Search for next Australian Cyber Security Centre chief begins
The Australian Signals Directorate has begun searching for a new chief to take charge of the country’s peak technical cyber security authority, the Australian Cyber Security Centre. The national cyber spy agency put out the call on Thursday in preparation for the departure of outgoing head Rachel Noble, who will become ASD’s new director-general next month. ASD and ACSC have taken an increasingly hands-on role towards uplifting government cyber resilience since early 2016 after being funded for a program of work that embeds experts in agencies for up to six weeks to evaluate and develop strategies regarding their IT security posture. The program began around the time of the state-sponsored cyber-attack against Parliament House, which ASD has since branded the country’s “first national cyber crisis”. ASD expects the successful candidate will have a “sophisticated knowledge of cyber security” that has been obtained through extensive work in both the public and private sectors, and must be able to obtain Top Secret Positive Vetting. Applicants have just two weeks to get their application — and accompanying 1000-word response — in, with submissions set to close on January 30. ASD is also currently looking to fill the role of deputy director-general signals intelligence and network operations.
Farms are ‘fair game’ to cyber attacks
As more farm enterprises rely on the internet to operate, the isolation that has spared many regional businesses from crime compared to those in built-up or city areas has started to fade. Cyber experts say that as long as your business uses the internet, you are fair game just as much as metropolitan businesses. And farm businesses, due to their high dollar amounts of input and outputs, are common targets for cyber criminals. NAB Cyber general manager Nick McKenzie said the industry and all businesses should remain conscious of the impact of cyber threats. NAB regional and agribusiness customer executive for WA Jeff Pontifex said the institution’s system is usually quite effective at detecting suspicious activity and alerting customers. NAB’s system is largely self serve and self regulated, allowing users to have control of and limits on certain outgoing dollar amounts.
Estonian and Indian foreign ministers discuss UNSC and cyber cooperation
Digital and cyber issues were given particular attention. “The fact that a country with one of the largest number of internet and technology users in the world is interested in cooperating with Estonia on cybersecurity and e-governance is a great credit to Estonia and our entrepreneurs,” Reinsalu said. He expressed hope that the memorandums on cyber cooperation and e-governance and emerging digital technologies signed in August 2019 during the visit of the Vice President of India Venkaiah Naidu would provide new opportunities for both countries. On the sidelines of the Raisina Dialogue conference in New Delhi, Foreign Minister Reinsalu also met with his counterparts from India and Iran, as well as from Uzbekistan and the Maldives, and with the national security adviser of Afghanistan.
Africa, Israel and the Middle East
US Girds for Cyber Threats from Iran as Military Clash Fears Ebb
This article highlights the tactic used by Iran against U.S in the cyber domain. It gives an analysis of Iran retaliation in the form of a cyberattack. It is given that Cyber is the easiest way Iran can have effect on the U.S. homeland. This was said by Jan Bateman, a former Pentagon Intelligence officer who is a cyber policy fellow at the Carnegie Endowment for International Peace. It was also said that a lot of tools in its toolkit would be used against America or U.S. allies. John Dickson, a former air intelligence officer also said that ransomware is a likely option because they get squeezed economically by sanctions. Jan Bateman noted that digital tools are now considered part of the military arsenal, and that both Iran and the U.S. could mix cyber and conventional or “kinetic” methods.
Ex-Shin Bet official: Iran may use Chinese cyber tech to attack Israel, US
Following the killing of Iran IRGC Quds Force chief Qasem Soleimani, Iran may use advanced Chinese cybertools against Israel or the US, a former top Shin Bet (Israel Security Agency) official told The Jerusalem Post on Tuesday.The official, Dr. Harel Menashri, was a founder of the Shin Bet’s cyber department and is currently the Head of Cyber at the Holon Institute of Technology. Cyber is also an area where Iran can invest very little in terms of funds — at a time when its economy is shaky — while achieving a large upside in causing potential damage. Menashri warned of Iranian cyber attacks on critical infrastructure, such as electricity, water, hospitals and banks. Meanwhile, former Shin Bet cyber chief Berbing focused on Tuesday’s reports, which said that Russian hackers targeted a Ukrainian gas company at the center of the Trump impeachment query, in an attempt to recover details regarding former vice president and 2020 presidential hopeful Joe Biden. Berbing said the key to combating these highly complex cyber attacks was redundant barriers, to get permission to access sensitive information, or even splitting sensitive information into entirely separate databases.
Mellanox joins IAI-led cyber consortium
Israel Aerospace Industries (IAI) has announced that Israeli semiconductor company Mellanox Technologies (Nasdaq: MLNX) will join the Israeli Cyber Companies Consortium (IC3), which IAI leads, to market its products within the IC3 framework. In addition, Mellanox will collaborate with Custodio Technologies, a Singapore-based IAI subsidiary, in the co-development of an innovative cyber investigation solution that leverages Mellanox’s smart network cards and Custodio’s CyVestiGO investigation system. The combined solution will enable extensive log collection in advanced server environments as well as quick analysis in detecting sophisticated cyber-attacks, IAI said. As announced in March last year, NVIDIA Corporation intends to acquire Mellanox for $125 per share in cash. Mellanox’s share price closed at $119.50 in New York yesterday, giving the company a market cap of $6.63 billion.
