UNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. June 15th, 2015



Similar documents
Cybersecurity. Canisius College

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

Research Note Engaging in Cyber Warfare

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

ODUMUNC 39. Disarmament and International Security Committee. The Future of Cyber Intelligence. By: Joseph Espinoza

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

I N T E L L I G E N C E A S S E S S M E N T

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Trends Concerning Cyberspace

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.

Confrontation or Collaboration?

Espionage and Intelligence. Debra A. Miller, Book Editor

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

James R. Clapper. Director of National Intelligence

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyberterror. Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states.

CYBER SECURITY THREAT REPORT Q1

Cybersecurity Information Sharing Legislation Protecting Cyber Networks Act (PCNA) National Cybersecurity Protection Advancement (NCPA) Act

Executive Director Centre for Cyber Victim Counselling /

The main object of my research is :

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.

Threats to Local Governments and What You Can Do to Mitigate the Risks

What legal aspects are needed to address specific ICT related issues?

The UK cyber security strategy: Landscape review. Cross-government

VIENNA MODEL UNITED NATIONS CLUB

Today s Cybersecurity Technology: Is Your Business Getting Full Protection?

the Council of Councils initiative

Cyber Diplomacy A New Component of Foreign Policy 6

Promoting a cyber security culture and demand compliance with minimum security standards;

Energy Cybersecurity Regulatory Brief

How To Get A Law Passed In The United States

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

Corporate Spying An Overview

Cybersecurity: Authoritative Reports and Resources

Andrzej Kozłowski Research Fellow Casimir pulaski Foundation. The cyber strikes back the retaliation against the cyberattack

JOINT COMMUNIQUЀ SAFARI PARK HOTEL NAIROBI, KENYA

Americans, Europeans, Middle Easterners Focus on ISIS as Greatest Danger

UN Emergency Summit on Cyber Security Topic Abstract

Foreign Affairs and National Security

Cybersecurity Primer

14TH ASIA SECURITY SUMMIT THE IISS SHANGRI-LA DIALOGUE FOURTH PLENARY SESSION

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

Cybersecurity: Authoritative Reports and Resources

"Cyber War or Electronic Espionage - Active Defense or Hack Back" David Willson Attorney at Law, CISSP Assess & Protect Corporate Information

The Asian Event Dedicated to Homeland and Civil Security

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

NATO & Cyber Conflict: Background & Challenges

Cybersecurity: Authoritative Reports and Resources

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN , Volume-III, Issue-IV, July-Aug 2013

Cyber Security Review

The Advanced Cyber Attack Landscape

How To Protect Yourself From Cyber Crime

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

12 June 2015 Cyber Defense and Cyber Security Policies in the UK, Germany and France

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

China s Economic Espionage

Breakout Session B: Cyber Security and Cybercrime Trends in Africa

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

UTCS CyberSecurity. Educating Cyber Professionals. Dr. Bill Young Department of Computer Sciences University of Texas at Austin. Spring Semester, 2015

STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;

Cybercrime Security Risks and Challenges Facing Business

Offensive capabilities

COURSE DESCRIPTION FOR THE BACHELOR DEGREE IN INTERNATIONAL RELATIONS

Gulf analysis paper ... Cybersecurity and Stability in the Gulf. Middle East Program. January By James Andrew Lewis

A Reluctant Cyber Security Agreement between the US and China

Cyber, Social Media and IT Risks. David Canham (BA) Hons, MIRM

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Cyber defence in the EU Preparing for cyber warfare?

New Battlegrounds: The Future of Cyber Security and Cyber Warfare

Cyber Security Strategy for Germany

Global Corporate IT Security Risks: 2013

POLICIES TO MITIGATE CYBER RISK

Cybercrime: Criminal Threats from Cyberspace

CYBER-RISK MANAGEMENT WHY HACKERS COULD CAUSE THE NEXT GLOBAL CRISIS RAJ BECTOR CLAUS HERBOLZHEIMER SANDRO MELIS ROBERT PARISI

ICT Barriers, High Tech Crime, and Police

Transcription:

