Another big week in cyberspace kicked off with news that ‘suspicious activity’ had been detected on an unclassified network at the White House. The activity, which caused some disruption to IT services within the Executive Office of the President, was contained quickly and was prevented from spreading to more sensitive classified networks.
Given the nature of the target and the type of activity, the infiltration attempt bears the hallmarks of a state-backed attack, with some news outlets going so far as to point the finger at a specific country.
Cybersecurity rock-star Bruce Schneier gave an interview on the attack to Bloomberg Politics. In a conversation his fans are sure to enjoy, he effectively cuts through the media hype surrounding the incident.
Chairman of the Joint Chiefs General Martin Dempsey was dropping some hard truths of his own at Syracuse University. During a speech addressing ‘Strategy in the Open’ Dempsey pinpointed cyberspace as an increasingly dangerous domain for the military and the country, and one that isn’t currently being adequately addressed. He also spoke about the unique problems cyber brings to his role.
(The) conversation about cyber can become emotional faster than almost anything else I deal with, because of issues related to privacy, to standards, to information sharing between corporate America and the government. We’re not dealing with cyber very effectively…We’ve got to find a way to collaborate on standards and information sharing and what is the role of the government in the cyber domain.
Moving across the Atlantic, the European Union conducted its largest-ever critical national infrastructure cybersecurity exercise last week. The drill involved 29 countries and over 200 agencies and was designed to test and help improve coordination between the EU member countries’ national security bodies. EU Commission vice president Neelie Kroes stressed the importance of collaboration in a press release: ‘The sophistication and volume of cyber-attacks are increasing every day…They cannot be countered if individual states work alone or just a handful of them act together’.
Staying in Europe, the Dutch Government has released the fourth edition of its yearly Cyber Security Assessment. The comprehensive paper, which is produced by the National Cyber Security Center, explains in detail the cyber trends witnessed in the previous year, including threat-based analysis against a wide range of targets including government, business and private citizens.
Closer to home, the South Korean government played host to the Seoul Defence Dialogue last week. The forum, attended by senior defence officials from 24 countries across the region, saw one of its four sub-sessions dedicated to cybersecurity cooperation and international norms. Of particular note, the Chinese government agreed to send a delegation to the dialogue for the first time, in what’s being seen as an attempt to boost bilateral relations with the South Korean government.
Jumping on the bilateral band wagon, the Japanese government has announced a working-level cyber dialogue with a far-flung friend. Japanese Defense Minister Akinori Eto and his Finnish colleague Carl Haglund announced the new national-level discussions that will include a component on cyber defence.
Wrapping up this week, a rare collaboration between some of the internet’s heaviest hitters has resulted in another report uncovering a Chinese-government-linked hacking organisation. The group dubbed ‘Axiom’ by the report has been linked to targeted hacking attempts against various governments, NGOs, media organisations, pro-democracy groups and several Fortune 500 companies. The research, led by Novetta was supported by Cisco and FireEye among others, with additional cooperation from Microsoft and Symantec, who all pooled information, tools and capability to help uncover the group’s online web.