UNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. January 1st, 2015



Similar documents
UNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. June 15th, 2015

UNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. October 1st, 2014

UNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. April 1st, 2015

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.

Confrontation or Collaboration?

Cybersecurity. Canisius College

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

CYBER SECURITY THREAT REPORT Q1

Trends Concerning Cyberspace

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Harmful Interference into Satellite Telecommunications by Cyber Attack

STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;

NSA Surveillance, National Security and Privacy

Cyber Security and the Canadian Nuclear Industry a Canadian Regulatory Perspective

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

Research Note Engaging in Cyber Warfare

Home Security: Russia s Challenges

I N T E L L I G E N C E A S S E S S M E N T

The UK cyber security strategy: Landscape review. Cross-government

September 20, 2013 Senior IT Examiner Gene Lilienthal

Cybersecurity and the Romanian business environment in the regional and European context

I ve been breached! Now what?

CYBER-RISK MANAGEMENT WHY HACKERS COULD CAUSE THE NEXT GLOBAL CRISIS RAJ BECTOR CLAUS HERBOLZHEIMER SANDRO MELIS ROBERT PARISI

The Comprehensive National Cybersecurity Initiative

The virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL

Cyber Security Strategy of Georgia

U. S. Attorney Office Northern District of Texas March 2013

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

The Cyber Security Challenge: What Can be Done?

Nuclear Security Requires Cyber Security

Andrzej Kozłowski Research Fellow Casimir pulaski Foundation. The cyber strikes back the retaliation against the cyberattack

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

VIENNA MODEL UNITED NATIONS CLUB

What is Really Needed to Secure the Internet of Things?

WRITTEN TESTIMONY OF

Offensive capabilities

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

James R. Clapper. Director of National Intelligence

THE STRATEGIC POLICING REQUIREMENT. July 2012

The European Response to the rising Cyber Threat

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Foreign Affairs and National Security

Cyber-security: legal implications for financial institutions. IAPP Europe Data Protection Intensive 2013

NORTH ATLANTIC TREATY ORGANIZATION (NATO)

REPUBLIC OF LATVIA MINISTRY OF DEFENCE NATIONAL ARMED FORCES CYBER DEFENCE UNIT (CDU) CONCEPT

TEXAS HOMELAND SECURITY STRATEGIC PLAN : PRIORITY ACTIONS

The main object of my research is :

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

AT A HEARING ENTITLED THREATS TO THE HOMELAND

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Network security policy issues. Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION

Roles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace

Threats to Local Governments and What You Can Do to Mitigate the Risks

Presenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations

STATEMENT OF RANDY S. MISKANIC VICE PRESIDENT, SECURE DIGITAL SOLUTIONS U.S. POSTAL SERVICE BEFORE THE SUBCOMMITTEE ON FEDERAL WORKFORCE, U.

Evolution of Cyber Security and Cyber Threats with focus on Cloud Computing

On the European experience in critical infrastructure protection

STATEMENT OF JOSEPH DEMAREST ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE

Cyberspace Situational Awarness in National Security System

Cyber Terrorism and Australia s Terrorism Insurance Scheme. Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Michael Yakushev PIR-Center, Moscow (Russia)

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

What legal aspects are needed to address specific ICT related issues?

Thank you for your very kind introduction.

TLP WHITE. Denial of service attacks: what you need to know

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

What are you trying to secure against Cyber Attack?

Cyber defence in the EU Preparing for cyber warfare?

Cyber Security in Japan (v.2)

Advanced Threat Protection with Dell SecureWorks Security Services

Chairman's Summary of the Outcomes of the G8 Justice and Home Affairs Ministerial Meeting. (Moscow, June 2006)

Hybrid Warfare & Cyber Defence

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Cybersecurity Information Sharing Legislation Protecting Cyber Networks Act (PCNA) National Cybersecurity Protection Advancement (NCPA) Act

Statement of. Mike Sena. President, National Fusion Center Association. Director, Northern California Regional Intelligence Center (NCRIC)

Feeling safe? Try attending Internet security conference 22 April 2015, by By Brandon Bailey

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

STATEMENT OF BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE ENTITLED

Welcome to this ACT webinar

Testimony of PETER J. BESHAR. Executive Vice President and General Counsel. Marsh & McLennan Companies

Covert Operations: Kill Chain Actions using Security Analytics

A Detailed Strategy for Managing Corporation Cyber War Security

The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency

Remarks by Thomas J. Curry Comptroller of the Currency Before the New England Council Boston, Massachusetts May 16, 2014

The Mesada Special Education School in Tel Aviv, Israel

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives

Kshetri, N. (2014). Japan s changing cyber security landscape, Computer, 47(1), doi: /MC

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.

