Spies in the Middle East: Israeli Cyber Operations

Published:

The State of Israel has developed exceptional cyber capabilities that surpass all other nations within the MENA region. In January 2017, Prime Minister Benjamin Netanyahu declared that Israel had become one of the top five global cyber powers. Israel conducts covert cyber operations that are strictly classified and rarely formally acknowledged. So, beyond the infamous Stuxnet virus, what do publicly available sources reveal about state-sponsored hackers within Israel?

Continue reading
everyone hacks everyone

Everyone Hacks Everyone

Published:

If you examine the history of cyber breaches, you will find that the most newsworthy are usually attributed to Russia, China, Iran, and more recently North Korea. This may, or may not be true, but to echo the words of Eugene Kaspersky: the reality is that everyone hacks everyone. Friends attack foes, but friends also attack friends… secretly of course.

Continue reading
Cyber Pearl Harbor

Cyber Pearl Harbor: Fiction or Threat?

Published:

On 7th December 1941, a surprise raid was launched by the Imperial Japanese naval air force against the United States Pacific fleet while at anchor in Pearl Harbor, Hawaii. This devastating attack formally precipitated the entry of the United States into World War Two, shaping the course of history. A cataclysmic event of comparable magnitude has been anticipated within the cyber domain for more than two decades, encapsulated by the analogy: “Cyber Pearl Harbor”.

Continue reading

Regional Conflict and the Establishment of Cyber Warfare Testing Grounds

Published:

Regional conflict almost invariably brings with it consequences beyond its initial cause. The surrounding countries and regions suffer in a multitude of ways – from the massive and immediate human misery to ongoing political, economic and civil instability, and more long term diplomatic tensions and wounds that take time to heal.

Continue reading

Horizon Scanning: Hacktivism

Published:

Our historical understanding of protest as a means of political upheaval tends to be rooted in the idea of direct conflict between two clearly defined agendas or ideologies – between grassroots activism and state apparatus, for instance. We imagine crowds marching and holding placards, voicing their dissent in unison.

However, as we become increasingly interconnected and conduct more of our lives online, technology is changing our conceptions of protest and direct action altogether.

Continue reading

Friends or foes? Sino-American relations in Cyberspace

Published:

It may seem to some that China and America are experiencing a rapprochement of sorts in the cyber realm. Compared to previous years, today there are are markedly fewer headlines about breaches of American public and private institutions by the hands of Chinese hackers. Overall, there are fewer indictments being thrown at members of the People’s Liberation Army (PLA) and the level of political and economic sanctions being prepared against Chinese organisations and individuals has fallen since 2014/2015.

Continue reading

The Stacked Vulnerabilities Behind Mega-breaches

Published:

On the 23rd October 2015, it became public knowledge that 156,959 TalkTalk customers had their personal data exposed due to the insecure retention of customer records.

The breach dealt a major reputational blow to the telecommunications provider, and for many, the company has joined a growing list of brands that are now synonymous with a major breach of personal data.

Continue reading

The dark reality of cyberspace: the case of CVE-2017-0199

Published:

Threat actors do not exist in a cyber vacuum. Hackers, organised criminal gangs, and nation states all operate within the same cyberspace and have access to the same systems and vulnerabilities. Whilst the tactics, techniques and procedures (TTPs) vary between different threat actor categories (in  terms of method, capability and sophistication), the infection vectors they target remain the same.

Continue reading
Intelligence led security testing

The Benefits of Intelligence-led Security Testing

Published:

The UK’s Ministry of Defence defines intelligence as the directed and co-ordinated acquisition and analysis of information to assess capabilities, intent and opportunities for exploitation by decision-makers at all levels.

Information, on the other hand, is defined as unprocessed data of every description that may be used in the production of intelligence.

I describe intelligence as actionable information

The key question to ask when presented with ‘intelligence’ is:

“what can I do with it?”

Continue reading