Entries for the 'Cybersecurity' Category

The past week saw the start of multiple cyber attacks in the Philippine websites.
Different government domains have been probed and forced to shut down, including President Benigno Aquino’s website and a state university website.

The Australian Government has blocked Chinese telecom giant Huawei, from bidding for contracts on Australia’s ambitious national broadband project (NBN) worth AUS $35.9 billion, allegedly due to cyber-security concerns.

The EU members implemented legislation on Saturday banning the sale of technology which “may be used for the monitoring or interception of Internet or telephone communications.”

A report by a US congressional advisory panel says China has developed significant cyber-warfare capabilities that can threaten US military forces in a possible conflict over Taiwan.

The Spanish police arrested four hackers suspected to be members of the hacktivist group ‘Anonymous’.

On January 30th 2012, the SDA hosted a high-level policymakers' dinner about public-private cooperation in cyber-security.

The SDA hosted an evening-debate on "Improving global cyber-governance", where the groundbreaking cyber-report "Cyber-security: The vexed question of global rules" was launched.

A hacker, going by the name of YamaTough, has hacked antivirus firm Symantec and released the source code for the company’s pcAnywhere utility.

On January 30th 2012, the SDA hosted two events in the framework of its cyber initiative and launched its cyber-study “Cyber-security: The vexed question of global rules”.

The European Parliament Committee on Industry, Research and Energy approved draft legislation to strengthen the European Network and Information Security Agency (ENISA).

As the Syrian conflict continues to make headlines, another battle between government supporters and opponents is going on in cyber-space.

On January 30th 2012, the SDA hosted a high-level policymakers' dinner about public-private cooperation in cyber-security, featuring European Commission Vice President Neelie Kroes and NATO Assistant Secretary General Gábor Iklódy.

In the scope of its evening debate on "Improving global cyber-governance", the SDA launched its flagship report "Cyber-security: The vexed question of global rules".

According to the latest annual report from J. Michael Gilmore, Pentagon Director of Operational Test and Evaluation, the DoD abilities are "not sufficient to prevent an advanced adversary from adversely affecting the missions that were being exercised."

Anonymous have claimed responsibility for crashing six major websites yesterday in protest of the closing of megaupload.com video website.

China is alleged to have launched a new cyber-weapon against the US Defense Department’s common access cards, with the technology to get inside individual computers after users open a standard PDF email file.

Israel’s national airline, El Al, and the Tel Aviv stock exchange saw their websites hacked yesterday just hours after they were reportedly threatened by a Saudi computer hacker, OxOmar.

Hackers believed to be from the group Anonymous exposed thousands of email addresses and encrypted passwords belonging to British and American government and military officials.

The new US Defense Strategic Review, which was presented on Thursday by US President Barack Obama at the Pentagon, identifies the ability to operate effectively in cyber-space and space as one of the primary objectives of the US Armed Forces.

On November 7th the SDA along with the CEIS and the KAS hosted the annual Security and Defence Day conference entitled "Re-thinking Europe's security priorities."

NATO is currently collecting bids from international defence contractors to strengthen its cyber-defence capabilities.

NATO conducted a big cyber-defence exercise to test its technical and operational capabilities last week.

The SDA yesterday hosted Kolinda Grabar-Kitarovic, NATO Assistant Secretary General for Public Diplomacy, for a lunch with SDA members to discuss NATO’s priorities for 2012 and objectives for the Chicago summit as well as the SDA’s programme for its 10th anniversary.

UK defence contractor Raytheon announced the purchase of the cyber-security company Pikewerks Corporation.

The work of NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) will be enhanced by the full membership of the US and Poland.

Estonian Defence Minister Mart Laar declared that the EU needs to enhance its cyber-defence capability at the meeting of the Nordic-Baltic defence ministers in Örebrö, Sweden, last week.

US energy consultancy Pike Research revealed vulnerabilities in the cyber-security of the North American power grid stating it is "in a state of near chaos."

At the launch of the SDA’s cyber-security initiative yesterday, a high-ranking panel assembled discussants to tackle the core question of “Defining cyber-security”.

