By Harriet Ellis, Research Analyst and Administrative Assistant, Future Conflict and Cyber Security, and Samantha Hoffman, Research Consultant, Future Conflict and Cyber Security and Defence and Military Analysis.
National law and policy
- The United States released its new national security strategy, which includes a greater focus on cyber security compared to previous documents. The strategy states the US should improve its ability to attribute and respond to cyber attacks, enhance its own cyber capabilities, and promote the integration of these within government.
- US homeland security adviser Tom Bossert attributed the WannaCry ransomware epidemic to North Korea.
- The US Federal Communications Commission voted along party lines to repeal net neutrality rules that prohibited internet service providers from favouring certain websites over others.
- A government spokesperson in the United Kingdom stated that the country could respond to a cyber attack with operations in a different domain.
- Russia’s interior ministry stated that actors in Syria were behind the recent spate of bomb threats, referring to the hoax telephone calls as a cyber attack against Russia.
- China’s information technology ministry released a three-year plan to promote the development of the country’s artificial intelligence industry.
- A hacking group with ties to the North Korean regime is reportedly targeting people knowledgeable about cryptocurrency in a spear-phishing campaign.
- France is reportedly preparing to release a new cyber security strategy.
- France’s data protection authority said it would fine WhatsApp if the company continues to share data with Facebook, stating the practice is not in accordance with local privacy laws.
- A South Korean official stated that the government is considering countermeasures for cyber attacks against the country’s cryptocurrency exchange. North Korea is suspected to be behind the April attack, which precipitated the company’s bankruptcy.
- Japan will produce a six-tier classification scheme for cyber attacks against its critical infrastructure, including outlines of potential responses to incidents.
- India set up a computer emergency response team to address cyber threats to government networks.
- Australia appointed a new minister for cyber policy, which falls under the new home affairs ministry.
- South Africa’s justice department addressed public comments on the country’s forthcoming cyber security and cybercrime bill.
- The Internet Governance Forum 2017 is taking place in Geneva. A spokesperson for the Cyberspace Administration of China told attendees that Google and Facebook would have to abide by national internet and data regulations if they were to operate in the country.
- The US House Foreign Affairs Committee approved a bill that would strengthen cyber security cooperation between the US and Ukraine.
- The US military has reportedly been successful in conducting cyber operations in partnership with Special Operations forces, and will expand this programme.
- The US Air Force paid out the government’s largest single bug bounty award yet, to two hackers who found a critical vulnerability in the air force’s networks.
- The US Army is trialling new techniques to improve information operations.
- Facebook will change how it pays tax on its global operations, moving to increase local taxation on advertising revenue in countries where it has an office.
- Facebook released a transparency report for the first half of 2017, adding a section for requests the company received about intellectual property infringements.
- Facebook and Microsoft took joint steps to disrupt North Korean cyber operations.
- Twitter announced a crackdown on hate speech and abusive content on the platform.
- Russian cyber security firm Kaspersky Lab reportedly provided the country’s security service access to a criminal suspect’s documents.
- Google established an artificial intelligence centre in China.
NATIONAL SECURITY THREATS
- The chief of the UK’s defence staff and chair of NATO’s military committee warned that Russia could damage the undersea cables that carry global internet traffic.
- A cyber security firm released a report documenting a new variant of malware targeting safety systems in critical infrastructure. The malware, codenamed TRITON, is capable of manipulating controllers that manage emergency shutdowns in energy plants.
- A suspicious routing error saw traffic associated with several popular sites, including Google, Apple and Microsoft, routed through Russia on two occasions in one morning.
- Authorities in Ethiopia blocked access to social media sites in the country, following violent clashes that killed at least 15 people.
- Mobile internet services were shut down for over 24 hours in parts of Rajasthan, India last week.
- A data analytics firm exposed sensitive data relating to over 123 million US households earlier this year.