Archive for May, 2013

Japan’s cyber security strategy

From: Japan Times

Editorial

The government has written the final draft of a cyber security strategy. It plans to officially adopt the strategy in June after receiving public comments on the proposal. The draft calls for analysis of communications content by telecommunication carriers if necessary, the establishment of a cyber defense unit within the Self-Defense Forces and the establishment of a cyber security center within the government in 2015 as the nation’s highest-level organization to deal with cyber attacks, which include the theft and destruction of data stored in computer systems at government organizations and companies, and the paralysis and destruction of such computer systems.

WEF report: East Asia enters the era of hyper connectivity

From: Bangkok Post

World Economic Forum information and communications technology expert Danil Kerimi explains how truly understanding and harnessing digital globalisation can help all Asean nations to compete in the global marketplace.

Today we live in a world that is enormously complex and interdependent. Hyperconnectivity fundamentally redefines the way individuals, enterprises and governments interconnect and relate with each other.  It provides new innovation models, new growth opportunities and new risks to manage and mitigate.

Ministers to meet to review NATO’s cyber defences

From: The Star

BRUSSELS (Reuters) – NATO defence ministers hold their first review of cyber defence next week in a sign the issue is making its way to the top of the alliance’s agenda as fears grow that Western infrastructure and military secrets are vulnerable to hackers.

Daily reports about government and private firms’ computer systems coming under attack have highlighted the importance of defending NATO computer networks, particularly systems which are used to coordinate military actions among the 28 allies.

EDPS: Lobbying should not lower data protection level

From: New Europe

By Nerea Rial

Data protection is becoming increasingly important across Member States, and recommendations issued by the European Data Protection Supervisor during the past year are changing the European scenario.

On 29 May, EDPS Peter Hustinx presented his Annual Report in Brussels and, according to the document, the number of complaints received decreased by 20% in 2012 in comparison with 2011. In total, the supervisor got 86 complaints, and 46 of them required in-depth inquiry (54% more than in 2011), something that shows the increase of complexity related to data protection issues.

Revealed: Australian spies seek power to break into Tor

From: Crikey

Bernard Keane

The Attorney-General’s Department has admitted data retention will be “trivially easy” to avoid and that intelligence services want to be able to break into encrypted internet systems like Tor.

In a major admission, the Attorney-General’s Department has revealed Australia’s intelligence and law enforcement agencies are seeking the legal power to break into internet routing encryption services such as Tor, after admitting the centerpiece of its proposed national security reforms, data retention, will be “trivially easy” to defeat.

Iranian Hackers Probe US Infrastructure Targets

From: Slashdot

Taco Cowboy points out reports in The Register and The Jerusalem Post (along with a paywalled article at the WSJ) that say [Iranian hackers are] responsible for a wave of computer attacks on U.S. corporations, with targets including oil, gas and electricity companies. Unlike the cyber incursions from China, the goal of the Iranian attacks is sabotage rather than espionage. The cyber attacks are seen as attempts to gain control of critical processing systems. The attacks on oil, gas and power firms have so far concentrated on accruing information on how their systems work – a likely first step in a co-ordinated campaign that would eventually result in attacks aimed at disrupting or destroying such infrastructure.”

Stolen Millions Expose Middle East Banks’ Vulnerability to Cyber Thieves

From: Managing Technology

The men smiled at the smartphone camera, holding up wads of cash. They were members of a cybercriminal gang, eager to show off the spoils of targeting two banks in the Middle East: The National Bank of Ras al-Khaimah (Rakbank) in the United Arab Emirates, and the Bank of Muscat in Oman. In two different attacks, spanning just 10 hours, United States prosecutors said the gang of eight managed to steal US$45 million by hacking into a database of prepaid credit cards belonging to the banks, and then using fake swipe cards to withdraw money from ATMs in 27 countries.

Russia warns against NATO document legitimizing cyberwars

From: Russia Beyond the Headlines

Elena Chernenko, Kommersant-Vlast

NATO experts have come up with a first-ever guide that seeks to adjust international law on the subject of cyberwars. Russia believes the very appearance of the document is potentially dangerous.

The 300-page document recently published by the Cooperative Cyber Defense Center for Excellence(NATO CCD COE) has prompted a reaction from several Russian agencies, from the Foreign and Defense ministries to the Security Council and the special services.

[Chinese] Telecoms official: G20 could be platform for cybersecurity

Editor’s Note: See here, here and here.

From: EurActiv.com

The G20 is a suitable forum for formulating new global standards for cybersecurity, says the chief security officer of one of China’s leading telecommunication companies. One or a few G20 members could be asked to take the lead and champion ideas that could the be tested by the others, he suggests.

John Suffolk is the global cybersecurity officer at Huawei, the Chinese-based multinational telecommunications company. He was formerly an advisor and chief information officer to the British government. He spoke to EurActiv’s Jeremy Fleming in Brussels.

Survey: high trust in government protection of digital identity data

From: PublicTechnology.net

A new survey has shown a significantly higher level of trust in government to handle the public’s digital identity data – which is part of the planned UK Online Identity Scheme.

The figures show that a high level of support is present for the scheme – 91% support it. However, only 9% would put their trust in private companies to manage identity credentials.

This is in contrast to the 61% that said they’d trust the government to handle their data.