{"id":16625,"date":"2014-10-29T14:30:38","date_gmt":"2014-10-29T03:30:38","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=16625"},"modified":"2014-10-30T08:16:05","modified_gmt":"2014-10-29T21:16:05","slug":"cyber-wrap-48","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/","title":{"rendered":"Cyber wrap"},"content":{"rendered":"<p><a href=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-16642 size-full\" title=\"Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a \u20ac15m fix.\" src=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg\" alt=\"Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a \u20ac15m fix.\" width=\"640\" height=\"368\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg 640w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom-205x118.jpg 205w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/a>A month after <a href=\"http:\/\/www.independent.co.uk\/news\/uk\/david-cameron-says-the-queen-purred-down-the-line-over-scottish-vote-9751545.html\" target=\"_blank\">purring down the line<\/a> to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the world. HRH exhibited her openness to the information age by <a href=\"http:\/\/www.inquisitr.com\/1563192\/queen-elizabeth-cyber-bullied\/\" target=\"_blank\">tweeting<\/a> the opening of the Information Age exhibition at London\u2019s Science Museum. The resulting celebrity tweet got the usual treatment\u2014lots of retweets, favourites and, inevitably, abuse. Cue the \u2018One is not amused\u2019 headlines.<\/p>\n<p>Speaking of middle men, Apple has <a href=\"http:\/\/www.theinquirer.net\/inquirer\/news\/2376697\/china-targets-apples-icloud-with-man-in-the-middle-cyber-attacks\" target=\"_blank\">issued an update<\/a> in response to reports early last week from GreatFire.org that the Chinese government was engaging in <a href=\"http:\/\/en.wikipedia.org\/wiki\/Man-in-the-middle_attack\" target=\"_blank\">man-in-the middle<\/a> attacks on iCloud. If successful, the attacks would enable the perpetrators to decipher and monitor communications between two devices and alter messages if desired. The warning comes shortly after the release of the iPhone 6 in China, which apparently had its encryption boosted to keep the NSA out, and it\u2019s possible that might also be vexing Chinese authorities.<!--more--><\/p>\n<p>On the other side of the world, Belgium\u2019s national telco Belgacom has <a href=\"http:\/\/www.computing.co.uk\/ctg\/news\/2377764\/gchq-cyber-attack-cost-belgacom-eur15m-says-security-head-fabrice-clement\" target=\"_blank\">alleged<\/a> that Britain\u2019s GCHQ was involved in a similar man-in-the-middle attack on its infrastructure that has left it with a \u20ac15m fix. While initial suspicion fell on GCHQ thanks to leaked information by Edward Snowden that was published in <em>Der Spiegel<\/em>, an ongoing criminal investigation is yet to reveal the actual culprit. However, by Belgacom\u2019s own admission, the attack \u2018was clearly not designed to intercept data in bulk. They were not out to copy databases. It was very specific information [that they were after].\u2019 If GCHQ is found to have had its hand in the cookie jar, London will doubtless feel more embarrassed. But, considering the sophistication of the attack, the attribution problem probably means it won\u2019t be possible to pin the tail on any particular donkey.<\/p>\n<p>Removing the man in the middle altogether is the possibility of life-imitating-art-hacking of hospital devices and medical equipment, a la Homeland. The US Department of Homeland Security (DHS) is <a href=\"http:\/\/www.itproportal.com\/2014\/10\/24\/dozens-flawed-medical-devices-open-homeland-style-cyber-attack\/\" target=\"_blank\">apparently<\/a> \u2018poring over around two dozen instances of cyber-security flaws in medical devices and hospital equipment that could eventually be exploited for illicit means\u2019. While there haven\u2019t been any documented cases of this type of attack\u2014and experts believe the eventuality is quite low compared to other issues with medical devices\u2014DHS is taking no chances and working with manufacturers to address any possible flaws before they\u2019re discovered by parties with malicious intent.<\/p>\n<p>Meanwhile, over at the Pentagon, the US Navy is <a href=\"http:\/\/news.usni.org\/2014\/10\/22\/navsea-submarines-control-systems-risk-cyber-attack\" target=\"_blank\">concerned<\/a> that Windows XP chips on its nuclear submarines (located in the back-up diesel engines) could expose the fleet to hacking of its control systems, according to Vice Admiral William Hilarides, head of Naval Sea Systems Command (NAVSEA). Hilarides pointed out a few quick fixes that Navy could implement now to protect the data sent from the boats to maintenance crews at a warfare centre, but stressed that \u2018ultimately ships and submarines need to be built with cyber-security in mind right from the outset\u2019.<\/p>\n<p>The ITU Plenipotentiary (PP-14) continues this week with member states releasing additional policy statements as well as lobbying for their representatives to be elected to various positions within the organisation. Australia\u2019s efforts appear to have paid off with our re-election to the ITU Council. Samantha Dickinson is keeping a close eye on proceedings on <a href=\"http:\/\/linguasynaptica.com\/\" target=\"_blank\">Lingua Synaptica<\/a> and has reported that \u2018a very large number of developing countries have made requests for ITU to continue its capacity building work.\u2019 The benefits of that work were expounded by Samoa, which cited ICTs as a \u2018a contributing factor for its move from \u201cLeast Developing Country\u201d to \u201cDeveloping Country\u201d on the UN scale of development\u2019. Stay tuned for developments\u2014and fireworks between the US and Cuba, Israel and Palestine, and Russia and Ukraine. Other news out of Busan finds that the ITU Plenipotentiary will head to the UAE in 2018, the same location as the 2012 ITU World Conference on International Telecommunications.<\/p>\n<p>Finishing on a national security cross-over note, an emerging <a href=\"http:\/\/www.express.co.uk\/news\/uk\/526467\/Beware-Inbox-Email-Computer-Virus-WHO-Ebola-Computer-Virus?