THE CHANGING FACE OF IDENTITY THEFT THE CURRENT AND FUTURE LANDSCAPE

Transcription:

UNCLASSIFIED Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI January 1st, 2015 This document was prepared by The Institute for National Security Studies (INSS) Israel and The Cyber Security Forum Initiative (CSFI) USA to create better cyber situational awareness (Cyber SA) of the nature and scope of threats and hazards to national security worldwide in the domains of cyberspace and open source intelligence. It is provided to Federal, State, Local, Tribal, Territorial and private sector officials to aid in the identification and development of appropriate actions, priorities, and follow-on measures. This product may contain U.S. person information that has been deemed necessary for the intended recipient to understand, assess, or act on the information provided. It should be handled in accordance with the recipient's intelligence oversight and/or information handling procedures. Some content may be copyrighted. These materials, including copyrighted materials, are intended for "fair use" as permitted under Title 17, Section 107 of the United States Code ("The Copyright Law"). Use of copyrighted material for unauthorized purposes requires permission from the copyright owner. Any feedback regarding this report or requests for changes to the distribution list should be directed to the Open Source Enterprise via unclassified e-mail at: dcoi@inss.org.il. CSFI and the INSS would like to thank the Cyber Intelligence Analysts who worked on collecting and summarizing this report. 1

ISRAEL NCCoE copperates with Israeli companies to improve US private sectors The US National Cybersecurity Center of Excellence (NCCoE) will be interacting with Israeli companies, the NCCoE's deputy director revealed. The NCCoE, a laboratory for innovation, helps improve the cybersecurity in the private sector, recognizing the innovation within the Israeli market in the field of cybersecurity. The cooperation between the two will help the NCCoE improve cyber systems in sectors such as utilities, water, chemical, financial, and healthcare. The NCCoE, with the assistance from Israeli companies, will develop the security and general technology for updating firmware and general standards. USA AND NORTH AMERICA University of Toronto's domain hacked by a pro-kurd The University of Toronto domain was recently hacked before the Christmas holiday. The hacker, alias "Muhamad Emad," left an anti-is ( Islamic State ) message with the pro-kurd anthem, including the Kurdish flag. This is not the first time Canada has been hacked regarding IS. A month ago, a Canadian Church website was hacked and pinned with pro-is posts, and Canadian universities and colleges in Toronto launched a new campaign targeting the ISIS's recruitment process in the region, a counter action to several recruitments that had taken place previously. The FBI connects North Korea to Sony hack The FBI found evidence blaming North Korea for the massive Sony hack. As White House Press Secretary, Josh Earnest, explained, this episode is being treated as a serious national security matter. Before the Christmas holiday, the FBI published a formal update presenting the connection between North Korea and the Sony hack. The Bureau claims they traced evidence connecting North Korea to that with evidence including encryption algorithms, IP addresses, specific line of code, and specific tools used previously in attacking South Korea. The White House neither confirmed nor denied the North Korean role. The prompting for the attack was a Sony comedy featuring the fictional assassination of the North Korean leader Kim Jong-un, and under duress of the attacks and threats of future physical harm against movie-goers, Sony cancelled its major theatrical release. US officials verified that the government did not ask Sony to cancel the film's release as they viewed the cyber-attack and demands for cancelling the movie release as repressing freedom of expression. The White House stated the administration was considering a proportional response against those responsible for the attack that could start a direct conflict between the US and North Korea. While vague about the possible US retaliatory action, the administration added there is evidence to indicating destructive activity with malicious intent initiated by a sophisticated actor but hinted at a covert operation. A cyber-attack on a company such as Sony is another reminder of the dangers lying in the insufficiently protected cyberspace. ICANN hacked using "spear phishing" The Internet Corporation for Assigned Names and Numbers (ICANN) announced a successful hack to servers. The attackers managed to access a number of systems within the ICANN, like the Centralized Zone Data Service (CZDS). The hackers accessed 2

names, postal addresses, email addresses, fax and telephone numbers, and login credentials. The ICANN site is used to archive files, making it not up-to-date with essential files; this fact reduces the damage of the attack. RUSSIA Russia building a unified system to defend against cyber-attacks By the end of 2014, the Russian government intended to review a law on critical information infrastructure that would enable the country to build a comprehensive defense system against cyber-attacks. A state system to detect and warn against computer attacks is being created under the guidance of the Federal Security Service (FSB). Igor Sheremet, one of the co-authors of the bill, said that three cyber intelligence networks belonging to foreign countries were identified in 2013, preventing the theft of two million pages of secret information. ARAB COUNTRIES Hamas claims to have hacked IDF computers Hamas recently released an unseen video from Operation Protective Edge. According to Hamas, they received the video through hacking into the IDF computers. This video shows the terror attack on Kibbutz Ein HaShlosha during the operation. The video shows the attack itself, as well as the fact that some of the terrorists managed to get back to the Gaza strip unharmed. International Business Times website hacked by Syrian Electronic Army The Syrian Electronic Army hacked the International Business Times website in order to remove the article: The Syrian Army is Shrinking, and Assad is Running out of Soldiers. The SEA also removed central features of the IBT from its pages and replaced them with new stories. Islamic State suspected of cyber-attack on Raqqa opponents The Citizen Lab, a cyber security group, released a report finding a possible link between IS (the Islamic State ) and a digital attack on a Syrian citizen media organization that has repeatedly criticized the IS fighters. Raqqa Is Being Slaughtered Silently (RSS) recently exposed human rights abuses by IS forces who are occupying the northern Syrian city and the IS declared capital. Last month, RSS s supporters were sent emails from a Gmail account containing a link of a supposed image of US air strikes against IS strongholds. When clicking on the link, it introduces malware on to the user s computer that sent details of the IP address and network system each time the computer restarts. CHINA and APAC South Korea steps up cyber security at nuclear power plants South Korean President, Park Geun-hye, increased their cyber security at the country's nuclear power plants following a series of "grave" data leaks (all of which were considered non-critical information). South Korea's 23 nuclear power reactors are operated by Korea Hydro and Nuclear Power (KHNP), whose computer systems had been hacked. As South Korea is still technically at war with North Korea, this raised 3

