Cyber wrap
12 Feb 2014|

A belated Happy Safer Internet Day, readers! 11 February 2014 marked the 11th iteration of the event. Supported by the European Commission, HSID seeks to promote safe and responsible use of internet-based technologies, with a focus on children and young people the world over. The 11th was also The Day We Fight Back, commemorating Aaron Swartz and the Stop Online Piracy Act (SOPA) blackout as a day of activism against the NSA’s mass surveillance. It appears Australian Senators got into the groove with a stoush over Snowden.

Still in Australia, a local firm has announced plans to roll out Bitcoin ATMs across the country. The news comes as the digital currency took a significant hit after a software bug was reported by the main Bitcoin exchange in Tokyo, and as Russia’s Solicitor General concluded that cryptocurrencies are illegal in the state.

Just in time to ratchet up the fear amongst Americans setting off for Sochi, NBC aired a sensationalist piece on the inevitability of being hacked during the Olympic Games. The cyber security buff who loaned his services for the segment was quick to distance himself from the piece as well as any flawed understanding imparted to viewers due to editing. While there was no shortage of commentators taking shots at the reportage, NBC have continued to stand by their man.

One year on from Obama’s Executive Order, the White House is set to announce their cyber security framework this week. Commentators are keeping their expectations low, anticipating a checklist that reflects existing best-practice standards. The framework aims to improve the cyber security of critical assets and infrastructure, such as financial providers, utilities and essential services, to insulate against significant social and economic disruption. However, in the absence of a legislative fix through Congress, the standards will be entirely voluntary and will lack any of the mooted sweeteners to encourage private-sector adoption, including tax incentives and legal immunity in the wake of cyber-attacks. Keep an eye here for the news in the next day or so.

Cyber issues have certainly been front-and-centre for those attending the Security Analyst Summit in the Dominican Republic. Kaspersky Lab, a leading anti-virus vendor and summit sponsor, have announced the discovery of a highly sophisticated cyber espionage campaign known as Mask (or Careto, the slang Spanish found in the code). It has been reported that the malware has infected more than 380 targets in 31 countries since it kicked off in 2007. Kaspersky Lab began researching Mask after it was discovered hiding in older versions of their antivirus products(!). Also at the summit, Eugene Kaspersky delivered a keynote address in which he labelled cyber weapons ‘the worst innovation of the twenty-first century’, warning of the boomerang-effect of malware and the inevitability of international embargos on offensive cyber capabilities.

Elsewhere, ICPC International Fellow Samir Saran put forth his views on the future of internet governance in India. In response to a piece calling out perceived American unilateralism on the governance issue, Saran offers cogent counterpoints. First, he warns against the tendency to corral discussions on cyber security and espionage together with those on internet governance. Second, he comments on the future of multilateralism—and India’s role—in delivering a framework of cyber governance. A similar conversation has been happening this week in Brussels.

Finally, registrations have opened for teams of Australian undergraduate students interested in participating in the 2014 Cyber Security Challenge. Now in its third year, the competition puts top cyber-skilled students to the test through a 24-hour virtual computer network scenario. The winning team will head to the Black Hat Conference in Las Vegas. Further details are available here.

David Lang is an intern at ASPI’s International Cyber Policy Centre.