Testimony of
Robert D. Atkinson
President
Information Technology and Innovation Foundation
Before the
House Committee on Foreign Affairs
Subcommittee on Asia and the Pacific, Hearing onChina’s Technological Rise:Challenges to U.S. Innovation and Security, April 26, 2017
Washington, DC, 28 pages
eConflicts is a blog about cyberconflicts, cyberwar, cyberdefense, cybersecurity, information warfare, cybercrime, political science and international relations
Total Pageviews
Friday, April 28, 2017
Governing the “Digital Shadows”
"Governing the “Digital Shadows”: Public Policy
and Information Communication Technology
(ICT) Acquisition and Utilization in Africa. Article by Ebenezer Olatunji Olugbenga, Open Access Library
Journal, https://doi.org/10.4236/oalib.1103564, 23 pages
Remarks by OSCE Secretary General Lamberto Zannier
Remarks by OSCE Secretary General Lamberto Zannier, 6th Moscow Conference on International Security, 26 April 2017, 4 pages.
"The norms and principles that underpinned the
international order for decades are being contested. Some tools have become obsolete, and we
are struggling to develop policies to address new challenges like cyber-threats. In this regard,
we have some measures in place to prevent conflict stemming from cyber-threats, but
implementation is lacking."
Thursday, April 27, 2017
Attacks with Exploits: from everyday threats to targeted campaigns - Kaspersky Lab Report
"Attacks with Exploits: from everyday threats to targeted campaigns" - Kaspersky Lab Report, April 2017, 28 pages.
"An ‘exploit’ is a computer program created to take advantage of a security vulnerability in
another software program. Exploits provide malicious actors with a way of installing
additional malware on a system". According to the conclusions of the report, "in 2016 the number of attacks with exploits increased 24.54%, to 702,026,084
attempts to launch an exploit." but "4,347,966 users were attacked with exploits in 2016 which is 20.85% less than in the
previous year."
The "Smart" Fourth Amendment - by Andrew Guthrie Ferguson
"The "Smart" Fourth Amendment", article by Andrew Guthrie Ferguson, Cornell Law Review, Vol.102, pp.547-632, 2017. "This Article addresses the question of how the Fourth
Amendment should protect “smart data.” It exposes the growing
danger of sensor surveillance and the weakness of current
Fourth Amendment doctrine. The Article then suggests a new
theory of “informational curtilage” to protect the data trails
emerging from smart devices and reclaims the principle of
“informational security” as the organizing framework for a
digital Fourth Amendment."
Cybersecurity: Critical Infrastructure Authoritative Reports and Resources - CRS Report
"Cybersecurity: Critical Infrastructure Authoritative Reports and Resources", by Rita Tehan - CRS Report. April 21, 2017, 43 pages. This document provides a lot of information about critical infrastructures in the U.S (through a sectorial presentation: energy, financial industry, health, telecommunications, transports), and their vulnerabilities to cyber operations (for instance, let's notice that "U.S. critical infrastructure systems experienced a 20% increase in
attempted cybersecurity breaches in FY2015, ICS-CERT responded
to 295 cybersecurity incidents involving critical infrastructure,
compared with 245 in fiscal 2014").
Symantec - Internet Security Threat Report. Vol. 22
Symantec - Internet Security Threat Report. Vol. 22, April 2017, 77 pages.
"The Symantec Global Intelligence Network
tracks over 700,000 global adversaries and records
events from 98 million attack sensors worldwide.
This network monitors threat activities in over 157
countries and territories through a combination
of Symantec products, technologies, and services,
including Symantec Endpoint Protection™, Symantec
DeepSight™ Intelligence, Symantec Managed
Security Services™, Norton™ consumer products,
and other third-party data sources, generating
more than nine trillion rows of security data... " Download the report.
Hacking Back – Offense/Defense in Enterprise IT Security
"Hacking Back – Offense/Defense in Enterprise IT Security", by Edgar Hurtado Jr, East Carolina University ICTN-4040: Enterprise Information Security, April 2017, 9 pages.
IISS Cyber Report: 13 to 19 April, 2017
"IISS Cyber Report: 13 to 19 April", 2017. This online report is a weekly digest of the world's cyber security news.
