Cyber wrap
1 Feb 2017|

Image courtesy of Flickr user ironsjp.

Welcome back to the first Cyber wrap of 2017! Since our last post in mid-December, the political fallout from Russian efforts to influence the 2016 US election continue to reverberate. On 29 December President Obama ejected 35 Russian diplomats from the US, imposed sanctions on Russian intelligence agencies and organisations suspected of involvement in the hacks, and blocked Russian access to two Russian government properties in the US. On the same day the FBI and the Department of Homeland Security released technical details of malicious Russian cyber activity, which they dubbed ‘Grizzly Steppe’.

On 5 January, Director of National Intelligence James Clapper and NSA chief Admiral Mike Rogers offered some thoughts on the issue before the Senate Armed Services Committee. Following the testimony, the Office of the Director of National Intelligence (ODNI) declassified and released its report on Russian cyber actions related to the election, drawing on CIA, FBI and NSA intelligence.

The report concluded that the agencies had ‘high confidence’ that Vladimir Putin had directed Russian intelligence agencies to undertake an influence campaign during the 2016 election. Interestingly the report reveals some difference of opinion within the US intelligence community. The CIA and FBI have high confidence that the Russian campaign was designed to help Trump, whereas the NSA only had ‘moderate confidence’ that this was the case. On the same day the report was released, Homeland Security added election infrastructure to its list of US critical infrastructure subsectors.

Donald Trump was initially  dismissive of the allegations made about the election and sceptical of US intelligence analysis on the issue. Since receiving classified briefings he has toned down some of that scepticism, noting that Russia is one of many countries targeting the US, but he has refused to acknowledge it may have had a role in his election win.

Now that he’s in the White House, President Trump has also ordered a series of 60 day cybersecurity reviews according to a leaked draft executive order. Those will include reviews of US cyber vulnerabilities, co-chaired by the secretaries for Defense and Homeland Security, a cyber adversaries’ review, co-chaired by the Director of National Intelligence and the Secretary of Homeland Security, and a cyber capability review also co-chaired by Defense and Homeland Security. However the new President continues to cause headaches for cyber security personnel in the White House, allegedly choosing to hold onto an outdated Samsung Galaxy S3 or S4.

Russia’s efforts during the US election have had an impact in Australia as well. Prompted by the ODNI report, Prime Minister Malcolm Turnbull and the Assistant Minister for Cyber Security have arranged for Australian political party leaders to be briefed by Cyber Security Special Adviser Alastair MacGibbon and staff from the Australian Signals Directorate (ASD) on the potential dangers posed by foreign interference in elections, and how to mitigate them.

The Australian government also announced in January that it plans to establish a new Critical Infrastructure Centre within the Attorney-General’s Department. The Centre will include staff from ASIO, ASD, and Treasury  who will focus on security risk assessments of power, ports and water utilities, covering both physical infrastructure and cyber security. The Centre will also maintain a register of critical assets which have the potential to trigger ‘national security scrutiny’ during foreign investment reviews, addressing concerns about inconsistency in 2016’s FIRB processes. The new Centre will work closely with state and territory governments as well as the private sector to comprehensively assess Australian critical infrastructure, a task that may be easier with the establishment of Chief Information Security Officer positions in the NSW and Tasmanian governments.

And briefly in news this week, reports that hotel guests in Austria were locked in or out of their rooms after hackers targeted the electronic room key system at a hotel in Austria were dismissed by the hotel owners. While they admitted their computer system was affected by ransomware, they were able to manually lock and unlock guest rooms. Ransomware also infected 70% of police security cameras in Washington DC  a few days before the inauguration of President Trump. The malware meant the cameras were unable to record for three days in January, forcing authorities to take the system offline to remediate the infection. And finally sad news from Tokyo, with the passing of Masaya Nakamura, who founded video and arcade game giant Namco in 1955, and oversaw the creation of Pac-Man in 1980.