Pakistan ISPR recruits youth for waging cyber propaganda war against India
The Inter Services Public Relations, Pakistan has been conducting competitions every month for rewarding youth who malign India through social media platforms. It is also accused of brainwashing the youth with IT skills to further their cyber propaganda against India. The ISPR, which is the media wing of the Pakistani Armed Force has recruited 1000 youth in the past one year to spread this propaganda. The youths are rewarded with jobs and contracts in Fauzi Foundation.
Cyber security management system gets ClassNK approval
Classification Society ClassNK has certified the cyber security management system (CSMS) of NYK Group subsidiary NYK LNG Shipmanagement Ltd and its LNG carrier Pacific Mimosa. The society’s move came in light of IMO’s decision to adopt Resolution MSC.428(98) Maritime Cyber Risk Management in Safety Management Systems. The resolution encourages the shipping industry to ensure cyber risks are addressed in ship management systems no later than 1 January 2021. Owners who fail to do so risk having their ships detained. In November, NYK concluded a joint research agreement with ClasskNK, MTI, MHI-MME and Japan Engine Corp to develop advanced technologies to realise its long-term goal of operating manned autonomous vessels. ClassNK will use the information to establish a new classification survey scheme based on CBM.
Chinese state ‘likely’ linked to cyber spies targeting human rights workers
A cyber spy group “likely” linked to the Chinese state has targeted human rights campaigners working on issues about the country for up to five years, a new report claims. One of the alleged targets is understood to be a human rights group that has raised concerns about the treatment of hundreds of thousands of Uighur and other Muslim minorities in China. It has also written about pro-democracy activists in Hong Kong. Secureworks said its researchers found malware they had not seen before when investigating the alleged actions of the cyber spy group. This suggests it may be able to develop its own capabilities rather than just rely on widely available malware, according to the report. The attackers allegedly used a combination of widely available cyber tools as well as what appear to have been their own kit to gain access to the networks of their alleged victims.
Microsoft takes down 50 domains operated by North Korean hackers
On December 18, the Redmond-based company filed a lawsuit against Thallium in a Virginia court. Shortly after Christmas, US authorities granted Microsoft a court order, allowing the tech company to take over 50 domains that the North Korean hackers have been using as part of their attacks. Microsoft said the Digital Crimes Unit (DCU) and the Microsoft Threat Intelligence Center (MSTIC) teams have been monitoring Thallium for months, tracking the group’s activities, and mapping its infrastructure. The domains were used to send phishing emails and host phishing pages. Thallium hackers would lure victims on these sites, steal their credentials, and then gain access to internal networks, from where they’d escalate their attacks even further.
Union makes debut for development of Vietnam’s ecosystem for cyber-security products
The 21 union members, consisting of Vietnamese businesses operating in cybersecurity, made their debut during a conference to summarise the work of the Ministry of Information and Communications (MIC) in 2019, held in the presence of Prime Minister Nguyen Xuan Phuc. At the launching ceremony, Nguyen Huy Dung, Head of the MIC’s Authority of Information Security, said that over 80% of network security products used in Vietnam are imported, meanwhile, Vietnamese enterprises have mastered the technology and can meet over 60% of a full network security and safety ecosystem. The MIC will also set up a research and innovation centre for cyber-security to support businesses in the alliance through research, deploying, training, rehearse and using products made by Vietnamese businesses themselves.
Voyeurism, ‘cyber flashing’ to be criminalised from January as legal reforms kick in
Sexual offences brought about by advances in technology such as voyeurism and “cyber flashing” will be criminalised from January next year, when amendments to the Penal Code take effect in Singapore. The changes were introduced under the Criminal Law Reform Bill, which was passed in Parliament in May. As part of the Bill, a new category of sexual offences was introduced to better tackle cases including the making, distribution, possession of and access to voyeuristic recordings and intimate images, as well as the distribution of such images without consent. A new offence of sexual exposure was also introduced to criminalise acts such as “cyber flashing”, or the sending of unsolicited images of genitals over an electronic medium to another person. Cases seen by the centre included actions such as taking images without a subject’s consent — for example through “upskirting” — as well as threats to carry out such actions. Last month, the Association of Women for Action and Research (AWARE) said the number of cases involving “technology-facilitated sexual violence” seen by its sexual assault care centre had more than doubled in the past three years.
