top of page

The CyberDiplomat Daily




Why Japan Is Lagging Behind in Cyber Defense Capabilities


Japan is falling behind in cyber defense capabilities, with only passive defense measures currently in place. Efforts to introduce active cyber defense are progressing slowly. Legal and privacy concerns pose challenges to implementing active cyber defense, including potential conflicts with the Japanese Constitution and Telecommunications Business Law. This has raised questions about the reliability of cyber defense in Japan. Establishing active cyber defense must align with Japan’s defense-oriented policy. Japan plans to enhance its cyber defense capabilities through expert panels and new legislation.



Cortina Watch asked to undergo cyber-security audit in lieu of fine after 2023 data breach


Luxury retailer Cortina Watch must engage a third-party cyber-security vendor for an audit after a 2023 data breach resulted in the theft of personal information from nearly 4,000 individuals. The breach included names, contact numbers, and some bank account numbers. Cortina Watch reported the breach on June 5, 2023, following a ransomware attack. The breach involved multiple cyber attacks between April 30 and June 4, 2023, and resulted in the compromise of sensitive data, including usernames, passwords, customer data, and sales information. Cortina Watch took its servers offline and implemented various cyber-security measures, including encryption, to address the situation. The breach highlighted the company's failure to implement reasonable access controls and enforce a strong password policy. The Personal Data Protection Commission emphasized the organization's responsibility to establish appropriate security measures based on the volume and sensitivity of the data handled.




400% rise in MoD data breaches fuels fear of cyber threat from Russia and China


The Ministry of Defence has seen a nearly 400% increase in data breaches over the past five years, raising concerns about cyber attacks from Russia and China. There were 550 data incidents last year, compared to 117 in 2017-18. Both the Conservatives and Labour have made national security a focal point of their election campaigns, amid warnings of cyber attacks and AI deep fakes from hostile states. Labour accused the Conservatives of a lax approach to cyber security, while the Defence Secretary announced urgent investigations into a major cyber attack on the MoD's payroll system and its contracts with third-party contractors. The Information Commissioner's Office fined the MoD £350,000 after email data breaches compromised the details of 265 people following the Taliban's takeover of Afghanistan in 2021.



Russia and China ready to ‘sow division and chaos’ with election cyber hack


Members of Parliament (MPs) have been warned about potential cyber attacks and deep fakes from Russia, China, North Korea, and Iran during the UK general election. The UK is ill-prepared for large-scale cyber hacks and the use of generative AI to spread disinformation and deep fakes on social media. MPs and their staff are vulnerable to attacks or influence from foreign adversaries. The UK Government has identified China and Russia as posing the greatest cyber threats, with Iran and North Korea also having notable capabilities. The government has established the Defending Democracy Taskforce and allocated £31m to protect democratic processes. The Electoral Commission plans to combat false information and provide accurate information to voters during the election campaign.



EP Water says it is ready to meet cyber threats


The EPA issued an alert due to increased cyber threats to water systems. Over 70% of water systems in the US are vulnerable. El Paso Water is compliant and has strong cybersecurity measures in place to protect against potential attacks. They conduct regular security assessments to ensure uninterrupted water supply to residents.



Brands being abused on industrial scale by cyber criminals, warns think tank


Cyber criminals are using top brands in 97% of their scams, damaging trust in businesses. The average amount lost to internet scams is £1,169 per person, with the real total potentially being 60% higher due to underreporting. 58% of people do not trust messages sent by brands. More coordinated action is needed to combat cyber criminals and protect consumers engaging with brands online.