SA banks ready in case of cyber attack by Russian hackers
Cybersecurity experts have said that while South African banks are not immune to hacking and malware attacks because of the proactive measures they continue to institute, customers need to remain vigilant at all times. The South African Banking Risk Information Centre (Sabric) reported this week about potential malware attacks on major banks in the sub-Saharan Africa region. The centre said: “We are aware of the media statement issued by Kaspersky on January 13 about potential malware attacks on major banks in the sub-Saharan Africa region, most likely by the Russian ‘Silence’ hacking group which has been responsible for the theft of millions of dollars globally.”
Travelex boss breaks silence 17 days after cyber attack
A scripted video was uploaded to a backup Travelex website, where boss Mr. Tony D’Souza gave a short brief on the cyberattack in which the cybercriminal gang named- Sodinokibi held the firm to ransom on 31st December. A ransom demanded was $6 million to unlock the 5GB sensitive customer data such as date of birth, credit card information and national insurance number. He also mentioned that the IT system used by in-store staff was working again, while the rest of the system remain online. There was no word about when the website would be operational which meant that customers are still unable to order currency online, either from Travelex or the network banks. However, he did mention that it was not appropriate to discuss details of the attack because of ongoing investigation.
Cyber-attack fears growing among business leaders and policymakers
The Global Risks Report 2020, published on Wednesday (January 15), names large-scale cyber-attacks and the associated breakdown of critical information infrastructure and networks, within its list of forthcoming disasters. The majority (76.1%) of respondents in the study thought that cyber-attacks on infrastructure systems would increase in 2020, and most (75%) also expected cyber-attacks resulting in financial or data theft to rise within the year.
CAA launches aviation cyber-security assurance scheme
UK’s Civil Aviation Authority (CAA) has announced its new ASSURE scheme developed in partnership with the Council for Registered Ethical Security Testers (CREST), the not-for-profit accreditation and certification body for the technical security industry. ASSURE is an accreditation scheme created to enable aviation organisations to procure accredited cyber security audit capabilities to audit their completed CAF for Aviation self-assessments. The new scheme will improve CAA’s cyber-security oversight strategy, enabling the aviation industry — including airlines, airports and air navigation service providers — to manage their cyber-security risks without compromising aviation safety, security or resilience and to support the UK governments’ national cyber-security strategy. Where stipulated by the CAA, aviation organisations will be required to complete a self-assessment of their cyber security using the CAA’s Cyber Assessment Framework (CAF) for Aviation, which can be applied to organisations of varying size and complexity. Aviation organisations may then be required to contract with an ASSURE Cyber Supplier through the ASSURE Buyer’s Platform to audit their completed CAF for Aviation self-assessment, on behalf of the CAA.
Greek intelligence agency, 5 other websites down after cyber-attack
The websites of the Greek National Intelligence Agency, the Greek Parliament, the Foreign Ministry, Athens Stock Market, Finance Ministry and the e-state website was hacked by a Turkish hacker group named “Anka Neferler Team,” who has claimed responsibility for the cyber-attack, announcing it on their social media accounts.
Cyber crime: Man arrested over ‘details for sale’ website
A 22-year old man in Northern Ireland was arrested in connection with international cyber crime operation. The man is allegedly offered access to 12 Billion personal credentials to criminals and was believed to be making £200,000 in profit from the site. The National Crime Agency began the investigation of the website, which is believed to have hosted credentials taken from around 10,000 data breaches. This information was then passed to the Police Service of the Northern Ireland(PSNI) and the East Netherlands Cyber Crime Unit (Politie), who launched their own operation. Parallel investigation were also being run by the German police and the FBI, who seized the domain and took down the website at 23.30 GMT on the same day.
Cyber attack sees Picanol shares suspended
Picanol was targeted by ‘ransomware’ that halted its production in Ypres but also affected its Chinese and Romanian sites. As a result of the computer attack, the company no longer has access to its own systems and the bulk of its computerised production has since been interrupted, the pirates demanding a ransom before making the system accessible again. Picanol has in any case not given in to their demands. About 1,500 people employed in Ypres were put on leave for technical reasons
Former senior E.U. diplomat investigated over China spying claims
A former senior European diplomat and two others are being investigated on suspicion of spying for China, according to European officials, in a case that is sure to compound concerns about surveillance as Chinese telecommunications firms invest in Europe. The investigation comes at a time of heightened European concern about expanding Chinese spy networks in Europe. European Union officials were reported to have received internal warnings about the proliferation of Russian and Chinese spies in the vicinity of its Brussels offices last year. European countries have also been under pressure from the Trump administration not to use the services of Chinese tech giant Huawei as it rolls out its 5G networks on the continent. U.S. officials have said the Chinese government could tap into Huawei equipment installed overseas to spy on the West or disrupt infrastructure. The company has denied the allegations.
