In a not so surprising twist, the Chinese government has adopted new regulations requiring technology companies, such as Apple, Inc., to allow security inspections of their products prior to entering them into the market, according to the New York Times. These security audits are designed to ensure that products that will be used in the nation, including in highly sensitive sectors like the banking industry, military and government agencies, do not have backdoors accessible by foreign nations reported Bloomberg. Any product not deemed to be “safe and controllable” will be banned, the article added. These measures, which were approved last year, will go into effect this year, the article reported.
This news closely follows British Prime Minister David Cameron’s recent announcement of his support for the ban on encrypted forms of communication. Bloomberg further reported that the Chinese government is justifying its latest move by citing national security reasons, the same reasoning behind Cameron’s support for a ban on encrypted communications. These regulations are also aimed at purging foreign technologies from the nation’s key industries by 2020, adds the article. However, foreign companies maintain that this latest move is simply an attempt to force them out of the Chinese market, the New York Times reported.
Apple, Inc. which has recently announced that it plans to release products containing encryption that is impossible even for the company to undo, has actually agreed to comply with China’s latest regulations, the Telegraph reported. The invasiveness of these measures are quite alarming, specifically the requirement that companies provide the Chinese government secret source codes for their products, The New York Times added. This is especially troubling because of China’s extensive history of economic espionage, namely the PLA’s Unit 61398, believed to have been responsible for stealing technologies from five American companies, adds the report. The report further stated that this is just the latest in a series of measures that is widening the division between the internet available to the Chinese market and the internet available to the rest of the world.
Cyber Round Up: US Arms Vulnerable; Hacked: Malaysia Airlines and Israel Defense Computers; World Forum Corporate Cybersecurity
- U.S. Arms Programs Vulnerable to Cyber Attacks: Pentagon’s chief weapons tester reported on the cybersecurity of U.S. weapons program, and according to Reuters, the results are dismal. Reuters reviewed the findings of the report, which found that nearly every U.S. weapons program tested in fiscal year 2014 showed “significant vulnerabilities” to cyberattacks. According to Reuters, the report said tests of more than 40 weapons revealed problems with cybersecurity, and U.S. troops needed to learn to “fight through” cyber attacks, just as they do now with conventional attacks. For the full article, click here.
- Malaysia Airlines HACKED: The Malaysia Airlines website was hacked on Monday by hackers who referenced the Islamic State jihadists and claimed to be from the “Lizard Squad,” a group known for previous denial-of-service attack, reports The Wall Street Journal. According to the article, this is the same group that claimed responsibility in December for a cyberattacks on videogame servers of Sony Corp. and Microsoft Corp. A Malaysian cybersecurity agency determined that the it was a case of domain hacking. The article explains that tampering with domain names to divert traffic from the intended site would generally require less sophistication than a more complex breach in which a company’s servers are compromised and data is exposed. To read more about the response and the exact messages sent by the hackers, click here for the full article.
- Israel Defense Computer HACKED: According to Reuters, Hackers broke into an Israeli defense ministry computer via an email attachment tainted with malicious software that looked like it had been sent by the country’s Shin Bet secret security service. They reportedly took over several computers, one of them belonging to Israel’s Civil Administration that monitors Palestinians in Israeli-occupied territory, reports Reuters. Aviv Raff, chief technology officer at Seculert, told Reuters that Palestinians were suspected to be behind the cyber attack, citing similarities to a cyber assault on Israeli computers waged more than a year ago from a server in the Hamas-ruled Gaza strip. To read the full article, click here.
When Twitter and YouTube accounts belonging to the military’s US Central Command were hacked, the Pentagon brass quickly dismissed the hack as nothing more than “cybervandalism,” or a “cyberprank.” However, the opinions of cybersecurity experts vary on the impact of what appeared to be a “trivial hack.” I have compiled views from both sides and provided links to read more.
