Asia Pacific
IAEA Conducts Training Course on Protecting Nuclear Facilities from Cyber Attacks
International Atomic Energy Agency conducted an International Training Course on Protecting Computer Based Systems in Nuclear Security Regimes, in collaboration with Korean Institute of Nuclear Non-proliferation and Control (KINAC). This was held in the International Nuclear Non-proliferation and Security Academy’s (INSA) test facilities in Daejeon, South Korea. As part of the training scenario, the 32 participants from 20 countries analysed the fictitious nuclear research institute’s and the nuclear power plant’s computer networks and acted as members of the national computer security incident response team. They worked to identify the attack, contain the infected computer network systems, analyse the threat, remove the malware and restore normal operations.
Cost of Cyber Attack on Asia-Pacific Ports Could Reach $110 Billion
We live in a the world of complex supply chain architecture and an ageing shipping infrastructure that is more prone to cyberattacks than ever before. Also, the Asia Pacific Region is home to 9 out of top 10 maritime container ports in the world. In order to study the implications and cost of cyber attack in the ports, a theoretical simulation was organised by Insurance company — Lloyd’s of London, University of Cambridge Centre for Risk Studies and the Cyber Risk Management project at Singapore’s Nanyang Technological University. It was found that a single cyber attack has the potential to wreak damage as much as the natural catastrophe, thereby highlighting the need for maritime port cities in the region to take cyber catastrophe just as serious as they would take a deadly typhoon. Currently the ‘insurance gap’ in the region is estimated to be $101 billion.
North Koreans behind Indian nuclear plant hack
The Indian Nuclear Plant at Kundukulam was recently hacked bringing into question the Cybersecurity in critical infrastructure all across the country. South Korean Cybersecurity expert group names ‘Issue Maker Lab’ say that they have got evidence that North Korea was behind this attack. It was analysed that the main purpose of the attack was to retrieve information and not damage the facility. This was done to help China and Pakistan, India’s traditional rivals. It was revealed that the MAC address and IP address both bear North Korean signature and Korean language was used in the malware code. Also, it was revealed that this was earlier used by North Korean in cyberattack on South Korean banks, broadcasters and event South Korea’s Ministry of National Defense. Even Kaspersky Labs had identified that the malware used had linked to North Korea’s Lazarus Group. Also, last year FireEye had reported that North Korean cyber hacking was spread to aerospace and defence companies globally.
Malware drive-by attack triggered Australia’s first cyber emergency
A State-sponsored cyberattack by China was discovered in Australia’s Parliament computing network. It was analysed that malware infection occurred when a small number of the network’s 4000 users visited an unnamed website that itself had been compromised. Senate President Scott Ryan said the cyber attack, which has since been labelled “Australia’s first national cyber crisis” by the Australian Signals Directorate (ASD), took a total of nine days before the infiltration was stamped out after it was first discovered on 31 January. While ASD had previously confirmed a limited amount of data deemed non-sensitive was stolen by the attacker, new details on the type of data taken has now been disclosed.
New Zealand’s Cyber Risk Is Up; Foreign Cyberattacks to Blame?
In just 12 months, organisations in New Zealand faced 339 cybersecurity incidents. The National Cyber Security Centre was able to identify indicators linking state-sponsored cyber actors to 38 percent of the total incident recorded. They claim that a number of attacks targeted to political institutions, business media and sporting organisations and can be attributed to the Russian government and the Chinese Government.
Africa, Israel and the Middle East
Africa ‘fertile ground’ for cybercrime
Cybersecurity breach and Cybercrime from Africa is not widely reported, making it a ‘fertile ground’ for cybercrime. North Korean hackers called the Lazarus Group attacked an unnamed African bank and made off with $100million (R1.4billion). This incident was not widely reported. The African Union Commission published a recent report which said that only 20% of Africa states have basic legal frameworks to deal with cybercrime. Most countries have no mechanism to deal with it. South Africa and Kenya are the two most advanced in this regard and Nigeria is coming up fast.
Mid-power cyber threat growing: expert
Smaller and less powerful groups are using cyberthreats as a means to achieve their national interests without making major defence investment. For example, North Korea has used it to flout sanctions and funds military projects by stealing money via hacks. Also, Iran and its Middle Eastern neighbours have started moving from Research and Development into Operations for Cyberwar. In the Middle East the goal of these operations has become to influence other actors, manipulate oil prices and the market. The US has also warned of increasing threats from Iran as tensions escalate in the Gulf. It says “Iran doesn’t have the same level of cyber weaponry used by threat groups in Russia and China, but it has proven very adept at attacks on civilian and critical infrastructure- targets that are less hardened than government or military agencies.”
