Cyber law enforcement has been on a roll as of late. After a busy May indicting Chinese hackers and combating the Blackshades Remote Access Tool, an international team including the Federal Bureau of Investigation, Europol, and UK’s National Crime Agency launched Operation Tovar. The operation has bought infected Windows users a two week window to secure themselves against the GameoverZeus botnet and Cryptolocker malware (US-CERT has some advice on that front here). The US Department of Justice identified Russian national, Evgeniy Bogachev as one of the administrators of the botnet, a move that sees (un)Lucky1234 become the newest member of the FBI’s Cyber’s Most Wanted List.
Although it’s unlikely Russia will come in to bat for Mr Bogachev, China’s response to the last round of DOJ cybercrime indictments continues to unfold. Although the more immediate response saw the release of a report that accused the US of ‘unscrupulous’ cyber surveillance and hit out against US consulting firms, China seems to have toned down rhetoric through its Xinhua News Agency which wrote ‘the row between China and the United States over cyber security should not become a rift to undermine the two sides’ cooperation on other issues of common concern’. For its part, the US Department of Defense is also looking to play nice, hoping to minimise damage to military-to-military relations. Despite those overtures, it’s clear from the Shangri-La Dialogue that the relationship will remain cool for quite some time. For Australia however, our own Klée Aiken suggests that there may be signs of life under the cyber ice.
It was revealed this week that Iranian hackers had successfully undertaken a three-year online espionage campaign that infiltrated the machines of over 2000 US citizens. Worryingly, the Iranians employed a level of online social engineering usually reserved for nations with more advanced cybercriminals such as China and Russia. The hackers used the identities of real life US political and government figures to gain the trust of targets online, then used the message and chat functions of those sites to encourage them to enter their details into a third-party website from where they were subsequently stolen. One of the high-profile figures who was impersonated during the attack was former UN ambassador John Bolton.
But Bolton took the increased attention on the chin telling the Daily Beast
I am honoured to be selected by the Ayatollahs for this distinction … maybe I should create a fake Iranian LinkedIn account and offer to give away the country’s nuclear weapons secrets. I will try to get to John Kerry first.
With nine days to go ‘til the World Cup, the Brazilian government has more than protests, unfinished stadiums, and the Olympics to worry about. Latest reports show the government has fallen victim to a phishing campaign targeting its internal diplomatic communications network. The attack breached the email and unclassified document exchange network of Brazil’s External Relations Ministry and its network of embassies and missions overseas. It’s unknown what information may have been gathered by the infiltrators, but the breach was deemed serious enough to pull the system temporarily offline and an investigation has been launched by the Federal Police and the Institutional Security Cabinet.
Turning closer to home, last week CERT Australia released its annual Cyber Crime and Security Survey Report. The report gives an insight into the cyber issues that are of most concern to business, the number of cyber incidents they have experienced, and the measures they have in place to deal with those events and issues. The report was based on 135 responses from businesses and has helped organisations to identify where gaps and vulnerabilities may lie within their systems. The report is available on the CERT Australia website.
Finally, keep your eyes open for news from the United Nations Regional Centre for Peace and Disarmament in the Asia and the Pacific International Workshop on Information and Cyber Security on 5-6 June, hosted by the Chinese Ministry of Foreign Affairs. It’ll be interesting to see how this will play with the host country’s decision to crackdown on instant messaging and Google in the lead up to the 25th Anniversary of Tiananmen Square.
Klée Aiken and Jessica Woodall are analysts in ASPI’s International Cyber Policy Centre.