CentCom Hack Should Be Taken More Seriously:
- Damages Through Perception: Writing for the dailysignal.com, James Carafano, an expert in national security and foreign policy challenges, argues that the CentCom attacks need to be taken more seriously. According to Carafano, the focus should not be on the severity of the attack itself but rather the perception of weakness created by the attack. Read his reasons here.
- Damages Through Reputation: In a Bloomberg article titled “The CentCom Hack Was No Joke,” the author explains that this type of hacking is an efficient vehicle for damaging reputations, rather than causing any actual damage. Quoting Lance Cottrell, a online privacy specialist and chief scientist at the computer-security firm Ntrepid, the article notes that “[t]he attackers are winning because of the attention they are getting rather than because of any actual damage from the attack . . . the message this sends is that official accounts on non-official platforms are highly vulnerable.” The article goes on to explain the non-obvious ways the hack caused damage, including the potential exposure of malicious software to soldiers’ computers. For the full article, click here.
- Damages in Varying Degrees: Peter Brookes wrote an article on the damages caused by the CentCom attack which appeared in the Boston Herald and is now accessible on DailySignal.com. In his article, he reminds his readers that the source of the hack is not entirely clear, adding that a nation-state could have sponsored this attack. Brookes goes on to point out the potential damages of the hack: some personal information of high ranking personnel may have been disclosed, the disruption undoubtedly distracted some element of the command from its duties for a period of time, a misunderstanding of the gravity of the event might prove to be a significant public relations victory for the Islamic State, the created perception of vulnerability might push unsure recruits to join various terrorist groups, and the seeming alarm caused by the hack might encourage more attacks of this kind. Read more on what Brookes describes as a cyber “sting” here.
CentCom Hack is Not a Big Deal:
- Hacktivists vs. Nation-States: An article by TechWorld describes the difference between hacktivist and nation-state cyberattacks, and explains why that difference is so important when analyzing these attacks. According to the article, because of these difference we should place our focus on nation-state attacks rather than CentCom style hacks.
- No Big Deal, It Happens all the Time: According to Slate.com, hackers try to launch assaults on Defense Department computers and networks hundreds of times a day, and while some are serious: “this one is not.” Comparing the hack to tearing down a poster hung up by CentCom, the article quotes Matthew Devost, president and CEO of cybersecurity firm FusionX LLC, who calls the intrusion “embarrassing” but “harmless.” The Slate.com author agrees, describing the hack as “a harmless nuisance, [and] a distraction from the real set of issues revolving around both cybersecurity and ISIS.” Read the full article here.
- DoD: No Effect on Social Media Policy: Defense Department officials have no plans to reevaluate policy on the use of social media, according to a DoD spokesperson quoted by C4IRSnet.com. Other than changing passwords, no real strategic considerations were considered. The article quotes Jack Holt, a former DoD senior strategist for emerging media who now runs his own communications consultancy: “The true point of this is not much more than somebody basically interrupting a conversation.” To read more on the reasons behind the continued policy, read the full article here.
Finally, for those looking for an article that falls somewhere in between the two views, click here for Mashable’s report titled: “The CentCom hack wasn’t a big deal, but don’t scoff at ISIS hackers just yet.”
- NSA Develops Cyber Weapons: RT reports the NSA has developed cyber weapons that enable them to paralyze the enemy’s computer networks and all infrastructures they control. Relying on documents leaked by Edward Snowden, the article describes how NSA’s surveillance was just the first step in NSA’s plan to take control over the internet and rival networks. According to the article, the secret documents make clear that the only law in the digital world, a world which will make little differentiation between soldiers and civilians, is “the survival of the fittest.” Two of NSA’s new cyber weapons are described in the article: (1) Quantumdirk: a new NSA program which injects malicious content into chat services provided by sites such as Facebook and Yahoo, and (2) Straitbizarre: malware that can turn infected computers into disposable and non-attributable ‘shooter’ nodes which are used for ‘command and control for very large scale active exploitation and attack.’ For the full article, click here.