What you need to know about South Africa’s incoming cybercrimes law
A legislation to fight cybercrime is currently presented before the Parliament Select Committee on Security and Justice and will become a law by early next year. Tampering and steeling data, and unlawful access can have a huge consequence where the perpetrator can face penalty or jailed for five years. The legislation specifically refers to three delineated crimes namely cyber fraud, cyber forgery and cyber extortion. Leak of confidential or secret information could lead upto 15 years and sanction. Furthermore, the bill rules for search and seizure operations, intercepting of data by the state and preservation of data. The way in which local and international authorities must cooperate to investigate cybercrime is set out in detail.
Europe
Labour hit by second cyberattack
The Labour party removed the names of people who had donated from its website after being alerted by Journalists and experts on a ‘high level & sophisticated’ cyberattack on the party’s website. This incident has raised concerns about speculations of hacking in the upcoming elections. The GCHQ and UK’s National Cyber Security Centre were informed about the attack. The cybersecurity experts describe the attack as unsophisticated. The said that it was a Distributed Denial of Service attack, however, the are not able to identify the source of the attack. While some Labour members speculate that the attack originated from Russia & Brazil, others think that North Korea could be involved in this.
EU unveils new cooperation projects in training, cyber operations, naval warfare
The European Union has unveiled the latest batch of protects under its flagship defence-cooperation scheme, boosting the area of training, cyber cooperations and naval warfare. Currently, there are 47 projects in place under the Permanent Structure Cooperation (PESCO). 13 new projects related to efforts to counter cyber threats were added. EU Cyber Academia and Innovation Hub was envisioned to enhance creation of the innovative web of knowledge for cyber defence and cybersecurity education and training. Another scheme called the Cyber and Information Domain Coordination Centre(CIDCC) to create multinational military elements. The Integrated European Joint Training and simulation Centre (EUROSIM) will integrate tactical training and simulation sites in Europe into a “real-time, networked, connected system.” European Union Network of Diving Centres (EUNDC), will coordinate and enhance the operation of EU diving centres in order to better support defense missions, while the European Patrol Corvette (EPC) will design and develop a prototype for a new class of military ship.
United States, Canada & Mexico
Lawmakers begin oversight of cyber campaigns that target veterans, military members
Earlier this year, the group Vietnam Veterans of America(VVA) published the results of a two-year investigation showing hackers and cyber criminals from Russia and elsewhere are specifically targeting veterans and military members. VVA says that many of the online operations use impersonation schemes to make money by soliciting donations that appear to be going to legitimate veterans groups, to plant the seeds for espionage operations, and to spread disinformation in the veterans community. Lack of federal response to this was identified. It was recommended that the Department of Veterans Affairs take a more active role in protecting veterans from cyber threats, including by appointing a new deputy assistant secretary for “cyber-health.”
Hackers demand US $5 million after cyberattack shuts down Pemex computers
A ransom note that appeared on Pemex computers pointed to a dark net website affiliated with DoppelPaymer, a type of ransomware. It demanded Pemex pay 565 bitcoins, or just over US $4.9 million from Pemex after a cyberattack on the state oil company’s systems.
US and Taiwan hold first joint cyber-war exercise
Taiwan’s Cyber Security Agency quotes that the government network receives 30 million attacks a month and half of these are suspected to come from China. In order to estimate the significant risk, the Cyber Offensive and Defensive Exercises(CODE) were officially launched in partnership with United States. This test marks the “new frontier” in cyber cooperation between Washington and Taipei. The Code drills are based on Cyber Storm exercises. This announcement reflects the deepening of US-Taiwan security co-operation and dovetails other efforts under way between the United States and Japan to strengthen cyber-security co-operation.
Latin America
South American Air Forces Focus On Cybersecurity
By keeping ‘Cooperation as a Strategy Towards Progress’, South American air forces’ chief seeks mutual solution to current cyber and space security challenges, as well as transnational threats. “Space and cyber security are two factors that can spread different aggressions or threats in the world and end up affecting the interests of a nation; that’s why every state has the right and responsibility to protect its citizens, their property, and their valuables from these potential threats,” said Lieutenant General Juan José Janer, commander of the Aerospace Command of the Argentine Armed Forces’ Joint Chiefs of Staff.