This Week In Security - 08/17/2020
Israel Allegedly Thwarts Foreign Cyber Threat
Israel claims it successfully deflected a cyber attack against the Defence Ministry last week, saying no “harm or disruption” was caused.
Reportedly the work of the North Korean cybercrime group, Lazarus, the attack targeted defense workers. Hackers sent employees fake job offers in an attempt “to infiltrate their networks and gather sensitive information”.
Although the Defence Ministry said, “The cyber-attacks were identified in real-time, and thwarted”, researchers at the cybersecurity firm, ClearSky, that “first exposed the attack”, said the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data.
Experts fear, if that is the case, the hackers may share that stolen data with Iran – an ally of North Korea.
The incident comes at a time when “Israel has been fighting an escalating cyber conflict with Iran” which it holds responsible for foiled attacks on its water infrastructure earlier this year.
Meanwhile, Iran has been experiencing a “deadly wave of explosions and fires at sensitive military and civilian sites” which, according to the director of the Center for Middle East Public Policy, Dalia Dassa Kaye, shows “a pattern of escalation… that would suggest a motive on the Israeli side to target the Iranians”.
UK Cabinet Gathers Data Despite Gaping Cybersecurity Holes
The UK government has admitted to “an ongoing risk of cybersecurity incidents within Cabinet Office” in its recently released annual report.
The Cabinet Office said it would work on the “strengthening of cybersecurity capability” following the audit by KPMG, which is due for completion within the next few months.
Despite these vulnerabilities, Minister of the Cabinet Office, Michael Gove, has instigated “an unprecedented data grab” that could see the centralization of huge amounts of data.
Days after the report was released, the Cabinet Office seized control of all the Department of Digital, Culture, Media and Sport’s data. There is also widespread speculation that the department could “create new databases for people with disabilities, and for black and ethnic minorities”.
Apparently overlooking its self-proclaimed cybersecurity vulnerabilities, the Cabinet Office said the centralization of data would ensure it “is managed ethically”. This comes after two incidents of “losing sensitive data” in the past year, one of which was “so serious that it prompted a Cabinet Office review into how it handles and manages data”.
Both the concentration of data and the blatant holes in the Cabinet Office’s cybersecurity raise concerns over the government’s use of data and its ability to safeguard sensitive information.
CISA and Partners to Create “New Cyber-Risk Framework”
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Energy Department, is working on a framework it hopes will help to predict potential cyber risks.
The five-year plan will complement the existing National Institute of Standards and Technology’s cybersecurity framework – “an industry-endorsed set of security controls for protecting critical information”.
The CISA’s National Risk Management Center’s acting deputy assistant director, Daniel Kroese, said the “NCF Risk Architecture is more of a data platform than a tangible set of principles and best practices”.
“It’s really kind of a big-data, multi-vector solution of stitching together different relational data points and nodes of risk factors across the critical infrastructure community,” he said.
The risk architecture forms part of the CISA’s efforts to combat areas of “concentrated risk”, such as those surrounding “the federal government’s effort to support vaccine development and treatment for the coronavirus pandemic”.
“Right now,” Kroese said, “it is a national and international imperative that there is integrity to that data”.
Kroese said the CISA also hoped the cyber-risk initiative would provide “a better way of quantifying and talking about cyber loss, recognizing we’re not going to have decimal-place specificity, we can begin to get a directional understanding to help guide some of these efforts”.
Lockdown Leaves Brits Feeling Vulnerable to Cybercrime
Nearly a fifth of the UK’s population feels more vulnerable to cybercrime now that it did before the country locked down in response to the coronavirus.
London-based research company, Ipsos MORI, released its findings last week, after interviewing 1,064 British adults aged 18-75 in June. According to the results, “22 percent of people said they have felt more at risk of buying counterfeit goods online, and 20 percent said they felt more at risk of someone accessing their online accounts without permission” since the lockdown began.
The survey indicated that just “half of the British public feel confident in the ability of the Government and its law enforcement agencies to protect them from fraud and cybercrime”.
Many respondents said they had taken steps to improve their cybersecurity, with 27% saying “they have installed the latest software and app updates” and around third saying they had either updated “account passwords with a stronger alternative (36%)” or changed their main email account password “to be strong and separate from all other accounts (33%)”.
Although the results are encouraging, Ipsos MORI’s associate director, James Stannard, said “it’s vital everyone does more to protect themselves from fraud and cybercrime, not just those who feel more vulnerable”.