Cyber wrap
3 Sep 2014|

This week, the Internet governance debate descends on Istanbul, with the start of the ninth round of the Internet Governance Forum. It’s been a busy year in the field, so the non-binding, non-decisionmaking body will have plenty to discuss. Armed with a ringing endorsement from NetMundial, fingers are crossed that the Forum’s strengthened mandate will produce more tangible takeaways for participants and that its mandate will be renewed before its 2015 expiry date. For a bit of background on governing the net, check out our blog series of the same name. You can also follow the proceedings in Turkey live here.

‘A perpetual state of siege.’ That’s how reporter Elizabeth Weise described cyberattacks on American companies following news of major attacks targeting JP Morgan and other major banking institutions. The FBI is investigating possible links to Russia.

This last week has also seen non-state hackers hijack headlines on numerous fronts. In Norway, as many as 300 oil and energy companies have been targeted by a massive, coordinated spearphishing campaign.

In the United States, around 100 celebrities have had compromising pictures stolen and posted online through what’s likely to have been a targeted phishing scheme. And Home Depot has joined Target, Sally Beauty and P.F. Chang’s in the long string of major retailers hit by massive data breaches.

In New Zealand, preparations for the upcoming general election have been shaken by a hacker known as ‘Rawshark’ who leaked private emails between prominent figures. Those leaks have already led to the resignation of Cabinet Minister Judith Collins with just weeks until the ballot.

Luckily, cyber cops have a new ally in this embattled space, with Monday’s launch of the Joint Cybercrime Action Taskforce (J-CAT). Housed at the Europol European Cybercrime Centre (EC3) the pilot program will be headed up by Andy Archibald, Deputy Director of the National Cyber Crime Unit at the UK’s National Crime Agency. Australia, Austria, Canada, Colombia, Germany, France, Italy, the Netherlands, Spain, the UK and the US have pledged commitment to this effort—certainly a good sign for transatlantic cooperation.

Hopefully there’ll be more positive transatlantic cyber news at week’s end. The world’s largest military alliance, NATO, is set to gather at the Celtic Manor in Wales 4–5 September. NATO leaders are expected to ratify a pledge on joint defence in the case of major cyberattacks. For a quick review of the organisation’s cyber capabilities, check out this handy issue brief from the Atlantic Council’s Cyber Statecraft initiative.

Governments in the Asia Pacific aren’t sitting idly by either, taking a range of actions to tighten up the ship. Singapore is boosting its cyber security measures, launching the Monitoring and Operation Control Centre, upgrading its Cyber-Watch Centre, and appointing Chief Information Security Officers. South Korea conducted Bilateral Cyber Policy Consultations with the US, and both countries have agreed to reinforce cyber cooperation. For its part, China has clarified the mandate of the State Internet Information Office and President Xi Jinping has called on the PLA to develop an information warfare strategy. While those moves seem ominous, they may in fact be a positive development in building international understanding of Chinese thinking on cyber issues. After all, ‘our lack of understanding on China may be the biggest risk.’ We hope to do our part to bridge those misunderstandings as Team ICPC’s Simon Hansen starts a three-month international fellowship at the China Institute of International Studies in Beijing this week.

While much of the hype of cyber conflict has focused on digital weaponry, in today’s battlespace information operations are most pressing. With the Islamic State’s swift successes and more foreign fighters fighting in Iraq and Syria, IS’s aggressive social media campaign is garnering wider attention. While the real impact of those efforts is hard to quantify, the US State Department’s Center for Strategic Counterterrorism Communications isn’t taking any chances, employing an aggressive strategy of its own to counter IS’s extremist content. Senior department officials recognise that social media ‘is not a panacea, it is not a silver bullet,’ but still, the battle over the digital narrative is far from ‘worthless.’

With all the worrying news this week, we’ll leave you with some good feels. Here’s a beautiful map (see image above) of nearly every device connected to the Internet on 2 August, and an even cooler one mapped last year (by somewhat less legal means).

Klée Aiken is an analyst in ASPI’s International Cyber Policy Centre