cyber_security   267

« earlier    

Japan gears up for mega hack of its own citizens
February 5, 2019 | Financial Times | by Leo Lewis.

Yoshitaka Sakurada, Japan’s 68-year-old minister for cyber security, stands ready to press the button next week on an unprecedented hack of 200m internet enabled devices across Japan — a genuinely imaginative, epically-scaled and highly controversial government cyber attack on homes and businesses designed as an empirical test of the nation’s vulnerability. A new law, fraught with public contention over constitutionally-guaranteed privacy, was passed last May and has just come into effect to give the government the right to perform the hack and make this experiment possible. The scope for government over-reach, say critics, cannot be overstated. Webcams, routers and other devices will be targeted in the attacks, which will primarily establish what proportion have no password protection at all, or one that can be easily guessed. At best, say cyber security experts at FireEye, the experiment could rip through corporate Japan’s complacency and elevate security planning from the IT department to the C-suite.

The experiment, which will run for five years and is being administered through the Ministry of Internal Affairs and Communications, is intended to focus on devices that fall into the broadly-defined category of “internet of things” (IoT) — anything from a yoga mat that informs a smartphone of your contortions, to remotely controlled factory robots. And while cyber experts say IoT security may not be the very top priority in the fight against cyber crime and cyber warfare, they see good reasons why Japan has chosen to make its stand here.....warnings that the rise of IoT will create a vast new front of vulnerability unless the security of, for example, a web-enabled yoga mat is taken as seriously by both manufacturers and users as the security of a banking website. The big cyber security consultancies, along with various governments, have historically relied on a range of gauges to calculate the scale of the problem. The Japanese government’s own National Institute of Information and Communications Technology (NICT) uses scans of the dark web to estimate that, of the cyber attacks it detected in 2017, 54 per cent targeted IoT devices.
C-suite  cyberattacks  cyber_security  cyber_warfare  dark_web  experimentation  hacks  Industrial_Internet  Japan  overreach  preparation  privacy  readiness  testing  vulnerabilities  white_hat 
14 days ago by jerryking
Canada-China relations have entered new territory. So, where do we go from here?

“Kill the chicken to scare the monkey.”

Canada is the luckless chicken in this unfortunate scenario. In effect, China is making an example of us – a weaker middle power – to threaten others who stand in its way, including the United States.

So far, it has meant the arbitrary detention of innocent Canadians in China, a death sentence for a convicted Canadian drug smuggler, an official warning about travel to Canada and a barrage of verbal threats from top Chinese officials......This all could not have come at a worse time. Canada’s ties to the United States are already frayed from the bruising renegotiation of North American free-trade agreement, and we desperately need new markets, including China, to drive our export-led economy.......Canada is also facing pressure from the United States and other allies to ban Huawei from supplying technology for next-generation 5G mobile networks because of cyberespionage concerns....“Canada is in a really tough situation,” acknowledged economist Gordon Betcherman, a professor in the University of Ottawa’s School of International Development and Global Studies. And lashing out at the Chinese is counterproductive...... here a few understated, Canadian-style tactics Ottawa should consider.
* (1) rag the puck as long as possible on any final decision on banning Huawei products, even if that puts Canadian telecom companies in a bind.
* (2) Ottawa should do what it can to expedite the extradition of Ms. Meng, including demanding the United States produce compelling evidence of wrongdoing, or release her when the process runs its course.
* (3) work with our allies on numerous fronts. Canada needs to get other countries to publicly shame China for abusing the rule of law.
* (4) continue to talk to the Chinese in an effort to rebuild confidence. Canadian business and tourist travellers are already cancelling trips to China.

Counterintuitive perhaps, but Canada should encourage Washington to take a hard line with China in trade talks. Reports Friday that China has offered to buy up to US$1-trillion in more U.S. goods to eliminate the trade deficit is an empty promise that won’t change its behaviour. On the other hand, getting China to fundamentally reform how it interacts economically with the world would benefit everyone.