NATO surrounding Russia with network of cyber labs Moscow


There are reports of cyber laboratories being established in Estonia, Latvia, Finland, and Romania, according to a senior Russian diplomat. The diplomat, Artur Lyukmanov, who is the Special Representative of the Russian President for International Cooperation in the Field of Information Security, has accused NATO of attempting to encircle Russia with these cyber facilities as part of a hybrid war against the country. He also claims that Ukraine has been a major testing ground for cyber activities, with alleged involvement of NATO in supporting hacking activities in the country. According to Lyukmanov, NATO plans to expand its network of cyber laboratories to Georgia and Moldova in the future. Additionally, he mentioned the recent Cyber Flag 2024 exercise, which involved American cyber operators and counterparts from 18 NATO members and partner states. Russian President Vladimir Putin has also called for the establishment of a state-run data protection system in response to the increasing number of cyberattacks on the country since the outbreak of the Ukrainian conflict.



Indians lost over ₹1,750 crore to cyber fraud in first four months of 2024 


Indians lost over Rs 1,750 crore to cyber criminals in the first four months of 2024, with 7.4 lakh cybercrime complaints reported. The Indian Cyber Crime Coordination Centre (I4C) noted a significant increase in cybercrime complaints. The most common types of cybercrimes reported were online investment fraud, gaming app scams, algorithm manipulations, illegal lending apps, sextortion, and OTP fraud. The I4C is working with various agencies to address these issues and is monitoring and blocking cybercrime infrastructure.



Firms must do more to combat threat of cyber attacks, data regulator warns


Businesses have been warned by the data watchdog to enhance their efforts in combating cyber threats. The Information Commissioner's Office (ICO) has raised concerns, stating that organizations need to strengthen their cybersecurity measures to protect personal data in the face of increasing cyber attacks. The ICO has released alarming statistics from its records, showing a rise in the number of companies falling victim to cyber breaches, leading the regulator to issue guidance on common security mistakes. According to the ICO, there have been over 3,000 cyber breaches, with the finance, retail, and education sectors being the most affected. This call to action from the ICO comes after a significant cyber incident at the Ministry of Defence, where hackers accessed a third-party payroll system containing sensitive information such as names, bank details, and some addresses of military personnel and recent veterans. The ICO has stressed the crucial need for businesses to implement "foundational controls" to defend against cyber attacks. Stephen Bonner, the ICO's deputy commissioner for regulatory supervision, emphasized the necessity for organizations to assure people that their personal information is secure. Mr. Bonner pointed out a concerning gap, highlighting that despite the increasing complexity of cyber attacks, many organizations are failing to adapt and are overlooking basic cybersecurity measures. He stressed the importance of having foundational controls in place, stating that there is no excuse for not implementing them. The ICO has also issued a new report titled "Learning From The Mistakes Of Others," providing firms with guidance on recognizing common security failures and improving their security measures. The report outlines what the ICO believes are the top five causes of cybersecurity breaches: phishing scams, brute force attacks, denial of service attacks, errors in security settings, and supply chain attacks.



Act Now, Stay Secure campaign launched to warn First Nations Australians of cyber-crime


The Australian government has launched a campaign to educate First Nations communities about cyber-crime. The Act Now, Stay Secure campaign advises using strong and unique passphrases, keeping software updated, and using multi-factor authentication. Cyber security expert Jack Reis emphasized the importance of these steps in protecting against cyber criminals and encouraged everyone to learn and share these measures for online safety.



Dark web of deceit: Cyber crooks pull off scam with third-party apps 


Scamsters exploit victims’ lack of knowledge about third-party apps and create a sense of urgency, often through messages sent on WhatsApp or Telegram. Victims are tricked into clicking unknown links and downloading harmful software. 



What to make of China’s massive cyber-espionage campaign


On March 25th and 26th, the United States, Britain, and New Zealand jointly criticized Chinese cyber-espionage. They accused China of targeting various entities in the West, including critics of the Chinese Communist Party. Both the United States and Britain imposed sanctions on a Chinese hacker group called APT31 and its alleged members. These actions are unlikely to have a significant impact on China's cyber efforts.



