US Cyber Command conducted cyber-attacks against Iran’s computer systems that control rocket and missile launches, The Washington Post reports. According to The Washington Post sources, the offensive strikes were approved by President Trump, based on the proposal by Pentagon in response to alleged Iranian attacks on two oil tankers in the Gulf of Oman. The attacks, which didn’t involve any casualties, took place along with the decision by President Trump to call back conventional strikes because they would not be “proportionate.'' Iran’s telecommunications minister Mohammad Javad Azari Jahromi confirmed there are attempts of cyber-attacks, but denied their success, AlJazeera reports.
US is stepping up digital incursions into Russia’s electric power grid, New York Times reports. By infecting Russia’s energy facilities, US Cyber Command would potentially be able to turn them off, causing power cuts and havoc. While officials, including at the National Security Council, declined to comment, they said they had no national security concerns about the New York Times report. John Bolton, National Security Adviser to President Trump, has confirmed that the US is engaged in offensive cyber operations against broad list of potential targets, with a purpose “to say to Russia, or anybody else that’s engaged in cyberoperations against us, ‘You will pay a price.’” The development follows strengthened authorities of Cyber Command to conduct offensive cyber operations, and the “defend forward” approach taken by its commander Gen. Paul Nakasone to establish “persistent presence” deep in an adversary’s networks. The move is seen by some experts as a deterrence tactics, or the ‘gunboat diplomacy’ of the twenty-first century - though consequences of potential escalations could be more devastating, ZDnet comments.
The organisational meeting of the UN open-ended working group (OEWG), established by the UN General Assembly (A/RES/73/27) in December 2018 to address developments in the field of information and telecommunications in the context of international security, took place in New York on 3-4 June. OEWG will be chaired by Amb. Jürg Lauber, Permanent Representative of Switzerland to the UN in New York, and will gather all the interested UN member states. The meeting agreed on rules of procedure, re-confirmed that decisions will be taken on a consensus basis, and signalled commitment of states to achieve strong links between OEWG and GGE. The programme will be published over the summer. Next meeting of OEWG is scheduled for 9-13 September in New York, and will be followed by two more meetings - in February and July 2020. OEWG will also hold informal consultations with other stakeholders in December 2019; according to Global Partners Digital, the registration for non-governmental stakeholders will be conducted via UNODA website, and applications will be reviewed on a rolling basis.
EU will be able to impose sanctions in response to cyber-attacks conducted or attempted against it, according to the newly adopted decision of the Council of the EU. The decision, which builds on the existing cyber-diplomacy toolbox from 2017, provides a framework for EU responses to cyber-attacks that constitute an external threat to the EU or its members, as well as attacks against third countries or international organisations. The Council of the EU will be able to react on cyber-attacks – or attempted cyber-attacks – of significant impact, that originate or use infrastructure outside of the union, or are carried out or supported by persons or entities outside of the EU. Sanctions against persons or entities conducting or supporting cyber-attacks include EU travel bans, asset freezes, and bans regarding economic co-operation with EU entities
According to the Israeli Defence Forces (IDF), the Israeli Air Force destroyed the building housing the headquarter of Hamas’ cyber unit, in the Gaza Strip . According to the IDF, they first neutralised the cyber-attack and then destroyed Hamas’ cyber capabilities. The air strike was part of the Israeli campaign against targets in the Gaza Strip, amid intense clashes in the area. Analysts assume Israel has already gathered detailed intelligence about the Hamas group, which allowed for such as swift and lethal response immediately after the cyber-attack, Forbes reports. ZDNet noted that this is the second military response against cyber-threats, after the US launched a drone-attack against ISIL’s hacker group in 2015
The Mueller report provided details of the Russian interference in the 2016 US presidential elections.
The report by special counsel Robert Muller on Russian influence on the US presidential elections in 2016 was published in the redacted form on April 18. The document among other things describes steps taken by Russian military officers from GRU and information campaigns organized by Internet Research Agency (IRA) in social networks.
