cybersecurity

Conclusions on the UN Security Council’s open debate on cybersecurity

The UN Security Council held an open debate on cybersecurity as part of South Korea’s presidency for the month of June. The day-long debate centred on the evolving threat landscape in cyberspace, emphasising the need for digital advancements to be directed towards positive outcomes. During the ensuing debate, nearly 70 speakers shared national perspectives on the growing threats posed by rapidly evolving technologies wielded by state and non-state actors. 

UN Secretary-General AntĂłnio Guterres highlighted the rapid pace of digital breakthroughs, acknowledging their ability to unite people, disseminate information rapidly, and boost economies. However, he cautioned that the connectivity that fuels these benefits also exposes individuals, institutions, and nations to significant vulnerabilities. Guterres pointed to the alarming rise of ransomware attacks, which cost an estimated $1.1 billion in ransom payments last year. Nonetheless, he noted that the implications extended beyond financial costs to impact peace, security, and overall stability.

In response to these challenges, Guterres referenced the ‘New Agenda for Peace,’ which calls for concerted efforts by states to prevent conflicts from escalating in cyberspace. He stressed the importance of upholding the rule of law in the digital realm and highlighted ongoing discussions among member states regarding a new cybercrime treaty. Recognising the interconnectedness of cyberspace with global peace and security, he urged the Security Council to incorporate cyber-related considerations into its agenda.

StĂ©phane Duguin, CEO of the CyberPeace Institute, briefed the council, offering valuable insights into recent cyberattacks, including the ‘AcidRain’ incident affecting Ukraine and cybercriminal activities linked to the Democratic People’s Republic of Korea. Duguin emphasised the necessity of attributing cyberattacks to perpetrators to facilitate de-escalation efforts. In turn, Nnenna Ifeanyi-Ajufo, an expert in Law and Technology, highlighted the misuse of cyber technology by terrorist groups in Africa and the risks posed by states infringing on human rights under the guise of cybersecurity. She called for enhanced mechanisms to understand the cyber threat landscape across different regions.

In deliberating the Council’s role in the cyber domain, some representatives advocated for inclusive processes within the UN, particularly under the General Assembly, to establish equitable arrangements in addressing cyber threats. Others urged the Security Council to take a more active role. Several speakers stressed the Council’s potential to lead in building a secure cyberspace, bridging with existing UN efforts in cybersecurity and ensuring Global South perspectives are considered at every step of the process.

In contrast, the representative from Russia highlighted a lack of clarity in determining which malicious digital technology use could threaten international peace and security. In this regard, Russia criticised the West for attributing cyberattacks to what they called ‘inconvenient countries.’ Moreover, the representative opposed the Council’s involvement in this matter, stating that such a move would exclude states not part of the Council from the discussion.

Why does it matter?

Highlighting the urgency of addressing cyber threats, representatives stressed the need for the Council to facilitate dialogue and support capacity-building efforts, especially in developing countries lacking the resources and expertise to combat cyber threats. 

The discussions highlighted the critical need for proactive measures to address cyber threats, promote cybersecurity, and safeguard global peace and stability in an increasingly interconnected digital landscape.

National Cyber Director stresses the need for unified cybersecurity requirements in the US

The head of the US Office of the National Cyber Director (ONCD), Harry Coker, has urged the US Congress to harmonise cross-sector baseline cybersecurity requirements in regulated industries, following years of federal and international guidance. Coker highlighted that the lack of regulatory harmonisation poses significant challenges to both cybersecurity outcomes and business competitiveness, as reported by organisations representing the majority of critical infrastructure sectors.

Harry Coker, a Navy veteran and former executive director of the NSA (2017-2019), was confirmed by the US Senate as ONCD director in December 2023, following the resignation of former ONCD Director Chris Inglis in February 2023.