RTAF set to establish dedicated cyber-command unit in October


The Royal Thai Armed Forces (RTAF) is establishing a dedicated cyber-command unit in October to strengthen the country's defenses against cyber warfare. This initiative, led by RTAF Commander-in-Chief Gen Songwit Noonphakdi, aims to enhance Thailand’s capacity to counteract cyber threats and will involve collaboration across various state agencies and the three armed forces. Additionally, existing cyber and digital technology units within the army will undergo restructuring, and a cyber defense academy will be launched to train 300 to 500 specialists annually.



NATO surrounding Russia with network of cyber labs Moscow


NATO is allegedly establishing cyber laboratories near Russia as part of its hybrid war against the country, according to Artur Lyukmanov, the Special Representative of the Russian President for International Cooperation in the Field of Information Security. He claimed that the US-led bloc is developing strategies to engage Russia in cyberspace, with Ukraine serving as a primary testing ground. Additionally, Lyukmanov stated that NATO is allegedly establishing cyber laboratories along the Russian borders and regularly conducting cyber exercises simulating confrontations with Russia. Russian President Vladimir Putin has called for the establishment of a state-run data protection system due to the increasing number of cyberattacks on the country since the outbreak of the Ukrainian conflict.



Chinese and Pak cyber attacks in Kerala; cooperative banks, hospitals, chit funds prime targets


Kerala’s cooperative banks, hospitals, and chit funds are facing cyber-attacks from foreign countries, with hackers exploiting IT vulnerabilities to steal data. SQL injection, a common hacking technique, has been used in many cases. Even premium hospitals are not immune, with the Regional Cancer Centre facing a cyber-attack.



Massive cyber attack against Eritrea’s Internet System


A massive cyber attack was unleashed against Eritrea’s Internet System on Independence Day, Friday, 24 May 2024, at 12:32’:47 in the afternoon hours. The attempt was foiled by the defensive countermeasures deployed promptly, and the network continued its functions without interruptions. The identity of the originators, architects, and implementers of the attempted cyber attack is not alien to the watchful eyes of the Eritrean Government. The whole episode will be divulged in due time.




Estonia Seeks Cybersecurity Partnership with India


Estonia, a digitally advanced country, seeks to partner with India on cybersecurity. The Estonian government expressed interest in collaborating with India in this crucial field, highlighting the rise in cyber attacks globally and Estonia's own experiences with cyber threats. The Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Estonia, a NATO-accredited knowledge hub, emphasized the importance of collaboration and welcomed like-minded democratic nations like India to join in cyber knowledge sharing and addressing cyber-attacks. Estonia's digital republic status, with 99% of government services available online and internet access enshrined as a basic human right, makes it a leading example in digital governance.



Group to combat disinformation blocks 57 profiles and sites that scam and lie in RS


Bolsonaristas lead the production of fake news. While floods devastate the state, in addition to fake news, embezzlement and robberies have also become concerns of public security agencies. Propagators of lies - the so-called Fake News -, swindlers and thieves are other consequences of the devastation, amid the floods that plague the State of Rio Grande do Sul. Denounce the digital news portal GZH (Gaúcha ZH).In parallel to this, criminals also use digital networks to apply scams, especially those who are willing to help. The situation that causes concern has led to the creation of a task force, which tries to attack these three crimes. So far, according to the Deic (State Department of Criminal Investigations) of the Civil Police, 57 profiles and sites have been taken off the air - 19 sites and 38 profiles. In all, 28 inquiries were opened, of which 8 are due to suspicion of the spread of fake news and 20 for cases of virtual embezzlement. The Cyber Task Force, composed of intelligence agencies, the State government's Secretariat of Communication, and the investigative division of the Deic, has been monitoring virtual scams and fake news related to the floods. Deic director Vanessa Pitrez highlighted that the spread of false information has caused unnecessary panic and diverted resources from essential emergency response activities such as rescue and security operations.







0 views0 comments

Recent Posts

See All

Comments


bottom of page