China hails India’s decision on Huawei
China on Tuesday welcomed India’s decision to allow telecom major Huawei for 5G trials and hoped that “Chinese companies continue to enjoy open, transparent bussiness environment & level playing field in India for win-win cooperation”. India’s move can be described as effort to stabilise partnership in the backdrop of the Mamallapuram informal summit, according to persons familiar with the developments. Sino-Indian ties have been tested since August following China’s rhetoric over Kashmir based on its all-weather friendship with Pakistan. Beijing twice attempted to convene a closed-door session to discuss Kashmir in the backdrop of August 5 decision by the Modi government to scrap Article 370 and reorganise the state. The second informal summit contributed to India’s decision to allow Huawei for 5G trials, hinted one of the persons quoted above. Besides, as with other countries India needs time to build up its strength in this sector. The decision will also enable India to test the promise made by Huawei and China that it will not open back doors. The decision, according to one of the persons quoted above, will also enable India like UK and Germany to test the US ability to compete and provide a way for the rest in pricing and security.
Cyber warfare tactics to target top Russians
American military cyber officials are forming tactics that may single out senior Russian officials and oligarchs if Moscow tries to interfere in the 2020 U.S. elections. That’s the lead on a Washington Post story published on Christmas Day. U.S. Cybercom revealed that the programs are being improved to block hacking election systems or sowing widespread discord, according to current and former U.S. officials, the Post story said. The story pointed out that the U.S. military has long used psychological operations — dropping hundreds of thousands of leaflets in Iraq, for instance, to persuade Iraqi soldiers to surrender to the U.S.-led coalition during the Gulf War. The Internet, social media and smart phones have vastly extended the reach and precisions of such tactics, cyber experts say. In the past year, Congress and the Trump administration have eased restraints on the military’s use of cyber-operations to thwart foreign adversaries. The push is part of a move by military officials such as Gen. Paul Nakasone, who heads both Cybercom and the National Security Agency, the government’s powerful electronic surveillance arm, to weave cyber-offensive capabilities into military operations.
Africa, Israel and the Middle East
Soleimani ‘Revenge’ — This Is Why Iran’s Most Dangerous Cyber Weapons Will Stay Hidden
Qassem Suleimani, Iran’s top commander of the country’s Quds Force was killed by a US MQ9 Reaper Drone attack. The commander was viewed as an extreme threat to U.S. interests and the second most influential person in Iran. The American and the European nationals have now been warned of attacks on security and commercial facilities, on tourism and shipping on the Strait of Hormuz. The integrated physical and cyber domains have increased the possibility of a cyberwar. Iran has been developing its cyber capabilities and sponsoring threat groups. They may now leverage this capability to target critical infrastructure and mainstream software platform of the United States and its allies. Many cyber and intelligence experts predict that the response will be “fast and noisy”. Some experts argue that Iran lacks development of sophisticated cyber weapons. Moreover, planning a catastrophic cyberattack may result in more lose to Iran. Vanunu from Checkpoint has highlighted that if Iran were to use the Cyber domain, it will target those domains that create headlines such as health, financial services and social media.
Workshop on cyber security activities held
A workshop on preparation of training package of the cyber security activities project at the schools of the Sultanate kicked off on Sunday in Oman. The workshop was organised by the information security department at the Ministry of Education. The four-day workshop is being conducted by Mohamed bin Sulaiman Al Ghafri, from the Centre for Professional Training of Teachers at the head office of the training centre in Al Khuwair. The workshop targets preparation of educational packages for the project on cyber security activities at the schools of the Sultanate and preparation of training activities and simulation systems in the field of security information. The workshop also aimed to establish tools for evaluation of students’ performance and micro-teaching through video presentation for the workshop through direct link among the training centres at the Directorates General for Education at the Governorates of the Sultanate.
DFSA launches initiative against cybercrime
The Dubai Financial Services Authority (DFSA) is initiating a cyber threat intelligence platform in partnership with the Dubai Electronic Security Centre, the National Computer Emergency Response Team and the Computer Incident Response Center Luxembourg. The platform, which is scheduled to go live in January 2020, will help companies in the Dubai International Financial Centre strengthen their cyber security framework and minimise any cyber risks. According to the DFSA, cyber risk is widespread and negatively impacts businesses. Thus, all participants across industries must partake in an open dialogue about cyber security. The platform will harbour an ecosystem that encourages information exchange and offers enhanced cyber threat intelligence solutions. A first of its kind regulator-led platform in the region, it will be operated and managed in coordination with Help AG, a leading information security services, consultancy, and solutions provider. This initiative is a vehicle towards a broader strategy of DFSA that aims to spread awareness about cyber threat. This information will be used by businesses in DIFC to identify and prevent cyber attacks.
