TOP OF THE DAY

Like biosecurity, cybersecurity is essential for rural industries

(Dean Frye  – ASPI The Strategist – 21 November 2024) When you enter Australia, you meet some of the strictest biosecurity screening in the world. Even domestically, if you travel to South Australia with any kind of fruit in your bag, you could be facing a $375 fine. These protocols may seem frustrating. But they’re crucial in keeping our unique environment and rural industries—such as food and agriculture—safe from biosecurity threats. But biosecurity is far from the only threat to rural industries. As these industries evolve and the adoption of new technologies and devices increases, we lack investment and understanding of less visible but equally damaging security threats such as cybercrime. – https://www.aspistrategist.org.au/like-biosecurity-cybersecurity-is-essential-for-rural-industries/

North Korea’s Cyber Strategy: An Initial Analysis

(Abhishek Sharma – Observer Research Foundation – 21 November 2024) North Korea is among the states that stand out for their often defiant behaviour, divergent from typical diplomatic niceties and non-compliant with widely accepted international liberal norms and rules. This ‘uniqueness’ is seen, for instance, in the country’s nuclear weapons development programme, which has been the object of global attention since the early 1990s. North Korea has now extended this behaviour to the cyber domain, marked by an increasing number of attacks by state-sponsored hackers against other states. Its development of cyber capabilities offers insights into the regime’s views on the importance of the cyber domain in contemporary warfare. This brief examines the drivers of North Korea’s cyber capabilities, gauging its successes and the risks it poses to countries, particularly the United States, South Korea, and Japan. – https://www.orfonline.org/research/north-korea-s-cyber-strategy-an-initial-analysis

Senators call for watchdog to investigate TSA’s use of facial recognition

(Edward Graham – NextGov – 21 November 2024) A bipartisan coalition of lawmakers is asking the Department of Homeland Security’s internal watchdog to investigate the Transportation Security Administration’s use of facial recognition technology over concerns about the agency’s collection of biometric data. In a Wednesday letter to DHS Inspector General Joseph Cuffari, 12 senators — seven Democrats and five Republicans — called for a thorough review of how TSA uses facial recognition to verify travelers’ identities “from both an authorities and privacy perspective.” – https://www.nextgov.com/digital-government/2024/11/senators-call-watchdog-investigate-tsas-use-facial-recognition/401233/?oref=ng-homepage-river

NIST sets up new task force on AI and national security

(Alexandra Kelley – NextGov – 21 November 2024) The National Institute of Standards and Technology set up a new task force within its existing Artificial Intelligence Safety Institute focusing on evaluating the myriad security implications of artificial intelligence models with inter-agency participation. Dubbed the Testing Risks of AI for National Security Taskforce, or TRAINS, the group consists of members from the Department of Defense — including its Chief Digital and Artificial Intelligence Office and the National Security Agency — the Department of Energy and its national labs; the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency; and the National Institutes of Health within the Department of Health and Human Services. – https://www.nextgov.com/artificial-intelligence/2024/11/nist-sets-new-task-force-ai-and-national-security/401214/?oref=ng-homepage-river

Elections, Accountability, and Democracy in the Time of A.I.

(Rahul Batra – Observerer Research Foundation – 20 November 2024) This paper assesses how a transformational technology like Artificial Intelligence (AI) can be used by malicious actors to manipulate information and influence election results. It analyses the impact of such activities, and explores ways by which democratic polities can address this challenge. Reviewing cases from India and other countries in South Asia, and the United States, the paper also looks at the required regulatory landscape. It outlines recommendations straddling the strategic, tactical, and technical domains; and underlines the importance of public literacy. – https://www.orfonline.org/research/elections-accountability-and-democracy-in-the-time-of-a-i

Five Innovations that Make Defence Procurement Faster and Cut Cost and Risk

(Trevor Taylor, Linus Terhorst – RUSI – 20 November 2024) GCAP’s management involves five innovations that should drive success in its technology development and timeline. They also have the potential to transform the UK approach to major development, production and support programmes – if government is willing to change how it approaches project financing. – https://www.rusi.org/explore-our-research/publications/commentary/five-innovations-make-defence-procurement-faster-and-cut-cost-and-risk

