Tag Archives: hacking
Can I still be hacked with 2FA enabled?
Shutterstock
David Tuffley, Griffith University
Cybersecurity is like a game of whack-a-mole. As soon as the good guys put a stop to one type of attack, another pops up.
Usernames and passwords were once good enough to keep an account secure. But before long, cybercriminals figured out how to get around this.
Often they’ll use “brute force attacks”, bombarding a user’s account with various password and login combinations in a bid to guess the correct one.
To deal with such attacks, a second layer of security was added in an approach known as two-factor authentication, or 2FA. It’s widespread now, but does 2FA also leave room for loopholes cybercriminals can exploit?
2FA via text message
There are various types of 2FA. The most common method is to be sent a single-use code as an SMS message to your phone, which you then enter following a prompt from the website or service you’re trying to access.
Most of us are familiar with this method as it’s favoured by major social media platforms. However, while it may seem safe enough, it isn’t necessarily.
Hackers have been known to trick mobile phone carriers (such as Telstra or Optus) into transferring a victim’s phone number to their own phone.
Read more:
$2.5 billion lost over a decade: ‘Nigerian princes’ lose their sheen, but scams are on the rise
Pretending to be the intended victim, the hacker contacts the carrier with a story about losing their phone, requesting a new SIM with the victim’s number to be sent to them. Any authentication code sent to that number then goes directly to the hacker, granting them access to the victim’s accounts.
This method is called SIM swapping. It’s probably the easiest of several types of scams that can circumvent 2FA.
And while carriers’ verification processes for SIM requests are improving, a competent trickster can talk their way around them.
Authenticator apps
The authenticator method is more secure than 2FA via text message. It works on a principle known as TOTP, or “time-based one-time password”.
TOTP is more secure than SMS because a code is generated on your device rather than being sent across the network, where it might be intercepted.
The authenticator method uses apps such as Google Authenticator, LastPass, 1Password, Microsoft Authenticator, Authy and Yubico.
However, while it’s safer than 2FA via SMS, there have been reports of hackers stealing authentication codes from Android smartphones. They do this by tricking the user into installing malware (software designed to cause harm) that copies and sends the codes to the hacker.
The Android operating system is easier to hack than the iPhone iOS. Apple’s iOS is proprietary, while Android is open-source, making it easier to install malware on.
2FA using details unique to you
Biometric methods are another form of 2FA. These include fingerprint login, face recognition, retinal or iris scans, and voice recognition. Biometric identification is becoming popular for its ease of use.
Most smartphones today can be unlocked by placing a finger on the scanner or letting the camera scan your face – much quicker than entering a password or passcode.
However, biometric data can be hacked, too, either from the servers where they are stored or from the software that processes the data.
One case in point is last year’s Biostar 2 data breach in which nearly 28 million biometric records were hacked. BioStar 2 is a security system that uses facial recognition and fingerprinting technology to help organisations secure access to buildings.
There can also be false negatives and false positives in biometric recognition. Dirt on the fingerprint reader or on the person’s finger can lead to false negatives. Also, faces can sometimes be similar enough to fool facial recognition systems.
Another type of 2FA comes in the form of personal security questions such as “what city did your parents meet in?” or “what was your first pet’s name?”
Read more:
Don’t be phish food! Tips to avoid sharing your personal information online
Only the most determined and resourceful hacker will be able to find answers to these questions. It’s unlikely, but still possible, especially as more of us adopt public online profiles.
Shutterstock
2FA remains best practice
Despite all of the above, the biggest vulnerability to being hacked is still the human factor. Successful hackers have a bewildering array of psychological tricks in their arsenal.
A cyber attack could come as a polite request, a scary warning, a message ostensibly from a friend or colleague, or an intriguing “clickbait” link in an email.
The best way to protect yourself from hackers is to develop a healthy amount of scepticism. If you carefully check websites and links before clicking through and also use 2FA, the chances of being hacked become vanishingly small.
