Cyber wrap

Western intelligence agencies are finding themselves under increasing public scrutiny from lawmakers as the fallout of the Snowden leaks continues. In the UK, the heads of the three national intelligence agencies appeared at an open hearing of the Intelligence and Security Committee, usually conducted in-camera. Their testimony, which The Guardian panned as ‘choreographed’, revealed the deep concerns about the loss of capability caused by the Snowden leaks in the UK intelligence community, with GCHQ chief Sir Iain Lobban revealing that GCHQ had monitored conversations between intelligence targets discussing alternate communications methods to avoid electronic surveillance. Lobban defended GCHQ’s activities and the ‘proportionate’ nature of the surveillance, rejecting any inference that the agency’s operations broke the law.

The US intelligence community is also facing increasing calls for major structural reform, specifically splitting up US Cyber Command and the NSA to slow the ‘militarisation’ of cyberspace by the combined intelligence and cyber warfare behemoth.

Disclosure of US and UK cyber espionage tools and techniques has continued, such as the use of a practice known as ‘Quantum Insert’ to manipulate copies of legitimate websites such as LinkedIn to gain access to target computers. In the US, the New York Times has reported on the dawning realisation within the Obama administration that despite significant opposition to mass data collection, it must continue, at least for the meantime, as there is no replacement capability that can produce the same intelligence.

Australia also faced further criticism for its role in intelligence gathering in the region, particularly from Indonesia, where the Jakarta Post called for greater oversight of Australian intelligence agencies, and Indonesian based activists conducted a distributed denial of service against the Australian Secret Intelligence Service website.

In the UN, Germany and Brazil have introduced a draft resolution condemning mass data collection in the General Assembly, calling for measures to end collection and a UN report on protection of human rights in the context of mass data collection.

US Defense Secretary Chuck Hagel has discussed how the US Defense Department will continue to draw down conventional forces and readiness to protect investments in new technologies, including cyber warfare capabilities. This may be easier said than done as the US Air Force struggles to build a trained cyber workforce , and domestic agencies including Homeland Security struggle with cyber security responses and reporting due to funding and staffing issues . Russian AV guru Eugene Kaspersky would be concerned with Hagel’s focus on cyber warfare as he continues his worldwide crusade for a cyber arms treaty, most recently in Canberra.

The US–China Economic and Security Commission’s draft report to Congress discusses the response of Chinese cyber espionage operators to Mandiant’s exposure of Unit 61398 in February this year. The exposure only created a brief pause in Chinese cyber espionage and no change in its objectives. The only notable affect was that Unit 61398 made changes to its tactics, techniques and procedures in order to better mask its activities.

The RAND Institute has released a report on the role of the internet in radicalisation of 15 terrorists in the UK, finding that while the internet provides more opportunities for radicalisation, it doesn’t replace the need for personal contact during the radicalisation process.

And a warning for those BitCoin investors (or speculators) out there, don’t store the digital currency on internet connected devices. The warning came after the compromise of Australian based online bitcoin repository Inputs.Io in late October saw 4,100 bitcoins (US$1.2 million) filched in two separate intrusions.