New framing to typical diplomatic language.

three important sharpers of modern era.

Shangain Cooperaiton Organisaiton

||Jovan||

TITLE: New Policy Brief: Bridging the Digital Literacy Gender Gap in Developing Countries

CONTENT: An international team worked on a Policy Brief, Bridging the Digital Literacy Gender Gap in Developing Countries to urge the G20 and other countries to address the digital literacy challenges women face.

According to the data, when it comes to women being included in the digital sector, it is clear they are left behind. The gender gap in digital literacy in some economies, cultures, and locations inhibits women from taking advantage of improved educational possibilities and career prospects.

This policy brief assesses the correlation between sociocultural and digital literacy gaps. The article goes on to explain why gaps in digital literacy start developing in young age and how most programs for developing digital skills miss the challenges that women confront in integrating into the digital world. In its conclusion, it identifies solutions to these problems and implores the G20 and other nations to deal with the particular difficulties associated with women's digital literacy.

The main issue with women's access to digital resources is not the technology itself, but rather where women are situated in society. The gender digital gap is widened by elements including lack of autonomy, unequal access to education, and the perception of women as dangerous and unsafe in digital areas. You can read the full policy brief here (please insert this link on ‘here’: https://www.fenews.co.uk/wp-content/uploads/2022/09/Bridging-the-digital-literacy-gender-gap-in-developing-countries-2.pdf).

EXCERPT: An international team worked on a Policy Brief, Bridging the Digital Literacy Gender Gap in Developing Countries. It urges the G20 and other countries to address the digital literacy challenges women face. The main issue with women's access to digital resources is not the technology itself, but rather where women are situated in society.

DATE: 15.09.2022.

LINK: https://www.fenews.co.uk/exclusive/bridging-the-digital-literacy-gender-gap-in-developing-countries/ & https://www.fenews.co.uk/wp-content/uploads/2022/09/Bridging-the-digital-literacy-gender-gap-in-developing-countries-2.pdf

TOPIC: Gender rights online

...

TITLE: Research shows that Meta-owned apps are the most vulnerable to cyberattacks

CONTENT: TechShielder conducted a review of ten popular apps in the social, entertainment, and communication categories to determine which are the most likely to be hacked and what types of user data they store are at risk of being compromised.

According to the study, the average number of Google searches each app receives about being hacked indicates its vulnerability to cybercrime. Facebook ranks first with an average of 550,000 monthly searches for ‘Facebook hacked.’ Following that, there are 246,000 searches for ‘Instagram hacked’ and 135,000 for ‘WhatsApp hacked.’

With 49,500 and 27,100 searches, respectively, Snapchat and Twitch round out the top five. Netflix, YouTube, Telegram, Twitter, and Facebook's Messenger app were also included in the study. All of the apps reviewed by TechShielder store user email addresses and phone numbers, according to the company. Most collect names, credit card information, and cookies, which can provide a "in-depth" look into users' online lives.

The survey also showed that Meta-owned products have the most information on their users when compared to other popular apps, and Telegram has the least.

EXCERPT: TechShielder conducted a review of ten popular apps in the social, entertainment, and communication categories to determine which are most likely to be hacked. The average number of Google searches each app receives about being hacked indicates its vulnerability to cybercrime. Facebook ranks first with an average of 550,000 monthly searches for 'Facebook hacked'.

LINK: https://cybernews.com/security/meta-owned-apps-vulnerable-cyberattacks/

DATE: 14.09.2022.

TOPIC: Cybersecurity, Cybercrime, Network security

Newsletter Glue - Static Site Compatibility

TITLE: Increased DDoS attacks on UK companies during Ukraine war

CONTENT: According to new Freedom of Information (FoI) data obtained from the industry regulator, the volume of DDoS attacks against UK financial institutions increased during the first few months of the Ukraine war.

The Financial Conduct Authority (FCA) has given information that 14 DDoS attacks have occurred in 2022, compared to only five in all of 2021.

Picus Security co-founder, Suleyman Ozarslan has explained: ‘UK financial institutions are in the crossfire of the ongoing war between Russia and Ukraine and have become a direct target for nation-state attackers and hacktivists seeking to disrupt Ukraine’s allies.’ With the importance of the finance sector as critical national infrastructure, Picus Security understands these attacks were carried out by state-sponsored and hacktivist operations.

LINK: https://www.infosecurity-magazine.com/news/ddos-attacks-uk-firms-surge-during/

EXCERPT: DDoS attacks against UK financial institutions increased during the Ukraine war. 14 DDoS attacks have occurred in 2022, compared to only five in all of 2021. Picus Security believes these attacks were carried out by state-sponsored and hacktivist operations

DATE: 14.09.2022.

TOPIC: Cyberconflict and warfare, Cybercrime

TITLE: Albania is yet again the target of new Iranian hacker attacks

CONTENT: The office of Albanian Prime Minister Edi Rama tweeted over the weekend that the attacks targeted the Total Information Management System (TIMS), which assists in tracking individuals entering and exiting the country. Following a July 15 ransomware attack that knocked out multiple government services, Tirana decided last week to cut all diplomatic ties with Iran.

The NATO member nation has long been Iran's adversary, providing refuge to tens of thousands of members of the Iranian opposition movement Mujahedeen-e-Khalq (MEK). The attack in July occurred just before the Free Iran World Summit that was scheduled to take place in Albania.

Albania had joined forces with Microsoft and the FBI on attribution in order to ensure that the act was the result of state aggression.

EXCERPT: The office of Albanian Prime Minister Edi Rama tweeted over the weekend that the attacks targeted the Total Information Management System (TIMS), which assists in tracking individuals entering and exiting the country. The FBI and Microsoft worked with the Albanian government to ensure that the act was the result of state aggression.

LINK: https://www.infosecurity-magazine.com/news/iranian-hackers-launch-renewed/

DATE: 13.09.2022.

TOPIC: Cyberconflict and warfare, Cybercrime

TITLE: New infostealer malware dropped on Asian government networks by cyberspies

CONTENT: Security researchers have discovered new cyber-espionage action targeting Asian governments, along with state-owned aerospace and defense companies, telecom companies, and IT organizations.

This activity is being carried out by a distinct threat group previously associated with the "ShadowPad" RAT (remote access trojan). Recently, the threat actor used a much broader set of tools.The most current campaign appears to be almost entirely focused on Asian governments or public entities, such as some of the following: head of government/Prime Minister's office, government-owned aerospace and defense companies, state-owned media companies etc.

Chinese hackers are most likely behind these espionage campaigns, but the evidence isn't credible enough to make a certain conclusion.

EXCERPT: This cyber-espionage activity is being carried out by a distinct threat group previously associated with the "ShadowPad" RAT. The most current campaign appears to be almost entirely focused on Asian governments. Chinese hackers are most likely behind these espionage campaigns, but the evidence isn't credible enough to make a certain conclusion.