- India’s Cyber Security Gap: While India continues to push for stronger cyber-security, according to an article by TimesofIndia, their current lack of funding and resources has created a knowledge gap between the country and cyber terrorists. The article quotes Vijay Kumar, senior security adviser in the ministry of home affairs: “[I]t is a constant race between governments and terror groups to keep ahead in cyberspace.” The article also points out that India’s dependence on China for electronic goods has been an issue of growing concern for security agencies. To read more, click here.
- Cyber Dangers of Cell Phones: An article by PropertyCasualty360.com reviews the findings of a cyber security report on the cyber dangers of cell phones. The mobile security firm Lookout created the report, relying on information from more than 60 million global users. According to the article, the threats which pose the greatest risk to mobile phone users can be divided into three categories: malware, chargeware, and adware. The article also provides advice on how to protect your cell phone: purchase apps from a legitimate app store and look out for apps that ask for a lot of personal data. For an explanation of how each category poses a serious threat to cell phone users, read the full article here.
Cyber Round Up: US Central Command Hacked; Anonymous vs. Islamic Terrorists; NSA Director Pushes for Stronger Cyber Responses; US Denies ‘Hack Back’ Against North Korea
- US Central Command Hacked by Islamic Hackers: US Central Command’s Twitter and YouTube accounts have been hacked by a group claiming to back Islamic State, reports BBC News. While an unnamed Pentagon official said the hacking was an embarrassment but did not appear to be a security threat, one message by the hackers read: “American soldiers, we are coming, watch your back.” Read the full report here.
- Anonymous Threatens Islamic Terrorists: USA Today reports that one of the hacktivist groups using the name Anonymous has vowed to attack Islamic terrorist websites and social media accounts in revenge for the Charlie Hebdo murders in Paris. According to the report, the group released a video in French on YouTube with the following message: “We are declaring war against you, the terrorists” and vowed to close accounts on social networks linked to terrorists. A statement allegedly written by a member of the Hacktivist report warns “. . . we can’t fall down, it is our responsibility to react . . . expect a massive reaction from us.”
- Islamic Hackers Respond: According to mirror.co.uk, Islamic hackers led by a well-known pro-Palestinian group called AnonGhost have responded by launching a digital jihad against France and Anonymous. In addition to a number of hacks on banks and websites, the group stated: “Your freedom of speech [meant that] it was only a matter of time before someone was going to display their freedom of action against you . . .How long can you poke a lion before… he strikes back?” the hackers continued.” Read the full report here.
- NSA – More Offensive Tactics for Cyber-security? The director of the National Security Agency, Mike Rogers, claims hackers have come to believe there is ‘little price to pay’ for stealing data, reports The Wall Street Journal. Yet with the current issues with attribution, should the government more forcefully respond to foreign countries that engage in cyberattacks? Mike Rogers thinks so. For the full article, click here.
- US Did Not ‘Hack Back’ Against North Korea: According to a report by TopTechNews, contingents have debated privately whether to acknowledge that the U.S. played no role in North Korea’s disruptions or remain silent to avoid detailed conversations about U.S. capabilities and policy on offensive cyber operations, which are considered highly classified. However, the report goes on to state that a recent disclosure denying U.S. involvement was intended to convey how seriously the administration considers offensive cyberattacks. Read the full report here.
- Other Cyber News:
- UK Power Grid Hacked: Bloomberg reports that the U.K. power grid is under attack from Hackers every minute. According to the report, Britain’s electricity transmission network is constantly subject to cyber-attack and threats to infrastructure will remain high over the next few months.
- Swiss Bank Threatened by Hackers: Reuters reports that hackers threatened to reveal confidential client information of a Swiss bank if its demands for payment were not met. According to the report, the hacker’s tactics “play into fears of tax dodgers and cheats using hidden Swiss accounts that their identity could be exposed.”
- Snowden on NSA’s Offensive Cyber Policy: NSA whistleblower Edward Snowden claims the spy agency spends more taxpayer money launching cyber attacks than it does protecting America from the intrusion, AOL reports. This disclosure came out during an interview for PBS’NOVA which will be released in the near future. Read more about Snowden’s interview here.
