I just saw a news release with Greta Van Susteren about Thailand’s participation in the radar data for Flight 370. I myself have been searching online using DigitalGlobe.com’s satellite data in their crowdsourcing effort to search for flight 370. Although I can certainly understand how some people could be upset by the response that Thailand didn’t provide radar data “because they weren’t asked”. This sort of response is typical of Thai culture. My wife is Thai and I think that amoungst many cultures of the world, Thais are some of the most caring and loving people but their cultural norms make others (especially western cultures) feel like they don’t care. Quite in fact it is very common in Thai culture to avoid conflict and stay out of other people’s problems or situations entirely. In Thai culture their perception is that they are giving respect by staying out of other people’s business and affairs unless a Thai is asked directly to get involved. This is a deep rooted belief and likely why they did not get involved to provide data until there was a specific request for them to get involved. I know this runs contrary to Christian beliefs entirely but it is how the culture operates and this situation is likely being misinterpreted. In personal dealings with my own wife and her family I have found this dynamic to be troublesome and cause of some misunderstandings. I am certain that the Thai people care deeply for the loss of flight 370 just as much as any other country. Additionally the Thai government is in disarray adding difficulties to this scenario with severe problems in their parliament and leadership. I ask my fellow countrymen and others to not sit in judgement because of this odd cultural dynamic. My two cents. Peace!
http://thediplomat.com/2014/02/s-korea-seeks-cyber-weapons-to-target-north-koreas-nukes/ By Zachary Keck The Diplomat February 21, 2014 South Korea is developing offensive cyber weapons to target North Korea’s nuclear weapons program, according to the country’s defense ministry said on Wednesday. According to Yonhap News Agency, South Korea’s Defense Ministry outlined its long-term cyberpolicy to the parliament’s defense committee on Wednesday. The report stated that, “A strategic plan for the second phase calls for developing cybertools for offense like Stuxnet, a computer virus that damaged Iran’s uranium enrichment facility, to cripple North Korea’s missile and atomic facilities.” Yonhap also quoted an anonymous senior defense official as saying: “Once the second phase plan is established, the cyber command will carry out comprehensive cyberwarfare missions.” These missions will be carried out under a new Cyber Defense Command that South Korea plans to establish in May. It will operate under the purview of the ROK Joint Chiefs of Staff, according to the report. South Korea first established a Cyber Command in 2010 to guard against the threat posed by North Korea’s elite unit of hackers. So far, its aims have primarily been to protect vulnerable national networks from cyber attacks originating from North Korea, as well as to wage psychological warfare campaigns against Pyongyang. The decision to equip South Korea’s cyber warriors with the capabilities to attack North Korea’s nuclear and missile facilities therefore represents a dramatic escalation. […]
http://www.csoonline.com/article/740393/espionage-campaign-targeting-asian-supply-chains-uncovered By Steve Ragan Staff Writer CSO Online September 25, 2013 Kaspersky Lab, during a presentation at a security summit produced by Billington CyberSecurity, unveiled the existence of a small group of criminal hackers for hire, which began operations in 2011 and have expanded in scope and size over the last few years. Calling the campaign Icefog, Kaspersky explained during their presentation that the campaign targeted governmental institutions, military contractors, maritime and ship-building groups, telecom and satellite operators, industrial and high technology companies, and mass media. Specifically, the targets include defense industry contractors such as Lig Nex1 and Selectron Industrial Company, media companies such as Fuji TV and the Japan-China Economic Association, shipbuilding companies such as DSME Tech, Hanjin Heavy Industries, and telecom operators such as Korea Telecom. However, Kaspersky isn’t saying who was confirmed to be a victim when it comes to Icefog, only that they are working with the firms directly and law enforcement. Earlier this year, Kaspersky obtained a Phishing sample from Fuji TV. The attachment was malicious, and dropped additional files that would later be classified as part of the Icefog campaign. However, initial analysis linked the newly discovered malware to an earlier variant. This same variant was used to attack the Japanese Parliament in 2011, and later in 2012. […]
