UK cyber defence thwarts 54 million attacks; Iran helping to build Hizbullah’s cyber capability; Pakistan launches online app for reporting extremist content.

Hizbullah militants. Credit: Ratib Al Safadi/Anadolu Agency/Getty Images

By Harriet Ellis, Consultant Research Analyst, Cyber, Space and Future Conflict Programme

POLICY

National law and policy

  • United States Secretary of State Rex Tillerson proposed a new Bureau for Cyberspace and Digital Economy in the State Department. Tillerson had been criticised for dismantling the previous unit responsible for cyber diplomacy, and in January lawmakers in the House of Representatives passed legislation to reinstate it.
  • The US Senate will debate a bill, known as the CLOUD Act, which would create a legal framework for law enforcement to access data stored overseas.
  • The United Kingdom’s National Cyber Security Centre published a report on the effectiveness of its active cyber defence programme. An estimated 54 million low-level attacks were thwarted in 2017.
  • UK parliamentarians will travel to Washington DC to question US technology firms about the political and societal implications of fake news and disinformation on social media platforms.
  • Australia’s mandatory data breach notification law entered into force.
  • Pakistan’s counter-terrorism agency launched an application that will allow citizens to report extremist content online.
  • The Indian government announced it would take steps to regulate cryptocurrency exchanges.
  • Iran is reportedly supporting Hizbullah’s ambition to strengthen its cyber capability by providing training and cooperating on cyber operations.
  • Cambodia’s telecommunications regulator will question internet service providers for failing to block a website as ordered by the government.

International policy

  • A UK-led international law enforcement operation involving Europol has ended the distribution of Luminosity Link, a popular remote hacking tool that was available for sale for £30.
  • Spain extradited Peter Levashov, a prolific Russian spammer, to the US. The decision concludes a year-long battle between the US and Russia over his extradition.

Military

  • NATO’s annual exercise Crossed Swords took place in Latvia. The drill involved participants from 15 countries and comprised of attacks on military units and critical information infrastructure.

NATO exercise in Latvia. Credit: NATO/FLICKR

  • The Swedish armed forces will strengthen their capability to conduct operations in cyberspace.
  • The Australian Defence Force established a new Defence Signals Intelligence and Cyber Command.
  • Defence officials in Thailand discussed the military’s cyber security policies, including the possibility of establishing a cyber defence command centre. The Ministry of Defence is planning to recruit 1,000 cyber security personnel.
  • US Cyber Command’s operational defence arm – Joint Force Headquarters Department of Defence Information Networks – reached full operating capacity.

Private sector

  • The Washington-based US-China Business Council issued a report that found China’s cyber security law made businesses more vulnerable to cyber attacks.
  • YouTube will label videos from news providers that receive government funding. The policy will initially only affect US-based users.
  • Twitter revised upwards to 1.4 million its estimate of the number of users who engaged with Russian propaganda on the platform during the 2016 US election.
  • Chinese internet company Tencent, the owner of WeChat, briefly trialled a credit system for users.
  • WeChat users outside China were unable to access certain content from the app, including articles from the New York Times.

NATIONAL SECURITY THREATS

Government breaches

  • Norway’s Police Security Service stated that Russian intelligence and influence operations present a major threat to the country’s national security.

Norwegian police. Credit: Thomas Marthinsen/FLICKR

  • Hackers gained access to the mailbox of a regional branch of China’s central bank, using it to send out an email about bitcoin regulation.

Critical infrastructure

  • A spokesperson for the US Department of Homeland Security stated Russian hackers penetrated the voter registration rolls of several US states prior to the 2016 presidential election.
  • Hackers linked to Russia’s military intelligence agency targeted US defence contractors in a phishing scheme.
  • The UK’s National Health Service remains vulnerable to cyber attacks. According to testimony provided by a government official, all NHS trusts assessed failed to meet cyber security standards.
  • Hackers allegedly linked to the Iranian government launched a phishing campaign against Israeli nuclear scientists.

DIGITAL RIGHTS

  • The Chadian government restored internet services after a period of shut down.
Back to content list

VOICES HOMEPAGE

IISS Voices

The IISS Voices blog features timely comment and analysis on international affairs and security from IISS experts and guest writers.

armed conflict database

Armed Conflict Database

A regularly updated IISS online resource providing detailed information on more than 70 conflicts worldwide.