In August 2023, the Office of the National Cyber Director (ONCD) sought private sector input on the state of cybersecurity regulation. Feedback was received from 11 of the 16 critical infrastructure sectors, encompassing over 15,000 businesses, states, and other organizations in the US. The summary of these responses revealed several challenges, including the absence of reciprocity between state and federal regulators and international partners. Regulatory inconsistencies that create barriers to entry, especially for small and mid-sized businesses have also been mentioned among key issues for industry. Furthermore, organizations expressed confusion about which federal agencies are responsible for regulating the defence industrial base, noting that it is unclear which federal agency acts as the clearinghouse for cyber-related regulations and requirements.

In response to the feedback, Coker announced that ONCD has initiated new harmonisation projects, including a pilot reciprocity framework within a critical infrastructure subsector. The pilot project aims to provide valuable insights for designing a comprehensive cybersecurity regulatory approach. Coker emphasized the need for Congress’s assistance to bring all relevant government agencies together to develop a cross-sector framework for harmonisation and reciprocity of baseline cybersecurity requirements. ONCD has not yet provided further details about the pilot project or other ongoing initiatives aimed at driving regulatory harmonisation.

Cisco to open cybersecurity centre in Taiwan

Cisco announced plans on Monday to establish a cybersecurity centre in Taiwan, collaborating with the government to bolster the workforce in this critical sector. The initiative comes as part of Cisco’s Taiwan Digital Acceleration Plan 3.0, aimed at addressing the global talent shortage in cybersecurity and enhancing the island’s digital infrastructure.

Taiwan, a democratically governed territory claimed by China, has faced numerous cyberattacks attributed to Beijing, targeting government officials and tech firms. Although China denies these accusations, the frequency and sophistication of such attacks have prompted significant concern. Cisco’s initiative includes partnering with tech associations to develop a security centre in Taiwan, focusing on improving threat intelligence and cyber readiness.

Guy Diedrich, Cisco’s global innovation officer, emphasised the company’s commitment to Taiwan, highlighting the flexible nature of the digital acceleration program, which encompasses areas such as AI in transport and sustainability operations at Kaohsiung port. While Diedrich did not disclose specific investment amounts, he affirmed that the program allows ongoing investment opportunities.

The launch event, attended by Taiwan’s Vice President Hsiao Bi-khim, underscored the strong partnership between Cisco and Taiwan. Vice President Hsiao expressed gratitude for Cisco’s sustained support and looked forward to potential future investments under the program.

European groups urge fairness in EU cybersecurity label for Big Tech

A proposed cybersecurity certification scheme (EUCS) for cloud services has raised concerns among 26 industry groups across Europe, who caution against potential discrimination towards major US tech firms like Amazon, Alphabet’s Google, and Microsoft. The European Commission, EU cybersecurity agency ENISA, and EU countries are set to discuss the scheme, which has seen multiple revisions since its draft release in 2020. The EUCS aims to help governments and businesses select secure and reliable cloud vendors, a critical consideration in the rapidly growing global cloud computing industry.

The latest version of the scheme, updated in March, removed stringent sovereignty requirements that would have forced US tech giants to form joint ventures or collaborate with EU-based companies to handle data within the bloc, a criterion for earning the highest EU cybersecurity label. In a joint letter, the industry groups argued for a non-discriminatory EUCS that fosters the free movement of cloud services across Europe, aligning with industry best practices and supporting Europe’s digital goals and security resilience.

The signatories, which include various chambers of commerce and industry associations from several European countries, emphasised the importance of diverse and resilient cloud technologies for their members to compete globally. They welcomed the removal of ownership controls and specific data protection requirements, arguing that these changes would ensure cloud security improvements without discriminating against non-EU companies.

EU cloud vendors like Deutsche Telekom, Orange, and Airbus have advocated for sovereignty requirements, fearing non-EU government access to European data under foreign laws. However, the industry groups contend that the inclusive approach of the revised EUCS will better serve Europe’s digital and security needs while promoting a competitive market environment.

Japanese Prime Minister urges legislation for pre-emptive cyber defense system

Japanese Prime Minister Fumio Kishida has directed his government to expedite the drafting of legislation to establish an active cyber defense system, enabling pre-emptive measures against cyberattacks. Addressing the inaugural meeting of an expert panel convened at the prime minister’s office, Kishida emphasised the pressing need to bolster the country’s cyber response capabilities.

The government of Japan aims to present the proposed legislation during the upcoming extraordinary parliamentary session scheduled for autumn. During the meeting, Digital Transformation Minister Taro Kono outlined three critical areas for discussion – enhancing information sharing between the public and private sectors, identifying servers involved in cyberattacks, and determining the extent of governmental authority.

Kono urged the panel consisting of 17 experts such as specialists on cybersecurity and lawyers to provide progress reports on these issues within the coming months, highlighting the urgency of addressing cybersecurity challenges. Kono highlighted the importance of establishing a system on par with those of the United States and European nations, while also safeguarding the rights and interests of the people.

Poland allocates $760 million to counter Russian cyber threats

Poland has announced plans to allocate over 3 billion zlotys ($760 million) towards strengthening its cybersecurity measures following a suspected Russian cyberattack on the state news agency PAP. The attack, which authorities believe originated from Russia, has raised concerns ahead of the European Parliament elections in Poland. These fears escalated after a false article about military mobilisation appeared on PAP, prompting heightened vigilance against potential interference from Moscow.

Krzysztof Gawkowski, Poland’s digitalisation minister, emphasised the country’s commitment to defending against cyber threats, describing Poland as being on the frontline of the cyber fight against Russia. Gawkowski revealed that Poland had thwarted several cyber attacks on critical infrastructure over the weekend, underscoring the urgency of bolstering cybersecurity measures in the face of ongoing threats.

Amid accusations of Russian attempts to destabilise Poland, the Russian embassy in Warsaw has denied knowledge of the cyberattack on PAP and dismissed allegations of Russian interference. However, Poland has cited incidents of sabotage and arson on its soil, linking them to Russia. Additionally, Polish authorities assert that Russian secret services are actively gathering information on weapons deliveries to Ukraine following Russia’s invasion in February 2022. In response, Poland has announced the re-establishment of a commission to investigate Russian influence, highlighting the country’s efforts to address security concerns and safeguard against external threats.

AI tools deployed to counter cyber threats at 2024 Olympics

In just over two months, Paris will host the eagerly awaited 2024 Summer Olympics, welcoming athletes from around the globe. These athletes had a condensed preparation period due to the COVID-related delay of the 2020 Summer Olympics, which took place in Tokyo in 2021. While athletes hone their skills for the upcoming games, organisers diligently fortify their defences against cybersecurity threats.

As cyber threats become increasingly sophisticated, there’s a growing focus on leveraging AI to combat them. Blackbird.AI has developed Constellation, an AI-powered narrative intelligence platform that identifies and analyses disinformation-driven narratives. By assessing the risk and adding context to these narratives, Constellation equips organisations with invaluable insights for informed decision-making.

The platform’s real-time monitoring capability allows for early detection and mitigation of narrative attacks, which can inflict significant financial and reputational damage. With the ability to analyse various forms of content across multiple platforms and languages, Constellation offers a comprehensive approach to combating misinformation and safeguarding against online threats.

Meanwhile, the International Olympic Committee (IOC) is also embracing AI, recognising its potential to enhance various aspects of sports. From talent identification to improving judging fairness and protecting athletes from online harassment, the IOC is leveraging AI to innovate and enhance the Olympic experience. With cybersecurity concerns looming, initiatives like Viginum, spearheaded by French President Emmanuel Macron, aim to counter online interference and ensure the security of major events like the Olympics.