http://www.theregister.co.uk/2013/09/13/huawei_sanqi_li_says_no_national_security_threat/ By Kelly Fiveash The Register 13th September 2013 Exclusive A top Huawei exec has dismissed claims that his company poses a threat to British and US national security – despite Western government officials’ fears over Huawei’s alleged connections to the Chinese Communist Party. Professor Sanqi Li – speaking in an exclusive interview with The Register at the multinational’s R&D centre in Stockholm, Sweden – repeatedly attempted to paint a picture of a benign company that simply deals with “packet in, packet out”. When pressed about Parliament’s concerns that Huawei may have too much control over Blighty’s critical infrastructure and communications systems – based on claims that the company’s chairman (and erstwhile member of the People’s Liberation Army) Ren Zhengfei was helping Chinese authorities to spy on the Western world – Li said: “No, we are not a threat”. He added: “There’s no substance, just more speculation.” Li, the company’s Carrier Business Group CTO, said Huawei, which provides equipment to Britain’s one-time national telco BT, was an easy target because it is a Chinese company that operates in the Western world. But he insisted fears of compromised national security presented an industry-wide problem for all tech outfits. […]
http://qz.com/123190/these-are-the-codes-you-need-to-crack-to-get-a-job-as-a-british-cyberspy/ By Leo Mirani Quartz September 11, 2013 A website, canyoufindit.co.uk, just went live. It contains 28 sets of five letters and one set of three letters. There are five answers. If you get them right, you may be on your way to joining GCHQ, Britain’s signals-intelligence agency, in either the “cyber and technical operations,” “maths and cryptography” or “advanced technology research” departments. The website was registered in March to TMP Worldwide, a recruitment company that has in the past helped GCHQ search for women engineers. This is not the first time GCHQ has used puzzles to find skilled programmers. In 2011, the agency set up a similar, now-defunct website, titled “Can you crack it,” which the Telegraph newspaper later reported led to a “path to a job” for all who solved its puzzles. Cracking it involved several steps that required programming skills to complete, at the end of which lay a form to apply to GCHQ. Such methods may be essential for GCHQ, which has a tough time attracting and retaining staff. Ian Lobban, director of GCHQ since 2008, told the intelligence and security committee of Parliament early in 2011 that his agency can offer recruits a fantastic mission but can’t compete with the salaries offered by the private sector. The agency has since put in place more “flexible packages for internet specialists.” By January this year Lobban was hopeful: […]
http://www.calgaryherald.com/news/Poor+data+breach+tracking+reporting+concerns+federal/8571560/story.html By Jim Bronskill The Canadian Press June 24, 2013 OTTAWA – Canada’s privacy czar has singled out several federal departments for their lacklustre approach to data breaches, citing a need for better reporting, security and tracking protocols. Privacy commissioner Jennifer Stoddart’s office has compiled a preliminary list of agencies with potentially worrisome patterns when it comes to the loss of Canadians’ personal information. The analysis is based on departmental figures tabled in Parliament in April in response to a question from New Democrat MP Charlie Angus. The response indicated there were more than 3,000 data breaches over a 10-year period affecting about 725,000 Canadians. Upon crunching the numbers, the privacy commissioner identified nine departments and agencies that may lack adequate reporting mechanisms, have faulty security procedures or require improved tracking protocols. Stoddart’s staff cautions that the figures paint a statistical picture but do not shed full light on the kind of data involved in the breaches. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
By John Leyden The Register 4th December 2012
Foreign states may already have used malware to map the networks that support the UK’s critical infrastructure systems, the government admitted.
The admission by government officials came in the run-up to a parliamentary statement by Cabinet Office minister, Francis Maude, marking the first anniversary of the UK’s government’s National Cyber Security Strategy.
Maude highlighted future work on a new UK National Computer Emergency Response team, further work on education and skills, Cyber Reservists for the MoD and a partnership with the private sector to boost the cyber security sector in the UK. He pointed out that the private sector is the largest economic victim of crime-crime, such as IP theft, and from economic espionage perpetrated through cyberspace, as well as highlighting efforts to improvement the protection of the UK’s critical infrastructure in a written statement to parliament on Monday (3 December).
“We have invested in new and unique capabilities for GCHQ to identify and analyse hostile cyber attacks in order to protect our core networks and services and support the UK’s wider cyber security mission,” Maude said. “I cannot reveal details of this work, but it has broadened and deepened our understanding of the threat, helping us prioritise and direct defensive efforts.”
______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org