DATE: 13.09.2022.

LINK: https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/

TOPIC: Cyberconflict and warfare, Cybercrime, Cybersecurity

TITLE: Vietnamese journalist gets five years of prison for his online criticism

CONTENT: Le Anh Hung, a 49 year old journalist, was given a five-year prison sentence by a Hanoi court on August 30 for "abusing democratic freedoms" and "infringing upon the interests of the state." Hung frequently contributed to the Voice of America website and wrote on politics. He also frequently attacked Hoang Trung Hai, a former deputy prime minister and industry minister, whom he accused of corruption, abuse of authority, and espionage for China in his posts that criticized the ruling party's corruption and dominance.

He published an open letter on his Facebook page that went viral three days prior to his arrest. The letter criticized government actions and demanded that a draft law designating "special economic zones" in three different regions of Vietnam be changed. The planned law had received harsh public criticism and had ignited demonstrations that were ruthlessly put down. Despite Hung's repeated claims that his mental health was excellent, he was detained in a mental institution in Hanoi for the first three years and ten months following his detention.

This five-year prison sentence that Vietnam's authorities secretly handed down to independent journalist Le Anh Hung after imprisoning him for four years in appalling conditions apalls Reporters Without Borders (RSF). According to RSF, the authorities continue to abuse the legal system to impose draconian punishments in an effort to silence any criticism of media.

EXCERPT: Journalist Le Anh Hung was sentenced to five years in a Hanoi court for "abusing democratic freedoms" and "infringing upon the interests of the state". Reporters Without Borders (RSF) says the authorities continue to abuse the legal system to impose draconian punishments in an effort to silence any criticism of media. Despite claims that his mental health was excellent, he was detained in a mental institution for the first three years and ten months following his detention.

LINK: https://rsf.org/en/vietnamese-journalist-gets-five-years-prison-abusing-democratic-freedoms

DATE: 12.09.2022.

TOPIC: Freedom of the press, Freedom of expression

TITLE: Iranian Minister Sanctioned by US Treasury for Hacking Government and Allies

CONTENT: The Office of Foreign Assets Control (OFAC) of the US Department of the Treasury has sanctioned Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for allegations in engaging in cyber-enabled activities against the United States and its allies.

"We will not tolerate Iran's increasingly aggressive cyber activities targeting the United States or our allies and partners," stated Brian E. Nelson, Treasury Undersecretary for Terrorism and Financial Intelligence.

The MOIS would have guided several network connections of cyber threat actors engaged in cyber-espionage and ransomware attacks in assistance of Iran's political goals under Esmail Khatib's leadership.

The MuddyWater ransomware operations against Turkish government entities in November 2021, the APT39 wide - spread theft of personally identifiable information (PII) in 2020, and, most recently, the cyber activity that directly impacted Albanian government websites are examples of these. These sanctions come just weeks after Microsoft revealed details of alleged hacking campaigns linked to MuddyWater that targeted Israeli organizations by exploiting Log4j 2 vulnerabilities in SysAid applications.

EXCERPT: United States Office of Foreign Assets Control has sanctioned Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for cyber-enabled activities against the U.S. and its allies. "We will not tolerate Iran's increasingly aggressive cyber activities targeting the United States, …" said Brian E. Nelson, Treasury Undersecretary for Terrorism and Financial Intelligence.

LINK: https://www.infosecurity-magazine.com/news/us-sanctions-iranian-ministry/

DATE: 12.09.2022.

TOPIC: Cyberconflict and warfare

TITLE: Energy providers hacked globally by North Korean Lazarus Group

CONTENT: Between February and July 2022, the North Korean threat actor Lazarus Group ran a malicious campaign against energy providers all over the world. The campaign was previously revealed in part by Symantec and AhnLab in April and May, and Cisco Talos is now providing additional details.

The security researchers stated in an advisory on Thursday that the Lazarus campaign involved the exploitation of vulnerabilities in VMWare Horizon to gain initial access to targeted organizations. Cisco Talos states that the recent Lazarus attacks targeted energy providers from various countries, including the United States, Canada, and Japan.

The new Cisco Talos advisory is just the latest in a long line of documents detailing the Lazarus Group's hacking operations this summer. Elliptic, a blockchain analytics company, suggested in June that the threat actor was responsible for the $100 million theft from cryptocurrency firm Harmony. The Block recently linked the group to Axie Infinity's $600 million hack.

LINK: https://www.infosecurity-magazine.com/news/lazarus-group-hacked-energy/

DATE: 12.09.2022.

TOPIC: Cyberconflict and warfare, Cybercrime

EXCERPT: Between February and July 2022, the Lazarus Group ran a malicious campaign against energy providers all over the world. The campaign was previously revealed in part by Symantec and AhnLab in April and May. Cisco Talos is now providing additional details on the North Korean threat actor's operations.

TITLE: Freedom House report on Beijing’s Global Media Influence: cyber aspects

CONTENT: (For the next two paragraphs please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing’s efforts to influence media in democracies, and their response. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

Sarah Cook, Freedom House's research director for China, Hong Kong, and Taiwan, and one of the report's authors said: ‘The Chinese government is using more sophisticated, more covert and more coercive tactics, like cyberbullying, or cyberattacks, or just phone calls to journalists, to try to pressure and influence coverage in countries around the world.’

(From here on, please use this link: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience) Since 2019, more aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. Also, from 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. These cyberattacks increase the financial burden on media outlets to improve their defenses, and data theft hacking could endanger journalists and their sources.

Nigeria has been identified as the country most vulnerable to Beijing's media influence campaigns.

LINK: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience & https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html

TOPIC: Freedom of the press, Cybercrime

DATE: 08.09.2022.

EXCERPT: Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing's efforts to influence media in democracies. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. More aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

TITLE: Freedom House report on Beijing’s Global Media Influence: cyber aspects

CONTENT: (For the next two paragraphs please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing’s efforts to influence media in democracies, and their response. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

(From here on, please use this link: https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html) Sarah Cook, Freedom House's research director for China, Hong Kong, and Taiwan, and one of the report's authors said: ‘The Chinese government is using more sophisticated, more covert and more coercive tactics, like cyberbullying, or cyberattacks, or just phone calls to journalists, to try to pressure and influence coverage in countries around the world.’

Since 2019, more aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. These cyberattacks increase the financial burden on media outlets to improve their defenses, and data theft hacking could endanger journalists and their sources.

Nigeria has been identified as the country most vulnerable to Beijing's media influence campaigns.

LINK: https://freedomhouse.org/report/beijing-global-media-influence/2022/authoritarian-expansion-power-democratic-resilience & https://www.voanews.com/a/china-s-global-media-influence-campaign-growing-says-freedom-house-/6736696.html

TOPIC: Freedom of the press, Cybercrime

DATE: 08.09.2022.