The bottom line is that 2FA is effective at keeping your accounts safe. However, try to avoid the less secure SMS method when given the option.
Just as burglars in the real world focus on houses with poor security, hackers on the internet look for weaknesses.
And while any security measure can be overcome with enough effort, a hacker won’t make that investment unless they stand to gain something of greater value.
David Tuffley, Senior Lecturer in Applied Ethics & CyberSecurity, Griffith University
This article is republished from The Conversation under a Creative Commons license. Read the original article.
Aerial threat: why drone hacking could be bad news for the military
Gorodenkoff/Shutterstock
Mohiuddin Ahmed, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University
Unmanned aerial vehicles, more commonly called drones, are now a fundamental part of defence force capability, from intelligence gathering to unmanned engagement in military operations. But what happens if our own technology is turned against us?
Between 2015 and 2022, the global commercial drone market is expected to grow from A$5.95 billion to A$7.47 billion.
Drones are now being used in a host of applications, including agriculture, media, parcel delivery, and defence.
However, as with all IT technology, manufacturers and users may leave the digital doors unlocked. This potentially leaves opportunities for cyber-criminals and perhaps even cyber-warfare.
Read more:
Police drones: can we trust the eyes in the skies?
Imagine a defence operation in which a drone is sent out to spy on enemy territory. The enemy identifies the drone but instead of disabling it, compromises the sensors (vision, sonar, and so on) to inject false data. Acting upon such data could then result in inappropriate tactics and, in a worst case scenario, may even lead to avoidable casualties.
UK cybersecurity consultant James Dale warned earlier this year that “equipment is now available to hack drones so they can bypass technology controls”.
Drones are relatively cheap technologies for military use – certainly cheaper than the use of satellites for surveillance. Off-the-shelf drones can be used to gather intelligence, without any significant development effort.
Meanwhile, governments have cracked down on illegal civilian drone use, and imposed no-fly zones around secure infrastructure such as airports. Drone manufacturers have been forced to provide “geofencing” software to avoid situations such as the recent drone strike in a Saudi oil field. However, cyber criminals are smart enough to bypass such controls and openly provide services to help consumers get past government and military-enforced no-fly zones.
Author provided
Russian software company Coptersafe sells such modifications for a few hundred dollars. Anyone can buy a drone from a retail store, purchase the modifications, and then send their drone into no-fly zones such as military bases and airports. Ironically, Russia’s military base in Syria came under attack from drones last year.
Australia on the frontline
Australia is at the frontier of the military drone revolution, equipping itself with a fleet of hundreds of new drones. Lieutenant Colonel Keirin Joyce, discussing the program in a recent defence podcast, declared Australia will soon be “the most unmanned [air vehicle] army in the world per capita”.
It will be essential to safeguard every single component of this sophisticated unmanned aerial fleet from cyber attack.
When drones were developed, cyber security was not a priority. Let’s explore a few potential threats to drone technology:
-
drone navigation is based on the Global Positioning System (GPS). It’s possible an attacker can break the encryption of this communication channel. Fake signals can be fed to the targeted drone and the drone effectively gets lost. This type of attack can be launched without being in close physical proximity
-
with knowledge of the flight controller systems, hackers can gain access using “brute force” attacks. Then, the captured video footage can be manipulated to mislead the operator and influence ground operations
-
a drone fitted with sensors could be manipulated by injecting rogue signals. For example, the gyroscopes on a drone can be misled using an external source of audio energy. Cyber criminals may take advantage of this design characteristic to create false sensor readings
-
drones’ onboard control systems are effectively small computers. Drone control systems (onboard and ground-based controllers) are also vulnerable to malicious software or Maldrone (malware for drones). The founder and CTO of CloudSEK, Rahul Sasi discovered a backdoor in the Parrot AR.Drone. Using malicious software, an attacker can establish remote communication and can take control of the drone. Attackers can also inject false data to mislead the operators. This type of malware can be installed silently without any visible sign to the operators. The consequences are significant if the drones are used for military operations.
