Cyber Intelligence Report – November 1, 2014

Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI - November 1, 2014

17237

cyber_report

ISRAEL

Israel Defense Forces C4I command capabilities were great force during Protective Edge operation

In the aftermath of Operation Protective Edge, more details have been revealed about the involvement of the C4I Corps. As Uzi Navon, Sales Senior Director at Oracle, explained from an outside perspective: “The ICT was a force multiplier and had a contribution for winning the battle… Through the operation the IDF had handled huge amounts of information, more than in the past. This trend will only expand using advanced tools to handle different types of information.” One of the units on this project was Mazpen (Military Systems for Commanded, Control, and Management). Mazpen is considered the biggest program in the IDF in regards to working in the field of data analysis. The head of the unit, Major S., spoke in the C4I site and explained the unit’s job in Protective Edge: “Most of our work in Protective Edge was to develop tools and that with them we could explore and develop the ability for commanders to observe data and get to simple conclusions and understanding of what is happening in the battlefield.” Another contribution from the C4I Corp emerged from the Head of the Core, Brigadier General Eyal Zingler: “In one of the events, a land force that was near the shore got assistance from a navy missile ship that was in the middle of the sea. They both were on the same command and control system, connecting with each other live. The infantry marked a target, and the missile ship hit it… Protective Edge reflects a decade of working for the fulfilment of IDF networking idea.”


USA

US hackers targeted White House

It has been reported by US officials that hackers recently targeted the White House. The White House cyber security department detected abnormal cyber activity on the computer system of the Executive Office of the President (EOP) network. According to White House officials, this suspicious cyber activity was detected on an unclassified computer usually used by members of the EOP. Moreover, they declared: “Our computers and systems have not been damaged, though some elements of the unclassified network have been affected. The temporary outages and loss of connectivity that users have been experiencing is solely the result of measures we have taken to defend our networks.” For now, there is no official explanation about who the hackers are and from where they come. However, there is some strong suspicion the hackers are located in Russia. Russia is often listed as targeting the US in attempting to extract sensitive data. Even with a worldwide leading cyber security department exclusive to the White House, computer networks can become vulnerable when a state or a state sponsored group is behind the attack. During the past few years, the U.S. government has experienced several attacks targeting government information and military data in order to obtain strategic and economic advantages.

Jewish temple in Florida targeted in worldwide pro-ISIS cyber-attack

A few weeks ago, a local Jewish temple in Florida was hit by a cyber-attack. Temple Kol Ami Emanu-El’s website was hijacked with anti-Semitic messages, including the following: “Calls for the elimination of ‘America and allies” and “I love you ISIS.” The incident was originally considered a random attack by cyber pranksters. Lately, it has become clear the hack was part of a global attack targeting more than 200 sites reportedly conducted by a group of Arab teens. The group claiming responsibility for the attack is called Team System Dz. This cyber group participated in the electronic protests of #OpSaveGaza against Israel during Operation Protective Edge. They were able to gain access to websites through admin panel takeovers and deface web pages with anti-Israel content.


RUSSIA

Russia close to information security agreement with China

Russia and China are very close to an agreement of cooperation in the field of information security. The new treaty is more ambitious than the previous resolution signed by Moscow and Washington in 2013. The contract will formulate general points of view of both parties regarding their use of information technology to undermine the sovereignty, social, economic, and political stability of the States. Recently, Russia signed an agreement with China dealing with large transactions in the telecommunications sphere, working with the Huawei Company regarding running an underwater communications lines project worth 2.5 billion roubles.


MIDDLE-EAST

ISIS closes different cyber platforms to avoid attacks

Since US air strikes against ISIS began, ISIS has begun developing a new strategic outline to avoid detection from the US and other enemy countries and groups. Originally, ISIS encouraged the uploading of graphic videos; however, these videos actually have valuable intelligence material for the American National Security Agency, causing ISIS to begin dealing with leaks. An Arabic language manual distributed among ISIS fighters gave explicit instructions on how to remove metadata from content uploaded online. The manual notifies fighters not to tweet names or locations and to avoid identifiable pictures of individuals.


CHINA and APAC

China blames US for disrupted cybersecurity talks

Discussions were held in Boston with State Councilor Yang Jiechi and US Secretary of State John Kerry, with cybersecurity as one of the topics. A statement published on China’s Ministry of Foreign Affairs website describes friction in the on-going cooperation: “Dialogue and cooperation between China and the US in the field of cybersecurity is faced with difficulty due to the wrong actions taken by the American side.” Yang was also quoted stating that the US should take proactive actions and create conditions in order to restart the dialogue and cooperation between the two countries. Most recently, the US Justice Department charged members of the People’s Liberation Army with stealing trade secrets from US companies.