Israel and Iran Have Been Waging a Secret War — German Media
In 2019, a “war of words” in the Middle East came close to a “war of weapons” over attacks on Saudi and Iranian vessels, drone assaults on Saudi state oil company facilities — for which Yemen’s Houthi movement claimed responsibility, and the downing of a US surveillance drone. However, the tensions are allegedly not limited to visible activities. The report says that Washington and Tel Aviv declared a “cyberware” war on Tehran and its allies more than a decade ago. As former intelligence officer of the Israel Defence Forces’ 8200 reconnaissance unit Roy Barzilay told the outlet, US President Donald Trump reacted to this summer’s attacks, which Washington and its allies have blamed on Iran, by ordering “to use a cyber attack to shut down the Iranian missile system and its intelligence agencies’ computers”. Unit 8200 is said to spy on enemy states and terrorists, something which is considered a “passive cyber attack”. The so-called “active cyber attacks” are said to be carried out to change or impair the resources of opposing military facilities or even whole economic sectors. As n-tv notes, in 2017 information gathered by the unit helped prevent an attack on an airport in Australia, as several Daesh* supporters were arrested before it could take place.
Israel’s Largest Cybersecurity Event, Cybertech 2020, To Open In Tel Aviv In January
Cybertech 2020, the largest annual cybersecurity event in the world outside the US, will take place in Tel Aviv in late January and is expected to draw thousands of cyber tech experts, industry leaders, venture capitalists, entrepreneurs, executives, and government officials worldwide. Featured speakers will include Director-General of the Israel National Cyber Directorate (INCD) Yigal Unna, Israeli cybersecurity think tank and company creation platform Team 8 co-founder and CEO Nadav Zafrir, and Diagnostic Robotics Chairman and CTO Kira Radinsky (formerly with eBay). One of the biggest headlines of Cybertech 2019 came from Israeli prime minister Benjamin Netanyahu, who spoke last year’s conference and told the crowd, that Iran virtually attacks Israel every day. He also said that every country needs a combination of defense and attack capabilities and that “Israel has such capabilities.” Speakers at the 2019 event also touched on points like how cyber affects daily life in health, transportation, infrastructure, and the economy, with special attention to fields of medicine, aviation, and elections.
South African directors to face increased scrutiny in 2020: legal expert
The public and legal scrutiny on directors is likely to increase in 2020 and there will be a significant shift towards active steps being taken by companies, regulators and state authorities in bringing directors to task for alleged misconduct, says Lee Astfalck, a partner at law firm Clyde&Co. Astfalck said that the flurry of legal action will encompass both state-owned enterprises and the private sector and will involve the current climate of claims relating to financial irregularities and misleading financial statements. Astfalck predicts that claimants such as trade unions and customers will utilise class action lawsuits and further develop our law insofar as the potential remedies against directors are concerned. Litigation funders may seize on such opportunities to drive litigation in the class action arena, he said.
Popular Mid-East app accused of spying back on Google Play
The popular UAE-developed mobile application ToTok has returned to the Google Play Store after it was removed on claims it was being used for government spying, the company said Saturday. Google and Apple removed the app from their online marketplaces last month after The New York Times reported ToTok allowed the UAE government to track the conversations, movements and other details of people who installed it on their phone. ToTok appeared to trick users of iPhones and Android devices into handing over access to their location and private data on their devices, Wardle said. It was also promoted by what appeared to be fake reviews, he added. The UAE is investing heavily in new technologies and artificial intelligence, but many experts and organisations accuse the country of strictly restricting freedoms on the internet.
Warning over Posts Targeting National Unity on Social Media
The Interior Ministry yesterday issued a strict warning against posting comments on all social media networks targeting national unity while promoting hatred in light of latest political developments in the region. The ministry has vowed strict action against all those who violate rules and regulations regarding national unity and security. HRH the Premier, underlined the need for the international community to move towards a new forward-looking vision that works in accordance with a common collective will to press ahead with the international peace efforts by adhering to the lofty religious principles and values endorsed by international conventions.
Cyber Diplomacy in Qatar — A Virtue of Necessity?