Read more:
Eye in the Sky and the moral dilemmas of modern warfare
As with traditional cyber-crime, it’s likely 2019 will see a sharp rise in drone-related incidents. However, these security breaches should not discourage the use of drones for personal, industrial or military applications. Drones are great tools in the era of smart cities, for instance.
But we should not forget the potential for cyber crime – and nowhere are the stakes higher than in military drone use. Clearly, the use of drones needs to be carefully regulated. And the first step is for the government and the Australian Defence Force to be fully aware of the risks.
Mohiuddin Ahmed, Lecturer of Computing & Security, Edith Cowan University and Paul Haskell-Dowland, Associate Dean (Computing and Security), Edith Cowan University
This article is republished from The Conversation under a Creative Commons license. Read the original article.
Don’t click that link! How criminals access your digital devices and what happens when they do
Unsplash/Marvin Tolentino
Richard Matthews, University of Adelaide and Kieren Niĉolas Lovell, Tallinn University of Technology
Every day, often multiple times a day, you are invited to click on links sent to you by brands, politicians, friends and strangers. You download apps on your devices. Maybe you use QR codes.
Most of these activities are secure because they come from sources that can be trusted. But sometimes criminals impersonate trustworthy sources to get you to click on a link (or download an app) that contains malware.
At its core, a link is just a mechanism for data to be delivered to your device. Code can be built into a website which redirects you to another site and downloads malware to your device en route to your actual destination.
When you click on unverified links or download suspicious apps you increase the risk of exposure to malware. Here’s what could happen if you do – and how you can minimise your risk.
Read more:
How suppliers of everyday devices make you vulnerable to cyber attack – and what to do about it
What is malware?
Malware is defined as malicious code that:
will have adverse impact on the confidentiality, integrity, or availability of an information system.
In the past, malware described malicious code that took the form of viruses, worms or Trojan horses.
Viruses embedded themselves in genuine programs and relied on these programs to propagate. Worms were generally stand alone programs that could install themselves using a network, USB or email program to infect other computers.
Trojan horses took their name from the gift to the Greeks during the Trojan war in Homer’s Odyssey. Much like the wooden horse, a Trojan Horse looks like a normal file until some predetermined action causes the code to execute.
Today’s generation of attacker tools are far more sophisticated, and are often a blend of these techniques.
These so-called “blended attacks” rely heavily on social engineering – the ability to manipulate someone to doing something they wouldn’t normally do – and are often categorised by what they ultimately will do to your systems.
What does malware do?
Today’s malware comes in easy to use, customised toolkits distributed on the dark web or by well meaning security researchers attempting to fix problems.
With a click of a button, attackers can use these toolkits to send phishing emails and spam SMS messages to eploy various types of malware. Here are some of them.
https://datawrapper.dwcdn.net/QDA3R/2/
-
a remote administration tool (RAT) can be used to access a computer’s camera, microphone and install other types of malware
-
keyloggers can be used to monitor for passwords, credit card details and email addresses
-
ransomware is used to encrypt private files and then demand payment in return for the password
-
botnets are used for distributed denial of service (DDoS) attacks and other illegal activities. DDoS attacks can flood a website with so much virtual traffic that it shuts down, much like a shop being filled with so many customers you are unable to move.
-
crytptominers will use your computer hardware to mine cryptocurrency, which will slow your computer down
-
hijacking or defacement attacks are used to deface a site or embarrass you by posting pornographic material to your social media
Wordfence
Read more:
Everyone falls for fake emails: lessons from cybersecurity summer school
How does malware end up on your device?
According to insurance claim data of businesses based in the UK, over 66% of cyber incidents are caused by employee error. Although the data attributes only 3% of these attacks to social engineering, our experience suggests the majority of these attacks would have started this way.
For example, by employees not following dedicated IT and information security policies, not being informed of how much of their digital footprint has been exposed online, or simply being taken advantage of. Merely posting what you are having for dinner on social media can open you up to attack from a well trained social engineer.
