2016 has kicked off in big way with what’s been billed as the first cyber attack to actually disable a power grid. SANS ICS analysis indicates that the six-hour outage in western Ukraine was caused when hackers remotely switched breakers while simultaneously slowing the response by infecting utility company workstations and servers, then flooding customer call centres to prevent customers reporting blackouts. The companies affected had to switch their systems to ‘manual’ to restore power.
Unsurprisingly, media and intelligence agencies are looking at Russia, although Cyber Squirrel 1 could soon point its finger at another culprit. For some further reading, Net Politics has an interesting post about the use of cyber power between Russia and Ukraine.
China’s Defence Ministry announced the activation of three new units on 1 January, including one that it’s referred to as ‘cyber war forces’. The ‘Strategic Support Force’ is likely an amalgam of existing space operations and cyber and information warfare units. Its new commanding general, Gao Jin, was previously the Director of the PLA Academy of Military Science. The Academy is the source of the PLA’s Science of Military Strategy publication which included extensive discussion on Chinese concepts of cyber warfare. The reorganisation is likely part of broader reforms of the PLA announced at the Third Plenum of the 18th Party Congress in 2013 designed to centralise political control of the PLA which place the Central Military Commission in direct control of all military forces.
Also in China, authorities unveiled draft counterterrorism legislation in late 2015 that would require technology companies to install back doors and hand over encryption keys and user information to government agencies. US officials were quick to criticise the draft legislation, but this disapproval was quickly deflected by the Chinese Foreign Ministry which noted that recent US legislation included similar surveillance powers.
Encryption has continued to be a point of contention. Writing at the Wall Street Journal, Christopher Mims notes that ‘there is no such thing as “good enough” encryption once a backdoor has been added’. Mims states that there are already enough vulnerabilities in most personal devices that ‘lawful hacking’ by law enforcement agencies remains a better alternative than building in further vulnerabilities. Elsewhere, digital rights group Access Now have posted a letter online signed by nearly 200 experts, activists and corporations urging governments globally not to ban or limit access to encryption in any form.
Just before Christmas, the White House released a new strategy for greater US involvement in the development of international standards for cybersecurity. Cybersecurity Coordinator Michael Daniel announced the strategy as part of the US Government’s efforts to support a ‘consensus based, private sector driven international standards development process’ to develop internationally adopted standards for cybersecurity to help create trust in cyberspace and the growth of the digital economy.
The Israeli Ministry of Defense has announced new export permit requirements for cyber security products. The list of products subject to oversight includes systems that can deceive users, operating programs or communications with penetration programs; systems adapted for protecting or monitoring communication lines at a national level; and equipment and components designed for digital forensics.
And for those of you still on holiday or already nostalgic about the year that was 2015, our friends at the Council on Foreign Relations’ Net Politics blog have just finished a five-part series on the top five cyber news events of 2015 that’s well worth a read.