NATO Logo

According to recent reporting, the North Atlantic Treaty Organization (NATO) announced that its Cyber Operations Center (COC) is expected to be fully staffed and functional by 2023.  The new COC marks NATO’s understanding of the importance that cyberspace plays in conflict, particularly in times of political tensions that has resulted in cyber malfeasance that has targeted elections and critical infrastructure.  The establishment of the COC is a natural evolution in how to address cyber attacks in a more timely manner by integrating cyber actions with more conventional military capabilities.  In early 2014, after notable cyber incidents were a part of international incidents that occurred in Estonia in 2007 and Georgia in 2008, the Alliance updated its cyber defense policy to classify digital attacks as the equivalent of kinetic attacks under its collective security arrangement under Article 5 of the treaty.

In those particular instances, Russia was suspected in orchestrating or at least tacitly supporting the cyber attacks that afflicted both states.  Since then, Russia’s alleged cyber activities have only become more brazen in their scale and aggressiveness.  From suspected involvement in launching cyber attacks against Ukrainian critical infrastructure to launching a variety of cyber operations to meddle in the elections of foreign governments, Russia has taken advantage of the uncertainty of cyberspace where there is little consensus on key issues such as Internet governance, cyber norms of state behavior, or the criteria by which cyber attacks escalate to a point of war.

Continue reading

Trump Cybersecurity background

The White House has recently published its new National Cyber Strategy, rescinding an Obama-era memorandum Presidential Policy Directive-20 (PPD-20) that laid forth the process by which the United States would undertake cyber attacks against cyber foes, to include foreign state actors.  The Strategy consists of four primary pillars designed to guide how the United States will undergo defensive, and perhaps more importantly, offensive actions in order to preserve its interests in cyberspace.  Per the Strategy, the four pillars are:

Continue reading

US Cybersecurity

A recent article revealed that the United States government has gotten better at providing unclassified cyber threat information to the private sector.  Law enforcement and intelligence organizations have greatly cut down the time it takes to provide unclassified versions of cyber threat indicators (a term that can reference that can refer to a variety of technical data that includes but is not limited to IP addresses, malware, e-mail addresses, etc.) to the Department of Homeland Security (DHS) to disseminate promptly to the private sector.  The process had traditionally been slow as it involves an originating agency to determine if the indicator has been properly vetted without exposing sources and methods, per the article.

 

Speed of delivering pertinent threat information is certainly an improvement in a domain where attacks occur in seconds.  A November 2017 report from the DHS Office of the Inspector General provided a report on actions taken during 2016 in fulfillment of direction mandated by the Cybersecurity Information Sharing Act of 2015 with regards to the sharing of threat indicators.  Per the report, despite successfully classifying indicators and defensive measures, it still faced challenges effectively sharing such information across the public and private sectors.  The report advocated enhanced outreach and a cross-domain information processing solution.

Continue reading

Lock and network cable with computer keyboard background

Nowadays the cyber security is essential for individuals, companies, economies, governments and nations as a whole. The reality is that all of them are trying to stay on track against the latest cyberattacks, but there are some countries committing most to cybersecurity.

One of the best ways to determine where most of the cyber attack really come from in real time is by using the map created by Norse.

NORSE Heatmap

(Source:Norse.com)

Another great alternative if you want to find out which are the countries best prepared against cyberattacks is to use the Global Cybersecurity Index (GCI) created by the International Telecommunication Union (ITU).  As described by them it is “…a survey that measures the commitment of Member States to cybersecurity in order to raise awareness.” The GCI covers the five pillars of the ITU Global Cybersecurity Agenda (GCA): legal, technical, organizational, capacity building and cooperation.

Continue reading

Vietnam Cybersecurity

In June 2018, Vietnam’s National Assembly passed a new cyber security law that has generated much concern for its stringent restrictions on popular social media organizations.  Per the law that will go into effect January 1, 2019, tech companies would be compelled to store data about Vietnamese users on servers in-country, a move designed to improve the security of Vietnamese nationals.  Vietnam has been historically weak when in it comes to cyber security, and has been ranked among the bottom regionally.  According to a 2017 report by the United Nations’ International Telecommunications Union Global Cyber Security Index (GCI), Vietnam ranked 101 out of 165 countries in terms of being vulnerable to cyber attacks.  The GCI is a survey that measures the commitment of member states to cybersecurity to classify and project development process at the regional and global levels.