Ukrainian authorities ask FBI for help investigating Russian hack on Burisma
Ukraine’s Ministry of Internal Affairs on Thursday announced that the country’s cyber police had started “criminal proceedings” around the recent hacking of gas company Burisma, and noted that authorities were seeking the assistance of the FBI in pursuing the case. According to the Times, the Russian hackers successfully got into at least one server, although it is unclear what they were able to access or whether anything was stolen. The ministry noted that it had approached both the FBI and Area 1 Security for assistance in the probe into the hacking of Burisma.
United States & Canada
Cyber Attack On Major Bank Could Spread Quickly, New Fed Research Shows
A well-timed cyber attack on a single large bank could spread rapidly through the U.S. financial system by dramatically impairing the flow of credit between financial firms, according to new research from the Federal Reserve Bank of New York. Worries about financial crises are often linked to market concentration and excessive risk taking. But the Fed paper makes clear policymakers see cyber security as another possible key trigger for a financial debacle. Financial service firms experience up to 300 times as many cyber attacks per year as companies in other sectors, according to Boston Consulting Group data cited in the NY Fed research.
U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks
The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, CVE-2019–11510, became such a hot security potato. Pulse Secure first released an advisory regarding the vulnerabilities in the VPN on April 24, 2019. On July 31, 2019, the CISA alert reports that an exploit was demonstrated, and on August 24, 2019, more than 14,500 vulnerable VPN servers were found to be unpatched around the world still. By October 7, 2019, the National Security Agency (NSA) had issued an advisory regarding mitigation against VPN products being actively targeted by advanced persistent threat (APT) actors. APT actors are often associated with highly organized criminal gangs or state-sponsored threats such as the North Korean APT group that Microsoft recently dealt a powerful counterpunch. As the Cybersecurity and Infrastructure Security Agency alert quite categorically states: “CISA expects to see continued attacks exploiting unpatched Pulse Secure VPN environments and strongly urges users and administrators to upgrade to the corresponding fixes.” The bottom line, according to CISA, is that “this vulnerability has no viable workarounds except for applying the patches provided by the vendor and performing required system updates.”
Senators introduce bill to create state cyber coordinators at DHS
A bipartisan group of senators have introduced legislation that would create new cybersecurity coordinator positions within the Department of Homeland Security for each states in the United States of America. The bill, sponsored by Sens. Maggie Hassan (D-N.H.), Rob Portman (R-Ohio), Gary Peters (D-Mich.) and John Cornyn (R-Texas), would require the director of the Cybersecurity and Infrastructure Security Agency to designate officials from within the agency to serve as the principal federal point of contact for state and local officials on cybersecurity matters. The director of CISA would also be required to brief the House and Senate Homeland Security Committees a year after the bill’s passage on how effective the coordinators have been.
Cyber security investments are a priority for the city and state
Ransomeware attack have escalated on the state level and national level IT facilities in the United States and Gov. John Bel Edwards wants to harden state cyber defence. In order to prevent paying the cybercriminals the ransom amount the administration has decided to bring the highest-level security defence to the New Orlean state.
Lakota’s new cyber security academy training future digital protectors
Ohio’s lieutenant governor helped celebrate its opening, and now months later Lakota’s ground-breaking Cyber Academy is training high school students for potentially lucrative careers in cyber security. At the halfway mark of the academy’s inaugural year, school officials and participating students say the innovative program, which is one of only two in Ohio, is performing as predicted. Nationally, starting salaries can be as high as $60,000 for the positions, and cyber security experts predict will will be 3.5 million jobs available by 2021.
Colonie’s computer system down after cyber attack
The town of Colonie’s computer system was down Friday due to a cyberattack, forcing many departments to run their operations offline, town officials said Friday, noting that systems should slowly start to come back online later in the day. About a week ago, Albany County Airport Authority’s computer system was also hacked, and the airport had to pay a ransom. The amount wasn’t disclosed, but airport officials said it was “under six figures.” Colonie officials don’t know if there is any connection between the two incidences. The City of Albany experienced an attack last spring that cost the city $300,000 to repair destroyed servers, upgrade user security software, purchase firewall insurance and make other improvements to better protect the city’s systems. These attacks are becoming increasingly more common. More than 40 municipalities in the U.S. have been the victims of cyberattacks in 2019, ranging from major cities such as Baltimore and Laredo, Tex., to smaller towns like Lake City, Fla, according to a New York Times report. Some steps groups can take to prevent hacks is to frequently test their systems, train their staff, encrypt data and create multi-step authentication logins. Above all, Flory said it’s crucial to make sure data is backed up.
When complete, Cancun C5 centre will be most modern in Latin America
The construction of the Security Complex, which is part of the state’s updated security program, is approximately 45 percent complete, says the Ministry of Public Security. The Complejo de Seguridad (C5), which began construction in mid-2019, is being built along Luis Donaldo Colosio Boulevard in Cancun. When complete, the site will monitor all emergencies around the state including Emergency 911 calls and the 089 Anonymous Complaint line. nside the facilities, tasks related to the administration, operation and police development of the Quintana Roo Police will also be carried out. The inter-institutional complex will be home to Intelligence Units, Cyber Police, elements of the National Guard, SEDENA, Federal Police, State Prosecutor, Quintana Roo Police, Civil Protection, CRUM, Firefighters and Ministry of Tourism.