The infamous botnet infrastructure ‘Avalanche’ used by cyber crooks to launch their malware campaigns and phishing attacks was taken down last week in a historic victory for international cooperation against cybercrime. After four years of work, a coalition of law enforcement partners and private sector companies from 40 countries orchestrated multiple arrests, seized servers and sinkholed or blocked more than 800,000 malicious web domains. Check out this advice from US-CERT to make sure your computer isn’t infected with Avalanche malware.
International cyber cooperation continued this week, with India and Qatar inking a new cybersecurity agreement. Along with four other pacts, Indian PM Narendra Modi and Qatari Sheikh Abdullah bin Nasser bin Khalifa Al Thani committed to deepening technical cooperation on cybercrime, specifically joint operations to combat terrorist financing and money laundering. South Korea’s Internet & Security Agency has also offered to share its cybersecurity expertise in the training of policymakers, law enforcement and military to help build cyber capacity and boost digital economy development in the Central African state of Gabon.
Australia is establishing a new Cyber Security Growth Centre, announced Minister for Industry, Innovation and Science Greg Hunt and the Minister Assisting the PM for Cyber Security Dan Tehan on Monday. Part of the National Innovation and Science Agenda released last December, the industry-led not-for-profit Growth Centre and associated Cyber Security Growth Network will receive $31.9 million over the next three years to boost the success of Australia’s digital products and services industry. Atlassian’s Director of Security Craig Davies will take the helm as CEO of this organisation, which is expected to open its doors early next year.
The Saudi government has confirmed that its General Authority of Civil Aviation suffered a major cyber incident in November that resulted in the loss of important data and brought operations to a standstill for several days. The attack was executed via Shamoon, the same malware used in the infamous compromise of Saudi oil company Aramco in 2012. The aviation agency was reportedly targeted as part of a broader effort against several Saudi government agencies and Saudi fingers are unofficially pointed at Iran.
Cybercriminals made away with more than two billion Roubles (AU$42 million) from Russia’s Central Bank earlier this year, according to the bank’s annual report released on Friday. The hackers used fraudulent client credentials to compromise correspondent accounts and although the bank managed to recover three of the five billion roubles initially stolen, the heist represents a trend of high-value cyber thefts following the US$81 million loss from Bangladesh’s central bank in February. In an unrelated comment, Russia’s Federal Security Service announced on Friday that it had thwarted a foreign spy agency misinformation plot designed to undermine the confidence in Russia’s banking sector through a series of cyber attacks accompanied by fake news of a national financial crisis and rampant bankruptcies on social media.
Over in the US, the House of Representatives has passed a bill that would establish an interagency intelligence committee to combat Russia’s misinformation operations and restrict the movement of Russian diplomats within the US to a 25 mile radius around their official posts unless cleared by the FBI. The bill, which comes in the wake of the US Director of National Intelligence officially calling out the Kremlin for meddling in the US election, is expected to be passed by the Senate before the end of the year.
Obama’s Commission on Enhancing National Cybersecurity, created by executive order earlier this year, also released its final report last Thursday. The Report on Securing and Growing the Digital Economy puts forward a series of recommendations on topics such as network security, innovation, and cyber workforce. The Commission’s last words are designed to be a helpful handover document on US cyber policy for Trump, with Obama affirming that ‘it is time for the next Administration to take up this charge and ensure that cyberspace can continue to be the driver for prosperity innovation and change’. Hopefully that advice will be integrated into Trump’s existing cybersecurity efforts, which include promising a Defense review of critical infrastructure cybersecurity and appointing three Republican cyber leaders to his transition team.
And finally, ICPC has got your back if you’re in need of a couple of longer cyber security reads this week. A survey of more than 500 security professionals helped produce the 2016 Global Cybersecurity Assurance Report Card, which profiles the security confidence, risk assessment competence and threat mitigation strategies of IT professionals by both country and industry. Accenture’s new report, The State of Cybersecurity and Digital Trust 2016, offers an assessment of cyber threats and maps trends in corporate attitudes to online trust, cybersecurity budgets and organisational structure. And lastly, PwC’s 2016 Global Economic Crime Survey reveals that cyber attacks on Chinese corporations have increased by almost 1,000% over the last two years in light of the spread of IoT tech. Happy reading!