the cyber crisis alert level for state-run companies from "caution" to "attention." Safeguards against "cyber terrorism" inspections were ordered for all national critical infrastructure facilities, including nuclear power plants. "Nuclear power plants are first-class security installations that directly impact the safety of the people," Park said at a cabinet meeting. "A grave situation that is unacceptable has developed when there should have been not a trace of lapse as a matter of national security." EUROPE NATO helps Georgia train cybersecurity experts Cybersecurity trainings were held in the professional development center at the Georgian Defense Ministry with the support of the NATO-Georgia professional development program. The aim of the exercise was to increase cybersecurity cooperation between government and non-government sectors in Georgia with senior Georgian officials attending the training. NATO offered Georgia the "Substantial Package," which aims to develop Georgia s defensive capacity by holding joint training and exercise sessions, provide intensive liaison, and improve interoperability opportunities. Georgia also demonstrated its readiness to join the post-2014 Resolute Support mission in Afghanistan to train, advise, and assist the local Afghan National Security Forces after the termination of the ISAF mission. NATO support is welcoming in Georgia amid recent tense political relations with Russia (following the treaty between Russia and its separatist Abkhazia region). France strengthening its cyber defense research The French Ministry of Defense signed a cooperation agreement with 11 universities on cyber defense research. This agreement is part of the cyber defense pact launched by the Minister of Defence, Jean-Yves Le Drian. This new cooperation is supposed to mark a significant step forward for the Cyber Security Excellence Center established in the eastern region of France. This new center aims to be a national and international center to cooperate on research, exchange ideas, and share threats with other cyber research centers across the world. Since 2009, France began to shift its cyber defense strategy after having to establish a national information security agency to protect the French government infrastructure. The government released a national cyber defense policy including the development of their national cyber security infrastructures, the creation of a national cyber defense reserve, and the establishment of a cyber command in the army. Similar to the United Kingdom, France is aiming to become the first European cyber super power capable of preventing cyber-attacks and effective responses in the threat of cyber warfare. However, the cyber budget of France remains lower than the UK, which invested hundreds of millions into its cyber security. Massive cyber ttack against German steel factory A German steel factory has been targeted by a massive cyber-attack, which has caused heavy physical damage. According to a report from German officials, the hack caused severe damage to a blast furnace, as the attackers managed to modify the internal systems and its components, disrupting the industrial operation. The report explained the hackers employed an advanced spear phishing technique to gather credentials and gain access to the main networks of the plant. Moreover, the attackers infiltrated the network of the factory and managed to find the path to the industrial production network. Officials speculated that this incident was similar to that of the Stuxnet 4

cyber-attack. Since Stuxnet, cyber-attacks against electrical power grids and nuclear or water infrastructure have increased, along with the number of state or state sponsored groups that are performing these attacks against these critical infrastructures, which have only evolved to become more sophisticated attacks. To counter such cyber-attacks, several security companies, like the Israeli firm Waterfall, have developed advanced technologies taking into account the complex environment of these industrial systems (like SCADA). Public and private organizations require President Klaus Iohannis to reject new proposal of cyber security law The President of Romania, Klaus Iohannis, was asked by the Romanian country s national intelligence agencies and private entities to reject the new cyber law. The new cyber security law would regulate the domain of cyberspace with warning and monitoring entities. The law has been developed based on the European Union Directive on Network and Information Security (NIS), requiring private entities and companies to make their data available for the National Security Authority (NSA). This has caused uproar among intelligence agencies and stakeholders in the private sector, criticizing the Romanian Parliament of violating their constitutional rights on data privacy in cyberspace. Romania recently faced dozens of cyber-attacks associated with financial frauds, illegal copies of credit cards, and personal data braches. Therefore, a new regulation of this cyber law was deemed a necessary step for the future of cyber security in the country. As a response to persisting protests, President Klaus Iohannis asked the Parliament to review the law. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information