QR codes are equally as risky if users open the link the QR codes point to without first validating where it was heading, as indicated by this 2012 study.
Even opening an image in a web browser and running a mouse over it can lead to malware being installed. This is quite a useful delivery tool considering the advertising material you see on popular websites.
Fake apps have also been discovered on both the Apple and Google Play stores. Many of these attempt to steal login credentials by mimicking well known banking applications.
Sometimes malware is placed on your device by someone who wants to track you. In 2010, the Lower Merion School District settled two lawsuits brought against them for violating students’ privacy and secretly recording using the web camera of loaned school laptops.
What can you do to avoid it?
In the case of the the Lower Merion School District, students and teachers suspected they were being monitored because they “saw the green light next to the webcam on their laptops turn on momentarily.”
While this is a great indicator, many hacker tools will ensure webcam lights are turned off to avoid raising suspicion. On-screen cues can give you a false sense of security, especially if you don’t realise that the microphone is always being accessed for verbal cues or other forms of tracking.
iphonedigital/flickr
Basic awareness of the risks in cyberspace will go a long the way to mitigating them. This is called cyber hygiene.
Using good, up to date virus and malware scanning software is crucial. However, the most important tip is to update your device to ensure it has the latest security updates.
Hover over links in an email to see where you are really going. Avoid shortened links, such as bit.ly and QR codes, unless you can check where the link is going by using a URL expander.
What to do if you already clicked?
If you suspect you have malware on your system, there are simple steps you can take.
Open your webcam application. If you can’t access the device because it is already in use this is a telltale sign that you might be infected. Higher than normal battery usage or a machine running hotter than usual are also good indicators that something isn’t quite right.
Make sure you have good anti-virus and anti-malware software installed. Estonian start-ups, such as Malware Bytes and Seguru, can be installed on your phone as well as your desktop to provide real time protection. If you are running a website, make sure you have good security installed. Wordfence works well for WordPress blogs.
More importantly though, make sure you know how much data about you has already been exposed. Google yourself – including a Google image search against your profile picture – to see what is online.
Check all your email addresses on the website haveibeenpwned.com to see whether your passwords have been exposed. Then make sure you never use any passwords again on other services. Basically, treat them as compromised.
Cyber security has technical aspects, but remember: any attack that doesn’t affect a person or an organisation is just a technical hitch. Cyber attacks are a human problem.
The more you know about your own digital presence, the better prepared you will be. All of our individual efforts better secure our organisations, our schools, and our family and friends.
Richard Matthews, Lecturer Entrepreneurship, Commercialisation and Innovation Centre | PhD Candidate in Image Forensics and Cyber | Councillor, University of Adelaide and Kieren Niĉolas Lovell, Head of TalTech Computer Emergency Response Team, Tallinn University of Technology
This article is republished from The Conversation under a Creative Commons license. Read the original article.
What could a My Health Record data breach look like?
Tammy54/Shutterstock
Cassandra Cross, Queensland University of Technology
Last week marked the start of a three-month period in which Australians can opt out of the My Health Record scheme before having an automatically generated electronic health record.
Some Australians have already opted out of the program, including Liberal MP Tim Wilson and former Queensland LNP premier Campbell Newman, who argue it should be an opt-in scheme.
But much of the concern about My Health Records centres around privacy. So what is driving these concerns, and what might a My Health Records data breach look like?
Data breaches
Data breaches exposing individuals’ private information are becoming increasingly common and can include demographic details (name, address, birthdate), financial information (credit card details, pin numbers) and other details such as email addresses, usernames and passwords.
Health information is also an attractive target for offenders. They can use this to perpetrate a wide variety of offences, including identity fraud, identity theft, blackmail and extortion.
Read more:
Another day, another data breach – what to do when it happens to you
Last week hackers stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong, who may have been targeted for sensitive medical information.
Meanwhile in Canada, hackers reportedly stole the medical histories of 80,000 patients from a care home and held them to ransom.
