home Cyber Cyber Security INSS Global Cyber Review – 15th August 2013

INSS Global Cyber Review – 15th August 2013

Aug 25, 2013

This post is also available in: עברית (Hebrew)

U.S.A

Cooperation between the US cyber command and the Belgium Military Intelligence Service

United States Army cyber experts, who work closely with the National Security Agency (NSA), assisted the Belgian Military Intelligence Service ADIV to eradicate an important virus at the beginning of this year. Major General Eddy Testelmans, the chief of the Belgium ADIV, said technicians discovered software that was actually a computer virus. He explained the virus was particularly complex. This incident highlights the importance of the cooperation between nations on countering cyber-attacks.

The White House could incentives cyber security compliance

The NY Times published on August 8, 2013 a White House blog post suggesting techniques on how the federal government could give incentives to businesses to comply with heightened cyber security standards. This comes months after President Obama’s executive order in February 2013 for better protection of physical and virtual asset. Obama’s executive order moved to establish a “cyber security framework;” a set of standards and procedures expected to be completed in October 2013, which intended to diminish cyber risk and encourage better communication about threats between the public and the private sector. Businesses and agencies would receive incentives for joining a voluntary program in compliance with the framework. U.S. Cyber security coordinator Michael Daniel lists eight possible ways to encourage businesses to willingly adopt the cyber security standards. These include collaborating with the insurance industry to provide cyber security insurance, offering federal grants, expediting government services to participants, and providing legal privileges such as liability limitation. Further suggestions include streamlining existing legal regulations making it easier for participants to comply with new standards, publicly recognizing participants, allowing businesses to recover some of their cyber security investments, and emphasizing cyber defense research to help participants find solutions to specific cyber problems. These potential incentives are based on recommendations from the Treasury, Commerce Department and Homeland Security.

Russia

Russia is adopting a new internet web strategy

The Kremlin released a report on its new internet web strategy. In addition to cyber-attacks, internet propaganda operations are a growing danger. Russia’s new doctrine was developed with support of the Ministries of Interior, Defense, Justice and Communication. The new Russian doctrine indicates the most dangerous threat is utilizing the web as a weapon used for politico-military purposes, terrorist or criminal with the intention to compromise other countries security.

The 2007 Russian Cyber Attacks raised new problems.

The Russian cyber-attack of the Estonian government in April 2007 raised new problems. US IT experts say Russia’s cyber-attacks against Estonia gave the world a wakeup call. Colonel Charles Williamson, of intelligence and surveillance division of America’s air force, declared America needs the ability to carpet-bomb in cyberspace in order to create the deterrent that is missing. Botnet could be built out of obsolete computers that would otherwise be discarded. He conceded there would be legal and political difficulties associated with its usage.

Arab countries

Iran is developing its cyber capabilities for a potential cyber war.

A week ago, the nuclear negotiator, Hassan Rowhani, was officially elected as the new Iranian president. Currently, there are no indications on the reduction of nuclear activities from the government, while most countries are concerned about the military implications of Iran developing their own nuclear program. The focus on the secret cyber warfare in the Middle East is limited. Iran started to adopt offensive cyber warfare behaviour at international and national levels, which the United States has failed to deter.

Even if Iran does not have the expertise of the Chinese or the Russian, Tehran did commit a massive cyber-attack on Saudi Arabia. Recently, the Israeli Prime Minister accused Iran of directing a cyber-operations campaign on Israeli infrastructure, government agencies, and national systems. Iran also has used cyber-attacks against U.S. banks in retaliation for economic sanctions. In September 2012, Bank of America, JP Morgan Chase, and Wells Fargo were the major banks whose websites were targeted for distributed denial of service attacks.

Cyber security experts, explain Iran continues to expand its cyber operations with the goal of an eventual cyber-attack on the U.S. power grid, water system, or other critical infrastructure.

www.i-hls.com

China and APAC

China: Attacks on Indian web sites and malicious code on Kenyan computers.

China is considered the foremost country for cyber-attacks. In fact, China recently launched cyber-attacks against Indian web sites and Chinese malicious codes were found on Kenyan computers. The number of attacks on Indian cyber space has increased in the past five years, security experts have detected a significant number of them being carried out from China. According to a report prepared by the Computer Emergency Response Team (CERT-In) along with Information Sharing and Analysis Centre (ISAC), the number of Indian Web sites that have been hacked has gone from 5,211 in 2006 to 17,306 in 2011.

China is the top source for malicious software found in Kenyan computers, a situation reflecting the global trends in cyber insecurity. Data published in a report by the Telecommunication Service Providers of Kenya (TESPOK) indicates more than 50% of cyber-attacks and malware recorded on Kenyan computers originate from China. The United States and Korea follow closely as other countries harbour computer security threats towards Kenya. Brazil, South Africa and India have also been noted for distributing malicious software found in Kenyan computers. The data is parallel with global statistics which, the United States and China are leading as the sources and targets for malware.

Europe

UK: Strong collaboration between the NSA and the GCHQ on cyber weapons development.

The American National Security Agency (NSA) and the UK intelligence agency (GCHQ) are collaborating on cyber weapons development. According to the latest documents released by Edward Snowden, there is strong relationship between the NSA and GCHQ, which have jointly developed methods of collecting and analyzing internet traffic. The GCHQ accused China and Russia for most of the cyber-attacks against their infrastructures and cooperating with the NSA to provide each country’s military forces with a cyber-warfare capability. This revelation is not a surprise after a report published by the UK Intelligence Security Committee in July. The report recommends defending the UK against cyber-attacks must be in a high priority of UK national security. Edward Snowden also revealed GCHQ received around £100m from the United States in the last three years, including £4m to support GCHQ’s work for NATO forces in Afghanistan, and £17.2m for the agency’s internet project, which gathers and stores huge amounts of data for analysis.

Germany: Companies View China and U.S. as Top Cyber Threats

German companies consider the United States as the second most threatening country for industrial espionage and data theft behind China. This is the conclusion of a survey conducted by the consulting firm, Ernst and Young, of German company executives and information security managers of 400 companies. According to the survey, 26% believed the United States was a high risk country for cyber theft and industrial espionage. The U.S. was second to China, which 28% of respondents cited as a high risk country. Last year, only 6% of surveyors viewed the U.S as a threat. Bodo Meseke, Head of Forensic Technology & Discovery Services at EY, said that while German companies are used to viewing China and Russia as threats, companies need to realize “Western intelligence agencies carry out very extensive monitoring measures.”