Cyber wrap
16 Mar 2016|
US Department of Justice

The US Department of Justice is reportedly preparing an indictment against a set of Iranian hackers who allegedly infiltrated a small New York dam in 2013. While the attack only managed to penetrate the dam’s administration network, and not its SCADA operating system, the possible indictment highlights how seriously attacks against critical national infrastructure are handled within the US system.

The impending Iranian indictments will likely largely be seen as a political move, but beyond this, they’ll serve as an important tool to reinforce norms agreed upon at the UN Group of Governmental Experts. In particular, it’ll reinforce the norm that states shouldn’t conduct or knowingly support ICT activity that intentionally damages critical infrastructure. In 2014 when the US Government sought to underline another norm, that the state-backed hacking of secrets for economic gain was off limits, it issued five indictments against Chinese nationals for attacks against American industry, gaining widespread international attention.  

Also in the US, news site ThirdCertainty has compiled a useful cheat sheet on the 2016 Presidential candidates’ views on key cybersecurity issues. That includes their positions on hot topics such as the CISA, hacking-back, the encryption debate and the Snowden leaks. The candidates were also graded on their positions by two IT professionals, with recent drop-out Marco Rubio and Bernie Sanders coming out on top—albeit with the scores of B- and C+ respectively.

The Australian Government’s excellent Stay Smart Online alert service shared news last week of malware targeting ‘leading Australian and New Zealand banks’. The software, which affects Android banking applications, has the ability to intercept the SMS communications many banks use for two-factor authentication. The malware masquerades as an Adobe Flash application which could be inadvertently downloaded by users. For more information head here.

Al-Monitor has an interesting story this week on Palestine’s burgeoning hacking underground. While politically motivated attacks against Israel have been happening online for years, according to the article an increasing amount of skilled technologists are using their talents for economic gain by hacking personal credit cards and corporate networks around the world.

The Singaporean Government has fired the latest shot in the ongoing IT skills battle, establishing a new program designed to lure overseas-based Singaporean talent back to the city-state. The Smart Nation Fellowship Programme, created by the Infocomm Development Authority (IDA), aims to draw overseas-based experts home for three to six month stints working alongside IDA engineers on ‘smart nation’ projects aimed at improving the provision of services to the public in areas including transport and healthcare.

If you’re in Tasmania you might have noticed a dramatic slowing in your internet speeds. The Basslink submarine cable, which brings both telecommunications and electricity from the mainland, was cut late last week as operators attempted to find the location of a fault that has plagued the cable since last December. The cut has all but stopped the connection of several ISPs to the island—including iiNet and Internode—and many are questioning why arrangements weren’t made in advance to route traffic through Telstra’s submarine cables, which remain unaffected.

Wrapping up this week, our friends at the Observer Research Foundation have launched a new paper that assesses the Indian government’s cyber organisational structures and makes recommendations for improved co-ordination, resilience and response.