Cyber wrap
29 Oct 2014|

Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a €15m fix.A month after purring down the line to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the world. HRH exhibited her openness to the information age by tweeting the opening of the Information Age exhibition at London’s Science Museum. The resulting celebrity tweet got the usual treatment—lots of retweets, favourites and, inevitably, abuse. Cue the ‘One is not amused’ headlines.

Speaking of middle men, Apple has issued an update in response to reports early last week from that the Chinese government was engaging in man-in-the middle attacks on iCloud. If successful, the attacks would enable the perpetrators to decipher and monitor communications between two devices and alter messages if desired. The warning comes shortly after the release of the iPhone 6 in China, which apparently had its encryption boosted to keep the NSA out, and it’s possible that might also be vexing Chinese authorities.

On the other side of the world, Belgium’s national telco Belgacom has alleged that Britain’s GCHQ was involved in a similar man-in-the-middle attack on its infrastructure that has left it with a €15m fix. While initial suspicion fell on GCHQ thanks to leaked information by Edward Snowden that was published in Der Spiegel, an ongoing criminal investigation is yet to reveal the actual culprit. However, by Belgacom’s own admission, the attack ‘was clearly not designed to intercept data in bulk. They were not out to copy databases. It was very specific information [that they were after].’ If GCHQ is found to have had its hand in the cookie jar, London will doubtless feel more embarrassed. But, considering the sophistication of the attack, the attribution problem probably means it won’t be possible to pin the tail on any particular donkey.

Removing the man in the middle altogether is the possibility of life-imitating-art-hacking of hospital devices and medical equipment, a la Homeland. The US Department of Homeland Security (DHS) is apparently ‘poring over around two dozen instances of cyber-security flaws in medical devices and hospital equipment that could eventually be exploited for illicit means’. While there haven’t been any documented cases of this type of attack—and experts believe the eventuality is quite low compared to other issues with medical devices—DHS is taking no chances and working with manufacturers to address any possible flaws before they’re discovered by parties with malicious intent.

Meanwhile, over at the Pentagon, the US Navy is concerned that Windows XP chips on its nuclear submarines (located in the back-up diesel engines) could expose the fleet to hacking of its control systems, according to Vice Admiral William Hilarides, head of Naval Sea Systems Command (NAVSEA). Hilarides pointed out a few quick fixes that Navy could implement now to protect the data sent from the boats to maintenance crews at a warfare centre, but stressed that ‘ultimately ships and submarines need to be built with cyber-security in mind right from the outset’.

The ITU Plenipotentiary (PP-14) continues this week with member states releasing additional policy statements as well as lobbying for their representatives to be elected to various positions within the organisation. Australia’s efforts appear to have paid off with our re-election to the ITU Council. Samantha Dickinson is keeping a close eye on proceedings on Lingua Synaptica and has reported that ‘a very large number of developing countries have made requests for ITU to continue its capacity building work.’ The benefits of that work were expounded by Samoa, which cited ICTs as a ‘a contributing factor for its move from “Least Developing Country” to “Developing Country” on the UN scale of development’. Stay tuned for developments—and fireworks between the US and Cuba, Israel and Palestine, and Russia and Ukraine. Other news out of Busan finds that the ITU Plenipotentiary will head to the UAE in 2018, the same location as the 2012 ITU World Conference on International Telecommunications.

Finishing on a national security cross-over note, an emerging phishing scam is using a false World Health Organisation (WHO) badged email to spread malware stored in an attachment that claims to have ‘life-saving advice about the Ebola outbreak’. The malware appears to give total control to the hacker, allowing access to files, microphones and cameras on your computer as well as installing a keylogger. Most concerning of all is that ‘the “DarkComet Remote Access Trojan” is completely undetectable to anti-virus software’.

In an effort to promote transparency and engage the US polity in debate on offensive cyber strategy, ‘the Pentagon this week published a doctrine that was unusually candid about offensive scenarios in cyberspace’. The declassified reports, originally developed for the Joint Chiefs of Staff in 2013, were released earlier this week to the public. The release brings a normally secretive part of the defence establishment into the open and encourages discussion of the topic among ‘experts in and out of government.’ But, as FCW notes ‘[while a] doctrinal hurdle to offensive cyber operations may have been cleared … a large bureaucratic hurdle apparently remains’ in addressing the coordination between civil and military agencies in this space.

Roy Birch is a visiting analyst at ASPI. These are his personal views. Image courtesy of Flickr user ecks ecks.