President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia…reports Asian Lite News
President Joe Biden on Friday urged Russia to take action to disrupt ransomware groups in a call with Russian President Vladimir Putin.
Biden in the call noted “the ongoing ransomware attacks by criminals based in Russia that have impacted the US and other countries around the world,” the White House said in a statement about the phone conversation.
President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware,” it said.
Biden reiterated that the US will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge.
India likely to unveil new cybersecurity strategy this year
The statement also said that the two leaders “commended the joint work of their respective teams following the U.S.-Russia Summit that led to the unanimous renewal of cross-border humanitarian assistance to Syria today in the UN Security Council.”
White House Press Secretary Jen Psaki said Tuesday that high-level officials of the two countries would hold a meeting over ransomware attacks next week.
The call came after a ransomware attack last week targeted software company Kaseya, which infected over 1,500 companies worldwide. Cybersecurity experts said that a Russia-linked cybercriminal group known as “REvil” was behind the attack.
Colonial Pipeline, which supplies 45 per cent of the US East Coast’s fuel supply, and major meat producer JBS USA suffered similar ransomware attacks in May.
The hackers, who struck on Friday, hijacked widely-used tech management software from Miami-based supplier, Kaseya….reports Asian Lite News
President Joe Biden on Saturday directed US intelligence agencies to investigate a cyberattack that has affected hundreds of American businesses.
The hackers, who struck on Friday, hijacked widely-used tech management software from Miami-based supplier, Kaseya.
The hackers pushed a malicious update, which spread worldwide on Saturday and has quickly become one of the largest ransomware attacks in history.
While on tour to promote a vaccination program, Biden was asked if the hack was linked to Russia.
“First of all, we’re not sure who it is for certain. Number one. And what I did, I’ve directed the full resources of the government to assist in a response… The fact is that the director of the intelligence community gave me a deep dive on what’s happened and I’ll know better tomorrow. And if it is either or the knowledge of or the consequence of Russia, then I told Putin, we will respond.”
Last month, the FBI blamed Russia-linked ransomware gang, REvil, for hacking an American meatpacking company.
One security firm, Huntress Labs, believes the same group is to blame for the latest attack.
The firm said it was tracking the eight service providers used to infect some 200 clients.
Meanwhile, Kaseya also launched its own supply chain investigation, with the help of top U.S. cyber officials.
Biden urged Russian President Vladimir Putin last month to crack down on cyber hacks coming from his country and warned of consequences if they continued.
Last month US officials ratcheted up pressure on companies and foreign adversaries to fight cybercriminals, and said President Joe Biden is considering all options, including a military response, to counter the growing threat.
The Biden administration is looking at “all of the options,” to defend the country against ransomware criminals, U.S. Commerce Secretary Gina Raimondo said in an interview on Sunday, when asked if military action was being considered.
Raimondo did not detail what those options could look like, but said the topic will be on the agenda when the president meets with Russian President Vladimir Putin this month. The rising threat of cyberattacks has pushed the Biden administration into a more aggressive stance against Russia, which is thought to be harboring some of the perpetrators.
“We’re not taking anything off the table as we think about possible repercussions, consequences or retaliation,” Raimondo said.
In June, the world’s largest meatpacker was targeted by cybercriminals and in May, the largest fuel pipeline in the United States was attacked, stoking fears over supply disruptions of food and fuel.
India likely to unveil new cybersecurity strategy this year
The new strategy would serve as a guideline to tackle every aspect, whether it is governance or data as a national resource…reports Asian Lite News
The government is expected to release a new cybersecurity strategy this year, Lt Gen Rajesh Pant, the National Cybersecurity Coordinator at the Prime Minister’s Office said at an event.
The coordinator, at an event organised by the Public Affairs Forum of India (PAFI), added that the strategy would holistically cover the entire ecosystem of cyberspace in India.
“The vision of this strategy is to ensure safe, secure, resilient, vibrant, and trusted cyberspace,” he said.
The new strategy would serve as a guideline to tackle every aspect, whether it is governance or data as a national resource, or building indigenous capabilities or cyber audit, to name a few.
There are about 80-odd deliverables coming out of this new strategy, he added.
The theme of the PAFI Dialogue was ‘Cyber Security in the New Normal.’
“Pandemic has shot up the cyber-crimes in India by 500 per cent and India is one of the top 3 attacked countries in the world as far as cyber-attacks are concerned,” Pant said.
There are emerging threats from the proliferation of new technologies like drones and IoT devices.