On 9 November 2011, the Security & Defence Agenda launched its cyber-security initiative with a high-level debate on "Defining cyber-security".

Israel’s military and intelligence services, Mossad and Shin Bet, experienced a server crash on Sunday due to an alleged cyber-attack from international hacker group Anonymous.

A report to Congress by several US intelligence agencies, including the CIA, FBI and military intelligence services, highlights the massive and increasing threat for the US economy by Russian and Chinese cyber-spies.

The US National Security Agency (NSA) has started protecting Wall Street banks against cyber-attacks by foreign hackers, above all through electronic spying overseas.

Despite recent defence budget cuts, the aerospace company Boeing is expecting high growth in the sector of cyber-security, and opened its new ‘Cyber Engagement Centre’ yesterday.

According to a report, presented by the inspector general of the US Department of Energy (DOE) on Monday, the department recently fell victim of cyber-attacks.

On September 22 the SDA hosted a high-level roundtable on "The need to know: European information-sharing".

The US Department of Defense (DoD) is preparing a new cyber-security doctrine to complement the department’s cyber-strategy for operating in cyber-space of 2011, as Gen. Keith B. Alexander, Commander of US Cyber Command told international reporters.

China called upon the United Nations (UN) yesterday to invest in global cooperation for cyber and information security.

The US Department of Defense is going to intensify its strategic efforts in the field of offensive computer warfare and is trying to set up rules of engagement to carry out specific cyber-attacks.

According to top Pentagon officials, the US had considered an offensive cyber-attack on the air defences of Libyan leader Col. Moammar Gaddafi before they decided to start bombing Libyan military installations in March 2011.

Key US defence contractor RSA Security admitted yesterday that cyber-attacks on the company’s SecurID authentication tokens earlier this year can be traced to two nation state hacker groups.

The UK defence contractor Raytheon has been target of a recent cyber-attack.

European companies have been criticised by the European Parliament and NGOs for selling online surveillance technology to authoritarian regimes in the Arab world.

US President Obama issued an executive order to foster the protection of the country’s information and computer security.

Retired US Air Force Gen. Michael Hayden warned the US House of Representatives of an over-amplified use of classification with respect to cyber-security.

NATO Secretary General Anders Fogh Rasmussen yesterday called for enhanced collaboration between NATO and the European Defence Agency (EDA) amid current economic austerity to avoid duplication of efforts.

The US Department of Defense will extend its pilot programme for protecting its private defence contractors against cyber-attacks.

NATO formally launched the procurement process for the full operational capability of its cyber-defences on September 20th.

Japan’s major defence contractor Mitsubishi Heavy Industries recently confirmed it was the victim of a cyber attack in August.

EADS will supply its Ectocryp cryptographic product for the United Arab Emirates (UAE) armed forces command-and-control system, said Hervé Guillou, head of cyber-security at the Cassidian defence and security division.

The Council of the EU yesterday established of a new pan-European agency for the operational management of large-scale IT systems.

France is preparing a review of its defence strategy for 2012, as explained by Francis Delon, Secretary General for National Defence and Security, on September 6th.

Lawmakers in the US House of Representatives have presented a series of legislative proposals to strengthen the security of public and private networks and IT infrastructure.

Several companies have started to put hackers on their payroll to spot out weaknesses in their cybersecurity.

Wikileaks announced on August 30 that it has fallen victim to a cyber attack after publishing more than 10.000 confidential US diplomatic cables.

Top US Army generals addressed the Army’s network strategic vision 2020 at a conference in Tampa on August 24.

A new cooperation between the U.S. Department of Defense and defence contractors involving the exchange of classified intelligence information will be implemented in the next months according to U.S. Deputy Defense Secretary William J. Lynn III.

On August 7 the Israeli Cabinet approved the constitution of a National Cyber Directorate (NCD), responsible for the coordination and development of improvements to cyber security practices in the military, security and industrial sectors.

On August 10, the Hong Kong Exchanges and Clearing Ltd, one of the largest bourse operators, was forced to suspend trading the shares of seven companies due to a suspected cyber attack on its public web site.

