As tensions rise on the streets of Ferguson, Missouri over the shooting of Michael Brown, activists have taken their protests to the cyber sphere in a variety of ways. News reports have linked ‘hacktivist’ group Anonymous with a distributed denial of service (DDoS) attack on the websites and email servers of the town’s administrators which also took down the IP phone system and left most of the city’s government officials working via text message. The attack was executed following a video post by the group on YouTube that threatened to take down ‘every web-based asset of your departments and governments offline’. The group also released personal information of members of the Ferguson Police Department.
In his recent speech at the University of Canberra, Major General Stephen Day expressed concerns that state governments’ safeguards against computed-based attacks were ‘patchy and variable’, an issue he associated with a lack of depth in the understanding of the threat at the upper echelons of the state government system. MAJGEN Day, who heads up the Cyber Security Operations Centre in the Australian Signals Directorate, noted that at this level, a change of minister or senior bureaucrat ‘can have an extraordinary impact on the understanding in a state government in terms of the cyber threat.’
Scientists at the Technische Universitat Munchen (TUM) have released software that thwarts port-scanning reconnaissance hacks by the Hacienda program used by the ‘Five Eyes’ intelligence coalition. Researchers responsible for the software claim that their program provides a higher degree of protection than the existing token technology upon which it is based.
US hospital operator Community Health Systems (CHS) believes that Chinese hackers successfully accessed the personal—but not medical—data of 4.5 million patients from the past five years. The stolen data included all the information necessary for identity theft and resulted in CHS activating its liability insurance to assist the affected patients protect themselves from this possibility. In April 2014, the FBI warned that ‘the healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors’. The latest hack follows on from attacks targeting the three largest medical device manufacturers in the US, reported earlier in 2014.
Israeli experts have identified Iran as well as state-sponsored and affiliated groups as being behind a number of cyberattacks on Israel, including some which were clumsily disguised as having been executed by Palestinian hackers. Though all attempted hacks by Iranian groups during Israel’s recent military campaign in Gaza were successfully prevented by Israel’s cyber defence capabilities, the IDF noted that the scale and ambition of the recent activity was greater than previous encountered.
Sticking with state-based cyber intrusion, Germany’s foreign intelligence agency (BND) has been reported to have intercepted phone calls of both current US Secretary of State John Kerry, and his predecessor Hillary Clinton. While the German government claims that both intercepts were ‘bycatch’ and were immediately deleted, Der Spiegel reports that Clinton’s conversation with former UN Secretary General Kofi Annan in 2012 regarding negotiations with Syria was not. These revelations come after German objections to the targeting of Chancellor Angela Merkel’s telecommunications by the NSA and reports of German nationals spying for the US. To complicate matters further, German media carried news of government documentation purportedly ordering the agency to snoop on a NATO partner, later identified as Turkey.
Roy Birch is a visiting analyst at ASPI. These are his personal views.