Cyber wrap
6 Apr 2016|

The release of the
Panama Papers this week has set a new record for the largest volume of data that has ever been leaked. The 2.6 terabytes of data, consisting of 11.5 million documents previous leaks such as WikiLeaks by a significant margin. The leak was provided to news outlets through encrypted channels by an unknown source.

This week another US health care company has fallen victim to ransomware, only a month after a Los Angeles hospital was held to ransom by cyber criminals. Electronic health records at 10 hospitals owned by MedStar Health in Maryland and Washington DC were encrypted on Tuesday last week and held ransom by unidentified hackers causing significant disruption to services. MedStar reported that it had restored 90% of its network by last Saturday, but it’s not clear if the company paid the US$18,500 ransom request. The Washington Post noted that hospitals and other health and insurance providers are obvious targets for hackers as they maintain sensitive personal information, but the industry hasn’t kept up with the financial and retail sectors efforts for cyber security and resilience.

In Japan, planning for the 2020 Tokyo Olympics has prompted the government to implement a program to train a further 1000 cybersecurity analysts within government. A preferential pay system and new senior leadership positions for cybersecurity are intended to boost cybersecurity awareness and skills across the government before the games kick off in four years.

The UK Ministry of Defence (MoD) has announced that it’ll spend £40 million on its new Cyber Security Operations Centre (CSOC), previously announced as part of the UK’s cyber security strategy. The Centre will be located at the MoD Information Systems and Services branch at Corsham in Wiltshire, formerly the location of the UK government’s nuclear war bunker. The CSOC will monitor and defend MoD’s networks, and is part of a larger £1.9 billion investment over five years by the UK in defensive and offensive cyber capability by MoD and GCHQ. The UK also announced last Friday at the Nuclear Security Summit in the US that it will be undertaking joint drills with the US to test the cybersecurity of nuclear power plants in both countries.

It appears that there’s still confusion in the US Department of Defense (DoD) about who’s responsible for leading the charge when responding to a cyber emergency in the US. It seems that both Northern Command and Cyber Command (CYBERCOM) believe that they’d take the lead for DoD assistance to domestic cyber crises, and Pacific Command is of the opinion that it’d take responsibility for responding to cyber incidents in its area of responsibility. The Government Accountability Office (GAO) has warned that until roles and responsibilities of DoD’s various different components are clearly established, it ‘may not be positioned to effectively employ its forces and capabilities to support civil authorities’.

This problem isn’t isolated or new, with the GAO issuing a report back in 2013 that stated that roles and responsibilities for cybersecuirty at the national level also need to be more clearly defined. In a separate interview, the Pentagon’s head of cyber policy Aaron Hughes noted that one of the key accomplishments so far in implementing the DoD Cyber Strategy has been exercises to refine CYBERCOM collaboration with the FBI and Homeland Security—suggesting that work is underway towards overcoming the problems identified by GAO. .

Following the indictment of seven Iranian hackers by the US last week, Iran watchers have been working to scope the country’s cyber capability. Majid Rafizadeh from Harvard notes that while Iran hasn’t yet reached the cyber sophistication of China and Russia, its capability is advancing at a rate that warrants security concern, particularly as the Iranian regime perceives cyberspace as an environment in which it can ‘advance its ideological, geopolitical, and strategic ambitions… by inflicting damage on their major state institutions and infrastructures’. The National Council of Resistance of Iran, a Paris-based shadow Iranian government, has also published a review of Iran’s cyber capability.

And finally, the American Foreign Policy Council has released a primer on cyber security, including briefs on US, Chinese, Russian, Iranian and North Korean cyber capabilities.