Our weekly digest of the world's cyber security news.

Protestors against the proposed Carmichael Coal Mine, Queensland, Australia. Credit: Flickr/TakvrBy Harriet Ellis, Research Analyst and Administrative Assistant, Future Conflict and Cyber Security, and Samantha Hoffman, Research Consultant, Future Conflict and Cyber Security and Defence and Military Analysis.


National law and policy

  • United States Central Intelligence Agency Director Mike Pompeo called Wikileaks a ‘non-state hostile intelligence service’ in a public speech on 13 April.
  • South Korean media said North Korea stole over KRW100 million (USD 88,100) in bitcoin currency every month from 2013 to 2015.
  • Twitter accounts began pushing a suspicious pro-mining message as the head of Indian mining firm Adani met with Australian Prime Minister Malcolm Turnbull. The company is seeking a $900 million loan from his government for a controversial project in Queensland.
  • Kenya’s government approved the Computer and Cybercrimes Bill 2016, which aims to monitor, manage and prevent cybercrime.  The legislation criminalises acts such as online fraud, cyber-stalking, sharing child pornography and seeking unauthorised access to computer systems.
  • The Cyberspace Administration of China released draft legislation that would ban export of economic, technological and scientific data, where the transfer would threaten security interests. 
  • South Korea’s National Election Commission asked Facebook to prevent the spread of fake news ahead of the country’s presidential election.

International policy

  • Following Microsoft’s February statement that a digital Geneva Convention was needed to regulate state behavior in the cyber domain, the company released further documents outlining how a non-political attribution body could function and suggesting binding rules to govern the behavior of states and technology companies.
  • Kenya-based Afrinic, which issues and manages IP addresses in Africa, proposed a policy to refuse giving any new IP address for a 12-month period to any African country that ordered an internet shutdown.


  • The South Korean defence ministry plans to invest KRW 246.5 billion (USD 218 million) in cybersecurity between 2018 and 2022.
  • Media reports claimed that North Korea’s attempted ballistic missile test on 16 April may have failed due to US intervention by cyber means. Deputy National Security Advisor KT McFarland declined to comment, stating she couldn’t talk about ‘secret intelligence things that might have been done’.

Private sector

  • Microsoft released its latest transparency report, showing the company received 25,837 requests for data from law enforcement agencies in the latter half of 2016. 71% of these demands came from a handful of countries, led by the US, the UK, France and Germany. Microsoft also revealed a National Security Letter that the company had received from the FBI in 2014, which, despite not requiring judicial approval, required the company to disclose customer data.
  • Facebook is reviewing its handling of videos after a user uploaded footage of himself shooting a victim on the street. Facebook states that it will move towards using Artificial Intelligence technology to detect violent content, rather than relying on users reporting.
  • Russia’s Federal Antimonopoly Service and Google reached a settlement in a case accusing the company of abusing its dominant market position.Google logo
  • Chinese social network Weibo was fined by China’s National Office against Pornographic and Illegal Publications for spreading pornography.


Government breaches

  • Hacking group ‘Shadow Brokers’ leaked additional documents alleged to be from the NSA’s Equation Group. These exploits target vulnerabilities in Windows operating systems, and include three zero days. Microsoft indicated the vulnerabilities in question had already been patched, but it is unclear who notified the company of their existence.
  • Cyber Security firm F-secure identified ‘Callisto Group’ as a cyber threat actor targeting military personnel, government officials, think tanks and journalist in Europe and the South Caucuses to gather intelligence on foreign and security policy; it said the group and its related infrastructure have links to Russia, Ukraine and China and possibly other nations. The firm said the UK’s Foreign and Commonwealth Office had been targeted by a sophisticated spear-phishing campaign.

Critical infrastructure

  • The Central Bank of Nigeria asked the country’s financial institutions for reports of cybercrime incidents.
  • Among the documents in the Shadow Brokers latest release were files suggesting the US National Security Agency hacked into the SWIFT banking network and monitored several Middle East-based banks, exploiting vulnerabilties in Microsoft Windows products.

Strategic investment

  • Chinese firm Ant Financial, affiliated with Alibaba Group Holding Ltd, increased its bid to buy US-based MoneyGram International Inc to USD 18 per share; the deal would be required to clear the Committee on Foreign Investment.


  • Iran’s Attorney General ordered mobile operators and home internet providers to block a new end-to-end encrypted voice call feature in the mobile app Telegram.
  • Thailand’s Ministry of Digital Economy and Society has warned citizens exchanging information with three prominent critics would violate the country’s Computer Crime Act. The restriction prohibits following, contacting, sharing or engaging with the critics online.
  • Researchers at the University of Toronto’s Citizen Lab released a report on China’s ‘709 crackdown’ on rights lawyers and activists, which found that China’s censorship tools are able to automatically censor digital photographs.
  • Pakistani media said a university student was murdered by a mob of hundreds for allegedly posting blasphemous content promoting the Ahmadi faith on Facebook. The minority sect is declared non-Muslim in the country’s constitution.
  • India’s Kashmir province is experiencing the latest in a series of internet blackouts, after videos and images of protests circulated on social media.
Back to content list


IISS Voices

The IISS Voices blog features timely comment and analysis on international affairs and security from IISS experts and guest writers.

armed conflict database

Armed Conflict Database

A regularly updated IISS online resource providing detailed information on more than 70 conflicts worldwide.