Australia is not immune. Last year Australians’ Medicare details were advertised for sale on the dark net by a vendor who had sold the records of at least 75 people.
Earlier this year, Family Planning NSW experienced a breach of its booking system, which exposed client data of those who had contacted the organisation within the past two and a half years.
Further, in the first report since the introduction of mandatory data breach reporting, the Privacy Commissioner revealed that of the 63 notifications received in the first quarter, 15 were from health service providers. This makes health the leading industry for reported breaches.
Human error
It’s important to note that not all data breaches are perpetrated from the outside or are malicious in nature. Human error and negligence also pose a threat to personal information.
The federal Department of Health, for instance, published a supposedly “de-identified” data set relating to details from the Medicare Benefits Scheme and the Pharmaceutical Benefits Scheme of 2.5 million Australians. This was done for research purposes.
But researchers were able to re-identify the details of individuals using publicly available information. In a resulting investigation, the Privacy Commissioner concluded that the Privacy Act had been breached three times.
The latest data breach investigation from US telecommunications company Verizon notes that health care is the only sector where the threat from inside is greater than from the outside. Human error contributes largely to this.
There are promises of strong security surrounding My Health Records but, in reality, it’s a matter of when, not if, a data breach of some sort occurs.
Shutterstock
Privacy controls
My Health Record allows users to set the level of access they’re comfortable with across their record. This can target specific health-care providers or relate to specific documents.
But the onus of this rests heavily on the individual. This requires a high level of computer and health literacy that many Australians don’t have. The privacy control process is therefore likely to be overwhelming and ineffective for many people.
Read more:
My Health Record: the case for opting out
With the default option set to “general access”, any organisation involved in the person’s care can access the information.
Regardless of privacy controls, other agencies can also access information. Section 70 of the My Health Records Act 2012 states that details can be disclosed to law enforcement for a variety of reasons including:
(a) the prevention, detection, investigation, prosecution or punishment of criminal offences.
While no applications have been received to date, it is reasonable to expect this may occur in the future.
There are also concerns about sharing data with health insurance agencies and other third parties. While not currently authorised, there is intense interest from companies that can see the value in this health data.
Further, My Health Record data can be used for research, policy and planning. Individuals must opt out of this separately, through the privacy settings, if they don’t want their data to be part of this.
What should you do?
Health data is some of the most personal and sensitive information we have and includes details about illnesses, medications, tests, procedures and diagnoses. It may contain information about our HIV status, mental health profile, sexual activity and drug use.
These areas can attract a lot of stigma so keeping this information private is paramount. Disclosure may not just impact the person’s health and well-being, it may also affect their relationships, their employment and other facets of their life.
Importantly, these details can’t be reset or reissued. Unlike passwords and credit card details, they are static. Once exposed, it’s impossible to “unsee” or “unknow” what has been compromised.
Everyone should make their own informed decision about whether to stay in My Health Record or opt out. Ultimately, it’s up to individuals to decide what level of risk they’re comfortable with, and the value of their own health information, and proceed on that basis.
Read more:
My Health Record: the case for opting in
Cassandra Cross, Senior Lecturer in Criminology, Queensland University of Technology
This article was originally published on The Conversation. Read the original article.
The public has a vital role to play in preventing future cyber attacks
Shutterstock
Sandeep Gopalan, Deakin University
Up to 400 Australian organisations may have been snared in a massive hacking incident detailed today. The attack, allegedly engineered by the Russian government, targeted millions of government and private sector machines globally via devices such as routers, switches, and firewalls.
This follows a cyber attack orchestrated by Iranian hackers revealed last month, which targeted Australian universities.
Read more:
Explainer: how internet routers work and why you should keep them secure
A joint warning by the US and UK governments stated that the purpose of the most recent attack was to:
… support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.
The Russians’ modus operandi was to target end-of-life devices and those without encryption or authentication, thereby compromising routers and network infrastructure. In doing so, they secured legitimate credentials from individuals and organisations with weak password protections in order to take control of the infrastructure.
Cyber attacks are key to modern conflict
This is not the first instance of Russian aggression.
The US city of Atlanta last month was crippled by a cyber attack and many of its systems are yet to recover – including the court system. In that case, attackers used the SamSam ransomware, which also uses network infrastructure to infiltrate IT systems, and demanded a ransom payment in Bitcoin.
Baltimore was hit by a cyber attack on March 28 that disrupted its emergency 911 calling system. Russian hackers are suspected to have taken down the French TV station TV5Monde in 2015. The US Department of State was hacked in 2015 – and Ukraine’s power grid and military infrastructure were also compromised in separate attacks in 2015 and 2017.
But Russia is not alone in committing these attacks.
In December 2017, North Korean hackers were blamed for the WannaCry attack that infected over 300,000 computers in 150 countries, affecting hospitals and banks. The UK’s National Health Service was particularly bruised and patients had to be turned away from surgical procedures and appointments.
Iran has conducted cyber attacks against numerous targets in the US, Israel, UAE, and other countries. In turn, Iran was subjected to a cyber attack on April 7 that saw computer screens display the US flag with the warning “don’t mess with our elections”.
Prosecuting hackers is ineffective
The US government has launched prosecutions against hackers – most recently against nine Iranians for the cyber attacks on universities. However, prosecutions are of limited efficacy when hackers are beyond the reach of US law enforcement and unlikely to be surrendered by their home countries.
As I have written previously, countries such as Australia and the US cannot watch passively as rogue states conduct cyber attacks against targets within our jurisdiction.
Read more:
Is counter-attack justified against a state-sponsored cyber attack? It’s a legal grey area
Strong countermeasures must be taken in self defence against the perpetrators wherever they are located. If necessary, self defence must be preemptive – any potential perpetrators must be crippled before they are able to launch strikes on organisations here.
Reactive measures are a weak deterrent, and our response should include a first strike cyber attack option where there is credible intelligence about imminent attacks. Notably, the UK has threatened to use conventional military strikes against cyber attacks. This may be an overreaction at this time.
Educating the public is essential
Numerous cyber attacks in recent years – including the current attack – have targeted common household devices, such as routers. As a result, the security of public infrastructure relies to some extent on the security practices of everyday Australians.
So, what role should the government play in ensuring Australians are securing their devices?
Unfortunately, cybersecurity isn’t as simple as administering an annual flu shot. It’s not feasible for the government to issue cybersecurity software to residents since security patches are likely to be out-of-date before the next attack.
But the government should play a role in educating the public about cyber attacks and securing public internet services.
The city of New York has provided a free app to all residents called NYC Secure that is aimed at educating people. It is also adding another layer of security to its free wifi services to protect users from downloading malicious software or accessing phishing websites. And the city of Jonesboro, Georgia is putting up a firewall to secure its services.
Read more:
Artificial intelligence cyber attacks are coming – but what does that mean?
Australian city administrations must adopt similar strategies alongside a sustained public education effort. A vigilant public is a necessary component in our collective security strategy against cyber attacks.
This cannot be achieved without significant investment. In addition to education campaigns, private organisations – banks, universities, online sellers, large employers – must be leveraged into ensuring their constituents do not enable attacks through end-of-life devices, unsupported software, poor password protection policies and lack of encryption.
Governments must also prioritise investment in their own IT and human resources infrastructure. Public sector IT talent has always lagged the private sector due to pay imbalances, and other structural reasons.
It is difficult for governments to attain parity of technical capabilities with Russian or North Korean hackers in the short term. The only solution is a strong partnership – in research, detection tools, and counter-response strategies – with the private sector.
The Atlanta attack illustrates the perils of inaction – an audit report shows the city was warned months in advance but did nothing. Australian cities must not make the same mistake.
Sandeep Gopalan, Pro Vice-Chancellor (Academic Innovation) & Professor of Law, Deakin University
This article was originally published on The Conversation. Read the original article.
The US election hack, fake news, data theft: the cyber security lessons from 2017
from http://www.shutterstock.com, CC BY-ND
Joe Burton, University of Waikato
Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.
Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.
Read more: Artificial intelligence cyber attacks are coming – but what does that mean?
The US election hack and the end of cyber scepticism
The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.
From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.
Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.
Anti-social media
The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.
Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.
If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.
Holding data to ransom
The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars – a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.
Read more: Cyberspace aggression adds to North Korea’s threat to global security
Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.
A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.
According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.
Death of cyber norms?
The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.
Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.
It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.
The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.
These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.
In all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.
Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato
This article was originally published on The Conversation. Read the original article.
Islamic Assailants Kill Hundreds of Christians Near Jos, Nigeria
Fulani herdsmen strike Christian villages, slaying mainly ethnic Berom with machetes.
LAGOS, Nigeria, March 8 (CDN) — An uneasy calm prevailed in Plateau state, Nigeria today following the killing of hundreds of Christians early yesterday morning in three farming villages near Jos by ethnic Fulani Muslims.
The mostly ethnic Berom victims included many women and children killed with machetes by rampaging Fulani herdsmen. About 75 houses were also burned.
State Information Commissioner Gregory Yenlong confirmed that about 500 persons were killed in the attacks, which took place mainly in Dogo Nahawa, Zot and Rastat villages.
“We were woken up by gunshots in the middle of the night, and before we knew what was happening, our houses were torched and they started hacking down people” survivor Musa Gyang told media.
The assailants reportedly came on foot from a neighboring state to beat security forces that had been alerted of a possible attack on the villages but did not act beforehand.
The attack on Sunday is the latest in several religious clashes in the state in recent months that have claimed lives and property. Plateau state is a predominantly Christian state in a country almost evenly divided between Christians and Muslims. The Muslim minority has been contesting ownership of some parts of the state, leading to frequent clashes.
Bishop Andersen Bok, national coordinator of the Plateau State Elders Christian Fellowship, along with group Secretary General Musa Pam, described the attack as yet another “jihad and provocation on Christians.”
“Dogo Nahawa is a Christian community,” the Christian leaders said in a statement. “Eyewitnesses say the Hausa Fulani Muslim militants were chanting ‘Allah Akbar,’ broke into houses, cutting human beings, including children and women with their knives and cutlasses.”
Soon after the militants besieged Dogo Nahawa, the Christian leaders said, at 1:30 a.m. they contacted the military, which is in charge of security in the state.
“But we were shocked to find out that the soldiers did not react until about 3:30 a.m., after the Muslim attackers had finished their job and left,” they stated. “We are tired of these genocides on our Christian brothers and state here that we will not let this go unchallenged.”
Pentecostal Fellowship of Nigeria (PFN) President Ayo Oritsejafor decried the attack on the Christian community as barbaric and urged the federal government to stop the killing of innocent citizens or risk a total breakdown of law and order.
“I have just returned from a trip abroad,” he said. “While I was away, I was inundated with reports of another catastrophe in the Jigawa state capital, where several churches were burnt, and just as I was trying to settle down and collate reports from the field, I am hearing of another on Sunday morning.”
Director of Social Communications, Catholic Archbishop of Lagos, Rev. Monsignor Gabriel Osu said the Sunday killing in Jos is a major setback for the country’s effort to gain the confidence of the international community.
“Do you know that because of things like these, anywhere Nigerians travel to they are subjected to dehumanizing scrutiny?” he said. “Any act of violence at this time is totally condemned, and the government should make haste to fish out all identified perpetrators of such heinous crimes against God so that we can move forward as a people united under one umbrella.”
On Friday (March 5) the National Youth President of the PFN, Dr. Abel Damina, expressed concern over cases of clandestine killings of Christians in remote parts of Plateau state by Islamic extremists and called on the federal government to retrieve sophisticated weapons in their possession.
“Even as I speak to you now, I am receiving reports that some clandestine killings are still going on in the remote areas of Plateau State by the fundamentalists,” Damina reportedly said. “They pounce on Christians and kill them without anybody knowing much of their identity except that they are Christians.”