To ensure a safe, secure and trusted cyberspace, the government has taken a series of initiatives.
“Cybercrimes are increasing. Attribution is the difficult part and now (cybercriminals) have started taking advantage of the dark web. Pandemic gave the perfect storm to the cybercriminals,” he added.
Last month, India has called for international action to achieve a framework for global cybersecurity at UN Security Council.
Outlining the dangers to international peace emanating from cyberspace, India’s Foreign Secretary Harsh Vardhan Shringla told the Security Council: “We need to adopt a collaborative rules-based approach in cyberspace and work towards ensuring its openness, stability and security.”
Shringla said: “The borderless nature of cyberspace, and more importantly anonymity of actors involved, has challenged the traditionally accepted concepts of sovereignty, jurisdiction and privacy.
“As a victim of terrorism, India has always underlined the need for member states to address and tackle the implications of terrorist exploitation of the cyber domain more strategically.”
Some countries “are leveraging their expertise in cyberspace to achieve their political and security-related objectives and indulge in contemporary forms of cross-border terrorism”, he said.
The UAE noted that it is developing a comprehensive national cybersecurity strategy and a national cyber incident response plan…reports Asian Lite News
The UAE emphasised its commitment to creating the necessary infrastructure and mechanisms to enhance its cybersecurity capabilities, both to protect itself against cyber threats and to better work with others to address shared challenges.
“The Middle East is not immune to the risk posed by malicious cyber activity – it is often the target of major cyber operations and espionage,” the UAE said in a written statement to the UN Security Council’s open debate on cyber security, the first debate held by the body on this subject.
“In the last few years, our region has witnessed severe incidents affecting the telecommunications, banking, and public sectors. Oil and natural gas installations have also been targeted, causing hundreds of millions in damages. Such malicious cyber activity on the region’s critical infrastructure has the potential to spark a conflict in an already tense environment and pose a threat to international peace and security.”
The UAE noted that it is developing a comprehensive national cybersecurity strategy and a national cyber incident response plan through the UAE Cybersecurity Council.
The UAE highlighted that it hosts the world’s largest cybersecurity and digital transformation conferences, including GITEX, GISEC, and Cybertech to build domestic capacity, and that it has developed a platform for public-private partnership to facilitate information sharing.
Additionally, it outlined the collaboration with states, international organisations, and private sector entities to share information at the policy and technical levels.
In its statement, the UAE recommended that member states of the UN provide training and capacity at the bilateral, regional, and international levels, including through training programs and the development of guidance for responsible state behaviour.
In this regard, the UAE noted that these actions can act as confidence-building measures in response to mistrust and misunderstandings in cyberspace that can pose a risk to international peace and security.
The UAE also recommended that Member States continue to share their views and assessments with the UN Secretary-General and that they actively participate in cyber-related international fora and cross-regional formats to share best practices.
“All states have a responsibility of promoting international peace and security, both online and offline,” the UAE said. “Abiding by norms of responsible state behavior in tandem with obligations under international law is the best place to start.”
Integrity and security of ICT products, which form the building blocks of cyberspace, are being compromised, said Foreign Secretary Shringla…reports Asian Lite News
India has stressed on the need for tackling the implications of exploitation of cyberspace by terrorists, stating that they are using the internet to broaden their appeal and spread virulent propaganda.
“We are witnessing a sophisticated use of cyberspace by terrorists around the world to broaden their appeal, spread virulent propaganda, incite hatred and violence, recruit youth and raise funds. Terrorists have also used social media for planning and executing their terror attacks and wreaking havoc. As a victim of terrorism, India has always underlined the need for Member States to address and tackle the implications of terrorist exploitation of the cyber domain more strategically,” Foreign Secretary Harsh Vardhan Shringla said while speaking at the UN Security Council Open Debate on “Maintenance of International Peace and Security: Cyber Security”
Without taking Pakistan’s name, the Foreign Secretary said some States are leveraging their expertise in cyberspace to achieve their political and security-related objectives and indulge in contemporary forms of cross-border terrorism.
S Shringla addressing UNSC High Level Meeting on Cyber Security under Estonian Presidency on June 29(INN)
“The world is already witnessing the use of cyber tools to compromise State security through, inter alia, attacking critical national infrastructure, including health and energy facilities; sometimes disrupting social harmony through radicalisation. Open societies have been particularly vulnerable to cyber-attacks and disinformation campaigns,” Shringla said.
“There are widespread concerns that State and Non-State Actors are introducing vulnerabilities and harmful hidden functions, including through backdoor channels, into ICT networks and products,” the Foreign Secretary said.
