INSS Global Cyber Review – December 15

This post is also available in: עברית (Hebrew)

INSS global cyber - banner small


INSS global cyber - IsraelIsrael and Italy signed an agreement on cyber security cooperation

Israel and Italy signed an agreement for future cooperation in cyber security. It is the first documents in the field of cyber security Israel has signed with a foreign country. Israel is attempting to strengthen its international cyber cooperation to ensure Israel’s cyber security and to continually develop its cyber program.

A Cyber Gym in Israel to train cyber-defenders

A group of IT and infrastructure companies, in Israel, teamed up to launch Cyber Gym. The facility, initiated this month by Israel Electric Corporation (IEC), will train participants to defend against cyber-attacks. “Israel is believed to be the most-attacked country, this gives us the unique capabilities to train other companies around the world” said Cyber Gym director Ofir Hason.


INSS global cyber - USAU.S Intelligence agencies collected data on Americans’ cellphones

The Washington Post published on December 5, 2013, the federal, state and local law enforcement agencies conducted criminal investigations by collecting data on thousands of cellphones and the activities of the mobile devices last year. Data linked to specific cell towers can track people’s movements through their cellular device. FBI spokesman, Christopher Allen has stated, “location information is a vital component of law enforcement investigations at the federal, state and local levels.” Nevertheless, the requests to phone companies, however, yielded not only the potential suspects data but also thousands of innocent Americans data.

Law enforcement made over 9,000 requests last year for “tower dumps,” which is information on all calls bouncing off a cellphone tower usually within a timeframe of two or more hours, the congressional inquiry revealed. The little known practice raised concerns among federal judges, lawmakers and privacy advocates, questioning the obstruction of law enforcement receiving massive amounts of data on innocent citizens in effort to locate criminals. The inquiry, headed by Senator Edward J. Markey, into law enforcement’s use of cellphone data, comes amid growing scrutiny on the sizable pool the National Security Agency (NSA) has collected on geo location data overseas and Americans’ phone records in the United States. Markey is planning to introduce legislation this month to restrict law enforcement’s use of consumers’ phone data, including safeguarding “tower dumps.”

The raid on “tower dumps” comes after similar concerns and invasion of privacy interests occurred with the NSA’s mass collection of innocent American’s phone records were gathered without a warrant for national security purposes. However, unlike the NSA’s collection (which is bound by court-imposed rules on retention and use) the criterion for obtaining tower data information and the limits of usage by government agencies are inconsistent and unclear. “This isn’t the NSA asking for information,” Markey asserted. “It’s your neighborhood police department requesting your mobile phone data. So there are serious questions about how law enforcement handles the information of innocent people swept up in these digital dragnet. ”


INSS global cyber - IranA new law about information security investigation has been adopted by the Russian parliament

The Russian Parliament adopted on the 11 of December, granting the Federal Security Bureau (FSB), full power to conduct search operations to prevent threats towards information security of the Russian Federation. Appropriate amendments were made to the laws of “Operative Investigative Activity” and the “FSB Organization’s Competences.” Previously, the FSB held authority to conduct operational-search activity and obtain information about activities and events, which could have endangered the state, the military and the economic or environmental safety. Now added is information and cyber security.

Arab countries

INSS global cyber - Arab StatesIran: 12 New Home-Made Cyber Products

Iran just developed twelve new cyber products, all developed and manufactured by Iranian experts. They were presented in a ceremony attended by the Defense Minister Brigadier General Hossein Dehqan and Head of Iran’s Civil Defense Organization Brigadier General Gholam Reza Jalali. Last June, Supreme Leader Ali Akbar Velayati congratulated the Iranian IT engineers and experts for their good progress. He said compared to other sciences, the cyberspace in Iran showed significant growth in contrast to progress made around the world. After the 2010 Stuxnet cyber-attack, Iran began develop their cyber security industry and is considered one of the top countries in the world in the field. Iran is working to develop and implement a specific strategy to operate in cyberspace. An announcement was made by the Iranian Supreme Leader on formation of the Supreme Cyber Council in March, demonstrating the relevancy the issue is in Iran.

The interaction between Anonymous and Syria

In late October, it was reported Anonymous was intensifying its campaign against Assad’s regime. This differs from past opponents or rebels to the Assad regime, because as opposed to them, Anonymous is a geographically widespread entity. Additionally, while most of the hackers inside Syria operate mainly in DoS operations on Syrian governmental websites, Anonymous is taking a step forward by mailing hacks into ministry personnel files to gain sensitive information as a tool to pressure point against the Syrian government. The hacking attempts sparked counter-reprisals by the Syrian Electronic Army (SEA), creating a two-way electronic conflict. This created a unique situation for Syria regarding what to do against hacks made by the Anonymous, and it raised questions such as can Syria declare those hacks an act of war, and If they do, who are they in war with (since Anonymous is a non-state actor)? These are universal questions raised by cyber warfare, complicating the traditional notions of war when states deal with non-state actors.