It was investigated that GRU officers sent malicious links to several accounts linked to to the domain of Hillary Clinton's personal office to gain the access to the emails hours after Donald Trump in his campaign sarcastically called Russia to track down missing Clinton's emails with sensitive state information.
Secondly, the Mueller’s team identified that IRA organized several political rallies in the US in support of Trump’s campaign using social media and coordinating this rallies through Facebook, Twitter, and Instagram. Moreover, messages created by IRA accounts were promoted and amplified by the Trump campaign officials. It led to the public discord in social media.
Finally, the report concludes that Democratic National Committee leaks that GRU obtained and retailed through its DCLeaks and WikiLeaks represented much more interference. The information campaigns though offered some benefit for the Trump campaign, but the investigation did not identify evidence that any US persons knowingly or intentionally coordinated with IRA members.
The foreign ministers of G7 countries adopted the ‘Dinard Declaration on the Cyber Norm Initiative’, following a discussion on defence of democracies against foreign interference and on the responsible behaviour of states in cyberspace. The initiative’s aim is to encourage voluntary exchange of information, best practices, and lessons learned on implementation of voluntary, non-binding norms of responsible state behavior. In a joint communique, the ministers committed to countering malicious cyber activities of North Korea and bolstering capabilities in order to address cybersecurity threats from Russia. They also encouraged China to uphold its commitments not to engage in malicious cyber activity, including cyber-enabled intellectual property theft with the intent of providing advantages.
Venezuela has announced a cyber-attack on its hydroelectric power operations caused power outage in the country. The cyber-attack was attributed to the USA by President Maduro as an act of ‘the electric war announced and led by the US imperialism against our people’ on Twitter. This was promptly denied by US Secretary of State Mike Pompeo. Maduro stated that Venezuela suffered another cyber-attack on 9 March. On 11 March, the Venezuelan government ordered US diplomatic personnel to leave Venezuela in 72 hours, as their presence ‘represents a risk for the peace, unity and stability of the country’. The US Department of State has confirmed it is withdrawing its personnel on 11 March. The electric service was restored on 12 March and stabilised in its entirety within the following days. Maduro announced that a special commission will be created to investigate the cyber-attack, with Venezuela asking for the support of the UN and countries with experience in cyber-attacks such as China, Russia, Iran, and Cuba. He also revealed that the attack originated from US cities Chicago and Houston. On 13 March, Maduro stated the sabotage was threefold, and included a cyber-attack on the central hydro plant Guri, an electromagnetic attack on the transmission lines and physical attacks to substations to generate fires and short circuits. Experts, on the other hand, consider the lack of proper maintenance and negligence to be the cause ot the power outage. On 21 March, Maduro stated that the electric war continues.
The US Navy published the ‘Navy Cryptologic & Cyber Warfare Community Vision’. The document states that the network is a warfighting platform and that the Navy must commit to strengthening the Information Warfare Enterprise. The Navy must win ‘the counter-C5ISRT challenge’ and be prepared to simultaneously defend and attack, as well as hold the enemy’s space at risk.
The US Cyber Command conducted a cyber-attack on Russian’s Internet Research Agency (IRA) to prevent it from conducting a defamatory campaign during 2018 midterm elections in the USA, according to the The Washington Post (WP). US officials told the newspaper, on condition of anonymity, that they were able to cut IRA off the Internet for several days. The Russian President’s Press Secretary, however, questioned the reliability of WP sources. The Russian Federal News Agency (FAN) claimed that FAN was the actual victim of the attack, since it had sent employees of its subsidiary, USAReally, to the USA to observe the midterm elections. FAN said it is not connected to the IRA, does not interfere with elections or conduct other illegal activities. Its internal investigation concluded that the USA failed to cut FAN off the Internet; parts of the server that were disabled were promptly replaced, and new mirrors created for USAReally continued working as usual.