South Korea is set to absorb its Cyber Command into its military apparatus over the next two months, formalising a decision taken earlier in the year to alter the focus of the organisation from the defensive protection of national infrastructure, to a more offensive, outward-focused mission. Previously, activities of the national Cyber Command were classified as ‘administrative actions’. The government has now made the necessary alterations to the ‘Cyber Command Decree’ to transition control of the organisation to the Joint Chiefs of Staff (JCS), freeing up personnel to carry out military-like operations, primarily against the North.
South Korea isn’t the only country doing a spot of international hacking. Germany’s top domestic spy Hans Georg Maassen has told a cybersecurity conference in Berlin this week that of the 3,000 attacks experienced by government networks on average each day, at least five are the handiwork of foreign governments. Those sophisticated attacks are often traced to either Russia or China and are most frequent in the lead-up to major international events and negotiations such as the G20. He also explained that hackers were often after the ‘cutting-edge’ technology produced by German firms.
Maassen’s signals-intelligence counterpart across the Atlantic, NSA Chief Admiral Michael Rogers, also spoke publicly this week on the threat posed by foreign cyber attackers. Testifying to the House Intelligence Committee on threats posed to critical national infrastructures, Rogers was asked a series of questions surrounding the security of US critical national infrastructure:
There shouldn’t be any doubt in our minds that there are nation-states and groups out there that have the capability . . . to shut down, forestall our ability to operate our basic infrastructure, whether it’s generating power across this nation, whether it’s moving water and fuel.
He explained that ‘reconnaissance’ missions designed to map the layout of such systems and identify vulnerabilities had already been detected. The Admiral identified China as being among those countries he suspected of possessing the capability to carry out such an attack, but he also said there were ‘probably one or two others’, without elaborating.
Expanding on the Admiral’s comments, Jonathan Pollet has a good article that puts the issue of attacks against critical national infrastructure into perspective. He explains that since the US energy grid is owned and operated by hundreds of different companies with different software and security set-ups, trying to break into them all at once would be similar to ‘trying to rob a hundred different banks at the exact same time’.
The New Zealand Government is currently reviewing its National Cyber Policy Strategy, last updated in 2011. This week the head of the NZ Cyber Policy Office, Paul Ash, gave a sneak peek as to what to expect in a discussion with Radio New Zealand. He said the new strategy will refine the roles of those agencies involved with cyber, encourage public agencies to work with the private sector and generally call for a ‘net lift in effort, not just from the public sector but from private sector partners and others’. It’s a lead the Australian government would do well to follow.
Staying in the region a recent report has picked out Vietnam, India and Indonesia as the next big sources for DDoS attacks heading into the New Year. All three countries’ expanding but under-protected IT networks, and exploding smartphone use, coupled with lack of end-user awareness surrounding IT security, has led to the prediction of a botnet storm.
Finally Elina Noor has an excellent piece up at the New Straits Times calling for ASEAN to step up and play a greater role in shaping the cyber domain through groupings such as the ASEAN Defence Ministers Meeting. She argues that it’s in the region’s best interest to establish rules for online interaction based around an international legal framework and highlights the military domain as a key starting point.