IHLS – Israel Homeland Security

China and APAC

INSS global cyber - China and APACChina is calling for a cyber-security cooperation with South Korea

China’s top Internet regulator called for a “cyber-security bilateral cooperation with South Korea to build a new international order safeguarding cyber sovereignty.” Beside the fact China is launching massive cyber spying operations against foreign governments, they are also victims of cyber-attacks. In fact, a month ago, it was revealed by the South Korean intelligence service North Korea had cyber terrorist organizations and a network of spies operating in China. North Korea established a hacking point in China due to its geographical close situation. Additionally, the Internet infrastructure is more developed and its activities can be protected. According to estimations, there are about 1,700 North Korean hackers and 4,200 supporting agents active in China. This eventual cooperation could be profitable for both China and South Korea, which seem to have common interests to North Korea.

South America

INSS global cyber - South AmericaVenezuelan government blocked websites tracking exchange rates on the black market

In efforts to control Venezuela’s failing economy, the Venezuelan government decided to block websites tracking exchange rates on the black market. The censoring of these websites affected social media pages, such as Bitly, jeopardizing other social media sites such as Twitter. Shutting down these website became problematic in terms of online hits, distressing the economy in terms of Internet revenue, as Twitter is considered one of the most popular and active sites in Venezuela. Additionally, opponents of Venezuela’s socialist government claim by blocking these websites the government is attempting to control and undermine negative reports on the current government.

Twitter has been an answer to the blockage, as users direct readers to newly created websites providing necessary information regarding black market rates. In response, telecommunications regulator, Conatel, directed Twitter to immediately shut all accounts violating Venezuela’s policy, claiming it would damage the economy. Igor Molina, high-ranking official of Conatel, explained blocking the websites were in accordance because they “don’t reflect the real economy and assign an arbitrary value to the dollar.” Nevertheless, Twitter has ignored Contal and many Venezuelans have turned to private networks.

Colombia is collaborating with Microsoft for cyber security issues

Software company, Microsoft, included Bogota in attempts to curb cybercrime by opening 12 satellite offices globally. The opening of offices in Bogota is partnered with the Colombian government and will focus on three main areas, including cyber security. Microsoft’s goal in Latin American is influencing combat piracy and assisting with the rising threat of cybercrime, as 6 million Colombians a year are victims to cybercrime, according to Microsoft. Thus, they intend to assist the Colombian government in cybercrime including child pornography and identity theft. The collaboration will be through multiple programs such as Cybercrime Center, Cyber Threat Intelligence Programme (CTIP) and Security Cooperation Programme (SCP). Microsoft and Colombia’s Ministry of Information Technology and Telecommunication (Mintic) will together expand and develop cyber activities to prevent cybercrime, and advance cyber security through supporting ICT training participants and assist students, in certain Colombia schools, to gain certificates to assist Microsoft in there mission. Richard Bosovich, assistant general counsel for Microsoft’s Digital Crimes Unit, stated: “We’re hopefully producing evidence that we can provide to national and international law enforcement so they can not only identify these criminals but apprehend them.”


INSS global cyber - EUEU nations are developing cyber ‘capabilities’ to infiltrate governments and private companies.

According to the latest cyber threat report made by the European cyber security agency, ENISA, on the 11 of December, European countries are reported to be developing aggressive cyber capabilities. The ENISA analysed about 250 reports and documents in order to produce its annual report. The report specified: “multiple nation states have now developed capabilities that can be used to infiltrate all kinds of targets both governmental and private ones in order to achieve their objectives.” This statement shows cyber warfare is becoming a critical and major concern for every state. Most of the EU member states and other countries maintain secret their cyber warfare capabilities. However, the U.K. and the Netherlands have publicly called for stronger aggressive capabilities in cyber warfare. The British Defense Secretary, Philip Hammond, said at his Conservative Party’s annual conference at the end of December, Britain was increasing the budget of the defense and is today ranked as the fourth best country in cyber intelligence and surveillance. Netherland is also developing a strong cyber defense policy. In fact, the Minister of Security and Justice, Ivo Opstelten, asked the Dutch parliament last year to adopt a law allowing the Dutch authorities to hack into computers both at home and abroad in an effort to fight crime.

U.K. Government is introducing cyber-security ‘kitemark’ for businesses

Soon companies intending to do business with the U.K. government will have to meet a new cyber-security ‘kitemark,’ the cabinet office on the 12 of December. The system is part of the measures intended to better prepare U.K. businesses against the growing threat of cyber-attacks, which have been highlighted as one of the main security threats facing Britain. The ‘kitemark’ project is intended to stimulate the adoption of greater cyber practices for businesses and help them better understand how to protect their infrastructures. The British government already spent £860m on its National Cyber Security Strategy. U.K. cybercrime is estimated to cost the economy up to £27 billion every year. Moreover, Defense Secretary Hammond stated in September cyber defenses blocked about 400,000 attacks last year. According to a survey made a month ago around FTSE 350 companies revealed only 14% are regularly considering cyber threats, with a significant number not receiving any intelligence on cyber criminals.

This newsletter is brought to you by the Cyber team at INSS:

Dr. Gabi Siboni, Daniel Cohen, Hadas Klein, Aviv Rotbart, Gal Perel, Amir Steiner, Keren Hatkevitz, Sami Kronenfeld, Jeremy Makowski, Shlomi Yaas, Simon Tsipis, Danielle Levin

INSS global cyber - banner small