Cyberspace Cooperation

Speaking on NPR's "All Things Considered" program, EWI Global Vice President Bruce McConnell discusses the ramifications, causes and potential responses for the global ransomware attack on computer networks worldwide earlier this month. 

McConnell noted that federal agencies responded accordingly, having experienced and learned from a similar attack at the Office of Personnel Management two years prior where the data of 21 million people was stolen. "The federal government has several wake-up calls in the last few years, so the Obama administration put quite a bit of emphasis on getting things patched, getting things up to date and cleaning up unsupported operating systems." 

Despite having learned from past-experiences, McConnell said the global malware attack dubbed 'WannaCry' was "relatively unsophisticated," adding that "more sophisticated attacks will be harder to stop." 

Click here to read the full article on NPR.

Listen below.

“I just don’t think that there’s a serious effort to engage the Russians,” says McConnell, who manages the institute's cyberspace program and a former deputy under secretary for cybersecurity in former President Barack Obama-era Department of Homeland Security. “It’s really a question [if] you want to work on the relationship and improve it, or whether you want to remain in a standoff, which we’re in right now.”

The article laments about how the discussions about Russia's reported cyber interference in the 2016 presidential election have not been accompanied with efforts to resolve the core problem: how to prevent it in the future? The article lists a few avenues to achive that objective.

Read the full article here.

Japan’s cyberdefenses remain underdeveloped compared to the country’s great reliance on information and communications technology. Despite Japan’s initial slow response to the security challenges emerging from cyberspace, this paper posits that cybersecurity under the administration of Japanese Prime Minister Shinzo Abe has moved to the core of the country’s national security policy. The 2020 Olympics Games are a major catalyst for this.

Over the last two years the Japanese government has indeed laid the structural and legal foundations for becoming a serious player in cyberspace. That effort, however, remains underfunded and is slowed by overly complicated intergovernmental coordination processes and stovepiping within the government.

While Japan remains a reluctant cyberpower with a decidedly defensive outlook and a particularly change-resistant bureaucracy, plagued by vertical compartmentalization, recent initiatives and policies have made it clear that the country is moving in the direction of potentially becoming one of Asia’s more advanced cyberpowers in the not-too-distant future.

This paper first outlines an analytical framework used to evaluate Japan’s current standing and progress as a cyberpower: from whole of government (WoG) to whole of nation (WoN) and whole of system (WoS). The following three sections discuss in detail the evolutionary stages in the development of Japan’s national cybersecurity strategy. The last section deals with the Japan Self-Defense Forces’ changing role in cyberspace and how it is slowly embracing a more militarized response to state-sponsored cyberthreats.

The administration of Prime Minister Abe has been careful not to abandon the Japan Self-Defense Forces’ defensive posture in cyberspace and has not indicated that it will develop offensive cyberwar capabilities. This, however, may change should the new U.S. administration abandon the United States’ historic solid defense commitment to Japan. In that respect, Japan’s deepening of engagement with like-minded countries will assume even greater importance over the next four years.

Read in full here.

It’s hard to find a major cyberattack over the last five years where identity — generally a compromised password — did not provide the vector of attack.

Target, Sony Pictures, the Democratic National Committee (DNC) and the U.S. Office of Personnel Management (OPM) each were breached because they relied on passwords alone for authentication. We are in an era where there is no such thing as a “secure” password; even the most complex password is still a “shared secret” that the application and the user both need to know, and store on servers, for authentication. This makes passwords inherently vulnerable to a myriad of attack methods, including phishing, brute force attacks and malware.

The increasing use of phishing by cybercriminals to trick users into divulging their password credentials is the most alarming — a recent report from the Anti-Phishing Working Group (APWG) found that 2016 was the worst year in history for phishing scams, with the number of attacks increasing 65% over 2015. Phishing was behind the DNC hack, as well as a breach of government email accounts in Norway, and was the method that state-sponsored hackers recently used in an attempt to steal the passwords of prominent U.S. journalists. Phishing is on the rise for a simple reason: it is a relatively cheap and effective form of attack, and one that puts the security onus on the end-user. And, given that many users tend to reuse passwords, once these passwords are compromised, they can be used to break into other systems and bypass traditional network security measures.

Click here to read the full article on Harvard Business Review. 

On March 14-16, the EastWest Institute (EWI), in partnership with the University of California, Berkeley Center for Long-Term Cybersecurity, hosted a summit featuring over 200 government officials, industry experts, academics, and activists from 30 countries. They met to identify areas of closer collaboration on attacks and sharing of threat information between corporations, governments, and other stakeholders that play a critical role in defending cyberspace.

Peter Altabef, president and CEO of Unisys, delivered a keynote focusing on Smart Cities, and the steps required to keep digital assets and communities safe, securing a balance between four factors: cybersecurity, personal safety, health, and infrastructure. Francis Fukuyama of Stanford University was featured in a discussion on trust in cybersecurity and explored the phenomenon of fake news, what he described as “today’s wild west of information sharing.”

Since 2009, EWI has brought together international actors through its Global Cyberspace Cooperation Summits, aiming to coordinate and consolidate progress, showcase results, and promote collective action. The summits provide a crucial forum for building international, private-public actions to foster international cooperation in cyberspace and norms of responsible behavior.

What makes the EWI summits unique is their emphasis on two areas: fostering robust debate that underscores the aspect of cooperation and finds common ground, and the impactful and results driven role of breakthrough groups, each of which focuses on a key aspect of the cybersecurity dialogue.

To read the full article on Council of Foreign Relations, go here.

For more detailed information, including daily updates and videos from the summit, go here.

McConnell noted that the very “definition of cyber is expanding” which in turn “presents new policy problems” for defining government’s role in protecting content.

The evolution of cyber “now involves information warfare and manipulation, beyond the historic view of cyber war as attacks at stealing from or destroying computer networks.”

McConnell concluded by noting that congress should “fix DHS, oversee DHS” and look more closely at the role insurance can play in improving cybersecurity across the private sector. 

Read the full article on the Washington Examiner here.  

In discussing cyber espionage, Michael Chertoff said that "the Russians are pretty much No.1 in terms of using criminal organizations as partners." Chertoff noted that there is an "unholy alliance between criminal hackers operating in Russia and the Russian intelligence services." 

Russia's outsourcing of its hacking has enabled them to "obfuscate their role in carrying out these kinds of cyber attacks" by "having criminals as cutouts." 

Click here to read the full story on USA Today.

Revelations that Russian intelligence agents penetrated the computer systems of Yahoo three years ago is hardly news to someone like Marina Kaljurand.

As the Estonian ambassador to Russia in 2007, she contacted officials there after a cyberattack against her country, which Estonia blamed on Russia. The denial-of-service assault effectively shut down the websites of the former Soviet republic’s parliament, newspapers and banks by overwhelming the sites with Internet traffic rerouted from other servers.

As you can imagine, she didn’t get far.

“It was a one-sided conversation,” said Kaljurand, who’s attending a cybersecurity conference in Berkeley this week. “There was no response from Russia.”

Click here to read the full story on San Francisco Chronicle.

Click here to read about the Summit.