UNCLASSIFIED Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI June 15th, 2015 This document was prepared by The Institute for National Security Studies (INSS) Israel and The Cyber Security Forum Initiative (CSFI) USA to create better cyber situational awareness (Cyber SA) of the nature and scope of threats and hazards to national security worldwide in the domains of cyberspace and open source intelligence. It is provided to Federal, State, Local, Tribal, Territorial, and private sector officials to aid in the identification and development of appropriate actions, priorities, and followon measures. This product may contain US person information that has been deemed necessary for the intended recipient to understand, assess, or act on the information provided. It should be handled in accordance with the recipient's intelligence oversight and/or information handling procedures. Some content may be copyrighted. These materials, including copyrighted materials, are intended for "fair use" as permitted under Title 17, Section 107 of the United States Code ("The Copyright Law"). Use of copyrighted material for unauthorized purposes requires permission from the copyright owner. Any feedback regarding this report or requests for changes to the distribution list should be directed to the Open Source Enterprise via unclassified e-mail at: dcoi@inss.org.il. CSFI and the INSS would like to thank the Cyber Intelligence Analysts who worked on collecting and summarizing this report. 1

ISRAEL Israel targeted by Iranian worldwide cyber operation After recently being accused of having performed a cyber-espionage operation against the Iranian nuclear talks in Geneva, it has been discovered that Israel was targeted by a large scale cyber-attack from Iran. The Israeli cyber security company called ClearSky has recently discovered a worldwide Iranian cyber operation targeting several countries across the Middle East. Several targets, including the finance minister of one of the Middle East countries, Qatar s embassy in the UK, journalists, and human rights organizations, have been targeted by the hackers. Furthermore, according to the security researcher of ClearSky, The campaign includes several different attacks with the aim of taking over the target s computer or gain access to their email account. We estimate that this access is used for espionage or other nationstate interests. Based on the first information of the investigation, the hackers seem to have used spear phishing techniques, which allowed them to gather users credentials and thus hack around 40 targets in Israel and 500 in total. In Israel, the targets included retired high ranking officers, academic researchers, and security consultants. Iran already performed such an attack campaign in 2014 with the Gholee operation that used social engineering techniques. Since 2010, Iran is one of the most active country in planning offensive cyber operations. Like the Gholee operation, it is strongly possible that this offensive cyber-attack was planned and financed by the Iranian state and not just an independent hacking group. For a few years already, Iran is a well-known country to support hacking groups in order to perform offensive cyber operations against their enemies. USA Cyberattack on computers at U.S. Office of Personnel Management The Obama administration announced on June 4 what appeared to be one of the largest breaches of federal employees data, involving 4.1 million government workers (2.1 million current federal civilian employees and 2 million retired or former employees) in an intrusion that officials said apparently originated in China. The compromised data was held by the Office of Personnel Management, which handles government security clearances and federal employee records. Information on officials as senior as Cabinet secretaries may have been breached. The President s and Vice President s data were not, officials said. China has dismissed the hacking allegations, with a Foreign Ministry spokesman last week calling them irresponsible and unscientific. The breach is the third major foreign intrusion into an important federal computer system in the past year. Congress passes NSA surveillance reform The US Senate has passed the USA Freedom Act that curtails the federal government s sweeping surveillance of American phone records. Senators voted 67-32 to pass the bill achieved over the opposition of the Senate majority leader and a few hours later, President Barack Obama signed the legislation after saying he would work expeditiously to ensure our national security professionals again have the full set of vital tools they need to continue protecting the country. The passage of the USA Freedom Act paves the way for telecom companies to assume responsibility of the 2