Cyber Round Up: First US Cyber Sanctions; US Accidentally Reveals Cyber Vulnerabilities; Cyber Breach South Korea Nuclear Operator; Best Cyber Security Lists 2015
- U.S. Sanctions North Korea: President Obama announced on Friday sanctions against 10 North Korean officials and three government entities, Bloomberg reports. These sanctions are believed to be the first time the US has moved to punish any country for cyber-attacks on a US company. North Korea warns the sanctions will be counter-productive as they encourage it to strengthen its military stance, including, by implication, its nuclear arsenal. For the full report, click here.
- However, according to a Forbes report, the US Sanctions target the North Korean arms trade, not cyber terrorism: “The sanctions imposed by President Obama have almost nothing to do with cyber terrorism but instead show U.S. concern with North Korea as an arms exporter to regimes that Washington detests.” For the Forbes report, click here.
- US Accidentally Discloses 800 Page Report Listing Vulnerabilities in Critical Infrastructure: In response to a Freedom of Information Act (FOIA) request on a malware attack on Google called “Operation Aurora,” DHS officials accidentally released more than 800 pages of documents related not to Operation Aurora, but rather the Aurora Project, a 2007 research effort led by Idaho National Laboratory demonstrating how easy it was to hack elements in power and water systems, reports The Atlantic. Read the full article by The Atlantic, aptly titled “A Hacker’s Hit List of American Infrastructure,” to learn why this grave error could result in the a full-scale cyber attack on critical infrastructure in 2015. Click here for article.
- Cyber Breach South Korea Nuclear Operator: Reuters reports that South Korean authorities have found evidence that a low-risk computer “worm” had been removed from devices connected to some nuclear plant control systems. Seoul prosecutors have not ruled out possible involvement of North Korea in the cyber attack on the nuclear operator. For the full report, click here.
- CYBER LISTS of 2015! With the celebration of a New Year comes the over-publication of various “What to Expect in 2015″ lists as well as lists recapping what we have learned in the past. Here are some cyber security themed lists that stood out this New Year:
- Cyber Risks in 2015: Following the New Year, CNBC compiled a list of the 5 top cyber risks for 2015. The List: Ransomware, The Internet of Things, Cyber-espionage, Cyber theft, Insecure Passwords. Read more in the full article here.
- Most Dangerous People Online in 2015: Kim Jong-un, Edward Snowden, and the NSA are just a few mentioned in this list created by Wired.com. To learn why and read about the others, click here for the full article.
- Hacking in 2015: For those interested in the technical side of hacking (and for those that want to learn), read this NextGov article which lists the “10 Twists on Hackers’ Old Tricks” that we will see in 2015.
- Cyber Security Trends in 2015: Cyber Security Threat and Vulnerability Specialist Sid Vanderloot maps out his view of the cyber security trends we will see in 2015 in a Pulse report accessible by clicking here.
- Cyber Resolutions for Companies in 2o15: Since 2014 will long be associated with company breaches (Target, Home Depot, Sony), it made sense to include a list compiled by Fortune of “7 Cyber Resolutions Every Company Should Make in 2015.” Click here for the Fortune article.
The brand new web-based INCYDER (International Cyber Developments Review) database is now open to public for free. The portal, developed and hosted by the NATO Cooperative Cyber Defence Centre of Excellence, combines a thorough database of relevant legal and policy documents adopted by international organisations active in cyber security as well as news on developments in the area.
“As lawyers in the field of cyber defence, my colleagues and I have found that even the main regulatory documents are scattered all over the internet, and it is often very time consuming to find the right references,” explained LTC Jan Stinissen, a law and policy researcher from the Netherlands at the Centre. “So INCYDER is a practical research tool we have been missing. It can also be useful for many others in government, international organisations, academia, and industry.” LTC Stinissen highlighted that the website will be updated periodically to keep abreast with the constant changes in international organisations’ legal and policy initiatives.
The Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence is a NATO-accredited multinational organisation dealing with research and development, education, consultation and lessons learned in the field of cyber security. The Centre’s mission is to enhance capability, cooperation and information sharing among NATO, NATO member nations and Partners in cyber defence. INCYDER, the International Cyber Developments Review aims to serve as a central hub for easy access to the wide range of different legal and policy instruments of international organisations that make up the contemporary domain of cyber security. The searchable collection of documents has a full text search option and is periodically updated.
The portal can be accessed at ccdcoe.org/incyder.html. Please contact incyder-at-ccdcoe.org to subscribe to the INCYDER newsletter.
The other day, I criticized the Administration for using the language of war to discuss the Sony hack. Now, CNN reports that the President has switched to the other end of the rhetorical spectrum: “‘It was an act of cybervandalism,’ Obama said in an interview with CNN.” Wrong again. What happened to Sony was not simple defacement of some website. Vandals do not go inside and steal vast amounts of your property, then extort you with threats of violence. The unauthorized access of Sony’s networks, the theft of its data, and the subsequent use of that data are major crimes, much more serious than the term “vandalism” suggests. Having now bracketed the truth, perhaps the Administration will hit the mark with its next rhetorical shot. Even then, we need more than a rhetorical response.
Hollywood and the entertainment industry are not critical infrastructure. The cyber attack on Sony’s computer networks and data is not, yet, a matter of national security. The attack is also not a use of force or an armed attack, the prerequisites for use of military force in self defense under international law. Thus, talk of military retaliation is inappropriate. The attack on Sony’s computer networks and data is first and foremost a law enforcement issue. Of course, as with any major crime with nation state involvement, diplomatic and economic responses also are legal and appropriate. The language of “proportional response” used recently by some U.S. Government officials echoes military terminology. It should not.
The U.S. has the legal tools to prosecute hacks and digital thefts like what happened to Sony. The crimes created by Congress are very broad and powerful, and Congress has made them applicable world-wide. The indictment in May of five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American corporate victims shows that the U.S. is willing to prosecute even foreign military officers. In October, the Department of Justice reorganized to increase its ability to handle cases just like this, especially state-sponsored economic espionage. The forensic abilities to prove these cases are surprisingly good. The problem is getting the defendants physically into a U.S. courtroom. Extradition for state-sponsored crimes is almost never possible until there is a regime change, but the indictment alone can cause real problems for the persons charged, limiting their ability to travel or to hold wealth outside of their home country. The legal tools are very powerful, but practical barriers make it very hard to put handcuffs on these defendants. Nevertheless, obstacles to prosecution do not legally elevate economic crime to warfare.
– Professor William C. Snyder
Jennifer A. Camillo
is a third year student at Syracuse College of Law. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She is a member of the Syracuse National Trial Team and was recently awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.
holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She has served as a law clerk in the United States Attorney's Office for the Western District of New York and the Public Defender Service for the District of Columbia and as an extern in the United States District Court for the Western District of Washington.
Professor William Snyder
is a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.
- China Adopts New Regulations in an Attempt to Boost Cybersecurity
- Cyber Round Up: US Arms Vulnerable; Hacked: Malaysia Airlines and Israel Defense Computers; World Forum Corporate Cybersecurity
- A Look Back in Review: Analyzing the CentCom Hack
- Cameron Comes Out in Support of Encryption Ban
- Cyber Round Up: NSA Develops Cyber Weapons; India’s Cyber Gap; Cyber Dangers of Cell Phones
- Orin Kerr and Jennifer Granick Debate: Metadata and the Fourth Amendment on
- Cyber Round Up: Government Workers Responsible for Cyber-Incidents?; UK Research to Stop Flight Cyber Jacking; Cyber-Attack on U.S. Water Systems; New Cybersecurity Law in Japan; Israeli Researchers Remotely Hack a Car on
- Rethinking cybersecurity, retribution, and the role of the private sector: Stewart Baker on
- Justice Shifts to Cyber From Terrorists With Reorganization Announced Today on
- NATO’s Cyber Declaration: More Bark than Bite? on
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010