Archive for May, 2017
From: Financial Times
Businesses warn rules will increase costs and leave them more vulnerable to spying
by: Yuan Yang in Beijing
China’s first cyber security law will increase costs for multinationals, leave them vulnerable to industrial espionage and give Chinese companies an unfair advantage, business representatives and analysts have warned.
Aspects of the measure, which comes into force on Thursday, have been widely welcomed as a milestone in introducing much needed data privacy. But analysts have expressed fears it could help Beijing steal trade secrets or intellectual property from foreign companies.
Earlier this month, hackers executed a global cyberattack, reportedly attacking over 150 countries, including public and health care systems and individual computers. The attackers demanded payment in bitcoin to unlock computers and return the data.
On the other hand, some of blockchain’s advantages can also be considered challenges, particularly issues relating to digital identity, privacy and cyber-security. Additionally, bitcoin’s market value is very unstable, which can result in substantial financial risks. This raises the question whether the use of bitcoin should be regulated and if so, to what extent?
From: NATO Cooperative Cyber Defence Centre of Excellence
A new analysis by NATO Cooperative Cyber Defence Centre of Excellence provides a comprehensive overview of cyber security structures and recent developments in Israel, a nation at the forefront of digital and cybersecurity innovation for the past decade. The CCDCOE Report “National Cyber Security Organisation: Israel“ describes a trend towards more transparency and ongoing institutional innovation in cyber security.
Israel’s establishment of national cyber security measures and institutions came about relatively early in comparison to other countries and continues to develop in the face of a challenging environment of military and civilian threats. For example Israeli banks, financial institutions, utility companies, and other critical infrastructure are among those most frequently subjected to hostile cyber incidents globally.
The EU cybersecurity agency ENISA will receive a makeover in September when the European Commission renews its mandate amid a whirlwind of new cybersecurity measures. The director of the Athens-based agency has been requesting a larger budget to deal with the rise in attacks on internet-connected devices.
“It would be good to have seven days a week, 24 hour resources here,” ENISA director Udo Helmbrecht said in an interview.
Helmbrecht called the EU response to the WannaCry ransomware hack, which affected thousands of people over a week ago, the first example of collaboration by authorities across the EU. National experts shared information and put out warnings to internet users over the weekend, he said.
CERC has come out with directives called the Central Electricity Regulatory Commission (Communication System for inter-State transmission of electricity) Regulations, 2017 that will be effective from July 1.
New Delhi: The Central Electricity Regulatory Commission (CERC) has said it is mandatory for Regional Power Committees to conduct third party cyber security audits on communication systems of electricity transmission towers from July
It said the third party audit can be conducted only by CERT-In (India Computer Emergency Response Team).
From: Carnegie Europe
A selection of experts answer a new question from Judy Dempsey on the foreign and security policy challenges shaping Europe’s role in the world.
Sorin Ducaru | Assistant secretary general for emerging security challenges at NATO
Europe has no choice but to rise to the challenge of dealing with a fast-evolving cyberthreat landscape. NATO has seen an increase in frequency and sophistication of cyberattacks in the last year. And the alliance is stepping up its game on cyberdefense. Over 200 experts help protect NATO’s networks around the clock. NATO Cyber Rapid Reaction Teams are on standby to counter attacks against NATO networks, or to assist allies, on request. The organization has enhanced information sharing, including with partners such as the EU and through a malware information sharing platform.
Under the umbrella of Europol’s European Cybercrime Centre (EC3), a number of the EU’s leading digital forensic experts have called for the adoption of the Cyber-investigation Analysis Standard Expression (CASE) as a standard digital forensic format at a meeting hosted at the Agency’s headquarters in The Hague on 11 and 12 May 2017.
Chinese firms are turning to the Israeli technology market in the face of heightened US protectionism and regulation
Julie Zhu and Tova Cohen Hong Kong/Tel Aviv
Chinese firms have long hunted in the United States for deals to develop their technological know-how and open up new markets, but their quarry has become more elusive since late 2016 due to increased US protectionism and a tougher regulatory stance.
From: The Guardian
Buyers at London superyacht conference shown the ease with which hackers can take control of vessels – and even procure private photos
The ease with which ocean-going oligarchs or other billionaires can be hijacked on the high seas was revealed at a superyacht conference held in a private members club in central London this week.
As well as stealing financial data and potentially compromising photos, Murray said he also had control of the ship’s CCTV so he could have helped assist a physical attack or kidnap. “We could let people onto the boat, and then wipe [the CCTV] so no one would know.”
From: Modern Healthcare
In a draft of a cybersecurity report to be released later this month, the Health Care Industry Cybersecurity Task Force called on the government to create new policies that would help healthcare organizations strengthen their cybersecurity.
While some of the details of the report’s six “imperatives” were vague—a call for more awareness, for instance—others were directed at specific standards and laws that might have more apparent effects across the industry. These include a new cybersecurity framework specific to healthcare and amendments to the Physician Self-Referral Law (Stark Law) and the Anti-Kickback Statute to allow healthcare organizations to assist physicians with cybersecurity. These, along with other imperatives set out in the report, would “help to increase awareness, manage threats, reduce risks and vulnerabilities, and implement protections not currently present across a majority of the health care industry.”