“The biggest non-tariff barrier in China is how China runs, as a country,” Mr. MacIntosh explained. “It’s an outlier in the world.”
5G  Barrie_McKenna  beyondtheU.S.  bullying  Canada  Canada-China_relations  China  cyber_security  cyberespionage  Huawei  international_trade  Meng_Wanzhou  NAFTA  non-tariff_barriers  middle-powers  arbitrariness  understated 
4 weeks ago by jerryking
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Bloomberg
By and October 4, 2018, 5:00 AM EDT

In 2015, Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA......investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.

This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.......Over the decades, the security of the supply chain became an article of faith despite repeated warnings by Western officials. A belief formed that China was unlikely to jeopardize its position as workshop to the world by letting its spies meddle in its factories. That left the decision about where to build commercial systems resting largely on where capacity was greatest and cheapest. “You end up with a classic Satan’s bargain,” one former U.S. official says. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
China  cyber_security  cyber_warfare  hacks  semiconductors  security_&_intelligence  supply_chains 
5 weeks ago by jerryking
CSIS director warns of state-sponsored espionage threat to 5G networks - The Globe and Mail

Canada’s top spy used his first public speech to warn of increasing state-sponsored espionage through technology such as next-generation 5G mobile networks.

Canadian Security Intelligence Service director David Vigneault’s comments come as three of the country’s Five Eyes intelligence-sharing allies have barred wireless carriers from installing equipment made by China’s Huawei Technologies Co. Ltd. in the 5G infrastructure they are building to provide an even-more-connected network for smartphone users.

The United States, Australia and New Zealand have taken steps to block the use of Huawei equipment in 5G networks. Neither Canada nor Britain has done so.

On Monday, the head of Britain’s Secret Intelligence Service, known as MI6, publicly raised security concerns about Huawei telecommunications being involved in his country’s communications infrastructure.......hostile states are targeting large companies and universities to obtain new technologies.....“Many of these advanced technologies are dual-use in nature in that they could advance a country’s economic, security and military interests,”......there are five potential growth areas in Canada that are being specifically threatened, including 5G mobile technology where Huawei has been making inroads...“CSIS has seen a trend of state-sponsored espionage in fields that are crucial to Canada’s ability to build and sustain a prosperous, knowledge-based economy,”...“I’m talking about areas such as AI [artificial intelligence], quantum technology, 5G, biopharma and clean tech. In other words, the foundation of Canada’s future growth.”.....Canadian universities are largely unaware how they are vulnerable to economic espionage and the threat of infiltration by unnamed state actors who would use their expertise to gain an edge in military technologies. Huawei has developed research and development partnerships with many of Canada’s leading academic institutions.....MI6′s Alex Younger said Britain has to make a decision about Huawei after the United States, Australia and New Zealand acted against Huawei..... 5G technology – which offers faster download speeds – poses a greater national security threat than conventional mobile technology......A ban would come as a blow to Canada’s biggest telecom companies, including BCE Inc. and Telus, which have given Huawei an important role in their planned 5G networks.....Scott Jones, the new head of the Canadian Centre for Cyber Security, which is part of the Communications Security Establishment, rejected the idea of blocking Huawei, telling MPs that the country’s safeguards are adequate to mitigate against any risk.
5G  artificial_intelligence  China  CSIS  CSE  cyber_security  dual-use  espionage  Five_Eyes  Huawei  MI6  mobile  quantum_computing  spymasters  wireless  Colleges_&_Universities 
10 weeks ago by jerryking