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+daily-express-uk-news+(Daily+Express+%3A%3A+UK+Feed)\" target=\"_blank\">phishing scam<\/a> is using a false World Health Organisation (WHO) badged email to spread malware stored in an attachment that claims to have \u2018life-saving advice about the Ebola outbreak\u2019. The malware appears to give total control to the hacker, allowing access to files, microphones and cameras on your computer as well as installing a keylogger. Most concerning of all is that \u2018the &#8220;DarkComet Remote Access Trojan&#8221; is completely undetectable to anti-virus software\u2019.<\/p>\n<p>In an <a href=\"http:\/\/fcw.com\/articles\/2014\/10\/24\/cyber-offense.aspx\" target=\"_blank\">effort<\/a> to promote transparency and engage the US polity in debate on offensive cyber strategy, \u2018the Pentagon this week published a doctrine that was unusually candid about offensive scenarios in cyberspace\u2019. The declassified reports, originally developed for the Joint Chiefs of Staff in 2013, were released earlier this week to the public. The release brings a normally secretive part of the defence establishment into the open and encourages discussion of the topic among \u2018experts in and out of government.\u2019 But, as FCW notes \u2018[while a] doctrinal hurdle to offensive cyber operations may have been cleared \u2026 a large bureaucratic hurdle apparently remains\u2019 in addressing the coordination between civil and military agencies in this space.<\/p>\n<p><em>Roy Birch is a visiting analyst at ASPI. These are his personal views. Image courtesy of Flickr user <a href=\"https:\/\/www.flickr.com\/photos\/ecks_ecks\/8728435788\" target=\"_blank\">ecks ecks<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A month after purring down the line to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the &#8230;<\/p>\n","protected":false},"author":268,"featured_media":16642,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1,531],"tags":[391,95,713,728,1015,825],"class_list":["post-16625","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-cyber-security-2","tag-cyber","tag-cyber-security","tag-cyberattack","tag-hacking","tag-malware","tag-phishing"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cyber wrap | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber wrap | The Strategist\" \/>\n<meta property=\"og:description\" content=\"A month after purring down the line to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2014-10-29T03:30:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-10-29T21:16:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"368\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Roy Birch\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roy Birch\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg\",\"width\":640,\"height\":368,\"caption\":\"Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a \u20ac15m fix.\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/\",\"name\":\"Cyber wrap | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#primaryimage\"},\"datePublished\":\"2014-10-29T03:30:38+00:00\",\"dateModified\":\"2014-10-29T21:16:05+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/94ca57bb52fb4285e1373d6d29221ca5\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cyber wrap\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/94ca57bb52fb4285e1373d6d29221ca5\",\"name\":\"Roy Birch\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7460bf4682b018511dcf4d762bd7133b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7460bf4682b018511dcf4d762bd7133b?s=96&d=mm&r=g\",\"caption\":\"Roy Birch\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/roy-birch\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyber wrap | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/","og_locale":"en_US","og_type":"article","og_title":"Cyber wrap | The Strategist","og_description":"A month after purring down the line to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the ...","og_url":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2014-10-29T03:30:38+00:00","article_modified_time":"2014-10-29T21:16:05+00:00","og_image":[{"width":640,"height":368,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg","type":"image\/jpeg"}],"author":"Roy Birch","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Roy Birch","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/10\/Belgacom.jpg","width":640,"height":368,"caption":"Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a \u20ac15m fix."},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/","url":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/","name":"Cyber wrap | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#primaryimage"},"datePublished":"2014-10-29T03:30:38+00:00","dateModified":"2014-10-29T21:16:05+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/94ca57bb52fb4285e1373d6d29221ca5"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-48\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Cyber wrap"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/94ca57bb52fb4285e1373d6d29221ca5","name":"Roy Birch","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7460bf4682b018511dcf4d762bd7133b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7460bf4682b018511dcf4d762bd7133b?s=96&d=mm&r=g","caption":"Roy Birch"},"url":"https:\/\/www.aspistrategist.ru\/author\/roy-birch\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/16625"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/268"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=16625"}],"version-history":[{"count":6,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/16625\/revisions"}],"predecessor-version":[{"id":16653,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/16625\/revisions\/16653"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/16642"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=16625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=16625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=16625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}