According to recent reporting, the North Atlantic Treaty Organization (NATO) announced that its Cyber Operations Center (COC) is expected to be fully staffed and functional by 2023. The new COC marks NATO’s understanding of the importance that cyberspace plays in conflict, particularly in times of political tensions that has resulted in cyber malfeasance that has targeted elections and critical infrastructure. The establishment of the COC is a natural evolution in how to address cyber attacks in a more timely manner by integrating cyber actions with more conventional military capabilities. In early 2014, after notable cyber incidents were a part of international incidents that occurred in Estonia in 2007 and Georgia in 2008, the Alliance updated its cyber defense policy to classify digital attacks as the equivalent of kinetic attacks under its collective security arrangement under Article 5 of the treaty.
In those particular instances, Russia was suspected in orchestrating or at least tacitly supporting the cyber attacks that afflicted both states. Since then, Russia’s alleged cyber activities have only become more brazen in their scale and aggressiveness. From suspected involvement in launching cyber attacks against Ukrainian critical infrastructure to launching a variety of cyber operations to meddle in the elections of foreign governments, Russia has taken advantage of the uncertainty of cyberspace where there is little consensus on key issues such as Internet governance, cyber norms of state behavior, or the criteria by which cyber attacks escalate to a point of war.
With the approach of the United States’ 2018 midterm elections, concerns have been expressed by many regarding the security and integrity of the voting process. Given the news how suspected Russian agents actively sought to use hacking and influence operations to sway voters in a particular direction during the presidential election, the concern is legitimate, even if there was no evidence that votes were actually altered in 2016. The preservation of the democratic voting process has been thrust into symbolic “red line” territory that needs and should be protected against foreign interference. Indeed, the Department of Homeland Security re-enforced this by elevating election infrastructure to the status of “critical infrastructure” in early 2017.
Clearly, hacking and gaining unauthorized access to those systems and devices associated with the election process is something that deserves immediate attention. After all, many countries would ostensibly agree that breaking into computers is a criminal offense, regardless if data is taken, destroyed, or altered. In the 2016 U.S. presidential election, there were clear incidents where suspected Russian hackers stole data, and even compromised voter-related records, resulting an indictment of Russian nationals on a wide variety of charges ranging from conspiracy to commit fraud, money laundering, and identity theft, to name a few.
Cryptocurrency appears to be gaining traction among governments seeking to establish their own digital currencies, despite questions regarding the potential volatility associated with it. Currently, the countries that have already created digital currencies include China, Ecuador, Senegal, Singapore, and Tunisia, with Estonia, Japan, Palestine, Russia, and Sweden potentially following suit. Even a small country like the Marshall Islands has announced its intent to create its own digital currency in order to boost its economy, and will be on part with the U.S. dollar as a form of payment. What seemed like a novel thought exercise as to whether cryptocurrency could be a legitimate alternative to the established norm appears to be an option that governments are more closely considering. In fact, some have speculated that further adoption of the country-specific cryptocurrencies could have serious implications for the established international monetary system.
Whether that transpires remains another intellectual exercise in the possibilities of what “could-be” one thing is clear – states on the receiving end of stringent economic sanctions are turning to cryptocurrency as a way to assuage these penalties. One of these countries is Iran, who is reported to be very interested in creating a digital currency, a major shift from its initial stance on banning banks from dealing in cryptocurrency . According to one news source, the Secretary of Iran’s Supreme Council of Cyberspace envisaged the use of cryptocurrencies to “smoothen trade” between Iran and its partners in the wake of renewed U.S-imposed sanctions. The same individual revealed that a state-backed cryptocurrency was accepted as an industry in the government and related organizations such as the Ministry of Communications and Information Technology, the Central Bank, the Ministry of Energy, the Ministry of Industry, Mining, and Trade, and the Ministry of Economic Affairs and Finance.
The White House has recently published its new National Cyber Strategy, rescinding an Obama-era memorandum Presidential Policy Directive-20 (PPD-20) that laid forth the process by which the United States would undertake cyber attacks against cyber foes, to include foreign state actors. The Strategy consists of four primary pillars designed to guide how the United States will undergo defensive, and perhaps more importantly, offensive actions in order to preserve its interests in cyberspace. Per the Strategy, the four pillars are:
A recent article revealed that the United States government has gotten better at providing unclassified cyber threat information to the private sector. Law enforcement and intelligence organizations have greatly cut down the time it takes to provide unclassified versions of cyber threat indicators (a term that can reference that can refer to a variety of technical data that includes but is not limited to IP addresses, malware, e-mail addresses, etc.) to the Department of Homeland Security (DHS) to disseminate promptly to the private sector. The process had traditionally been slow as it involves an originating agency to determine if the indicator has been properly vetted without exposing sources and methods, per the article.
Speed of delivering pertinent threat information is certainly an improvement in a domain where attacks occur in seconds. A November 2017 report from the DHS Office of the Inspector General provided a report on actions taken during 2016 in fulfillment of direction mandated by the Cybersecurity Information Sharing Act of 2015 with regards to the sharing of threat indicators. Per the report, despite successfully classifying indicators and defensive measures, it still faced challenges effectively sharing such information across the public and private sectors. The report advocated enhanced outreach and a cross-domain information processing solution.
