This morning the Australian Cyber Security Centre released its first unclassified threat report on the online threat environment that Australia faces, including cyber espionage, cyber attack, and cybercrime. It explains that these threats are delivered by RATs, Malware and watering hole attacks. The report also contains several case studies and mitigation advice for organisations to help protect themselves. The full report can be accessed here.
The Washington Post has a good piece on why the US government has chosen not to publically assign blame for the high-profile OPM Hack. Quoting ‘senior administration officials’ the article explains that the government is keen to not tip its hand and reveal detailed evidence tying the attack to a particular adversary, as it may reveal its own cyber espionage capabilities.
It’s interesting to see in this case how the US’ ideological views have solidified around the issue of economically motivated vs government hacking. The US generally views cyberattacks against government as falling under the umbrella of ‘traditional espionage’ which should be met with an equally secretive response. Attacks against the private sector, such as the Sony hack, are met with an altogether more public and high profile response including public attribution and sanctions. While the US continues to make this delineation, in other countries where economic success is more readily tied to government success, this differentiation won’t be adopted anytime soon.
In the lead up to the 2020 Summer Olympics, the Japanese government has announced a massive push to train 50,000 people in both the government and private sectors to help protect against cyber threats. The Ministry of Internal Affairs and Communications will put forward a set of proposals totalling 20 billion yen to government. Included in the proposals are ‘competitive training exercises’ to help identify and train talent from schools, local level authorities and small to medium businesses. Also slated for creation are industry-wide forums for the sharing of knowledge and best practice among private companies. The proposals follow an announcement by the Information-technology Promotion Agency that 160,000 of Japan’s 265,000 information security personnel lack the required skills to adequately carry out their job.
Malaysia’s Ministry of Science, Technology and Innovation has launched a national Internet of Things (IoT) Roadmap. The roadmap launched by Minister Dr Ewon Ebin, is intended to serve as an implementation guideline for an industry estimated to contribute a total of 9.5 billion ringgit (AUD $3.3 billion) to Malaysia’s gross national income by 2020. The Minister lauded the country’s tech expertise, solid investment climate and strong government IoT commitment in a push to show the country can become a regional IoT hub.
NextGov has produced a nice list of women ‘cyber guardians’ to watch. Although women make up only about 14% of global government IT workers (with even less in the private sector at 11% in 2013), this hasn’t stopped an influential group of ladies from academia, private industry and government rising to the top of their fields. Closer to home, the Commonwealth Bank’s Chief Information Security and Trust Officer Ben Heyes recently wrote a great piece detailing the shortage of female IT professionals, why industry needs to be more active in their recruitment of a more diverse workforce and the benefits different perspectives can bring to business outputs.
Wrapping up this week, the Russian Government’s official public procurement site fell victim to an embarrassing defacement recently when intruders managed to place a contract on the site for the ‘control of Russia’. The property management contract gave the winning bidder rights to ‘rule the [Russian] state and turn a profit’, the ‘property’ included ‘the whole of the Russian Federation, including Crimea and Sevastopol, a population of 146 million, lots of oil, gas, forests, land and whatnot.’ But the hackers cautioned the property came with ‘a few million officials who also believe they have the right to turn a profit from the Russian Federation.’