SECURITY

Gambling and lottery giant disrupted by cyberattack, working to bring systems back online

(Jonathan Greig – The  Record – 21 November 2024) One of the largest gambling companies in the U.S. said a cyberattack last week caused massive disruptions to their operations, forcing them to take some systems offline. International Game Technology (IGT) notified the U.S. Securities and Exchange Commission on Tuesday that it became aware of the cyberattack when it “experienced disruptions in portions of its internal information technology systems and applications” on Sunday. – https://therecord.media/gambling-lottery-giant-hit-with-disruptive-cyberattack

Linux Malware WolfsBane and FireWood Linked to Gelsemium APT

(Alessandro Mascellino – Infosecurity Magazine – 21 November 2024) Recent discoveries have unveiled two new malware strains, WolfsBane and FireWood, targeting Linux systems. These advanced tools have been attributed by ESET to the notorious Gelsemium Advanced Persistent Threat (APT) group, a cyber-espionage entity with a history of targeting government, business and critical infrastructure sectors. – https://www.infosecurity-magazine.com/news/linux-malware-wolfsbane-firewood/

Vietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTail

(Alessandro Mascellino – Infosecurity Magazine – 21 November 2024) Researchers from Group-IB have revealed new findings highlighting significant differences in the methods and structures of two prominent infostealer malware families, VietCredCare and DuckTail. Both have been central to the cybercrime ecosystem in Vietnam, targeting Facebook Business accounts for financial gain. The new analysis follows a mid-2024 announcement from Vietnamese authorities regarding the arrest of over 20 individuals involved in distributing and operating these malicious programs. The initial crackdown disrupted the activities of VietCredCare and DuckTail, though the latter remains active with ongoing campaigns. – https://www.infosecurity-magazine.com/news/vietnams-infostealer-vietcredcare/

Gatwick Airport’s Cybersecurity Chief on Supply Chain Risks and CrowdStrike Outage

(James Coker – Infosecurity Magazine – 21 November 2024) Supply chain attacks have emerged as one of the primary challenges for cybersecurity teams, with attackers recognizing that software providers and other third-party services can provide an accessible gateway to high-value targets. This is a particularly significant issue in the aviation sector, which relies on a complex ecosystem of third-party services and external IT tools to operate efficiently. The compromise of a key provider has the potential to cause huge disruption to air travel, with severe knock-on effects to the global economy. London Gatwick Airport’s Head of Cyber Security, Megan Poortman, spoke to Infosecurity about supply chain cybersecurity challenges in a critical international airport environment. – https://www.infosecurity-magazine.com/interviews/gatwick-cybersecurity-supply-chain/

Lumma Stealer Proliferation Fueled by Telegram Activity

(Kevin Poireault – Infosecurity Magazine – 21 November 2024) Instant messaging app Telegram is gaining traction as a malware-spreading platform, according to cybersecurity firm McAfee. Two McAfee researchers analyzed in a November 20 blog post how Lumma Stealer, one of the most used infostealers, is being distributed on Telegram. The researchers believe that threat actors have identified the messaging platform as a lucrative distribution vector because it reaches a broad and often unsuspecting audience. Deploying the infostealer via Telegram also bypasses traditional detection mechanisms. – https://www.infosecurity-magazine.com/news/lumma-stealer-proliferation-fueled/

DEFENSE, INTELLIGENCE, AND WAR

Pentagon plans secure cloud pilot to defend small businesses from hackers

(Sydney J. Freedberg Jr. – Breaking Defense – 21 November 2024) Next year, the Pentagon’s Office of Small Business Programs (OSBP) will launch a pilot project to create creating a secure, cloud-based enclave for small contractors, who often struggle to meet DoD’s extensive cybersecurity requirements. “We’re building [a] secure cloud that we’ll offer as a platform and environment for all small business” that work with the Department of Defense, said Derrick Davis, director of industrial cybersecurity for SBP. While still very much a work-in-progress, the plan is to include a virtual desktop, secure communications and other tools for use by smaller firms, Davis told the GovExec Cybersecurity Futures Forum on Wednesday afternoon. – https://breakingdefense.com/2024/11/pentagon-plans-secure-cloud-pilot-to-defend-small-businesses-from-hackers/

