types of Collection.” One is PRISM, the NSA program that collects information from technology companies. The slide also shows a separate category labeled “Upstream,” described as accessing “communications on fiber cables and infrastructure as data flows past.” The interaction between Upstream and PRISM which could be considered “downstream” collection. The Office of the Director of National Intelligence issued a statement defending its collection methods as crucial to protecting national security. “As always,” the statement said, “the Intelligence and law enforcement communities will continue to work with all members of Congress to ensure the proper balance of privacy and protection for American citizens.”
Russia
Russian: A lack of resources in the Information Warfare
Appraisals of Russian military performance during the armed conflict with Georgia in August 2008 noted, among other deficiencies, poor performance in Information Warfare (IW). This led to calls in informed commentary for the creation of dedicated “Information Troops” within the Russian armed forces, whose duties would include what we would define as cyber operations.
Iran
The Mehr News Agency reported that Iran have developed an antivirus which can compete with foreign rivals. The antivirus, named “Padvish”, is also an anti-malware which can protect computer networks. The software is being used by a number of organizations and will be offered to home users in the near future.
The director of Iran’s Passive Defense Organization has announced plans for staging a nationwide cyber maneuver in the near future. Brigadier General Gholam Reza Jalali made the announcement at a conference held on the occasion of Iran’s Cyber Defense month in Tehran. He said his organization also plans to set regulations for the country’s vital infrastructure so that complete cyber safety is achieved.
The Islamic Republic has opened a national email – a government assigned email address linked to one’s social security number that makes it easy to trace users and monitor their communication. According to the Iranian minister of telecommunication and information technology, every Iranian “must” register for a national email address upon entering elementary school. Eventually all official communication between the government and citizens will be redirected through the national email service.
Iran’s representative to the International Atomic Energy Agency (IAEA) called on the agency to step up its efforts to deal with the threat posed by cyber-attacks to the nuclear facilities of the member states. Iran said that over the past years, it has been the target of numerous cyber-attacks which aimed to disrupt the country’s nuclear systems.
China and APAC
Singapore: cooperation with Israel for cyber security
Singapore is ramping up its supply of cyber-security experts through a training program that will be conducted in Israel. RSA, the security division of American IT solutions company EMC, announced on Wednesday that it will be working with the Economic Development Board (EDB) to train some of them. The move is to address the global shortage of qualified cyber security professionals needed to defend critical IT infrastructures in civilian and government organizations.
Public transportation, utilities and banking systems are among a list of critical infrastructure that will be watched by the government’s Cyber Security Lab, the Home Affairs Ministry told Channel News Asia, in response to queries, Announced during the Budget 2013 debates, the lab will be operational next year and aims to hone the skills of those who protect Singapore’s key information systems and assets. Efforts will also be geared towards private sector involvement.
Japan: Cyber security strategy
On June 10, 2013, the Information Security Policy Council adopted the Cyber security Strategy. The Japanese government used to employ the wording, information security,” for its policy and Basic Plans. Since there is an increasing number of cyber threats which are beyond information security such as sabotage against critical infrastructure, Tokyo decided to use cyber security in order to address all of these issues for the first time.
The strategy aims to develop “world-leading,” “resilient,” and “dynamic” cyberspace and make Japan a global leader for cyber security. The document has four basic concepts to realize this.
-Ensure the free flow of information
-Provide new response to risks that are becoming more serious
-Respond to cyber threats on a risk base
-Take actions and cooperate with others based on their own social responsibility
Europe
UK Intelligence revelations
A recent British intelligence report says that nations, particularly China and Russia hire hackers to launch attacks and steal government secrets. The warning over cyber threats was published in an annual report by Britain’s Intelligence and Security Committee
The report claimed that cyber-attacks is at its “highest level ever” and is expected to increase. The GCHQ also provided the evidence, itself using their own collection system called “Tempora”. The report explains that foreign countries were hiring out “skilled cyber professionals” to attack a diverse range of targets including financial institutions and energy companies. This new revelation is no more than a new step in the cyber world war secret.
The Global Cyber review is produced by the INSS Cyber Warfare Program Team:
Dr. Gabi Siboni, Daniel Cohen, Hadas Klein, Aviv Rotbart, Gal Perel, Amir Steiner, Doron Avraham, Shlomi Yass, Keren Hatkevitz, Sami Kronenfeld, Jeremy Makowski, Simon Tsipis