Delineating the term cyber diplomacy is not without debate. Sometimes used equivalently to digital diplomacy, which, expanding on Public Diplomacy 2.0, rather outlines the use of digital means in exercising diplomacy. Cyber diplomacy instead, is better described as employing means of diplomacy to respond to challenges in cyberspace. In this context, it is the small, yet influential Gulf nation of Qatar that continues to make considerable strives. Driving an ambitious soft power strategy already since the mid-nineties, Qatar did not limit itself to investing its gas-wealth in its own media, infrastructure, tourism and business sectors to compel foreign direct investment and advocacy. It also pursued underpinning its diplomacy early on through a diversity of investments abroad, and by profiling itself as an important player in areas of global relevance. Multilateral exchange in the interest of cybersecurity was particularly important. While there cannot be any doubt of the country’s economic clout, Doha’s remarkably thoughtful response and cyber diplomacy strategy may indeed have facilitated additional transnational partnerships with leading international institutions that are vital to the overarching cybersecurity debate. Having positioned itself at the forefront of this issue and with a growingly digitized and complex threat environment, that today poses a risk to all countries, it is thinkable that a leadership position in cybersecurity may as well turn out to be one of Qatar’s strongest soft power assets, yet.
REVENGE Fear Iran’s ‘crushing revenge’ on US could mean cyber war in Britain, rocket barrages in Israel and global kidnappings
Iran has threatened of a cyberwar against Britain, Israel and the allies of the United States after the recent drone attack and assassination of Qassem Suleimani, Iran’s top commander in Iraq. Iran has declared that it is planning a more asymmetric or unconventional style of war aimed at Europe, Africa, South Africa and the continental US. This includes a cyberattack.
London-based Forex Company Suffers Cyber-Attack
Travelex- a London based foreign exchange company was hit by a cyberattack on new year eve. As a result suspending all the online services. The news was confirmed when the official Twitter handle confirmed a malware attack and informed the users that as a precautionary measure to protect data and the spread of the virus all the services were made offline. It was also informed that they had deployed “team of IT specialist and external cybersecurity experts” to tackle the event.
Summer Exit Planned for Head of UK’s National Cyber Security Centre
Ciaran Martin, the Chief Executive Officer of the National Cyber Security Centre and head of UK Cybersecurity is to relinquish his role. Since its inception, the NCSC has dealt with over 2,000 cybersecurity incidents targeting the UK. In the 12 months ending August 2019, the NCSC supported nearly 900 British organizations to recover from cyberattacks.
Climate Change, Cyber Warfare Risks Are Key London Market Issues for 2020: IUA
The International Underwriting Association (IUA) has said that cyber — particularly cyber warfare — continues to dominate IUA member discussions across a wide range of different lines of business. On business process reform, 2020 will see the IUA participating fully in projects such as claims processing that are being developed as part of the Future at Lloyd’s blueprint, but have important consequences for the whole London market, said the association.
How cyber security has changed the risk dynamic at Lloyds Banking Group
This article gives a detailed explanation of the how the cybersecurity risk dynamics is assessed at Lloyds Banking Group. Ameen Jugnauth takes on a holistic view of cyber risk explaining. that his role is ‘second line’; first line risk professionals get into the deep granular details of services, products and processes. He explains how the change in technology and the way people interact has changed the threat landscape. Thereby, there have been changes in regulation and policy as well. ere has also been a change within the risk department from focusing on business continuity to concentrating on resilience. It has also changed procurement. When picking a tool, risk now drives a lot of decisions, whereas previously organisations would be fixed on a compliance approach — ticking off risk and IT security as an afterthought, now it is baked into the conversation from the start.
United States, Canada & Mexico
US Coast Guard Sounds Alarm After Ransomware Attack
US maritime facilities have been on high alert over the Christmas break after the Coast Guard revealed details of a ransomware-related outage in late December. The bulletin described a recent attack causing widespread operational disruption at a “Maritime Transportation Security Act (MTSA) regulated facility. Forensic analysis identifies ‘Ryuk’ ransomware, that may have entered the network of the MTSA facility via an email phishing campaign. Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,” it explained. The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations. The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.