Iran has tightened online censorship by upgrading the filtering system which enables the Islamic regime to block access to thousands of websites it deems inappropriate for Iranian users.
This radical move comes one month after the Obama administration announced the launch of new services facilitating internet access and mobile phone communications in countries with tight controls.

The Pentagon is expected to reveal today a strategy for protecting its computer and information systems which goes beyond erecting firewalls and stresses the use of sensors, software and data collected by U.S. intelligence, officials said.
Policymakers have tried to make the “Cyber 3.0” strategy not appear too bellicose in an effort to counter perceptions that the United States is militarizing cyberspace

Yesterday, the Anonymous hacktivist group released a large collection of sensitive data from US military personnel it claimed to have snatched from the poorly protected network of the US defence contractor Booz Allen Hamilton.

The roundtable meeting looked at how Europe can tackle the problems caused by the fragmentation of Europe's security market.

President Obama has endorsed the rules of cyber warfare that the Pentagon has been elaborating for two years. The new cyberwar document provides rules as to “how far military commanders around the globe can go in using cyberattacks and other computer-based operations against enemies”.

The hacker group LulzSec has announced it intentions to steal classified information from governments, banks and other high-ranking establishments. The group known for it previous attacks on Sony Corp, the CIA, News Corp's Fox TV and other targets has mostly managed to temporarily disrupt websites and to release user’s informations.

German Minister of Interior Hans-Peter Friedrich, last Thursday, officially opened Germany's new Cyber Defence Centre in Bonn. The Centre’s tasks are to spot and evaluate cyber-attacks and develop counter-strategies. "The core of cybersecurity is the protection of crucial infrastructure," he said.

The US government is reviewing the possibility of sharing information with defence firms on cyber threats. "What if we were to provide defence companies more detailed information about the kind of cyber threats they might face? If you have that information, you'll have better defences", argues Deputy Defence Secretary William Lynn.

Intelsat is scheduled to lay out its plans today for investing $1.3 billion in four satellite launches. The move specifically intends to target the Asia – Pacific region. Dave McGlade, chief executive of Intelsat says that the company will be doing business with Tata Communications and Sony pictures Television in the region.

NATO has outlined the main points of its cyber- defence policy which should be fully operational by 2012. Director of NATO's Communications and Information Systems Services Agency Kurt Herrmann says that “there will be more sensors to detect intrusions, monitor, defend and recover networks."

The EU institutions have created a Computer Emergency Response pre-configuration Team (CERT), consisting of IT experts. After one year, the pre-configuration team will be evaluated and a decision made on establishing a fully functioning CERT.

China has denied accusations by Google that Beijing was responsible for targeted attacks on Gmail accounts of senior U.S. officials, journalists and Chinese activists. On June 1, Google reported that it had been the victim of a cyberspying campaign originated in Jinan, China.

UK Armed Forces Minister Nick Harvey told the Guardian that the capability to conduct cyber-attacks is "an integral part of the country's armoury" and that "action in cyberspace will form part of the future battlefield".

Chinese state media announced the creation of a military cyber-security task force in charge of protecting the country from foreign cyber attacks.

The US Department of Defense (DOD) and the Department of Homeland Security (DHS) are sharing information on cybersecurity, authorities have told the press.

On 27 April 2011, participants from across the EU institutions, NATO, NGOs and industry gathered for an SDA evening debate to discuss Europe’s role in balancing security and freedom in cyber-space.

Norway has confirmed reports of its military being target of a cyber-attack in March. Norwegian Defence Information Infrastructure (INI) spokeswoman Hilde Lindboe told AFP that the Norwegian army “is regularly the target of cyber and virus attacks, but not as extensive as this".

In a move to foster international cooperation on providing a free and secure internet, White House presented a set of policy proposals on 16 May. According to US president Obama, the initiative represents “not only a vision for the future of cyberspace but an agenda for realizing it”.

The European Commission is looking into using Spanish law as a model for European internet policing.

The US Department of State has renewed its initiative to tackle internet censorship in China, Iran and other states, which deny their citizens access to politically sensitive internet content.

EU commissioner for justice and fundamental rights Viviane Reding warned companies to take the protection of customer data more serious.

Civil society analysts have criticised Turkey over a new regulation aimed at protecting the Turkish families from pornographic internet content.

Dimirty Grishin, chief executive of the Mail.ru group, warned that media groups will face severe difficulties in charging Russian users to use their content.

In a response to a cyber attack on the European emissions trading system (ETS) earlier this year, the European Commission proposed measures for the security enhancement of the system to member states.

After admitting the theft of personal details of nearly 80m Playstation customers last week, Sony announced an additional 25m gamers have been affected by a cyber attack on their system.

North Korean hackers were responsible for the cyber attack on a major South Korean bank, prosecutors in Seoul say.

French President Nicolas Sarkozy will invite leaders of major internet companies to attend the G8 summit at the end of May.

The US Senate pledged to pass legislation on cybersecurity aiming at protecting the public and private sector. The Cybersecurity Freedom Act was first introduced in June 2010. Cyber attacks and hacking have increased concerns about the legal vacuum syrrounding the protection of private companies and government agencies but also about their limited cooperation on research and development and information-sharing.

Cyberattacks in Europe and across the globe are at an all-time high and showing no signs of abating. Remote hijacking of computers for malicious purposes constitute an “electronic epidemic”. Faced with such rapid technological upheaval, European policymakers seem slow to react. As EU member states rush to create the necessary national agencies, is it time for a European cybersecurity authority?

The French national agency for security information systems (Agence nationale de la sécurité des systèmes d’information - Anssi) has seen its powers boosted by governmental decree and is responsible for ‘immediate’ reaction in case of a cyber attack that is ‘violent and paralyzing’ to state infrastructure. The institution announced yesterday its security strategy addressing the necessity to safeguard cyberspace and to reinforce the security of national critical infrastructure.

A report has revealed the details of a determined and targeted breach of security at five major oil and gas companies. The cyberattacks, which happened in 2009, completely compromised the firms security systems, with hackers reportedly making off with sensitive technical, financial and personnel data. The attacks, labelled “Night Dragon” by analysts, are part of a rising trend of bespoke, targeted cyber-infiltration techniques, replacing previously random and opportunistic cyberattack systems.

The online freedom of speech movement, “Anonymous”, has launched an attack on an American web security company, indicating its activities have been unaffected by a recent series of European arrests. The shadowy group, notable for their ongoing campaign to support the Wikileaks website, have carried out a series of high-profile cyber-attacks against government, religious and business websites in recent months.

British Foreign Secretary William Hague has stated the UK’s intention to spearhead the development of conventions and guidelines for operations conducted in cyberspace. Whilst cyberdefence has risen high on the agenda of the US and NATO allies, the announcement makes the UK the first nation state to actually propose the formalisation of “rules of engagement” for the realm of cyberspace

It has been reported that Stuxnet has infiltrated Iran’s Bushehr nuclear centrifuge facility, with a serious risk of meltdown or nuclear catastrophe if the centre comes online, warns a non-US intelligence agency. The claim, forwarded by the Associated Press from an un-known source, illuminates the potential repercussions of the latest wave of cyber espionage, which it is widely believed was instigated by US and Israeli intelligence services.

The EU's emissions trading system (ETS) has been closed, after a series of cybersecurity breaches to the national registries where carbon permits are stored. Czech Republic-based firm Blackstone Global Ventures announced that around €6.8 million of European Union Allowances (EUAs) appear to have disappeared, prompting announcements of similar breaches from stores in Austria, Greece, Poland and Estonia. The system is likely to be closed for over a week.

A New York Times article, published on the 15th January, has laid out the ongoing technical and policy debate surrounding the so called “Stuxnet” virus. The worm, which employs a simple but effective self-deleting algorithm to “reset” basic chip components, rendering them useless, came to the publics attention in July last year, when it was detected by a private anti-virus company in Belarus. Since then, it has been alleged that the virus was specifically engineered to infect and disrupt Iran’s nascent nuclear programme, with Israel and the US the likely originators.