A Tech Accord to protect people in cyberspace
"A Tech Accord to protect people in cyberspace", Microsoft Policy Papers, April 2017.
"People need to trust technology, the makers of technology, and cyberspace itself" [...] "The government and the technology industry must partner on cybersecurity".
Microsoft suggests to share responsibilities in the governance of cybersecurity between private and state actors.
A Digital Geneva Convention to protect cyberspace
"A Digital Geneva Convention to protect cyberspace", Microsoft Policy Papers, April 2017.
"Governments continue to invest in greater offensive capabilities in cyberspace, and nation-state attacks
on civilians are on the rise" [...] "A Digital Geneva Convention would create a legally binding framework to govern states’ behavior in
cyberspace".
An attribution organization to strengthen trust online
"An attribution organization to strengthen trust online", Microsoft Policy Papers, April 2017.
"The world needs a new form of cyber defense. An organization that could receive and analyze the
evidence related to a suspected state-backed cyberattack, and that could then credibly and publicly
identify perpetrators, would make a major difference to the trust in the digital world." [...] "The expertise of private sector technology firms should be the basis of this non-political, technicallyfocused
attribution organization."
But should the privatization of such attribution function guarantee transparency, efficiency, and politically-neutral analysis and interpretation of facts and data?
Wednesday, April 26, 2017
Cybersecurity in the Defense Acquisition System
"Cybersecurity in the Defense Acquisition System", DAU, USA, April 2017, 27 pages. Download.
UK - Cyber security breaches survey 2017
"Cyber security breaches survey 2017", Main Report, April 2017, 66 pages, UK.
"This report details the findings from a quantitative and qualitative survey with UK businesses on cyber
security. The Department for Culture, Media and Sport (DCMS) commissioned the survey as part of the
National Cyber Security Programme, following a previous comparable study by the Department
published in 2016.
1
It was carried out by Ipsos MORI, in partnership with the Institute for Criminal Justice
Studies at the University of Portsmouth, and comprised:
▪ a telephone survey of 1,523 UK businesses from 24 October 2016 to 11 January 20172
▪ 30 in-depth interviews undertaken in January and February 2017 to follow up businesses that
participated in the survey...."
Telstra Cyber Security Report 2017
"Telstra Cyber Security Report 2017", 2017, 52 pages. Download. "Telstra engaged a research firm, Frost
& Sullivan, to interview professionals
responsible for making IT security
decisions within their organisation
to obtain a number of key insights on
a range of security topics. The report
also draws on analysis of security
information and data gathered from
Telstra infrastructure, security products
and our third-party security partners.
The research firm’s online surveys
obtained 360 responses. 58 per cent
of these responses were from Asia and
the remaining 42 per cent were from
respondents based in Australia...."
Cyber Security in Canada
"Cyber Security in Canada: Practical Solutions to a Growing Problem", The Canadian Chamber of Commerce, April 2017, 44 pages.
UNODA - Developments in the field of information and telecommunications in the context of international security
UNODA - "Developments in the field of information and telecommunications in the context of international security", Fact Sheet, April 2017, 2 pages.
G7 Declaration on responsible states behavior in cyberspace
"G7 Declaration on responsible states behavior in cyberspace". Lucca, 11 April 2017. 5 pages. Download the document.
Getting beyond Norms When Violating the Agreement Becomes Customary Practice
"Getting beyond Norms When Violating the Agreement Becomes Customary Practice", Melissa Hathaway, CIGI Papers No. 127 — April 2017, 16 pages.
About Cyber-Routine Activities Theory
"Capable Guardianship and CRISIS of IdentityTheft in the United States: ExpandingCyber-Routine Activities Theory", Back Sinchul, Sung Yongeun, Cruz Erik, International journal of crisis & safety, 2017 2(1) 16-24.
Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media
"Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media. Policing and Protecting Licenses, Copyright and Trademark Rights
", April 26, 2017, Strafford. Presenting a live 90-minute webinar with interactive Q&A. The online program provides a copy of "Copyright Fair Use", Excerpted from Chapter 4 (Copyright Protection in Cyberspace) of
E-Commerce and Internet Law: A Legal Treatise With Forms, Second Edition,
a 5-volume legal treatise by Ian C. Ballon (Thomson/West Publishing 2017).