US State Department enhances cybersecurity post Microsoft breach

Following a major cyberattack last year that saw China-linked hackers infiltrate the US Department of State’s network, the agency has expanded its cybersecurity efforts beyond its reliance on Microsoft. This reinforcement of the defence strategy comes after the breach compromised around 60,000 State Department emails, including those of high-profile officials like Commerce Secretary Gina Raimondo. Criticism was directed at Microsoft, with the Cyber Safety Review Board questioning the company’s transparency regarding the incident.

Kelly Fletcher, the department’s chief information officer, highlighted concerns about the security of corporate networks, emphasising the importance of all vendors ensuring secure systems. The hacking group, identified by Microsoft as Storm-558, obtained access to a digital key, allowing them to breach government inboxes. Despite tensions, the embassy of China in Washington denied any involvement of Chinese government-linked hackers in the attack.

In response to the breach, the US State Department has diversified its vendor portfolio, incorporating companies like Palo Alto, Zscaler, and Cisco alongside Microsoft. While Microsoft managed to revoke the hackers’ access, Fletcher expressed concerns over the potential broader impact of the breach. The department has since bolstered its security measures, including multifactor authentication and data encryption, significantly increasing cybersecurity fundamentals across its systems.

Despite criticism, Microsoft remains a key player in the State Department’s cybersecurity framework. The agency thoroughly analysed its communications with Microsoft following a separate breach linked to Russian hackers, concluding that sensitive information was not compromised. With ongoing efforts to fortify its cybersecurity posture, the State Department aims to mitigate future threats and maintain the integrity of its digital infrastructure.

UK launches cybersecurity law for smart devices to prevent hacking

Starting today, the UK is implementing consumer protection laws targeting cyber-attacks and hacking vulnerabilities in smart devices. This legislation, part of the Product Security and Telecommunications Infrastructure (PSTI) regime, mandates that all internet-connected devices—from smartphones to gaming consoles and smart fridges—adhere to strict security standards.

Manufacturers must eliminate weak default passwords like ‘admin’ or ‘12345’ and prompt users to change them upon device setup. The legal move aims to enhance the UK’s cyber-resilience, reflecting that 99% of UK adults now own at least one smart device, with the average household possessing nine.

Other key elements of the new legislation include banning common weak passwords, requiring manufacturers to provide clear contact information for reporting security issues and ensuring transparency about the duration of product security updates. By implementing these standards, the UK seeks to enhance consumer confidence, stimulate economic growth, and position itself as a leader in online safety.

Why does it matter?

The legislation responds to vulnerabilities exposed by significant cyber incidents, such as the 2016 Mirai attack, which compromised 300,000 smart products and disrupted internet services across the US East Coast. Similar incidents have since affected major UK banks such as Lloyds and RBS, which prompted the government to work on robust cybersecurity measures.

EU cybersecurity label vote postponed

National cybersecurity experts have postponed a vote on a proposed EU cybersecurity label until May, according to sources familiar with the matter. The EU aims to implement a cybersecurity certification scheme (EUCS) to ensure the security of cloud services, aiding governments and businesses in selecting trustworthy vendors. This delay allows tech giants like Amazon, Google, and Microsoft to continue bidding for sensitive EU cloud computing contracts.

Disagreements have arisen over whether strict requirements should be imposed on major tech companies to qualify for the highest level of the EU cybersecurity label. These disagreements have stalled progress despite recent discussions among experts in Brussels. Holding the rotating EU presidency, Belgium has made adjustments to the draft, reflecting ongoing deliberations.

The most recent version of the draft has eliminated sovereignty requirements that previously mandated US tech giants to collaborate with EU-based companies to handle customer data in the bloc. While major tech firms have welcomed this change, it has drawn criticism from EU-based cloud vendors and businesses like Deutsche Telekom, Orange, and Airbus. They argue that removing these requirements poses a risk of unauthorised data access by non-EU governments under their respective laws.

Following the experts’ postponed vote, the next phase involves the EU countries providing input, with the European Commission making the final decision. The outcome of these discussions will significantly impact the landscape of cybersecurity regulations and the involvement of major tech players in the EU’s cloud computing sector.