There has been recent focus on alleged Iran cyber activity the past few weeks, spurned on by the publication of a vendor report on Iranian operations. Per the vendor’s findings, not only was Iran likely behind the activity that was targeting government and private sector in the Middle East, it was implementing National Security Agency exploits that were stolen and dumped into the public domain by the Shadow Brokers group in April 2017. As recently as late August 2018, Iran is suspected of trying to launch influence operations ahead of the midterm elections. The conclusion is that Iran is increasingly using asymmetric attacks, particularly via cyberspace, as part of its tool box to conduct retaliatory attacks.
The new reporting comes at a time when Russia’s cyber malfeasance has largely dominated the press, due to its influence operations efforts and election shenanigans, not just in the United States but in other countries as well. Prior to the Russia focus, North Korea was the focal point with its suspected cyber activities targeting cryptocurrency, and the SWIFT banking transactions before that. Iran was propelled onto the scene with Operation Ababil
Space Force picture, an independent military branch by 2020. The move is designed to counter the weapons that China and Russia have already developed that threaten U.S. satellites. The U.S. Vice President quickly assured that the force did not and would not be created from the ground up, but would leverage the personnel and material resources already existing in the service elements. The goal is to streamline efforts and maximize efficiency, a noble endeavor given the difficulties that invariable arise when mission responsibilities traverse and overlap so many different organizations.
The protection of U.S. civilian and military space assets are considered a national security concern. In December 2017, U.S. Department of Defense officials expressed concern that the United States’ anti-satellite capabilities were not up to par as some of its adversaries. In contrast, adversary adoption of anti-satellite weapons been documented in the news. In April 2018, a report detailing global counterspace capabilities (that include direct ascent weapons, co-orbital, directed energy, electronic warfare, and cyber warfare) underscores how adversarial nations are actively pursuing the development of such weapons and the threat that they pose to U.S. space interests. The report reveals that such investment by these states started in the mid-2000s.
In late July 2018, the Department of Homeland Security (DHS) announced the creation of the National Risk Management Center, a new organization dedicated to threat evaluation particularly as they pertain to potential hacking against the U.S. critical infrastructure. According to news reports, the center will initially commence with narrowing its focus on the energy, finance, and telecommunications sectors. This new initiative is designed to improve risk assessment across the critical infrastructures and serve as the primary “one-stop shop” to help private companies manage their cyber security risks.
Coinciding with this announcement is the Congress-lead “DHS Cyber Incident Response Teams Act of 2018” that seeks to create permanent incident response and threat hunting teams in the DHS. Such a bill further empowers DHS to help improve cyber security via trained professionals to mitigate and remediate cyber incidents against Federal entities and critical infrastructure entities. The bill passed the House of Representatives on March 19, 2018 and goes to the Senate for its consideration.
Nowadays the cyber security is essential for individuals, companies, economies, governments and nations as a whole. The reality is that all of them are trying to stay on track against the latest cyberattacks, but there are some countries committing most to cybersecurity.
One of the best ways to determine where most of the cyber attack really come from in real time is by using the map created by Norse.
Another great alternative if you want to find out which are the countries best prepared against cyberattacks is to use the Global Cybersecurity Index (GCI) created by the International Telecommunication Union (ITU). As described by them it is “…a survey that measures the commitment of Member States to cybersecurity in order to raise awareness.” The GCI covers the five pillars of the ITU Global Cybersecurity Agenda (GCA): legal, technical, organizational, capacity building and cooperation.
In June 2018, Vietnam’s National Assembly passed a new cyber security law that has generated much concern for its stringent restrictions on popular social media organizations. Per the law that will go into effect January 1, 2019, tech companies would be compelled to store data about Vietnamese users on servers in-country, a move designed to improve the security of Vietnamese nationals. Vietnam has been historically weak when in it comes to cyber security, and has been ranked among the bottom regionally. According to a 2017 report by the United Nations’ International Telecommunications Union Global Cyber Security Index (GCI), Vietnam ranked 101 out of 165 countries in terms of being vulnerable to cyber attacks. The GCI is a survey that measures the commitment of member states to cybersecurity to classify and project development process at the regional and global levels.
There are several critics of the new cyber security law. Such a move – as has been expressed with regards to China’s new cyber laws – can potentially impact economic development and deter foreign investment. Perhaps more alarming, dissenters and even some Vietnamese lawmakers signed petitions and conducted peaceful demonstrations to denounce the new law. At the crux of this protest is the potential for the government to use this law in order to stifle human rights and privacy concerns such as online freedoms of speech and expression. According to the law, Vietnam’s authorities will have the discretion to determine when expression might be identified as “illegal” and restricted. It bans Internet users in Vietnam from organizing to conduct activities for “anti-state purposes” or to be allowed to distort the nation’s history. Unsurprisingly, Amnesty International has underscored how the law could empower the government to monitor everything people say online.