INSS Global Cyber Review – November 15th 2013

INSS Global Cyber Review – November 15th 2013

This post is also available in: heעברית (Hebrew)

INSS global cyber - banner small

U.S.A

INSS global cyber - USAObama Administration to enact changes in the command of the NSA and other cyber security agencies

Revelations from documents leaked by Edward Snowden about the NSA monitoring telephones, emails and social-media networks made the Obama Administration and the pentagon consider a proposal of a structural change that would implement two separate officials to oversee the United States National Security Agency and the US Cyber Command. The period consigns with the fact U.S Army General Keith Alexander, who has been the Director of the NSA official since 2005 and, additionally took the lead role at the newly-created USCYBERCOM, is going to be retire next spring.

According to some websites the Pentagon is considering multiple plans including one which would construct a civilian with directing the NSA, and a military officer with overseeing USCYBERCOM. Another solution being considered is putting two separate Pentagon officials at the top of both units. However, according to the White House spokeswoman Caitlin Hayden, for the moment, there is no final decision on how to handle the commands after General Alexander leaves. Considering the NSA has been one of the most classified U.S. intelligence agencies information regarding its changes will be kept discreet. Meanwhile, Alexander has vigorously defended NSA’s activities as lawful and necessary to detect and disrupt terrorist plots.

According to a congress report the U.S. is losing its advantage in espionage

The NY Times published on November 5, 2013, that congressional panel, National Commission for the Review of the Research and Development Programs of the United States Intelligence Community, issued a blistering report charging the intelligence world’s research-and-development efforts are disorganized and unfocused. An unclassified version of the report, based on two years of work by independent experts and two officials from inside the agencies, concludes the United States is losing its technological superiority over its rivals, which in comparison are gaining “asymmetric advantages” by making their own investments in such efforts and, in some cases, stealing American inventions.

In a separate white paper on cyber capabilities, an area which the Department of Defense, the National Security Agency and the United States Cyber Command, have made big investments, the panel concludes that President Obama’s efforts to differentiate the roles of competing agencies have largely failed. One member of the commission, Gilman Louie, a venture capitalist who was the founder of In-Q-Tel (a private fund that was set up by intelligence agencies to capitalize on advances in Silicon Valley) reports the intelligence agencies were heavily focused on the development of offensive cyber weapons because “it is easier and more intellectually interesting to play offense than defense. Defense is where we are losing the ballgame.” The most well-known American cyber weapons were developed in a program called “Olympic Games” and used against Iran’s nuclear facilities. The report questions the effectiveness of the administration’s efforts and heavy investment in deterring and detecting cyber-attacks. The panel’s report found intelligence agencies were duplicating efforts by pursuing similar projects at the same time.

Russia

INSS global cyber - IranThe Stuxnet worm infected Russian nuclear infrastructure

The head of the antivirus company, Eugene Kaspersky, revealed last week a staff member of the Russian nuclear plan informed him anonymously Stuxnet infected the internal network. It appears the worm infected an internal network of one of the Russian nuclear center’s exactly in the same way it compromised the Iranian nuclear facilities in Natanz. However, for the moment, there is no official declaration being made by the Russian government confirming the event.

Kaspersky declared a wealth of information about the Stuxnet virus, which is a powerful malware that showed governments for the first time the effectiveness of cyber weapons. Kaspersky’s announcement has revived the debate on the use of malicious software and applications in information warfare.

Arab countries

INSS global cyber - Arab StatesSyrian Electronic Army continues its cyber campaign by hacking the Vice.com information website

The Syrian Electronic Army (SEA) (a pro Syrian President Bashar al-Assad organization) has hacked the website “vice.com” in response to an article published last August, were “vice.com” alleged the identity of one of SEA’s leaders. They visibly altered the website so visitors of vice.com/en/us would be redirected to sea.sy (SEA’s website). SEA claimed to have access to the website by breaking into email accounts, including one of the website developers. SEA will continue without breaks to conduct cyber-attacks against websites publishing articles or writing in favour of pro-Syrian rebels and against President Assad’s regime.

IHLS – Israel Homeland Security

China and APAC

INSS global cyber - China and APACIndonesian hackers believed to have brought down the Australian spy agency’s website

The Australian Secret Intelligence Service’s page was down on the 11 of November after hackers launched a “denial of service” attack. The cyber-attack appears to be a response towards revelations Australia that had been spying on its Indonesia neighbour through the embassy of Jakarta. The Indonesian ICT Institute director, Heru Sutadi, claimed he monitored Indonesian hackers who were linked to the global cyber-activist network Anonymous, and confirmed they were responsible for the cyber-attack. The group of hackers referred to as the Indonesian Security Down Team (ISDT), told their followers on Facebook “prepare your weapon”, after previously posting a link to the ASIS website. They posted: “We focus on one target and will not replace the target before 404 not found.” The ISDT set up a Facebook event, which was followed by more than 4,000 people to “stop illegal spying” on Indonesia.

Indonesia hackers group also targeted civilian websites last week before a warning post on YouTube claiming to represent the Australian branch of hacktivist. The video called for Indonesian hackers to stop launching cyber-attacks against random pages, suggesting that they could incite to a “cyber war.”

Chinese cyber espionage is on the rise

According to a draft report from the congressional China commission, the recent and consistent exposure of secret Chinese military cyber units has not led to a decrease of cyber espionage activities against the U.S. government or private companies. Instead, the Chinese military group temporarily limited its cyber espionage campaign, and instead, focused on masking its activities. All this is according to a forthcoming report made by the U.S.- China Economic and Security Review Commission. The report concluded the Chinese government is involved in a specific cyber-attack campaign led by the 61398 Shanghai-based cyber units. China cyber espionage activities are designed to gather economic and strategic information to provide Chinese companies with advantages over its worldwide competitors.

Europe

INSS global cyber - EUSecurity experts invited UK banking to cyber-attacks test

Security experts have welcomed the biggest cyber threat exercise in two years to test the security of the UK financial infrastructure. On 12 November 2013, the operation named Waking Shark 2 tested thousands of staff at London’s major financial institutions with simulated cyber-attacks on systems on the UK’s critical financial system.

The Bank of England, the Treasury, and the Financial Conduct Authority, will all monitor responses to assess the ability of the UK financial services providers to resist and respond to cyber-attacks. The exercise was designed to test the resilience of UK banks, the stock market and payment providers to identify where a strengthening is needed. The cyber exercise by UK authorities comes during a growing international concern about the security of financial markets facing an increase of sophisticated cyber-attacks.

U.K. Intelligence agency sees growing threat of cyber attacks

The head of Britain’s intelligence agency said in a speech that the U.K. and its defense industry have seen large volumes of sensitive information about technological advances stolen. In his speech to defense-industry officials, he declared the U.K. is facing a growing volume of cyber-attacks and is more likely to be launched by the state. The cyber-attacks are becoming increasingly sophisticated. Lobban explained sensitive information about technology advances are being stolen from Britain’s defense industry on “a massive scale.”

Last week the U.K.’s Intelligence and Security Committee was expected to ask agency heads on the impact of the information leaked by Snowden. As an improvement of the military’s cyber capability, the U.K.’s defense ministry recently declared it is developing a “strike capability” that could be used to disable an enemy’s Internet network.

The Global Cyber review is produced by the INSS Cyber Warfare Program Team:

Dr. Gabi Siboni, Daniel Cohen, Hadas Klein, Aviv Rotbart, Gal Perel, Amir Steiner, Keren Hatkevitz, Sami Kronenfeld, Jeremy Makowski, Shlomi Yaas, Simon Tsipis, Daniell Levin

INSS global cyber - banner small