Anduril could receive up to $100M for Space Surveillance Network upgrade

(Theresa Hitchens – Breaking Defense – 21 November 2024) The Space Force has awarded artificial intelligence startup Anduril a contract worth up to almost $100 million to create a modern, machine-to-machine communications network to link sensors for monitoring the heavens to command and control (C2) systems and data analysts, the company announced today. The indefinite delivery/indefinite quantity contract, managed by Space Force Space Systems Command, covers a five-year program to deliver its Lattice software to US Space Command (SPACECOM) “as a resilient mesh networking capability” to modernize the Space Surveillance Network (SSN), Anduril’s press release said. “The U.S. Space Command has mandated full deployment by the end of 2026,” the release added. – https://breakingdefense.com/2024/11/anduril-could-receive-up-to-100m-for-space-surveillance-network-upgrade/

As adversaries attack, Pentagon’s zero trust office shifts focus to protecting ‘operational technology’

(Carley Welch – Breaking Defense – 21 November 2024) The Pentagon’s zero trust office has “pivoted” from a focus on shoring up the Defense Department’s information technology to better securing what’s known as “operational technology” (OT) and weapon systems from foreign hackers, the office’s director said Tuesday. “For OT and weapon systems, we are coming out with initial zero trust guidance. Why? Because the adversary is attacking,” Randy Resnick, the director of the Zero Trust Office within the department’s Chief Information Office, told Breaking Defense Tuesday. “The adversary wants to get into weapon systems to prevent their launch, or mess with the GPS coordinates, so the DoD is looking to initially secure these things beyond what they are today.” – https://breakingdefense.com/2024/11/as-adversaries-attack-pentagons-zero-trust-office-shifts-focus-to-protecting-operational-technology/

China’s Increasing Global Drone Footprint

(Abhishek Kumar Darbey – Manohar Parrikar Institute – 21 November 2024) The Chinese military is gradually being equipped with drones of increasing lethality and capabilities. Chinese defence universities have special programmes to train PLA soldiers majoring in drone technology and applications. Chinese drone manufacturers such as DJI have captured a significant chunk of global civilian drone market. According to the 2023–2024 China Drone Development Report released by the China Air Transport Association, as of the end of August 2024, nearly 2 million drones were registered in China, an increase of 720,000 from the end of 2023. By 2025, the output of China’s civilian drones is expected to exceed 200 billion yuan. Chinese military drones, meanwhile, are widely being used in conflict hotspots across the world, particularly so in Africa and the Middle East. The PLA has intensified the military drones R&D as well as manufacturing activities. Going forward, the global footprint of Chinese military as well as civilian drone programmes is only expected to grow exponentially. – https://idsa.in/idsacomments/China-Increasing-Global-Drone-Footprint-AKDarbey-211124

Armenia’s Defence Deep-Tech Landscape in a Shifting Regional Order: The Ramifications for India

(Archishman Ray Goswami – Observer Research Foundation – 19 November 2024) This brief assesses the growth of Armenia’s defence deep-tech landscape, and the geopolitical ramifications of its development for India, in particular. Tracing its historical development and current status in light of the current strategic volatility in the South Caucasus, the brief highlights the scope for closer cooperation between Yerevan and New Delhi in the deep-tech domain, shaped by such factors as issue-based convergences, Armenia’s push towards strategic diversification, and industrial bases in both countries that while already established, are also growing further. The brief discusses the opportunities for further cooperation and delves into the geopolitical and economic challenges. It offers recommendations around diplomatic and industrial options that may be deployed by India in pursuit of greater cooperation and a stake within Armenia’s burgeoning defence deep-tech sector. – https://www.orfonline.org/research/armenia-s-defence-deep-tech-landscape-in-a-shifting-regional-order-the-ramifications-for-india