{"id":12504,"date":"2014-02-26T14:00:56","date_gmt":"2014-02-26T03:00:56","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=12504"},"modified":"2014-03-05T11:41:59","modified_gmt":"2014-03-05T00:41:59","slug":"cyber-wrap-17","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/cyber-wrap-17\/","title":{"rendered":"Cyber wrap"},"content":{"rendered":"
<\/a>Let\u2019s kick things off at the RSA Conference<\/a> in San Francisco, which brings together information security professionals and business leaders to discuss emerging cybersecurity trends. This year\u2019s conference has drawn criticism<\/a> from leading security experts as RSA Security\u2014the network security company that manages the conference\u2014 has been accused of taking money from the National Security Agency to incorporate a flawed encryption algorithm into one of its security products.<\/p>\n As with many of today\u2019s cyber conversations, the Snowden disclosures shaped the agenda at the EU-Brazil summit this week in Brussels. First up was the announcement of a new underwater communications cable<\/a> to run between Portugal and Brazil. The \u20ac134 million project seeks to reduce reliance on US cables in order to insulate against American surveillance efforts. (Brazilian President Dilma Rousseff has been less-than-successful<\/a> in building her country\u2019s cyber fortifications since it was revealed the NSA had been keeping tabs on her and her allies). Also out of the EU-Brazil summit is news<\/a> of the grouping\u2019s plan to hold a dialogue on international cyber policy. The first dialogue is set to occur on the sidelines of April\u2019s Global Multistakeholder Meeting on the Future of Internet Governance<\/a> (or NETmundial<\/i>) in Sao Paulo. The US State Department has recently released<\/a> their submission to conference organisers.<\/p>\n The New York Times<\/i> has a piece on the role that American cyber weapons might play in Syria:<\/a><\/p>\n The Obama administration has been engaged in a largely secret debate about whether cyberarms should be used like ordinary weapons, whether they should be rarely used covert tools or whether they ought to be reserved for extraordinarily rare use against the most sophisticated, hard-to-reach targets. And looming over the issue is the question of retaliation: whether such an attack on Syria\u2019s air power, its electric grid or its leadership would prompt Syrian, Iranian or Russian retaliation in the United States.<\/p><\/blockquote>\n In a move that has surprised some<\/a>, South Korea has candidly announced<\/a> its plan to develop offensive cyber capabilities to disrupt the DPRK\u2019s nuclear weapons program. The South Korean Defence Ministry stated that a new Cyber Defence Command would be set up from May and name checked Stuxnet<\/a> as the type of cyberweapon it would seek to deploy. While developing cyber capabilities might well be a smart move, it mightn\u2019t be so strategic to advertise your offensive intentions to your hostile northern neighbour\u2026<\/p>\n In light of the data breaches at major retailers Target and Neiman Marcus, US Attorney General Eric Holder has called for a data-breach notification law<\/a>, which would require businesses that have lost information in cyberattacks to notify those affected. According to Holder, this law \u2018would enable law enforcement to better investigate these crimes\u2014and hold compromised entities accountable\u2019. <\/i>The Economist has a possible pre-emptive answer for retailers and other businesses, with an interesting piece<\/a> on the role of \u2018whitehats\u2019 and the increasing demand for penetration testing of computer systems.<\/p>\n Tokyo-based Bitcoin exchange Mt. Gox is offline with trading suspended<\/a> due to the theft of roughly US$375 million dollars worth of the virtual currency. The exchange hack and subsequent collapse in Bitcoin value brings into question yet again the currency\u2019s stability and security protocols, let alone the legitimacy of Bitcoin as a global currency.<\/p>\n Over at The<\/i> Monkey Cage<\/i> blog, Henry Farell has continued his dispassionate exploration into the political science of cyber security. In Part III<\/a>, he looks to how international relations theory informs American cyber security doctrine. Catch up with Part I<\/a> and Part II<\/a>.<\/p>\n In case you missed it, ICPC\u2019s Kl\u00e9e Aiken this week published his report on US cyber security efforts in which he highlights some important lessons for Australia. Cybersecurity by Executive Order <\/i>can be downloaded here<\/a> (PDF).<\/p>\n Finally, some good news for those of us who have already binge-watched the entire second season of House of Cards (Chinese cyber espionage storyline, anyone?). CBS has ordered a pilot<\/a> of the long running CSI: Crime Scene Investigation<\/i> franchise to explore the dark world of cybercrime. The spinoff will investigate \u2018crimes that start in the mind, live on-line and play out in the real world\u2019 informed by the work of Irish cyber psychologist Mary Aiken.<\/p>\n