EXCERPT: Freedom House report: Beijing's Global Media Influence: Authoritarian Expansion and the Power of Democratic Resilience, showed Beijing's efforts to influence media in democracies. Since 2019, news outlets or journalists from 7 countries have been targeted by cyberattacks that could be traced back to China. More aggressive activities such as targeted harassment of individual reporters, cyberbullying, and cyberattacks against stigmatized media organizations have spread to 24 of the 30 countries under investigation in some form. According to Freedom House, the Chinese Communist Party (CCP) employs a variety of tactics, including mass distribution of state-produced content, harassment and intimidation of local media outlets, targeted disinformation, and the use of cyberbullying and fake social media accounts.

TITLE: Increased Mortality Rates as a Result of Cyber-Attacks on Healthcare Organizations

CONTENT: According to new research from Proofpoint's Ponemon Institute, cyber-attacks on healthcare organizations increase mortality rates by more than 20%. The report surveyed 641 healthcare IT and security practitioners, and found out that 89% of them experienced an average of 43 attacks in the previous 12 months, with more than 20% experiencing one of these types of attacks: cloud compromise, ransomware, supply chain, and phishing.

The most common consequences of these attacks, according to Proofpoint, were delayed procedures, which resulted in poor patient outcomes for 57% of healthcare providers and increased complications from medical interventions for approximately half of them.

Ransomware was the most likely type of attack to have a negative impact on patient care, causing procedure or test postponements in 64% of cases and longer patient stays (59%).

LINK: https://www.infosecurity-magazine.com/news/mortality-rates-linked-cyber/

DATE: 11.09.2022.

TOPIC: Cyberconflict and warfare, Cybercrime, Cybersecurity

EXCERPT: Cyber-attacks on healthcare organizations increase mortality rates by more than 20%. 89% of healthcare IT and security practitioners experienced an average of 43 attacks in the previous 12 months. Cloud compromise, ransomware, supply chain, and phishing were the most common types of attacks.

This is an interesting text on ways how to solve a problem with proper display of drop caps on the web.

TITLE: Draft EU regulations direct smart devices that pose cybersecurity risks

CONTENT: According to a European Commission document obtained by Reuters on Thursday, smart devices connected to the internet, such as refrigerators and televisions, will have to comply with strict European Union cybersecurity rules or risk being fined or banned from the bloc.

On September 13, the EU executive will unveil its Cyber Resilience Act proposal. Following input from EU countries, it is likely to become law. Companies will be required to notify the EU cybersecurity agency ENISA of incidents within 24 hours of becoming aware of them, and to take corrective action.

The paper states that if companies fail to comply, national surveillance authorities have the authority to ‘prohibit or restrict that product being made available on its national market, to withdraw it from that market or recall it.’

EXCERPT: On September 13, the EU executive will unveil its Cyber Resilience Act proposal. Following input from EU countries, it is likely to become law. Smart devices connected to the internet, such as refrigerators and televisions, will have to comply with strict European Union cybersecurity rules.

LINK: https://www.reuters.com/technology/draft-eu-rules-target-smart-devices-with-cybersecurity-risks-2022-09-08/

DATE: 08.09.2022.

TOPIC: Cybersecurity, Cybercrime

TITLE: Women in China are being silenced online as a result of violence and censorship

CONTENT: When an influential woman in China's #MeToo movement, Ms. Zhou Xiaoxuan, went to court against a famous TV anchor, Mr. Zhu Jun, the justice was not on her side. What happened was not the accuser, but the accused - was portrayed as the victim. Other cases of gender violence and gender related incidents also rapidly went viral. In each case, however, the conversation was quickly censored in order to reduce the ways in which the women had been assaulted. China’s Communist Party has used social media censorship to silence critics while amplifying comments that support the government's chosen narrative of social harmony. After carefully analysing the content, censors then remove popular comments or accounts which express views that deviate too far from the party line. Government censors used Weibo, a popular Chinese social media platform to boost the comments supporting the court’s decision against one of the victims of sexual assault mentioned above, while reducing and deleting messages in her support.

TOPIC: Freedom of expression, Gender rights online

LINK: https://www.nytimes.com/2022/09/06/business/china-women-metoo.html

DATE: 06.09.2022.

EXCERPT: Chinese women are not allowed to post freely about their experiences of gender-related violence. #MeToo movement in China was restricted and censored by the ruling China’s Communist Party. Social media censorship is one of the main tools the government use in order to prevent women to express themselves and point out the unjust situation in the country regarding their mistreatment.

TITLE: Iran is condemned by the United Kingdom for its cyber attack on Albania

CONTENT: On September 7, the United Kingdom officially condemned the Iranian state for a cyber attack against Albania's government which destroyed data and interrupted crucial government services such as paying utilities, booking medical appointments, and enrolling schoolchildren. According to the National Cyber Security Centre (NCSC), Iranian state-linked cyber actors are almost definitely accountable for a number of cyber attacks against Albanian government infrastructure beginning on July 15, 2022.

UK Foreign Secretary James Cleverly declared that ‘The UK is supporting our valuable partner and NATO ally. We join Albania and other allies in exposing Iran’s unacceptable actions.’ The UK has already identified and provided advice on several cyberattacks by Iranian actors, starting with 2018.

TOPIC: Cyberconflict and warfare

LINK: https://www.gov.uk/government/news/uk-condemns-iran-for-reckless-cyber-attack-against-albania

DATE: 07.09.2022.

EXCERPT: This Wednesday, the United Kingdom condemned the Iranian state for a cyber attack against Albania's government which destroyed data and interrupted crucial government services such as paying utilities. The UK has already identified and provided advice on several cyberattacks by Iranian actors, starting with 2018.

TITLE: Ransomware gang’s Cobalt Strike servers receive anti-Russia messages in a series of DDoS

CONTENT: There has been a flood of anti-Russian messages to Cobalt Strike servers run by former Conti ransomware gang members in order to disrupt their operations. Although the operators of Conti ransomware turned off their infrastructure this year in May, its members are now a part of other ransomware groups, including Quantum, Hive, and BlackCat. At the time, TeamServers (C2) used by ransomware actors to control the Cobalt Strike (CS) Beacon payloads on compromised hosts are being tracked by someone, allowing for lateral network movement. When they go inside the CS servers, the usernames they use are ‘Stop Putin!’, or they change their computer name to messages like ‘Be a Russian patriot!’, and ‘Stop the war!’ It is unknown who is sending these messages, as it could be anyone from a security researcher to law enforcement or even a cybercriminal with a grudge for siding with Russia, BleepingComputer reports. In the end, the disruption was only temporary, and the ransomware actor returned to the scene with a more robust infrastructure, allowing them to keep the stolen data accessible even in the face of distributed denial-of-service (DDoS) attacks. LINK: https://www.bleepingcomputer.com/news/security/ransomware-gangs-cobalt-strike-servers-ddosed-with-anti-russia-messages/ EXCERPT: There has been a flood of anti-Russian messages to Cobalt Strike servers run by former Conti ransomware gang members in order to disrupt their operations. At the time, TeamServers (C2) used by ransomware actors to control the Cobalt Strike (CS) Beacon payloads on compromised hosts are being tracked by someone, allowing for lateral network movement. TOPIC: Cybercrime, Cyberconflict and warfare DATE: 07.09.2022.

TITLE: Albania blames Iran for the July cyberattack and suspends diplomatic relations

CONTENT: Albanian Prime Minister, Edi Rama, declared on Wednesday that the entire staff of the Islamic Republic of Iran Embassy in Albania had been asked to leave within 24 hours.

This decision follows the termination of diplomatic relations with Iran following the identification of an Albanian government infrastructure cyberattack to Iranian threat actors in July. Rama said that: ‘The in-depth investigation provided us with indisputable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran through the engagement of four groups that enacted the aggression.’

The U.S. government also officially blamed Iran for the July attack on Albania. The U.S. official said that they condemn this attack and that the Islamic Republic of Iran would be held responsible for endangering the security of a NATO ally. Further actions will be taken to held Iran accountable if another attack towards any of their NATO ally happens in the future. EXCERPT: Albanian Prime Minister, Edi Rama, declared on Wednesday that the entire staff of the Islamic Republic of Iran Embassy in Albania had been asked to leave within 24 hours. The U.S. government also officially blamed Iran for the July attack on Albania. The U.S. official said that they condemn this attack and that the Islamic Republic of Iran would be held responsible for endangering the security of a NATO ally. LINK: https://www.bleepingcomputer.com/news/security/albania-blames-iran-for-july-cyberattack-severs-diplomatic-ties/ TOPIC: Cyberconflict and warfare DATE: 07.09.2022.

Hello

TITLE: Japan investigates the potential involvement of a pro-Russian group in cyberattacks

CONTENT: Japan announced on Wednesday that it is looking into the possible role in cyberattacks of a pro-Russian group after numerous government websites were disrupted the day before. The ransomware group in question is ‘Killnet’, which is considered to be responsible for attacks on the government websites, as media quotes.

According to Chief Cabinet Secretary Hirokazu Matsuno, the Japanese government is investigating whether problems accessing more than 20 websites across four government ministries were caused by a denial-of-service (DDoS) attack. Matsuno also explained that the government websites could not be reached on Tuesday evening.

However, services were recovered the same day. He is aware this pro-Russian group is suggesting that they were behind the attack, but the case is still being investigated at the moment.

EXCERPT: Japan announced on Wednesday that it is looking into the possible role in cyberattacks of a pro-Russian group named Killnet after numerous government websites were disrupted the day before. According to Chief Cabinet Secretary Hirokazu Matsuno, the Japanese government is investigating whether problems accessing more than 20 websites across four government ministries were caused by a denial-of-service (DDoS) attack.

LINK: https://www.reuters.com/technology/japan-investigating-possible-involvement-pro-russian-group-cyberattack-nhk-2022-09-06/

DATE: 07.09.2022.

TOPIC: Cyberconflict and warfare, Cybercrime

The new Worok cyber-espionage group is targeting governments and high-profile corporations

Worok, a newly discovered cyber-espionage group, has been using a combination of custom and existing malicious tools to hack governments and high-profile companies in Asia since 2020. ESET security researchers were the first to spot it, and they found out that the group also attacked targets from Middle East and Africa.

Worok has so far been linked to attacks on telecommunications, banking, maritime, and energy companies, along with military, government, and public sector organizations. Although there have been no sightings since February 2022, ESET has linked the group to new attacks against a Central Asian energy company and a public sector institution in Southeast Asia.

TOPIC: Cyberconflict and warfare, Cybercrime

LINK: https://www.bleepingcomputer.com/news/security/new-worok-cyber-espionage-group-targets-governments-high-profile-firms/

DATE: 06.09.2022.

EXCERPT: Worok, a newly discovered cyber-espionage group, has been using a combination of custom and existing malicious tools to hack governments and high-profile companies in Asia since 2020. Although there have been no sightings since February 2022, ESET has linked the group to new attacks against a Central Asian energy company and a public sector institution in Southeast Asia.

Swiss strategic priorities

TITLE: The JX Fund and Voronezh Mass Media Defence Center launched the information platform Shpargalka | Exile

CONTENT: The JX Fund - European Fund for Journalism in Exile, in collaboration with the Voronezh Mass Media Defense Center, has launched the information platform Shpargalka | Exile (‘cheat sheet’ in Russian) to assist threatened media professionals in Russia in selecting a country of exile that is appropriate for them and their needs. Since the increase in anti-press legislation in Russia starting from 4 March, even the use of the word "war" can result in a 15-year prison sentence, so this type of platform is useful for media workers.

Shpargalka | Exile has now compiled answers to 21 of the most pressing questions, like ‘How do I get a work permit?’, or ‘What do I need to do to register a media company in exile?’ All questions are being answered by lawyers from 12 countries, which currently include: Armenia, Azerbaijan, Bulgaria, Germany, Georgia, Israel, Kazakhstan, Latvia, Montenegro, Poland, Serbia, and Turkey.

The information is regularly updated, as many countries' entry requirements and legal systems constantly change in light of the tense geopolitical situation. In recent months, the JX Fund has helped 14 media outlets rebuild, as well as five start-ups and the creation of a media hub in Tbilisi, Georgia. Since the increase in anti-press legislation in Russia starting from 4 March, even the use of the word "war" can result in a 15-year prison sentence.

EXCERPT: The JX Fund - European Fund for Journalism in Exile, in collaboration with the Voronezh Mass Media Defense Center, has launched the information platform Shpargalka | Exile (‘cheat sheet’ in Russian) to assist threatened media professionals in Russia in selecting a country of exile that is appropriate for them and their needs. The platform gives answers to 21 of the most pressing questions, which are given by lawyers from 12 countries.

LINK: https://rsf.org/en/cheat-sheet-media-workers-under-threat Sharpgalka | Exile: https://shpargalka-exile.web.app/

TOPIC: Freedom of the press

DATE: 05.09.2022.

TITLE: China accused Washington of breaking into computers and spying on university

CONTENT: China accused Washington on Monday of breaking into computers at Northwestern Polytechnical University that US officials say conducts military research. Both governments complained about worrying online spying against one another.

The National Computer Virus Emergency Response Center reported computer break-ins at Northwestern Polytechnical University in June. It stated that the center, in collaboration with a commercial security provider, Qihoo 360 Technology Co., identified the attacks back to the National Security Agency, but did not specify how.

China accuses the US of spying on universities, energy companies, and internet service providers, among other targets. Washington accuses Beijing of stealing commercial secrets and has charged Chinese military officers with crimes.

According to Foreign Ministry spokeswoman Mao Ning, the US actions "seriously endanger China's national security." She also accused Washington of using spyware to eavesdrop on Chinese phone calls and stealing text messages.

As per the security experts, the ruling Communist Party's military wing, the People's Liberation Army, and the Ministry of State Security also fund outside hackers. Alongside with Russia, China and the United States are widely acknowledged as global leaders in cyberwarfare research.

TOPIC: Cyberconflict and warfare, Cybercrime

EXCERPT: Chinese government accused Washington of cyberspying on Monday. Northwestern Polytechnical University in June has suffered computer break-ins, according to The National Computer Virus Emergency Response Center. China also accuses the US of spying on universities, energy companies, and internet service providers, among other targets. It stated that the center, in collaboration with a commercial security provider, Qihoo 360 Technology Co., identified the attacks back to the National Security Agency, but did not specify how.

DATE: 05.09.2022.

LINK: https://abcnews.go.com/Technology/wireStory/china-accuses-washington-cyber-spying-university-89343366

Digitalisation will be in the core of technological competition.

This is crucial insight that our ability to learn and adapt is more important than predictions and preparations.

TITLE: In the aftermath of the Roe v. Wade decision, US journalists are wary of online legal threats

CONTENT: The editors of the pro-abortion rights news website Rewire unusually removed reporter biographies from the site in May.

The move was made as a precaution after a draft of a majority Supreme Court opinion in Dobbs v. Jackson Women's Health Organization, which sought to overturn the constitutional right to abortion, was leaked. Rewire reporters were concerned about an increase in online harassment.

Editor-in-chief Galina Espinoza said that: ‘The newsroom has for years kept a repository of harassing messages to track patterns, just in case.’ The current abortion situation in America has some abortion reporters on edge.

In addition to their fears about online harassment, reporters notified Committee to Protect Journalists (CPJ) that they are concerned about real-world violence and how changing laws may expose them and their sources to legal threats in the aftermath of the Supreme Court's decision to overturn Roe v. Wade in June.

EXCERPT: U.S. reporters shared their concerns with Committe to Protect Journalists (CPJ) about online harassment they face. However, it does not ned there. They are now even concerned about real-world violence in the aftermath of the Supreme Court’s decision to overturn Roe v. Wade in June. The current abortion situation in America has some abortion reporters on edge. The Rewire newsroom is keeping a repository of harassing messaged to track patterns.

LINK: https://cpj.org/2022/09/u-s-reporters-wary-of-online-legal-threats-in-the-wake-of-the-overturn-of-roe-v-wade/

DATE: 01.09.2022.

TOPIC: Freedom of the Press, Freedom of expression

TITLE: Ransomware attack hits Windows, Linux servers of Chilean government agency

CONTENT: Chile's national computer security and incident response team (CSIRT) has confirmed that a ransomware attack has affected the country's government agency's operations and online services.

The attack began on Thursday, August 25, and targeted the agency's Microsoft and VMware ESXi servers. The hackers offered Chile’s CSIRT a communication channel through which they could negotiate the payment of a ransom that would prevent the files from being leaked. The malware used in this attack, according to CSIRT, also had functions for stealing credentials from web browsers, listing removable devices for encryption, and evading antivirus detection via execution timeouts.

In their announcement, Chile's CSIRT does not title the ransomware group responsible for the attack, nor does it offer enough information to identify the malware. Because it has been used by multiple threat actors, the extension appended to the encrypted files provides no clue. Very limited information provided by Chile's CSIRT on the malware's behavior points to the 'RedAlert' ransomware (aka "N13V"). Nevertheless, indicators of compromise (IoCs) in the announcement could be associated with Conti.

According to what Chilean threat analyst Germán Fernández told BleepingComputer, the strain appears to be entirely new, and the researchers he spoke with were unable to associate the malware with known families. Based on what BleepingComputer has learned so far about this ransomware, it is a new operation that began in early August.

EXCERPT: BleepingComputer learned about a brand new ransomware operation that started in August, targeting Chile's national computer security and incident response team (CSIRT). The hackers have affected the agency's Microsoft and VMware ESXi servers with their operations. According to CSIRT, the malware used in this operations had functions for stealing credentials from web browsers, listing removable devices for encryption, and evading antivirus detection via execution timeouts.

LINK: https://www.bleepingcomputer.com/news/security/new-ransomware-hits-windows-linux-servers-of-chile-govt-agency/

DATE: 01.09.2022.

TOPIC: Cyberconflict and warfare

COUNTRY: Chile

What is digital humanitarianism?

TITLE: Military tensions between China and Taiwan fuel an active cyberwar

CONTENT: The world was relieved when tensions between China and Taiwan did not escalate into a larger military engagement in August. Nevertheless, both countries are influenced by an active cyberwarfare.

According to researchers at threat intelligence firm Cyberint, cyber activity between China and Taiwan is defined by multi-vector attacks, similar to what experts have observed happening between Russia and Ukraine. Based on a recent report, cyber tensions are high, and the number of national-level cyberattacks targeting China and Taiwan has recently significantly increased. Cyberint Research Team states that the growing number of cyberattacks will encourage more competing hackers organizations, raising the risk of an escalating cyber conflict.

One obvious sign of increased activity, according to the researchers, is the increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums, with the number of comments on Chinese data leaks increasing four times in July compared to June. When it comes to Taiwan, the number of comments under data leaks from its companies also increased during July.

The new tactic may eventually lead to a gradual increase from minor cyberattacks on government websites to more serious crimes involving hacking of critical infrastructure. If the cyber conflict between Taiwan and China resembles what happened in Ukraine, China should prepare its infrastructure to withstand a series of new of distributed denial-of-service (DDoS) attacks.

EXCERPT: Even though military tensions between China and Taiwan have not escalated, there is an ongoing cyber war between them. The engagement in these attacks is similar to the ones in Ukraine and Russia, and there are clear signs that there is an increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums. The new tactic may include a gradual increase from minor cyberattacks on government websites to more serious crimes involving the hacking of critical infrastructure.

DATE: 01.09.2022.

LINK: https://cybernews.com/news/china-taiwan-military-tension-fuels-an-active-cyberwar/

TOPIC: Cyberconflict and warfare

COUNTRY: China, Taiwan

TITLE: Military tensions between China and Taiwan fuel an active cyberwar

CONTENT: The world was relieved when tensions between China and Taiwan did not escalate into a larger military engagement in August. Nevertheless, both countries are influenced by an active cyberwarfare.

According to researchers at threat intelligence firm Cyberint, cyber activity between China and Taiwan is defined by multi-vector attacks, similar to what experts have observed happening between Russia and Ukraine. Based on a recent report, cyber tensions are high, and the number of national-level cyberattacks targeting China and Taiwan has recently significantly increased. Cyberint Research Team states that the growing number of cyberattacks will encourage more competing hackers organizations, raising the risk of an escalating cyber conflict.

One obvious sign of increased activity, according to the researchers, is the increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums, with the number of comments on Chinese data leaks increasing four times in July compared to June. When it comes to Taiwan, the number of comments under data leaks from its companies also increased during July.

The new tactic may eventually lead to a gradual increase from minor cyberattacks on government websites to more serious crimes involving hacking of critical infrastructure. If the cyber conflict between Taiwan and China resembles what happened in Ukraine, China should prepare its infrastructure to withstand a series of new of distributed denial-of-service (DDoS) attacks.

EXCERPT: Even though military tensions between China and Taiwan have not escalated, there is an ongoing cyber war between them. The engagement in these attacks is similar to the ones in Ukraine and Russia, and there are clear signs that there is an increasing number of comments on Chinese and Taiwanese breaches in cybercriminal leak forums. The new tactic may include a gradual increase from minor cyberattacks on government websites to more serious crimes involving the hacking of critical infrastructure.

DATE: 01.09.2022.

LINK: https://cybernews.com/news/china-taiwan-military-tension-fuels-an-active-cyberwar/

TOPIC: Cyberconflict and warfare

COUNTRY: China, Taiwan

TITLE: TAP Air Portugal hit by ransomware: Ragnar Locker claims responsibility

CONTENT: The Ragnar Locker ransomware gang has claimed responsibility for an attack on Portugal's flag carrier, TAP Air Portugal, which was revealed by the airline after its systems were compromised on Thursday night.

The company stated that the attack was stopped and that no evidence suggested that the attackers gained access to the customer data stored on the affected servers. The airline also issued an alert on Monday, stating that its website and app are unavailable due to the Thursday ransomware attack.

TAP has yet to confirm whether this was a ransomware attack. However, the Ragnar Locker ransomware gang posted a new entry on their data leak website today, claiming responsibility for last week's cyberattack on TAP's network.

The ransomware group believes to have "reasons" to assume that hundreds of Gigabytes of data were compromised in the incident and has threatened to provide "irrefutable evidence" to negate TAP's claim that its customers' data was not accessed. Ragnar Locker also shared a screenshot of a spreadsheet that appears to contain customer data stolen from TAP's servers, such as names, dates of birth, emails, and addresses.

DATE: 31.08.2022.

EXCERPT: The Ragnar Locker ransomware gang claims responsibility for the ransomware attack on Portugal’s flag carrier, TAP Air Portugal. The company itself says that the attack was prevented, and customers’ information has been untouched. On the other hand, the ransomware gang states that they can easily provide evidence that the data has been compromised.

LINK: https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomware-claims-attack-on-portugals-flag-airline/

TOPIC: Cyberconflict and warfare, Cybercrime

Another important element that the document realises: link between cybersecurity and AI. This is missing in OEWG discussions. There will need to be links of OEWG with AI-related processes like LAWS as well - or, at least, diplomats will need to be aware of all those other related processes.

A well presented crucial difference between the two paradigms. Yet, this gap is vanishing. In a way, Russians (to the extent they were behind disinformation campaigns) managed to change the US position to accept the same paradigm.

Could this close-to-common understanding that both networks and information are part of the dialogue change the course of future negotiations, and perhaps even allow for more space for comprimise as everyone discusses the same issues?

||Pavlina|| ||AndrijanaG|| ||JovanK||

Important point: what used to be a privilege of big states in terms of offensive cyber capabilities (esp. weapons) is not any more - there are powerful criminal groups, dark researchers, international vulnerability brokers, and even legit businesses like NSO that offer tools and 'as a service' sophisticated attacks and tools. Though, most sophisticated and stealth attacks require more than that: lots of skills and (conventional) intelligence - resources that not many states have.

Useful examples of ransomware effects ||AndrijanaG||

Interesting breakdown of main attacks against US, including types and attributed sources ||AndrijanaG|| ||teodoramATnetwork.diplomacy.edu|| ||Pavlina||

This is very true: most cyber attacks are sophisticated, multi-months, covert, serving for disruption or espionage, not for causing physical damage. This is changing somewhat with the power of ransomware, which caused tangible (though not physical) damage in cases like Colonial pipeline, Costa Rica state of emergency, etc.

Useful overview of digital trade bilateral and multilateral processes where US is involved ||MariliaM||

||MariliaM|| What say you about this?

A sobering thought: internet is not a mechanism of US foreign policy any more; rather, 'adversaries' are using it against US values more and more. Open internet is a utopia, it says.

Analysis of the US cyber foreign policy, co-signed by the future US Cyber Ambassador just weeks ago. It signals what we can expect from the US digital foreign policy in the next years.

In a nutshell, they recognise that their strategy of an open internet that would change autocratic societies has failed, that in reality internet is backfiring against US priorities through insecurity, disinformation, etc etc. They seem to give up on the single open internet, and opt for an open internet among like-minded. Importantly, they suggest a change of narrative from 'human rights' to 'free flow of data' to be able to bring on board also those countries that might not be fully democratic or for human rights only (esp. big states like Brazil, India, South Africa). In this regards, they opt for dialogue (read: concessions) with EU on privacy/GDPR and big tech…

Further comments below.

Cyber foreign policy is becoming recognised as an increasingly important field. It is not only for diplomats and decision makers, but increasingly for businesses and their officials as well - like CISOs which need to understand geopolitical momentum and consequences this has on the security of their systems...

What should this be about?

Adding more liability to businesses to clean their portions. This may bring in limitations by ISPs and cloud providers on the use of encryption, or allow them to do DPI to scan the packages. It may be tricky with regards to freedoms in some aspects.

Also a very important proposal: greater transparency about weapons (exploits, vulnerabilities) and how these are collected and managed (that's VEP above) + about operations (who and how can deploy those and other tools, in what circumstances, under whose authorization, against what targets, etc)

This was already raised at the OEWG through the Geneva Dialogue contribution.

It is good there is recognition that vulnerabilities are among key challenges. Current US VEP is a good and positive example, but not sufficiently transparent. It is not expected that US 'adversaries' will do the same, but they expect at least partners.

Yet, an open question will be how to make sure other parties are not exploiting vulnerabilities (and thus having advantages)? It would have to be done as combination of a) more secure products by partners (security by design practices)<br> b) stricter supply chain control to avoid vulnerabilities in imported products c) strengthening vulnerability disclosure processes and policies, as well as resources/capabilities (eg. finding ways to lure Chinese researchers to report vuln. to western institutions in spite of Chinese law)

Possible further norms. Though the more norms they have, the bigger limitations the US will have on their possible offensive operations referred to above and below. ||AndrijanaG|| ||Pavlina||

This is very strange and confusing. What should such a center do? Would it be a law enforcement body (but then there is interpol...)? Or forensics support? Or awareness and capacity building? ||AndrijanaG|| ||bojanakATnetwork.diplomacy.edu||

US would need to find a way to agree on privacy, data, big tech issues with EU

Washington to link its digital competition (economic and trade policies) with national security. Another signal that digital trade and data flow will be more strongly linked to national security.

||JovanK|| ||MariliaM||

when it comes to adversaries, a combination of economic pressure and 'disruptive' (read also: offensive?) cyber operations - while respecting the OEWG/GGE norms endorsed by partners

Question is if partners (esp. beyond EU - eg. India, Brazil) would accept that offensive approach of the US against their adversaries - even if respecting the norms and int. law?

In other words, if internet has to fragment, let's make sure we get the biggest part of it ruled by a common set of rules that support democratic values.

This is an important recognition: cybercrime used to be discussed separately from national security and int. peace and security. This won't be possible any more, because tools, tactics and procedures are similar (eg. ransomware, exploits), and resources of perpetrators are similar (eg. organised criminal groups) or adversaries are linked or work together (eg. APT groups with states).

In that sense, keeping global dialogue about cybercrime fully separated from peace and stability won't be possible any more; there will need to be links.

||AndrijanaG|| ||Pavlina|| ||bojanakATnetwork.diplomacy.edu|| ||teodoramATnetwork.diplomacy.edu||

Another rather blunt recognition: indictments and sanctions don't work when it comes to deterrence. Yet, some believe they are powerful as part of a set of measures. (There is certain broader question about the effectiveness of sanctions, though)

An interesting and well articulated point: US should make sure that friends and partners (in broader sense - esp. swing states) adhere to norms. They can't expect that Russia and China will adhere, so for them they might need a different approach (combining multiple options as discussed elsewhere in the document)

Another merging area: information warfare and cyber conflict. For long, the US has been pushing back strongly not to bring discussions about content into cybersecurity discussions. It was the main difference between the US and Russia/China in understanding the scope. As content becomes weapon in full sense, this won't be possible any more. Likely, US will bring the two together in discussions with like-minded partners, but not (yet) in global negotiations where their 'adversaries' are present.

||AndrijanaG|| ||Pavlina|| ||asokemATdiplomacy.edu||

As we would put it: "Whatever is connected can be hacked". The paper proposes further cooperation on reducing (and disclosing) vulnerabilities, and has some good points on zero-day exploits and various groups of adversaries.

||AndrijanaG|| ||Pavlina||

Re-focusing from (promoting) values of an open society to (promoting) data flow and economic aspects

||MariliaM|| ||GingerP||

Fragmentation can not be prevented.

The key of the suggested new framing: it is not about western values of openness and human rights (that might not be acceptable by everyone) - it is about free and trusted data flow. This boils down to economy, and might be more broadly understood and endorsed.

With Fick's background of enterpreneurship, and some signals in this document, as well as with composition of third departments of the bureau which deal with 'other' issues (norms, int.orgs, human rights), should we expect that his priority agenda will be digital trade? Thus, that we will see high importance of WTO and other digital trade negotiations (at least with 'like-minded' and swing states) in the future State Department agenda? ||MariliaM|| ||JovanK|| ||GingerP||

A clear and provocative thought, coming from the US. ||JovanK|| ||MariliaM|| ||sorina|| ||GingerP||

A blunt recognition that the former US approach to an open internet has failed. Also, a call for a new digital foreign policy.

||JovanK|| ||sorina||

Same old vocabulary: Stuxnet, which destroyed a facility, was 'cyber campaign' ('to cause physical damage'), not 'an attack'. Yet, Iranian strike against Saudi Aramco (just a line below) is 'attack'.

[Maybe it's only to me, but this is the same pattern of 'campaign' (and not 'attack' or 'aggression') against Iraq or Yugoslavia, yet 'aggression' (and not 'special operation') about Russia's strike against Ukraine.]

Nathaniel Fick is a likely future US cyber ambassador (ie ambassador at large, to lead the Cyber Bureau of the State Department). The report was prepared in July, when he was already the candidate. Thus, we can probably read this as his programme - or at least that he is not against it.

The title already signals what the paper confirms: US should/will accept that single internet is no more a reality.

TITLE: Saudi woman sentenced to 45 years in prison for social media posts

CONTENT: A Saudi Arabian court convicted Nourah bint Saeed al-Qahtani to 45 years of prison time for posts on social media, according to a rights group. According to a Washington-based DAWN organization, she was convicted by the Saudi Specialized Criminal Court on charges of ‘using the internet to tear the (Saudi) social fabric’ and for ‘violating public order by using social media.’

DAWN stated that almost nothing is known about Qahtani or even what her social media posts stated and that the investigation into her case was ongoing. Salma al-Shehab, a mother of two and doctoral candidate at the University of Leeds in the United Kingdom, was sentenced to 35 years in prison for following and retweeting dissidents and activists on Twitter just a few weeks before Qahtani's conviction.

According to Abdullah al-Aoudh, Director of Research for the Gulf Region at DAWN, Saudi authorities used "abusive" laws in both the Shebab and Qahtani cases to target and sanction Saudi citizens for opposing the government on Twitter.

According to what Saudi officials told Reuters last month, the kingdom has no political prisoners, and the thought of it is ridiculous. On the other hand, a request for comment was not responded to by the Saudi government's media office.

LINK: https://www.reuters.com/world/middle-east/saudi-woman-gets-45-year-prison-term-social-media-posts-rights-group-2022-08-30/

DATE: 30.08.2022.

EXCERPT: Saudi Arabian woman, Nourah bint Saeed al-Qahtani, has been sentenced to 45 years in prison for her posts on social media platforms. A few weeks before that, another woman, Salma al-Shehab was sentenced to 35 years in prison for following and retweeting dissidents and activists on Twitter. A Washington-based DAWN organization is still investigating into al-Quahtani’s case, as it is not clearly known what her posts contained. Presumably, she criticized the government. Saudi authorities are using abusive laws to punish citizens who dare to oppose the rulers.

TOPIC: Freedom of expression

COUNTRY: Saudi Arabia

TITLE: UK Spies are funding a new course for female coders

CONTENT: With a new bootcamp course, the UK's main intelligence agency for dealing with cyber-threats hopes to attract more female coders to its workforce. GCHQ is sponsoring one of Code First Girls' 14-week 'nanodegree' courses, which are designed to appeal to women considering a career switch.

According to Jo Cavan, the security agency's director of strategy, policy, and engagement, teams such as counter-terrorism have performed better since becoming more diversified. Cavan claims that one key area where GCHQ needs more diversity is in countering threats from the east. She also added: ‘We have been working hard to increase that number so we have more diverse teams and better get across the threats we need to today.’

According to the certification organization ISC2, women still make up only 25% of cybersecurity roles global level. When it comes to its 2021 industry report, fewer women (38%) than men (50%) came from an IT background, while women have higher rates of entry through self-learning than men (20% vs. 14%). These figures suggest that there may be a sizable group of female job seekers looking to change careers to one that involves cyber.