Cybercrime Coordination and Partnership Exercise
"Cybercrime Coordination and Partnership Exercise", 24-28 April 2017, Tbilisi, Georgia, Provided under iPROCEEDS and Cybercrime@EAP III projects. More information...
Tuesday, April 25, 2017
Summer School on Cybercrime
"Summer School on Cybercrime", Milan, Italy, 3 – 6 July 2017. More information...
Monday, April 24, 2017
Theorizing cyber coercion: The 2014 North Korean operation against Sony
"Theorizing cyber coercion: The 2014 North Korean operation against Sony" by Trevis Sharp, Journal of Strategic Studies, Pages 1-29 | Published online: 11 April 2017. Abstract...
Thursday, April 20, 2017
Cyber Security: strategies, policies...
- "Cyber Security: Collaboration. Antigua and Barbuda". ITU, 23 March 2017, 30 pages. Download.
- "The UK’s National Cyber Security Strategy 2016 – 2021", UK Government, April 2017. Download.
- "CyberSecurity Strategy 2017-2019. State of Illinois", Department of Innovation and Technology, State of Illinois, 24 pages. Download.
- "National Security and Emergency Preparedness Department 2017 Cybersecurity Policy Priorities (Select Examples) ". US Chamber of Commerce. March 2017. 4 pages. Download.
Safety of data - The risks of cyber security in the maritime sector
"Safety of data - The risks of cyber security in the maritime sector", Netherlands Maritime Technology, April 2017, 22 pages. Download the document.
Ce type de documents est le produit d'une tendance de plus en plus affirmée dans le monde: des lectures sectorielles de la cybersécurité. Une lecture comparative de ces multiples approches sectorielles permettra (peut-être) de mettre en lumière des particularités.
Australia's Cyber Security Strategy - 2017
"Australia's Cyber Security Strategy - Enabling innovation, growth & prosperity".First ANnual Update, 2017. 29 pages, Download the document.
Saturday, April 15, 2017
Big Data Analytics
CSI Communications (India) published a special issue on "Big Data Analysis". Volume No. 41 | Issue No. 1 | April 2017, 52 pages. Among the topics covered in this issue: Role of Hadoop in Big Data Analytics, Data Lake: A Next Generation Data Storage System in Big Data Analytics, Sentiment and Emotion Analysis of Tweets Regarding Demonetisation, Enhanced Protection for Big Data using Intrusion Kill Chain and Data Science. Let's mention the more military-focused paper on "MiDeSH: Missile Decision Support System". Download the issue.
China Publishes Draft Measures Restricting Outbound Data Transfers
"China Publishes Draft Measures Restricting Outbound Data Transfers"', Latham & Watkins Data Privacy, Security & Cybercrime Practice, 14 April 2017 | Number 2119, "The Cyberspace Administration of China (CAC) has published a draft law that places wide-ranging
restrictions on companies seeking to transfer personal information and critical data, as defined below,
(collectively, Relevant Data) out of China..." Download the document.
Friday, April 14, 2017
Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas
"Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas", Testimony presented before the U.S.-China Economic and Security Review Commission on April 13, 2017. Download the report.
Tuesday, April 11, 2017
APCERT 2016 Report
"The Asia Pacific Computer Emergency Response Team (APCERT) is a coalition of
Computer Emergency Response Teams (CERTs) and Computer Security Incident
Response Teams (CSIRTs) within the Asia Pacific region. The organisation was
established in February 2003 with the objective of encouraging and supporting the
activities of CERTs/CSIRTs in the region".
Thursday, April 6, 2017
2016 Payment Threats Trends Report
"2016 Payment Threats Trends Report", Report by the European Payments Council, 20 March 2017, 41 pages. "The present document aims to provide an insight in the latest developments during the
last years on threats affecting payments, including cybercrime".
Note de recherche IRSEM sur les Global Commons
"Les Global Commons: retour sur l'itinéraire d'un concept stratégique américain (2009-2011)" par J.L. Samaan, IRSEM, Note de recherche n°35, mars 2017, 7 pages.
US DOD - Request for additional FY 2017 Appropriations
US DOD - Request for additional FY 2017 Appropriations - