Government

Published on Friday, 01 February 2019 09:00

OVERVIEW

In recent years, governments have been seen to be taking pre-emptive measures to counter threats, or responding to cyber-attacks that may set a precedence for others.

In terms of pre-emptive measures to fight cyber-attacks, governments in Thailand, China and Russia amended or introduced legislation on information security. In China, the new law by the administration under President Xi Jinping is the latest effort that reflects the country’s increasing focus on raising its cybersecurity capabilities, including deterrence. Notably, President Xi himself heads the Central Leading Group for Internet Security and Informatization, the central government’s apex committee responsible for Internet-related issues including cybersecurity.

In Thailand and the USA, cyber-attacks were launched against the government networks and a key institution respectively. The USA responded with sanctions against the Russians, believed to have conducted the hacking that influenced the US elections. This development is being closely watched by all having elections this year. In Thailand, the government warned that further attacks would have wide-ranging impact on society and economy. From the US example, spear-phishing was identified as a means used by the hackers, and should serve as a reminder for everyone not to access or click on unfamiliar links and websites.

REPORTS

FBI AND HOMELAND SECURITY DETAIL RUSSIAN HACKING CAMPAIGN IN NEW REPORT

Dubbed the “GRIZZLY STEPPE”, the Federal Bureau of Investigation (FBI) and the US Department of Homeland Security (DHS) officially attributed election-related attacks to two Russian state-sponsored hacking groups: APT28 (also known as FANCY BEAR) and APT29 (also known as COZY BEAR) in a Joint Analysis Report (JAR) released on 29 December 2016.

The JAR contains indicators of compromise (IOC) and mitigation advice for security professionals, and warns that the actors’ malicious behaviour is still ongoing. However, security experts said the report was “too basic” and came too late, following various reports from the private sectors that attributed the attacks to the two threat actors.

Read on by clicking on the story below:


PHISHING EMAIL SCAMS 108 GOVERNMENT EMPLOYEES, 756,000 PEOPLE AFFECTED BY BREACH

Phishing continues to be used as a reconnaissance method by many threat actors. In the USA, more than 100 LA County employees received a phishing e-mail on 13 May 2016, which led them to disclose usernames and passwords. As a result of the breach, 756,000 people were possibly affected.

In response to the attack, LA County (i) initiated an administrative review, (ii) implemented additional controls to minimise risk of future phishing attacks, and (iii) enhanced employee training to identify and respond to phishing attacks.

Read on by clicking on the story below:


EU SEES JUMP IN AGGRESSIVE CYBER ATTACKS

With more than 100 attempts to hack into the European Union’s servers in 2016, a large-scale cyber-attack in November 2016, and US attributing the Democratic National Committee (DNC) hack to Russia, the European Union (EU) is concerned at the possibility that Russia could interfere with upcoming elections in France and Germany as well. Germany’s Chancellor Angela Merkel warned how Internet-based attacks and Russian misinformation campaign could influence Germany’s election campaign. France echoed similar concerns ahead of their presidential election, expected to be held in May 2017.

Although 80 per cent of the cyber-attacks at EU in 2016 could be considered “harmful”, EU has systems in place to protect confidential data. This prompted Sir Julian King, the EU security commissioner, to urge EU members “to exercise the utmost vigilance in order to protect the EU institutions against cybercrime and prevent it from interfering in their decision-making processes”.

Read on by clicking on the story below:


CHINA ADOPTS A TOUGH CYBER-SECURITY LAW

China adopted a new cybersecurity law on 7 November 2016, that will come into force in June 2017. The law affects both domestic and foreign firms operating on the Chinese mainland and covers a wide range of activities relating to use of the Internet and information and communications technologies (ICT).

Security experts criticised the law as looking “very much like a techno-nationalist Trojan horse”. Several issues with the new law include (i) storing any locally gathered personal information in China, which threatens operations of multinational corporations that rely on cross border flows of business data, (ii) getting security certifications for important network equipment and software, which firms fear might be used to turn over security keys and proprietary technologies, and then passed on to state-owned rivals, and (iii) requiring the use of Internet products and services that are “secure and trusted” which may favour Chinese firms.

Read on by clicking on the story below:


HACKERS HIT THAI GOVERNMENT WITH DDOS ATTACKS PROTESTING AGAINST RESTRICTIVE INTERNET LAW

In retaliation for the passing of a Bill that is perceived to infringe on Internet freedom, Anonymous hackers reportedly conducted targeted Distributed Denial of Service (DDoS) attacks against Thailand government websites in December 2016. The new law allows Thai authorities to monitor and access private communications as well as censor online content without a court order.

Websites affected were Thailand’s Defence Ministry, Ministry of Digital Economy and Society, the Prime Minister’s Office and the Office of the National Security Council. The Thai defence ministry warned that further attacks could lead to "destroying financial systems, banks, transportation systems, airports and can cause damage toward the population of an entire country".

Read on by clicking on the story below:


WHAT IS BEHIND RUSSIA’S NEW INFORMATION SECURITY DOCTRINE?

A new Information Security Doctrine was approved on 5 December 2016. It replaces the previous Information Security Doctrine which was adopted in 2000. It addresses new challenges to the country’s national security that have emerged recently due to the increasing penetration of information technologies into nearly all areas of life.

The new Doctrine addresses information security issues on three levels: individual, societal and governmental. A couple of provisions in the Doctrine include (i) enhancing national information sovereignty, and (ii) ensuring information security through strategic deterrence and prevention of military conflicts.

Read on by clicking on the story below:


SOURCES INCLUDE: The Guardian, The Economist, CSO Online, The International Business Times, Russia-Direct, and The Financial Times