Azerbaijan and Lithuania discussing cyber cooperation

Senior officials from both countries met for discussions when a delegation from Lithuania led by Minister of Transport and Communications of Lithuania Rimantas Sinkevicius was met by Azerbaijani Minister of Communications and High Technologies Ali Abbasov. Minister Ali Abbasov said there are good prospects for further expansion of relations between Azerbaijan and Lithuania. Minister Rimantas Sinkevicius said bilateral relations between the two countries are developing successfully. Speaking on the cooperation with Azerbaijan, Sinkevicius said he supported developing further joint activities in different fields, in particular cybersecurity, money transfers in the field of mail, and e-signature. He also stressed the importance of joint participation in Horizon 2020 – the EU’s Research and Innovation Program.


AFRICA

Cyber crooks masquerade as army generals

The Nigerian Army has notified the general public of the activities of fraudsters using a fake social networking account and telephones numbers. The reported scam comes a few days after the Nigeria Senate passed a bill prohibiting cybercrime and other related offence into law. Following incessant online crimes in Nigeria, the Senate passed the Cyber Crime bill, which stipulates a seven-year jail term for any culprit found guilty of cyber crimes or internet fraud. The bill titled “A Bill for an Act to Provide for the Prohibition, Prevention, Detection, Response, Investigation, and Prosecution of Cybercrimes,” aims to punish interception of data, system interference, and misuse of devices.

South Africa government announced new committee to combat cyber threats

The cyber response committee has been established to coordinate and monitor the development of policies and strategies to fight cyber-crime. Police Minister Nkosinathi Nhleko says the cyber response committee has submitted policies that seek to strengthen the government’s ability to deal with cyber crime, including policies that propose a cyber security policy approach. Justice and Correctional Services Minister Michael Masutha has also encouraged the public to be more attentive to cyber criminals. Masutha says the government support efforts to strengthen legislation in the fight against cyber crime.


EUROPE

UK: Fifty per cent of population fall victim to cybercrime

A recent report made by the Safe Online organisation revealed that half of the UK population has fallen victim to cyber criminality. The report, based on a sample population survey of 2000 users, revealed that cyber criminals have already targeted approximately 50% of the sample. The survey indicated that the attacks included money fraud, identity theft, hacking, online abuse, and viruses. Interrogated people added that besides the financial prejudice, they often felt marked by such an experience. However, the report also noted that 45% of victims of cybercrime are changing their behaviour immediately by creating stronger passwords, updating their antivirus software and operating systems, paying closer attention to their emails, and increasing the security level of their social network accounts. To perform these attacks, hackers use various techniques such as SQL and code injections, Trojan horses, worms, brute force attacks, etc. According to the UK National Fraud Intelligence Bureau, online fraud raked in £670m ($1125m) during the 2013-2014 period. Due to the large number of banks and financial institutions, the UK is an important hunting ground for any kind of cyber criminal. To counter these cyber threats, the UK private sector is constantly investing in cyber security and recruiting cyber specialists. Besides the private sector, the UK can also count on the National Crime Agency law enforcement, which includes a national cybercrime unit to counter national cyber threats.

inss150About the Cyber Intelligence Report:

This document was prepared by The Institute for National Security Studies (INSS) – Israel and The Cyber Security Forum Initiative (CSFI) – USA to create better cyber situational awareness (Cyber SA) of the nature and scope of threats and hazards to national security worldwide in the domains of cyberspace and open source intelligence. It is provided to Federal, State, Local, Tribal, Territorial and private sector officials to aid in the identification and development of appropriate actions, priorities, and follow-on measures. This product may contain U.S. person information that has been deemed necessary for the intended recipient to understand, assess, or act on the information provided. It should be handled in accordance with the recipient’s intelligence oversight and/or information handling procedures. Some content may be copyrighted. These materials, including copyrighted materials, are intended for “fair use” as permitted under Title 17, Section 107 of the United States Code (“The Copyright Law”). Use of copyrighted material for unauthorized purposes requires permission from the copyright owner. Any feedback regarding this report or requests for changes to the distribution list should be directed to the Open Source Enterprise via unclassified e-mail at: [email protected]. CSFI and the INSS would like to thank the Cyber Intelligence Analysts who worked on collecting and summarizing this report.