Cyber wrap
11 May 2016|

The Pakistani Foreign Office has reached out to the nation’s largest intel body, Inter-Services Intelligence (ISI), for assistance to boost its internal IT security. Government ministries in Pakistan are no strangers to targeted online campaigns (here and here), and the Ministry of Foreign Affairs is seeking to beef-up its cyber resilience in response. The Ministry has requested 80 million rupees in next year’s federal budget—a 130% increase on this year’s budget—to boost the resilience of its Islamabad headquarters and communications security across its network of foreign missions. The move has raised concerns internally that the new role will provide ISI with undue access to the Ministries’ communications, although that’s been dispelled by a government official who said ISI would only have ‘limited access’ and that the work of departments remain protected by ‘encryption codes’.   

The Cyber Space Administration of China (CAC) recently launched an investigation into Chinese search engine Baidu, finding that the site has been inappropriately presenting sponsored links as organically generated search results. The CAC found that Baidu was ranking returned search results based upon the advertising spend received from companies, but neglected to make this clear to the user that the results were in fact sponsored.

Apple CEO Tim Cook is set to visit China this month to undertake talks with senior government and CCP representatives. The visit comes at a tumultuous time in the relationship between the tech giant and economic powerhouse, with Beijing recently suspending several of Apples online services on the mainland and concerns surrounding China’s new counterterrorism law.

Last month US General Vincent Brooks spoke to US Senate leaders about the online threat posed by North Korea. In news that won’t surprise readers of our 2015 Cyber Maturity Metric, Brooks rated North Korea’s online abilities as ‘among the best in the world and the best organized’. To counter the growing cyber threat from North Korea, last week the US and South Korea agreed to deepen cyber cooperation. Speaking in Seoul, Secretary of State John Kerry pointed the finger at Pyongyang for carrying out ‘provocative, destabilizing and repressive actions’ online and warned that North Korea will be ‘will be held accountable for their actions.’

The Canadian government is moving to block two Huawei employees from entering Canada on espionage concerns. Canadian border officials have advised the pair that their entry will be denied under section 31 (1) f of the country’s immigration act, with authorities holding ‘a reasonable belief’ that they are part of an organisation which may be engaged in acts of ‘espionage, subversion or terrorism.’ It’s extremely rare for applicants to be rejected for a Canadian visa based on espionage concerns. The workers and their employer deny any involvement in espionage. Huawei is frequently accused of state-sponsored espionage; the company was barred from tendering for the construction of Australia’s NBN in 2012 on national security grounds.  

On the home front, the International Cyber Policy Centre recently welcomed senior Australian and Spanish public sector and business leaders to Canberra for a 1.5 track dialogue. Co-hosted with the Spain–Australia Council Foundation, discussions centered around national public and private sector perspectives on cyber security and sought to identify areas of possible cooperation between Australia and Spain. Spanish Secretary of State for Foreign Affairs Ignacio Ybañez opened the dialogue, noting that cyber security cooperation and private sector engagement was a significant area of potential growth in our bilateral relationship. He noted that geographic distance was no longer a barrier to the relationship between Spain and Australia given our networked and connected world. He emphasised shared values as an enabler of cooperation on issues such as norms, conflict risk reduction and cyber security incident response. The dialogue identified several areas of potential future cooperation between Spain and Australia—including CERT collaboration, best practice and threat information sharing for critical infrastructure protection and coordination of efforts in global cyber capacity building through shared membership in institutions such as the Global Forum on Cyber Expertise.