Updates

Cybersecurity

2019

Cisco Talos published a report on a new malicious cyber campaign ‘Sea Turtle’ that affected 40 different organizations in the countries of the Middle East and North Africa region. Target entities included ministries of foreign affairs, military organisations, intelligence agencies and major energy organisations. Researches describe ‘Sea Turtle’ as a state-directed espionage campaign active since early 2017 to obtain persistent access to sensitive networks and systems, though Cisco Talos didn’t attribute it to any state.
The campaign used a sophisticated Domain Name System (DNS) manipulation thus exploiting third-party entities to reach the targets: telecommunications organisations, ISPs, IT firms, registrars and registries.
Threat actors behind the campaign compromised entities by manipulating and falsifying DNS records at various levels in the domain name space. Researchers believed that their intentions were to steal credentials and gain access to networks and systems of interest.
Cisco Talos considers the ‘Sea Turtle’ campaign worrisome in its realistic potential to undermine users’ trust in the Internet as such.

 

After the final reading of the bill the State Duma (lower chamber of the Russian Parliament) adopted the law containing a set of amendments to the law on Communications and the law on Information and security. These amendments aimed to  protect the stability of the Internet in Russia in the event of a threat to its normal operation from abroad, including external Internet shutdown by adversaries.
This new law provides that Roskomnadzor (communications supervising body) will create a Center for monitoring and control of public networks in Russia that will coordinate the work of telecom operators and direct them in emergency cases.  Also, Internet traffic in Russia should be directed through a list of internet exchange points approved by Ministry of Communications in coordination with FSB.
Additionally, telecom operators are required to install special technical equipment that will filter Internet traffic for illegal content, as well as protect Runet from other threats. The Government will define technical requirements and the process of installation of such equipment later.
Finally, the law provides the creation of the national domain name system and the use of national cryptographic protection of information on the Internet for the government entities.
The law has to be approved shortly in the upper chamber - Federation Council, and signed by the president. Afterwards it comes into force on 1 November 2019.

 

The Kaspersky Global Research and Analysis Team published technical details of a sophisticated advanced persistent threat (APT) framework called TajMahal that cannot be attributed to any previously known APT group. Kaspersky claims that this APT has existed for at least five years according to the framework timestamps, and the only detected victim so far is a diplomatic entity from a country in Central Asia.
The spying framework consists of two major parts named ‘Tokyo’ and ‘Yokohama’, and the entire APT toolkit contains up to 80 malicious modules. TajMahal can steal documents that are sent to printer queues; take screenshots and record audio of voice over IP calls; steal files previously seen on removable drives once they are available again. The APT framework also has backdoors, keyloggers, and its own file indexer for the victim’s machine.
Kaspersky believes that there are many more victims to be discovered in future due to the sophisticated design of TajMahal APT.



 

US civil society organisation, the Electronic Privacy Information Center (EPIC), issued a letter to the US Congress Subcommittee on Consumer Protection and Commerce, addressing the topic of consumer safety when using Internet of things (IoT) devices. The letter details the privacy and security concerns associated with IoT devices and urges the subcommittee to consider adopting the IoT code of practice which was issued in the UK October 2018. The letter was sent to the subcommittee in advance of a scheduled hearing in the matter of dangerous products.

A group of 12 UK research institutions have launched the PETRAS 2 - National Centre of Excellence for IoT Systems Cybersecurity. The centre aims to advance a comprehensive and systematic research on Internet of things (IoT), artificial intelligence (AI), and machine learning. The creation of the centre is the second phase of the UK PETRAS (privacy, ethics, trust, reliability, acceptability, and security) programme which deals with the opportunities, challenges, and threats of digital technology. The centre is funded by the UK Research and Innovation, through the Engineering and Physical Sciences Research Council (EPSRC) as part of the Securing Digital Technologies at the Periphery (SDTaP) programme.

The Madras high court in India, has summoned Department of Telecom (DOT) and Internet Service Providers Association of India (ISPAI) by 8 April,  for failing to respond to a case related to regulating internet use and access of children. The court also mentioned that governments and ISPs have a crucial role to protect children online and raise awareness about parental control software.The petition filed by Mr S Vijayakumar calls for ISPs to set up an ISP level filter  “parental window” for protecting children online.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top