By Harriet Ellis, Research Analyst and Administrative Assistant, Future Conflict and Cyber Security, and Samantha Hoffman, Research Consultant, Future Conflict and Cyber Security and Defence and Military Analysis.
National law and policy
- Rob Strayer, the United States State Department’s head of cyber policy, stated he will continue to promote the norms of behavior established by the Obama administration and will look to impose consequences on states that break these norms.
- US Attorney General Jeff Sessions said cyber-enabled theft of intellectual property was a priority for the Department of Justice.
- The US sentenced notorious Russian cyber criminal Roman Seleznev to 14 years in prison for identity theft and credit card fraud. Seleznev is already serving a 27-year sentence for a separate computer hacking conviction.
- A cyber espionage group believed to be operating from China is targeting law offices in the US with phishing emails referencing high-profile news stories.
- The Chinese government released a plan to enhance the industrial sector’s use of the internet and new technologies, stating the country will be a global leader in key sectors by 2035.
- The United Kingdom’s National Cyber Security Centre stated that Kaspersky Lab products should not be used on government systems containing sensitive information due to a risk of espionage.
- The UK’s Cabinet Office released an interim national cyber security science and technology strategy, aimed at ensuring the UK has the technological capability to counter cyber threats.
- Several British parliamentarians revealed that they didn’t abide by rules against sharing passwords.
- Australia’s consumer watchdog launched an investigation into digital platform providers, including Google and Facebook.
- Germany’s interior ministry drafted legislation that would require companies to provide security services with back door access to digital devices such as cars, computers and smart TVs.
- A Malaysian government official said the country is considering joining the Budapest Convention on Cybercrime. The government is reportedly taking steps to align legislation with the convention.
- Andromeda, a major family of malware, was dismantled as part of an international law enforcement operation. The widely used malware created a network of infected computers that was used to distribute other malware and to carry out criminal operations.
- China held the third annual Wuzhen World Internet Conference. The chief executives of Apple and Google attended the event for the first time.
- The European Union’s counter-propaganda unit, East StratCom, has been allocated a €1 million (US$1.2m) annual budget over 2018 to 2020. This the first time the unit has been funded directly by the EU budget.
- Russia is reportedly planning to develop independent internet infrastructure for BRICS countries (Brazil, Russia, India, China and South Africa), citing the need to protect Russia from external influences and instability.
- The African Union held a ministerial meeting on digitisation and cyber security.
- NATO allies are reportedly developing a doctrine for offensive cyber warfare, and will seek agreement on guidelines for offensive operations by early 2019.
- NATO held its largest annual cyber defence exercise Cyber Coalition, involving 25 countries.
- Estonia’s military will incorporate an offensive cyber capability into the country’s forthcoming cyber command. A 300-strong cyber unit will reach initial operating capacity in August 2018, and full operating capacity by 2020.
- Facebook and Twitter said they would cooperate with the UK’s investigation into foreign propaganda on the platforms during the country’s referendum on EU membership.
- Facebook announced that artificial intelligence (AI) is enabling the platform to take down 99% of terrorist content before the material is flagged by users. The company is also using AI software to detect users who may be suicidal, although this feature will not be used within the EU due to restrictions on the use of personal data.
- YouTube deleted 150,000 videos after the platform was criticised for hosting videos depicting children in exploitative situations.
- Apple fixed a major bug in the Mac operating system that allowed anyone to gain administrative-level access to machines without passwords.
- A Chinese cyber security firm suspected of cooperating with government hackers appears to have shut down. The US indicted several employees of the company in November, alleging they had stolen intellectual property from US businesses.
NATIONAL SECURITY THREATS
- Former US National Security Agency employee Nghia Hoang Pho pleaded guilty to removing classified documents from NSA headquarters and storing them on his computer at home. Cybersecurity experts believe Russian hackers exploited the Kaspersky Lab software installed on Pho’s personal computer to access classified material.
- India’s security service directed troops posted on the border with China to remove 42 popular Chinese mobile applications from their devices, citing concerns that the apps could transmit sensitive information to China and undermine India’s national security.
- 100 gigabytes of sensitive data belonging to the US Army’s Intelligence and Security Command was exposed, after it was stored on a publicly accessible Amazon Web Services server.
- The US Supreme Court will determine whether law enforcement needs to have a warrant to access location data on mobile phones.
- A Chinese court sentenced a Taiwanese citizen for attempting to foment a colour revolution in China, citing his use of Facebook to organise protests in the country.
- Chinese authorities are censoring content relating to the eviction of migrant workers from Beijing and to allegations of child abuse at several nurseries in the country.
- Chinese messaging platform WeChat removed an article in which a woman described facing sexual harassment, stating that the platform had received too many complaints from users about the content.
- Authorities in Iran censored material relating to former president Mahmoud Ahmadinejad after he gave a speech that was critical of government officials.