controversial phone records collection program, while also allowing the government to restart surveillance operations but with new restrictions for NSA and FBI domestic spying authorities. RUSSIA Russian Defense Ministry: Russian computer war games - a question of national importance Adviser to the Minister of Defense of the Russian Federation, Andrei Ilnitsky, said on the air of Russian news service that the creation of Russia s own computer war games is a fundamental task. The adviser considers it as a matter of national importance what is put into the minds of the younger generation. Ilnitsky said that in 2008, the US Army budget allocated US$200 million for the development and implementation of computer games of military subjects. The major consumer and producer of the product was the Pentagon. Creation of Russian computer war theme games is the most important ideological question - this is the battlefield of the future, added Ilnitsky. ARAB COUNTRIES ISIS affiliated hackers taking more important role in warfare Law enforcement officials are trying to keep their eyes open in the face of cyberterrorism, hence the huge amount of efforts invested in monitoring terror organization s using cyber warfare. However, as hard as it is to monitor a known organization, it is twice as hard doing so to what is best known as lone wolves who are acting on behalf of the terror organization but have no prior public affiliation. The security company FireEye maintains that lone cyber wolves pose a different threat than that of ISIS. For example, they act without any direct guidelines from the officers in the organization and sometimes without any operational logic. ISIS-sympathizing hackers, though without any official guidance from the organization itself, are becoming more hazardous, and cyberattacks are taking a more important role in ISIS war doctrine. Cyberattack targeted Iran nuclear talk s venues A computer virus was used to hack into venues linked to international talks on Iran's nuclear program, Russian computer Security Company Kaspersky Lab said. The company said they investigated the cyber-intrusion after detecting the Duqu 2.0 malware in its own systems in early spring this year, which they said was designed to spy on their technology and internal processes. The Wall Street Journal said the virus was widely believed to be used by Israeli spies. Other victims have been found in Western countries, as well as in countries in the Middle East and Asia. Most notably, some of the new 2014-2015 infections are linked to the events and venues related to the negotiations with Iran about a nuclear deal. An israeli deputy minister dismissed as baseless the reports that Israel may have had a connection to the computer virus. CHINA and APAC 3

North Korea Defector says North Korea's hacker army capable of 'destroying cities' A North Korean defector who worked as a university professor in the country has said in an interview with the BBC that North Korea now has over 6,000 hackers. Professor Kim Heung-Kwang taught science at a university in North Korea for 20 years, but he defected in 2004 and fled the country. Speaking to the BBC, Kim estimated that up to 20% of North Korea s military spending goes toward Bureau 121, the army unit believed to focus on hacking. India Cyber terrorism a threat to border security Defence Minister Manohar Parrikar on Sunday said that cyber terrorism posed a major threat to the country s security. Parrikar made the comments at a conference on challenges and solutions regarding border safety issues in Jaipur. Cyber attack, or cyber terrorism, poses a threat to border security. Now this border is not imaginary. You do not know where it starts from, but it can, if it gets converted into warfare," he said. He added that India would not tolerate any act or event that risked its security. LATIN AMERICA Financial transfers are the largest cybercrime targets in South America Banking transfers are the most common target. The Brazilian Banking Federation (Febraban) reports, Cybercrime causes 95% of losses for Brazilian banks. In fact, cybercrime is a very series issue all over the Americas. A press release by an American data security company named Vormetric quoted a study on cybercrime by the Latin American and Caribbean Internet Addresses Registry. The study concluded that phishing alone affects about 2,500 regional banks and accounts for 93 billion dollars in annual losses. EUROPE Germany increasingly targeted by cyber attacks On June 13th, it was reported that Germany was targeted by a cyber-attack. Indeed, the German authorities have uncovered a malware on the parliamentary office computer belonging to Chancellor Angela Merkel. According to the German cyber security authorities, the attack has been traced to a link containing at least two emails but for now there are no more details about who is behind the attack. According to a German newspaper the Welt, parliamentarians have been left unaware of the intrusions for about three weeks. Giving an interview to the newspaper, the German Defence Minister, Ursula von der Leyen, declared that ' cyber-attacks were one of the biggest challenges for international security, citing the enormous damage that they can cause to the economy. For the past few years, cyber-attacks targeting Germany have significantly increased. At the end of 2014, attackers used spear-phishing and social engineering techniques in order to gain access to a German steel plant network, from which they found a way to the organization s production network. Germany may have a lack of cyber security policy when it comes to their critical national infrastructure. Germany may be 4

inspired by the UK where cyber security is a field of constant growth and where the government has defined cyber defense as one their top security priority. AFRICA Several African states sign cyber-security deal Uganda, Kenya, and South Sudan are among several African states to have signed a new deal on cyber security to protect multi-million-dollar oil and transport projects. Presidents Yoweri Museveni of Uganda, Paul Kagame of Rwanda, and Uhuru Kenyatta of Kenya signed a memorandum of understanding on cyber security at the 10th Northern Corridor Integration Summit in the Ugandan capital, Kampala, on Saturday. South Sudanese leader Salva Kiir and Pierre Nkurunziza of Burundi were represented by ministers. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information