Quick survey of recent cyber news . . .
***
Andrea Shala-Esa reported for Reuters on how Lockheed Martin, Intel, Advanced Micro Devices, Honeywell International, and RSA Security have come together to form the Cyber Security Research Alliance (CSRA). The CSRA will “work closely with government to develop ‘break-through technologies’ to improve cybersecurity.”
***
Steve Stecklow, for Reuters, on how a Huawei partner attempted to sell American antenna equipment in violation of U.S. sanctions against Iran.
Via arstechnica’s Sean Gallagher,an official from Huawei’s Australian office has offered to allow independent examination of the company’s source code in order to address security concerns. The article noted that Huawei officials made the same offer to U.S. lawmakers but they rejected the proposal; “the complexity of the hardware would make it impossible to fully assure that products from the company were not vulnerable to manipulation.”
Adam Segal wrote for Foreign Policy on the beginning of a cyber trade war between the U.S. and China. Of course, Huawei has been getting a lot of attention. What hasn’t been getting as much attention is the Chinese concern about foreign backdoors in their telecommunications infrastructure. Segal explained that 90% of Chinese microchips/network equipment and 65% of Chinese firewall and encryption technology rely on foreign technology, with “all core technologies [] basically in the hands of U.S. companies.” The U.S. response to Huawei has galvanized the Chinese, pushing them to question their own reliance on foreign tech. Fascinating article, and as I read through it, I couldn’t help but see the U.S. own vulnerabilities being echoed in China.
***
Jason Gewirtz, of The Christian Science Monitor, questioned whether the U.S. can really pin down recent cyberattacks on Iran.
Along the same lines, Michael Riley and Eric Engleman reported for Bloomberg on how a lone perpetrator may have been behind Shamoon. Again, Shamoon was the malware that targeted Saudi Aramco. The NYT recently reported that the U.S. believes that Iran was behind Shamoon. However, according to this article, Shamoon lacked “sophisticated elements that would suggest state-sponsored programmers were responsible.” This seems to suggest that the malware was the doing of a company insider.
***
From Foreign Policy’s John Reed, a fantastic look inside CyberComm’s 780th Military Intelligence Brigade. The 780th Military Intelligence Brigade is an Army “custom=made cyber warfare unit . . . to conduct some of the most sophisticated cyber operations around the world.”
***
A fantastic comic from the New Yorker on cyberwar . . .
***
A Cybersecurity To Do List from the staff of FederalNewsRadio. The list includes legislation, workforce education, HSPD-12 implementation, supply chain risk management, mobile computing, could computing, rules of engagement, insider threat policy, NSTIC roll out, and critical infrastructure systems.
Leave a Reply