He added that recently he visited the governor in Jos regarding the crisis and secured photos of Christian victims.
“Young men, Christians, were going to their farm to harvest their produce and the fundamentalists pounced on them,” he said. “They were called infidels. At the last conference, we received reports with photographs of the fundamentalists using AK-47 rifles to destroy our churches. Where did they get the arms from? We have reports of truck loads of arms that had been intercepted, and we did not hear anything about them.”
Report from Compass Direct News
UGANDAN LRA INVOLVED IN CHRISTMAS MASSACRE AT CHURCH
Uganda’s army is accusing rebels of the Lord’s Resistance Army of hacking to death 45 civilians in a Catholic church in the Democratic Republic of Congo, reports Michael Ireland, chief correspondent, ASSIST News Service.
A story on the BBC website quotes Ugandan Army Capt Chris Magezi who said the scene was “horrendous… dead bodies of mostly women and children cut in pieces.” The attack happened on December 26.
A rebel spokesman has denied responsibility for the killings, which follow a collapse in the peace process, the BBC said.
It also reports the UN saying that at least 189 people were killed in several attacks last week. Some reports say more than 100 people were killed in the church alone.
The BBC said the armies of Uganda, South Sudan and DR Congo carried out a joint offensive against the rebels in mid-December after LRA leader Joseph Kony again refused to sign a peace deal.
The BBC reported the LRA leader, who has lived in a jungle hideout in north-eastern DR Congo for the last few years, is wanted by the International Criminal Court for war crimes and crimes against humanity.
It also says Uganda’s government had been involved in lengthy peace negotiations with the LRA, hosted by the South Sudanese government. But LRA leader Kony has demanded that arrest warrants for him and his associates be dropped before any agreement can be struck.
Meanwhile, the UN peacekeeping mission in DR Congo says one of its troops accidently shot and killed a Ugandan soldier in the nearby town of Dungu.
The BBC said that aid officials requesting anonymity near Doruma, which is about 40km from the border with South Sudan, confirmed to Uganda’s Daily Monitor newspaper and to the AFP (Agence France Presse) news agency that the massacre had taken place.
“Bodies of the women and children, with deep cuts are littered inside and outside the church,” an aid official told The Monitor.
Witness Abel Longi told The Associated Press (AP) news agency that he recognized the LRA rebels by their dreadlocked hair, their Acholi language and the number of young boys among them.
“I hid in bush near the church and heard people wailing as they were being cut with machetes,” he said.
However, LRA spokesman David Nekorach Matsanga has denied that the rebels are behind the killings, the BBC reported.
“Reports about the LRA killing innocent civilians is another propaganda campaign by the Uganda army,” he said.
“I have it on good authority from the field commanders that the LRA is not in those areas where the killings are reported to have taken place.” He said the massacre may have been carried out by Ugandan soldiers.
“They want to justify their stay in DRC [Congo] and loot minerals from there like they did before,” he told the AP.
The BBC reports that Capt Magezi said that on Saturday the army had killed 13 of the rebels behind the alleged attack and were pursuing the rest of the group.
The UN’s humanitarian agency Ocha says 40 people were killed in attacks in DR Congo’s Faradje district, 89 around Doruma and 60 in the Gurba area, according to the BBC report.
The BBC story also says that many thousands of Congolese villagers fled their homes after LRA attacks near Dungu in October.
It explains that countries from Uganda to the Central African Republic have suffered 20 years of terror inflicted by the LRA. Tens of thousands of children have been abducted to be fighters and sex slaves.
Uganda’s government said the joint offensive had destroyed some 70 percent of the LRA camps in DR Congo.
The BBC’s Africa analyst, Martin Plaut, says that LRA leader Kony’s force is relatively small, about 650 strong. However, the difficulty is that when it is hit, it scatters and then regroups.
Report from the Christian Telegraph
Random Thoughts 