LINK: https://www.infosecurity-magazine.com/news/uk-spies-fund-new-course-for/

DATE: 30.08.2022.

TOPIC: Gender rights online

EXCERPT: The UK’s main intelligence agency for dealing with cyber-threats is aiming to attract more female workers, in order to increase diversity. Studies have shown that teams such as counter-terrorism have performed better since becoming more diversified. In this article, you can also see the percentage of women in cybersecurity roles and the level of their entry through self-learning compared to men. The information is provided by the certification organization, ISC2.

TITLE: Chinese hackers use ScanBox malware to target the Australian government

CONTENT: Threat actors based in China have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake news media outlet impersonating an Australian news outlet. The sender pretended to be an employee of the hoax media outlet "Australian Morning News," with a link leading to the malicious website. The site included plagiarized content from legitimate news websites.

Victims started arriving at the fraudulent site after receiving phishing emails with appealing lures, and the ScanBox reconnaissance framework delivered a malware payload. From April to June of this year, the campaign targeted individuals at local and federal Australian Government agencies, Australian news media organizations, and global heavy industry manufacturers which provide maintenance to wind turbines in the South Chinese Sea.

Proofpoint and PwC (PricewaterhouseCoopers) security researchers who observed the campaign concluded that the goal was cyberespionage. They attribute the activity with moderate confidence to a Chinese-based threat group known as APT40 (a.k.a. TA423, Leviathan, Red Ladon).

LINK: https://www.bleepingcomputer.com/news/security/chinese-hackers-target-australian-govt-with-scanbox-malware/

EXCERPT: China-based actors have been targeting Australian government agencies and wind turbine fleets by directing individuals to a fake media outlet, pretending to be an Australian media outlet. The site they were led on, contained plagiarized information from legitimate news websites. From April to June 2022, the campaign targeted individuals at local and federal Australian Government agencies, Australian news media organizations, and global heavy industry manufacturers working to maintain wind turbines in the South Chinese Sea.

TOPIC: Cyberconflict and warfare, Cybercrime

Not very multistakeholdre enthusiastic.

TITLE: Acronis’ Mid-year Cyberthreat Report warns that global ransomware damage will exceed $30bn by 2023

CONTENT: Switzerland-based cybersecurity company Acronis reported in its Mid-Year Cyberthreat Report, published on August 24, that almost half of breaches during the first six months of 2022 involved stolen credentials. The primary goal of cybercriminals using these credentials is to launch ransomware attacks, which remain the number one threat to large and medium-sized businesses, including government organizations, the report says.

Acronis found that out of 600 malicious email campaigns in the first half of 2022, 58% were phishing attempts, and 28% featured malware. Unpatched or software vulnerabilities are now also being targeted by cybercriminals in order to extract data, with a recent increase in Linux operating systems and managed service providers (MSPs) and their network of SMB customers.

The Swiss firm is highlighting: ‘Ransomware is worsening, even more so than we predicted.’ They also mentioned Conti and Lapsus gangs as the prime targets for international security services. It is expected that global ransomware damage will exceed up to $30bn by next year.

EXCERPT: Swiss-based cybersecurity company Acronis reports in their Mid-Year Cyberthreat that the first six months of this year involved stolen credentials. With hacking methods in development, like targeting unpatched or software vulnerabilities, and malicious email campaigns, ransomware is worsening. It is excepted that global ransomware will exceed up to $30bn by 2023.

LINK: https://www.infosecurity-magazine.com/news/ransomware-exceed-30bn-dollars-2023/

TOPIC: Cybercrime, Cyberconflict and warfare

DATE: 29.08.2022.

TITLE: Montenegro suspects the cyberattacks are coming from Russia

CONTENT: Cyberattacks are persistent in Montenegro and targets are the main infrastructure objects, such as electricity and water supply systems, transportation services, and online portals citizens use. At the time of writing, Bleeping Computer states that the official website of the government of Montenegro is unreachable.

The country's Defense Minister has blamed Russian actors for the attacks, telling local media on Saturday that there is enough evidence to suspect the attack was "directed by several Russian services."

The country's currently battling polarization which has been impacted by the current government's decision to support sanctions against Russia. This has sparked outrage from certain demographic groups and, in some cases like now, even external attacks.

Montenegro is currently receiving assistance from NATO allies to block the attacks. Most notable efforts come from France. The country has deployed an ANSSI (French Agency for Information Systems Security) team to assist in the defense of critical systems and the restoration of compromised networks.

DATE: 29.08.2022.

TOPIC: Cyberconflict and warfare

LINK: https://www.bleepingcomputer.com/news/security/montenegro-says-russian-cyberattacks-threaten-key-state-functions/

EXCERPT: Montenegro suffers a series of cyberattacks directed toward their vital infrastructure. The country’s Defense Minister is attributing these attacks to Russia, as Montenegro decided to support sanctions against them. Currently, Montenegro receives help from NATO allies, but mainly from France.

The UN SG suggests the following issues to be covered in the Global Digital Compact:

• access and connectivity
• digital public good
• preventing Internet fragmentation
• data protection and privacy
• safeguarding human rights in digital spaces
• accountability for disinformation and misleading content
• artificial intelligence

||Jovan||||sorina||

In the Pact for the Future which should be adopted during the UN Summit for the Future to be held in September 2023, one of seven pillars is outer space.

The UN SG aims to achieve a high-level political agreement on the peaceful, secure and sustainable use of outer space with commitment 'to negotiate an international instrument on the prevention of an arms race in outer space; common principles for the governance of outer space activities; and measures to accelerate agreement on the removal of space debris, and to coordinate space traffic.'

You can more information in the UN SG remarks to the UN GA Consultation on 'Our Common Agenda'.

UN SG established terminology that will be used. It will be the UN Pact for the Future with 7 elements

1. A New Agenda for Peace
2. A Global Digital Compact
3. A Declaration on Future Generations
4. Outer Space (international instrument on the prevention on an arms race in outer space
5. The Emergency Platform
6. More Effective Multilateral Arrangements
7. 'Seventh thread' will include topics in making: integrity in public information, a commitment to ensuring meaningful youth engagement at the UN, commitment to metric that go beyond GDP and take vulnerabilities into account.

Other issues of the Pact for Future will include: human rights including safeguarding human rights in digital spaces, gender equality, inclusion of marginalised groups,

UN SG also mentioned the following other initiatives as part of 'Our Common Agenda':

• the Scientific Advisory Mechanisms
• Transformation towards a UN 2.0 including: a new culture and new capabilities in data, digital innovation, behavioural science, and strategic foresight.

||Jovan||

For the Peace Week, you can consider this linkage to the UN Pact for Future and in particular development of the UN toolbox to prevent the outbreak and escalation of hostilities on land, at sea, in space and in cyberspace.