It has been a busy week for those on the international cyber circuit. ICANN51 wrapped up in Los Angeles on Thursday and the three week ITU Plenipotentiary (PP-14) in Busan kicked off on Monday. Those events are critical as cooperation, and friction, on international cyber issues grow and the IANA stewardship transition plods ahead. You can follow the PP-14 livestream here or with the hashtag #Plenipot14.
South Korea will be taking full advantage of host-country privileges at PP-14; it has 17 minster-level bilateral meetings planned, and hopes to sign MoU’s to establish ties on software, cyber security, and information infrastructure. The United States will also have its hands full as it implements a full-court press to prevent a UN vote on the future of the Internet, with the end goal of buying more time for a true multi-stakeholder model to develop.
Back in the US homeland it’s all about thinking small. The US DHS is kicking off week three of its National Cybersecurity Awareness Month, with a focus on cybersecurity for small and medium-sized businesses. Jan Kallberg examines the challenges of disseminating cyber resilience down to the state and local level. The White House is chopping up its cyber policy in the hopes of helping an irritable Congress digest much-needed efforts. And President Obama is looking out for the little guy, issuing an Executive Order to boost consumer-information security.
While most countries might buckle under such a full agenda, the US is—apparently—still finding time to be the ‘world’s largest cyberespionage attacker’. Naturally, such ‘mistaken policies’ must be reversed before China could consider resuming any cyber dialogue or cooperation. The Chinese Minister of Foreign Affairs Yang Jiechi has unequivocally placed the blame on the US for the current freeze in relations after meeting with Secretary of State John Kerry in Boston. Minister Jiechi stated that ‘dialogue and cooperation between China and the U.S. in the field of cybersecurity is faced with difficulty due to the wrong actions taken by the American side’.
Despite that animosity, Director of National Intelligence James Clapper points directly at Russia as the main cyber threat to the US. A Russian hacking group, with suspected ties to the Russian government, has been singled out as the likely culprit of attacks on NATO, the Ukrainian government, and other targets. The attacks have seen weaponised PowerPoint documents exploiting a major vulnerability, dubbed Sandworm, in Microsoft operating systems.
Closer to home, staff from the Australian Signals Directorate, CERT Australia, the Defence Intelligence Organisation, the Australian Crime Commission and the Australian Federal Police have begun moving into the Australian Cyber Security Centre’s digs on the shores of Lake Burley-Griffin. With keys in hand, Major General Stephen Day suggested that the Centre would be functional by November and fully operational by December. While a new home with all the top tech is useful, it’s important to remember that people are the key to strong cyber security. When it comes to hiring, Private Aaron Creighton reminds us that tech prowess is important, but to keep up with developments in technology and execute successful cyber operations, the intangible is passion for network security.
Speaking of hiring, the always excellent Planet Money took a look at the male-female gap in computer science. Check out the podcast to find out why the number of women in computer science flattened and plunged after 1984. It’d make for a good conversation-starter at the launch of the ASPI-Lockheed Martin Women in Defense and Security Network.