This month Indonesia had the dubious honour of becoming the cyberattack capital of the world. According to the second quarter Akamai report, Indonesia has surpassed China to become the preferred launching pad for 38% of the world’s cyberattacks. 79% of all attacks now originate from the Asia-Pacific region; this is a significant increase of almost 25% since the end of 2012.
Last week the third instalment of the International Conference on Cyber Space was held in Seoul, South Korea. Initiated in London 2011, the process draws ministers, government and private sector cyber leaders from across the globe. The conference produced the Seoul Framework—a principles document organised around the themes of the conference, including cybersecurity, economic growth and development, cybercrime and capacity building.
Australian Foreign Minister Julie Bishop spoke about the challenges and opportunities posed by cyberspace, stressing that cyber is a ‘priority issue’ for the new government. For a more in depth recap of the conference read Toby Feakin’s latest Strategist piece.
The European Union’s law enforcement agency, Europol, has released details of an elaborate cyber-enabled drug trafficking operation that suggests that criminal groups are taking advantage of the growing ‘hackers for hire’ market. An organised crime group based in Belgium infiltrated the systems of two shipping companies at the Port of Antwerp. Using this access, they were able to ascertain the location and security surrounding containers being used to legally ship bananas, in which the group’s South American accomplices had concealed heroin and cocaine. Once shipped to Europe, the containers were intercepted using the stolen information before their rightful owners could collect them.
Former Estonian Defence Minister Jaak Aaviksoo spoke in a recent interview about the key lessons learned from the 2007 Estonian cyberattacks. Aaviksoo, who was Defence Minister during the attacks, spoke about how Estonia has reacted to the online assault by becoming one of the most cybersecurity conscious countries in the world. One of the more interesting points he made surrounded traditional reporting structures and how they can inhibit effective responses to cyber incidents; ‘Cyberattacks happen in seconds. You have no time for an emergency cabinet meeting.’
The SANS Institute, a private US-based internet security training company, has just signed an MOU with the Thai government. The agreement aims to lift the country’s technical cyber capabilities by identifying and providing cybersecurity training to a new crop of experts. The agreement states that these specialists will help contribute to the defence of critical information infrastructure, most likely with ThaiCERT.
Ellen Nakashima has a piece in the Washington Post assessing General Alexander’s double role, leading both the NSA and the military’s Cyber Command. There have been criticisms that Alexander holds excessive power in cyberspace by controlling both the nation’s signals intelligence agency and its offensive cyber capabilities. The retirement of Alexander, set for next year, is already fuelling debate about the need for separate oversight of each of the the organisations.
Google has teamed up with Arbor Networks to produce an excellent Digital Attack Map that displays distributed denial-of-service (DDoS) attacks around the globe. The map uses anonymous traffic data to show source and target countries and the type of DDoS attack.
Jessica Woodall is an analyst in ASPI’s International Cyber Policy Centre.