New US law to monitor sale of cyber-tools overseas
Newly passed legislation will push the U.S. State Department to disclose how it polices the sale of cyber tools and services abroad. The move followed a Reuters investigation which revealed that American intelligence contractors clandestinely assisted a foreign spying operation in the United Arab Emirates, helping the monarchy to crack down on internal dissent. The legislation directs the State Department to report to Congress within 90 days on how it controls the spread of cyber tools and to disclose any action it has taken to punish companies for violating its policies. Under U.S. law, companies selling hacking products or services to foreign governments must first obtain permission from the State Department. U.S. lawmakers and human rights advocates have grown increasingly concerned that hacking skills developed for U.S. spy services are being sold abroad with scant oversight. The agency previously said human rights concerns are carefully weighed before such licenses are issued but declined to comment on the authorizations granted for Project Raven. The UAE Embassy in Washington did not respond to a request for comment.
SME boards “cannot pay lip service to cyber risk anymore”
Every single company that uses technology to perform day-to-day functions has some form of cyber exposure. Even the smallest business that uses email to chat to clients offers a window of opportunity for cyber criminals to exploit. A big financial unknown for SMEs at the moment revolves around cyber risk. In its primary years, cyber liability exposure was held only by large firms or those with access to money and credit card information — at least that’s what the majority of SMEs believed. Again, the smaller business’s innate desire for simplification kicks in, and many have an urge to collect their cyber exposure in one trap. This is where insurance partners can once again step in and provide tools to simplify the complex cyber risk web.
Cyber attack hits Enloe; patient records safe, officials say
Another cyber attack in a US Hospital where the system was compromised. A ransomware attack is a type of computer virus that threatens to publish private data or block access to it unless a ransom is paid. Officials at Enloe did not comment on what the hackers requested to return the information. However, the caregivers of the hospital did an incredible job responding to the cyber security incident and are doing everything possible to return our core systems to functionality, protect patient information, and partner with law enforcement agencies, including the FBI
Oddly specific ‘cyber attack’ hits Alaskan airline RavnAir and one plane type
A small Alaskan airline has suffered a curiously specific “cyber attack” that mostly affected its De Havilland Dash 8 airliners. RavnAir Group declared on 21 December that it had experienced a malicious cyber attack on our company’s IT network the day before, causing it to cancel all of its flights operated with Dash 8s on its RavnAir Alaska airline. The incident is unusual because it appears those deploying the malware — if that is what it was — initially only affected one particular aircraft type, and a relatively old model. RavnAir flies DHC-8–100s, a twin-engined turboprop airliner no longer made by manufacturer De Havilland Canada: the -100 was superseded by the larger Q400 model in the early 2000s. It was said that this was due to lack of knowledge about cyberhygiene practices.
Cyber attacks and electronic voting errors threaten 2020 outcome, experts warn
Potential electronic voting equipment failures and cyber attacks from Russia and other countries pose persistent threats to the 2020 elections, election security analysts and key Democrats warn. In response to these and other threats, Congress in December added $425m for election-related spending, including security measures, to a massive $1.4tn spending bill for 2020. The threat of more cyber attacks, plus disinformation and social media operations to sway public opinion, has prompted the federal government to work closely with officials in all 50 states, the statement said. A Senate intelligence committee report in mid-2019 concluded that Kremlin hackers manipulated election systems in all 50 states, and succeeded in breaching systems in two Florida counties and another state, although vote totals were apparently not affected. Looking ahead at other potential election security problems, Wyden voiced concern that the $425m allocated for 2020 election administration could be used for other purposes than security measures since it was written without tight spending guidelines.
TikTok: Chinese-Owned App Considered a Cyber Threat by U.S. Army
The video-sharing social media and networking service was launched in September 2016 by ByteDance, a Beijing-based firm that was founded four years earlier. The video is used to create short lip-sync, comedy and talent videos — and in 2017 it was released for Apple’s iOS and Google’s Android outside of China. The app is available in 40 languages and according to online reports has more than 500 million active users worldwide. It has an engagement rate of 29% and as of July 2018, TikTok users spent an average 52 minutes per day on the app.In the letter to Joseph Maguire, acting director of national intelligence at the Office of the Director of National Intelligence (ODNI), the senators wrote, “TikTok is owned by Beijing-based technology company ByteDance, which operates several other content platforms in China. ByteDance regards its platforms as part of an artificial intelligence company powered by algorithms that ‘learn’ each user’s interests and preferences through repeat interaction.” The final consideration is that even with a ban on government devices, TikTok is just the latest example of how some apps could still pose a danger to national security warned Crandall. “Unless the U.S. prevents TikTok from operating entirely in the country, the Armed Forces should do what it can to educate our population to better defend itself, no matter if that means lights out after dark during WWII, or play it safe when using social media apps developed by hostile regimes.”
*no news this week