Such nefarious acts undermine trust and confidence in global ICT supply chains, compromise security and create potential flashpoints between States. It is in the interest of the international community to ensure that all actors abide by their international obligations and commitments and not indulge in practices that could have potentially disruptive effects on global supply chains and trade in ICT products.”
To provide solutions, FS Shringla said that the Member States need to adopt a collaborative rules based approach in cyberspace and work towards ensuring its openness, stability and security.
However, he said India is committed to an open, secure, free, accessible and stable cyberspace environment, said Foreign Secretary Harsh Vardhan Shringla on Tuesday, adding that it will become an engine for innovation, economic growth, sustainable development, and ensure free flow of information and respect cultural and linguistic diversity.
FS Shringla noted that India has leveraged the tremendous potential of cyber technologies in implementing the SDG agenda and improving governance with transformative technology initiatives in recent years such as IndiaStack, Aadhar and UPI.
Besides, as part of its COVID vaccination drive, one of the largest such drives in the world, India has developed Co-WIN – a scalable, inclusive and open technological platform. On this, FS Shringla said, “The Co-WIN platform can be customized and scaled up for health interventions across the globe. We are working on sharing this platform with partner countries in the interest of health cooperation and their preparedness to meet challenges to the health of countries across the world.”
“Our overarching objective is to harness cyberspace for the growth and empowerment of people, not just of our own country, but for all humanity. India stands ready to offer its expertise and share its experience in this endeavor,” he added.
Further, FS Shringla said that the increasing use of cyber and information-communication technologies has accelerated economic development, improved service delivery to citizens, generated greater social awareness and placed information and knowledge in the hands of individuals.
“Most activities in this cyber-age – political, social, economic, humanitarian and developmental – (including this UNSC high level meeting) – are now conducted in or connected to cyberspace. The COVID-19 pandemic has only accelerated and expanded the digitalization of these activities,” he said.
However, the foreign secretary noted that the borderless nature of cyberspace, and more importantly anonymity of actors involved, has challenged the traditionally accepted concepts of sovereignty, jurisdiction and privacy. These unique attributes of cyberspace present their own set of challenges for Member States, he said.
“The momentum generated by the positive outcomes of the Group of Governmental Experts on advancing responsible State behaviour in cyberspace and the Open-Ended Working Group on developments in ICT should be leveraged to find further common ground and improve upon the already agreed cyber norms and rules. These rules must strive to ensure collective cyber security through international cooperation. Multi-stakeholder involvement would help in achieving this objective,” he said.
Further he said that fostering equitable access to cyberspace and its benefits should also form an important component of this international co-operation. The widening “Digital gaps” and “Digital knowledge gaps” amongst countries create an unsustainable environment in the cyber domain, he said.
“Growing digital dependency in the post-COVID era has exacerbated risks and exposed these fissures of digital inequalities. These must be bridged through capacity building. The pervasive and boundary-less nature of cyberspace implies that we are only as strong as the weakest link in the global network. ‘Only together’ we can achieve the goal of a globally secure, resilient cyberspace and we must ensure that no country is left behind in this collective endeavor,” FS Shringla added. (INN)
Terrorists have used social media to plan and execute terror attacks and for “virulent propaganda” to incite hatred and violence, recruit youth and raise funds, said Shringla…reports Arul Louis
Raising an alarm about the emergence of cyberspace as a vehicle for cross-border terrorism by nations and terror organisations, India has called for international action to achieve a framework for global cybersecurity.
Outlining the dangers to international peace emanating from cyberspace, India’s Foreign Secretary Harsh Vardhan Shringla told the Security Council on Tuesday: “We need to adopt a collaborative rules-based approach in cyberspace and work towards ensuring its openness, stability and security.”
UN’s High Representative for Disarmament Affairs, Izumi Nakamitsu also warned of the risks from cyberattacks and said that situations could develop that “can encourage states to adopt offensive postures for the hostile use of these technologies”.
Because of this risk and the potential for “criminal groups and others” to create global destabilisation, she said that the Security Council should get involved in ensuring cybersecurity.
Shringla said: “The borderless nature of cyberspace, and more importantly anonymity of actors involved, has challenged the traditionally accepted concepts of sovereignty, jurisdiction and privacy.
“As a victim of terrorism, India has always underlined the need for member states to address and tackle the implications of terrorist exploitation of the cyber domain more strategically.”
Some countries “are leveraging their expertise in cyberspace to achieve their political and security-related objectives and indulge in contemporary forms of cross-border terrorism”, he said.
He added that cyber tools were being used to “compromise state security” through attacks on critical national infrastructure, including health and energy facilities and to “disrupt social harmony through radicalisation”.
Terrorists have used social media to plan and execute terror attacks and for “virulent propaganda” to incite hatred and violence, recruit youth and raise funds, he said.
Shringla warned of the dangers from malware that can “create potential flashpoints between states”.
“It is in the interest of the international community to ensure that all actors abide by their international obligations and commitments and not indulge in practices that could have potentially disruptive effects on global supply chains and trade in ICT (Information Communication Technology) product.
“There are widespread concerns that state and non-state actors are introducing vulnerabilities and harmful hidden functions, including through backdoor channels, into ICT networks and products.
“The Open-Ended Working Group (OEWG) on developments in ICT (OEWG) should be leveraged to find further common ground and improve upon the already agreed cyber norms and rules,” he said.
The OEWG, set up by the General Assembly in 2018, submitted its final report this March.
It did not recommend specific rules or regulations for adoption, but outlined areas of consensus and suggested further consultations.
Shringla spoke of the positive potential of ICT citing the role of the Co-WIN platform in India’s vaccination drive against coronavirus. He said that India was sharing it with partner countries.
The contrast between totalitarian countries like China, which he did not name, that have closed their cyberspace to outside influences and open societies like India came up in his speech when Shringla spoke of the vulnerabilities of nations that allow external cyber access.
While committing India to “an open, secure, free, accessible and stable cyberspace environment”, he pointed out that “open societies have been particularly vulnerable to cyber-attacks and disinformation campaigns”.
The dangers outlined by Shringla are widely manifest around the world.
In view of the dangers from ICT equipment being compromised with spyware, India has banned the use of some Chinese-made products.
There has been a proliferation of malware introduced into even computer systems used by the Pentagon.
Systems used in the US for petroleum distribution and for beef supply, as well as local governments, have been hit by cybercriminals to extort ransomware.
Washington has said that they operated from Russia.
Hospitals and health systems in the US and the UK have also been victims of cybercrime.
US Permanent Representative Linda Thomas-Greenfield said that countries should act against cybercriminals operating in their territories.
“Let me be clear: when a state is notified of harmful activity emanating from its own territory, it must take reasonable steps to address it. Given the transnational nature of cyberspace, this cooperation is essential,” she said.
Estonia’s Prime Minister Kaja Kallas, who presided over the meeting said: “Existing international law applies in cyberspace, with states accountable for any acts that contravene their obligations.”
Speaking at the National Cyber Security Centre’s CYBERUK conference, Raab outlined the UK’s vision of being a leading responsible cyber power, working with partners to shape cyberspace according to our values…reports Asian Lite News.
UK Foreign Secretary Dominic Raab has announced £22 million of new investment to build cyber security resilience in developing countries and globally, particularly in Africa and the Indo-Pacific.
As part of this the UK, jointly with INTERPOL, is setting up a new cyber operations hub in Africa working across Ethiopia, Ghana, Kenya, Nigeria and Rwanda to support joint operations against cybercrime.
Speaking at the National Cyber Security Centre’s CYBERUK conference, Raab outlined the UK’s vision of being a leading responsible cyber power, working with partners to shape cyberspace according to our values.
“We are working with like-minded partners, to make sure that the international order that governs cyber is fit for purpose,” the foreign secretary, in his speech, said. “Our aim should be to create a cyberspace that is free, open, peaceful and secure, and which benefits all countries and all people.”
“We want to see international law respected in cyberspace, just as we would anywhere else. And we need to show how the rules apply to these changes in technology, the changes in threats, and the systemic attempts to render the internet a lawless space,” he added.
The £22 million investment in cyber capacity building will target countries in Africa, the Commonwealth and Indo-Pacific, transforming their resilience by helping build national emergency response teams and promoting future leadership by funding new Chevening scholarships.
The new Interpol desk will work across Ethiopia, Ghana, Kenya, Nigeria and Rwanda, creating a regional strategy to support joint operations against cybercrime, and strengthen African states’ capability to combat the crime and those behind it. With some of the fastest growing economies in the world, Africa has become a target for opportune cybercriminals.
By creating a central coordination desk within INTERPOL that law enforcement across Africa can use, the UK hopes to improve collaboration across borders to advance intelligence sharing, and ultimately stop the perpetrators of cybercrime in Africa.
