Cyber wrap
17 Sep 2014|

John Key at the ICSU General Assembly opening ceremonyThis week news broke that New Zealand has become the latest five-eyes country to be involved in submarine cable tapping. The communications cables that lie on the sea floor, carrying global internet and phone traffic, have proven to be attractive targets to signals intelligence organisations. Edward Snowden has claimed in a recent blog post that NZ’s Government Communications Security Bureau (GCSB) was involved in tapping the Southern Cross cable network, one of the largest cables connecting Australia to the United States via New Zealand, in 2012 and 2013. He also links New Zealand to the mass surveillance tool X-KEYSCORE, created by the NSA.

Prime Minister John Key has denied that GCSB conducts mass surveillance of its own citizens and has refused to comment on the X-KEYSCORE program, stating ‘we don’t discuss the specific programmes the GCSB may, or may not use’.

The other big story this week is Gmail’s supposed ‘hack’ of ‘millions of passwords’. A file containing 4.93 million account logins was published on a Russian Bitcoin board early last week, but the source and validity of the data has been called into question. The Department of Communications Stay Smart Online notification service reports that the data ‘is believed to be made up of old information captured from a number of other sources rather than a breach of Google services’. But if you’ve reused your Gmail password online in other locations, they also suggest changing it as a precaution. For those interested, you can subscribe to the excellent Stay Smart Online Service that outlines the latest online threats and vulnerabilities here.

Turning now to Northeast Asia, the North Korean government is upset with foreign diplomatic missions in Pyongyang that establish and maintain satellite internet connections and Wi-Fi networks in their posts. The State Radio Regulatory Department sent a polite ‘cease and desist’ letter to diplomatic posts and International Organisations within the country urging them to gain a ‘licence’ if they wish to use a ‘regional wireless network’ in future. The letter justifies the request by stating that ‘the signals of regional wireless network [sic], installed and being used without licence, produce some effect upon our surroundings’.

Whilst that ‘effect’ is left deliberately ambiguous, the overall crackdown is most probably linked to a report published by The Diplomat in August. The article claimed real estate prices in diplomatic areas had risen due to local North Koreans moving closer to, and taking advantage of, internet access provided by wifi networks left unsecured by foreign missions.

Moving south of the border, the South Korean government has lined up a promising dialogue with China and Japan. Set to occur at the level of Deputy Foreign Minister, the meeting seeks to lay the foundations for a fully-fledged trilateral discussion, the last of which was held over two years ago. On the table is a new cyber security cooperation project, which, if successful, would see the issue discussed at ministerial level between the three countries for the first time.

Another surprising but encouraging collaboration occurred this week between two of the world’s three largest anti-virus companies. McAfee and Symantec have agreed to join the Cyber Threat Alliance (CTA), an industry grouping whose goal is to share malicious threat data across member companies. CSO reports that the CTA aims to share ‘malware signatures as well as mobile campaigns, botnet command and control channels, and patterns that indicate Advanced Persistent Threats (APTs)’.

The biggest take-away from the partnership is the agreement to share information on major attacks including targeted campaigns. This type of collaboration allows information and resources to be pooled, and a bigger more holistic picture of online adversaries to be constructed.

Jessica Woodall is an analyst in ASPI’s International Cyber Policy Centre. Image courtesy of Flickr user International Council for Science.