There are several critics of the new cyber security law.  Such a move – as has been expressed with regards to China’s new cyber laws – can potentially impact economic development and deter foreign investment.  Perhaps more alarming, dissenters and even some Vietnamese lawmakers signed petitions and conducted peaceful demonstrations to denounce the new law.  At the crux of this protest is the potential for the government to use this law in order to stifle human rights and privacy concerns such as online freedoms of speech and expression.  According to the law, Vietnam’s authorities will have the discretion to determine when expression might be identified as “illegal” and restricted.  It bans Internet users in Vietnam from organizing to conduct activities for “anti-state purposes” or to be allowed to distort the nation’s history.  Unsurprisingly, Amnesty International has underscored how the law could empower the government to monitor everything people say online.

Continue reading

Russian Flag Hacker

A recent interview of Russian President Vladimir Putin revealed insight into his – and by extension – Russia’s views concerning cyber attacks, and really the cyber domain, as a whole.  Made at a joint press briefing with France’s president, when asked about alleged interference in the 2016 U.S. presidential election, Putin remarked: “Action always causes reaction” and that “If one does not want to get a reaction he does not like, rules for actions need to be set.”  Putin pointed out that in the early days of nuclear weapons, governments had found a way to negotiate guidelines on their use, an effort that should be replicated in today’s political climate.  While not necessarily as catastrophic as nuclear weapons, the potential impact is similar in that the disruption and/or destruction of interconnected information technology can potentially impact millions of people.  The implication is certainly clear: an international understanding needs to be done sooner rather than later.

These public pronouncements of the Russian president are noteworthy as they provide insight into not only how Russia views the activities that transpire in cyberspace but express a potential avenue of engagement for world leaders to approach Russia on these issues.  Cyber norms and discussions of how states have been ongoing in international forums.  The preferred U.S. approach – via the United Nations Group of Experts in the Field of Information and Telecommunications in the Context of International Security (GGE) – notably stalled in June 2017, calling into question if this Western-preferred approach to establishing norms will succeed under this umbrella.

Continue reading

Recently, the U.S. Federal Trade Commission (FTC) is investigating whether Facebook, Inc. used personal data by an analytics firm associated with the Trump campaign.  Specifically, the FTC is trying to determine if the company violated terms of an earlier consent decree when 50 million users’ data was transferred to  Cambridge Analytica, a data and media consultancy firm.  To date, Cambridge Analytica has been accused of misrepresenting the purpose of some of its data mining, which yielded something like 30 million Facebook profiles it could comb for data.  This calls into question how consumer information is shared with other entities, particularly when consent was not provided.

 

Social Media & GDPR

 

This revelation has called into question how social media sights harvest the personal information from their platforms.  As one article pointed out, “Some large-scale data harvesting and social manipulation is okay until the election. Some of it becomes not okay in retrospect.”  This is indeed troubling in a time when personal information is constantly used by malicious actors for monetization purposes or used in support of the conduct of other operations (e.g., social engineering, spam, phishing, credential theft, etc.).  A recent report by a content marketing agency revealed that Facebook logins can be sold for USD $5.20.  Such access provides a criminal to a compromised individual’s contact list to target other individuals.  According to the same report, an individual’s entire online identity – to include personal identifiable information and financial accounts – could be sold for USD $1,200.00.  After initially denying the claim, Facebook acknowledged the breach and promised to take action.

Continue reading

UK’s Digital Strategy – Future Model or Another Thought Piece?

First announced in 2015, the United Kingdom (UK) finally published its Digital Strategy that went into effect on March 1, 2017.  Per the government’s website, the goal of this document is to provide a blueprint how the UK will build on its success to date in developing a world-leading digital economy that works for the greater good.  This is particularly important given that the UK is a global capital for financial technology, which generated £6.6bn of revenue in 2015.

Continue reading

Tallinn 2.0 May Be More Useful Than Its Predecessor

In early February 2017, Tallinn Manual 2.0 was published by Cambridge University Press.  Led by the NATO Cooperative Cyber Defence Centre of Excellence, publication of the initial Tallinn Manual occurred in 2013 and focused on the applicability of international law to conventional state-authorized and operated cyber warfare.  Authored by a group of international law experts, the recent follow-up focuses on a full spectrum of international law as applicable to cyber operations conducted by and directed against nation states, ranging from peacetime legal regimes to the law of armed conflict.

Continue reading

The Cyber Coordinator: Let the Dog Bite

Former New York Mayor Rudy Giuliani has been tapped to be the President’s new “cyber security czar.”  The appointment has been met with trepidation among those in the information security business who point out Mr. Giuliani’s lack of expertise in anything cyber-related, despite being Chair of the Cybersecurity, Privacy and Crisis Management Practice at a Miami-based law firm and advising companies on information security since 2002.  In fact, critics cite recent reporting revealing that passwords used by Giuliani and 13 other top staff members have been leaked in mass breaches of websites like LinkedIn, MySpace, and others between 2012 and 2016.

Continue reading