The European network and Information Security Agency (ENISA) and NATO’s Cooperative Cyber Defence Centre of Excellence (CCD COE) will conduct a joint workshop in Cologne, Germany to address issues related to the measurement, detection and tracking of botnets in Europe. The collaboration is the latest in a series of exercises, including “Cybersecurity 2010”, Europe’s first continent-wide cyberdefence drill.

A panel of experts discussed the future of NATO and the transatlantic relationship. Focusing on the ongoing mission in Afghanistan and European relations with the US, the debate revolved around the need for reform, reinvigorated partnerships with regional powers and new models of cooperation in an increasingly unstable world.

Maj. Gen. Mark A. Barrett, Deputy Chief of Staff for Strategic Plans and Policy at NATO Allied Command Transformation, introduces this report on “Protecting the global commons.” He and a number of prominent policy-makers, military and civilian, focus on the dual requirements of promoting stability and protecting access within the global commons, comprised of the space, maritime and cyber domains.

Walter Deffaa, Director General for Taxation and Customs Union of the European Commission and Ilias Chantzos, Director for Government Relations at Symantec Corporation give their perspectives on current EU customs issues and their security implications for Europe. With representatives from the European Commission, diplomatic delegations and the business sector present, the debate focused on improving technology in customs systems and guaranteeing safe trading.

In this exclusive SDA report, US Deputy Secretary of Defense William J. Lynn III gives his perspective on cybersecurity issues today. With participants from accross the transatlantic security community present, the debate focused on the threat of cyber attack, the importance of transnational cooperation and the role of NATO in this evolving field.

The discussion at this high-level roundtable debate focused on the concept of "homeland security" in Europe and on the specific case of Critical Infrastructure Protection (CIP).

During this innovative online experiment, leading think-tanks got together with the SDA to organise a 5-day brainstorm that was supported by NATO and the EU. The recommendations that emerged from this brainstorming event have been sent around the world.

Experts from NATO, McAfee, the EU, the European Parliament and various thinks-tanks spoke in this sometimes heated debate, which focused on the threat of so-called "weapons of mass disruption" that were emerging from cyberspace.

The Security & Defence Agenda is pleased to present you the report of its 2008 International Conference "NATO in the Next Decade - The Outlook for European Security and Defence". The event was co-organised with the Konrad Adenauer Stiftung, Hewlett Packard, Lockheed Martin and NATO.

This Discussion Paper in two parts brings together the views of high level experts from both sides of the Atlantic on NATO and ESDP relations. Contributors include David Leakey, Daniel Korski, Ambassador Stewart Eldon, and Alyson Bailes.

Romania will be hosting the next NATO Summit in Bucharest on 2-4 April this year. On 12 March the Security & Defence Agenda hosted Romania’s Ambassador to NATO Sorin Dumitru Ducaru, US Ambassador to NATO Victoria Nuland and Belgium’s Ambassador to NATO Baron Frans van Daele.

Following a fascinating debate that ranged from bullet-proof hosting to onion-routing, the conclusion had to be that the cyber security threat was evolving rapidly and was touching all aspects of society. Its political importance is also increasing and in a cyber society that “has no rules or borders, according to Estonia’s Minister of Defence Jaak Aaviksoo, there is a need for improved coordination at the highest level.

The last NDA roundtable before the summer break examined Europe’s plans to counter terrorist attacks on its critical infrastructure. Ten days after this NDA Roundtable on the vulnerability of critical infrastructures to terrorist attack, London's transport system was hit by four near-simultaneous bomb attacks. The London death toll, at just over 50, was mercifully low in comparison to Madrid's loss of almost 200 people in the Atocha railway station bombings of March 2004, to say nothing of New York's 9/11 casualty list of about 100 times as many deaths. But if London underlined the importance of chance in determining the loss of life, the bombings there have also given fresh impetus to efforts to better coordinate national counter-terrorism measures.

At the fifth session of the European Capabilities and Security Aims working group, it was agreed that the Headline Goal would be met in quantitative terms by year end. Serious concerns remained however, in the key areas of availability; mobility, intra-operability and sustainability.