« earlier    

related tags

5g  actionable_information  algorithms  alumni  andy_kessler  apple  arbitrariness  arms_race  artificial_intelligence  auctions  auditing  auth  autism  back_doors  backlash  bank_of_canada  barrie_mckenna  beyondtheu.s.  bf  biometrics  black_swan  blackmail  blindfla  blockchain  boards_&_directors_&_governance  book_reviews  books  brands  bullying  business-continuity  c-suite  campaign_2016  campaigns  canada-china_relations  canada  canadian  carnegie_mellon  ceos  cfos  china  chinese  cia  cios  cold_war  colleges_&_universities  competitiveness_of_nations  computer_vision  conglomerates  containers  control_systems  cors  counterespionage  counterintelligence  counterintuitive  countermeasures  crisis  crisis_management  cryptography  cse  csis  cyber_security_https  cyber_security_tls  cyber_warfare  cyberattacks  cybercrime  cyberespionage  cyberintrusions  cyberphysical  cyberrisks  cyberthreats  cyberweapons  danish  dark_side  dark_web  darpa  data  data_breaches  data_scientists  databases  david_sanger  decision_making  defensive_tactics  denmark  destabilization  deterrence  development  devops  devops_security  digital_currencies  digitalization  diplomacy  disappointment  disclosure  disinformation  disruption  dnc  docker  dodd-frank  domain  donald_trump  dopost  drones  dual-use  edward_snowden  elections  elections_canada  encryption  engineering  eric_reguly  espionage  europe  experimentation  exploits  facebook  fbi  fedex  financial_institutions  financial_markets  financial_system  five_eyes  foreign_policy  from  ft  game_changers  gene_pool  geopolitics  geospatial  germany  goldman_sachs  government  guidelines  gurus  hacker  hackergate  hackers  hacking  hacks  hedge_funds  henry_kissinger  high-frequency_trading  hillary_clinton  homeland_security  http  http_jwt  huawei  human_psyche  identity_theft  idf  idt  imagery  improbables  inaugurations  industrial_espionage  industrial_internet  influence_campaigns  information_flows  information_sources  information_systems  information_warfare  infrastructure  innovation  insurance  intellectual_property  intelligence_community  internal_communications  internal_systems  international_system  international_trade  internet  interpretative  iot  iphone  isis  israel  israeli  it  ivey  japan  jujutsu  justin_trudeau  jwt  kellyanne_conway  konrad_yakabuski  ktp  kubernetes  kubernetes_beforeproduction  kubernetes_security  left_of_the_boom  leon_panetta  letters_to_the_editor  linux  london  london_bridge  machine_learning  maersk  malware  manhattan_project  mapping  marriott  martin_chavez  math  mcafee  media  meng_wanzhou  metrolinx  mi6  michael_hayden  michael_mcderment  microsoft  middle-powers  mobile  mobile_phones  moles  mondelez  my  nafta  narrow-framing  national_security  national_strategies  nato  network_risk  neuroscience  new_york_city  nicholas_kristof  non-tariff_barriers  nonfiction  north_korea  nsa  nyt_how_to  obama  offensive_tactics  one-size-fits-all  outcomes  overreach  panic  partnerships  password_cracking  passwords  patents  pentagon  phds  physical_world  pilot_programs  poland  political_influence  ports  post-deal_integration  power_grid  preparation  privacy  propaganda  proprietary  psychology  putin  quantum_computing  ransomware  readiness  redis_security  regulation  regulators  remote_monitoring  reverse_engineering  risk-management  risk  risk_management  risks  rogue_actors  russia  russiagate  sanctions  satellites  scenario-planning  sean_spicer  sec  secdb  secdef  security  security_&_intelligence  self-improvement  self-protection  semiconductors  sent  sheryl_sandberg  shipping  sigint  smart_people  social_media  spectrum  spof  spymasters  sql_injection  stanford  start_ups  strategic_thinking  stress  stuxnet  supply_chains  surveillance  symantec  sysadmin  talent  tanzania  tcp_ip  technology  telecommunications  terrorism  testing  text_fingerprint  think_differently  think_threes  thinking_holistically  threat_intelligence  threats  tim_cook  tips  tls  tools  traders  transparency  trump  twitter  u.s.  u.s._cyber_command  uk  understated  unexpected  unit_9900  united_kingdom  united_states  unprepared  vandalism  vault7  venture_capital  virtual_currencies  viruses  vladimir_putin  vodafone  voting  vulnerabilities  wall_street  war_for_talent  white_hat  white_house  wikileaks  william_cohan  wireless  wiretap  wisdom  wpp  wwii 

Copy this bookmark: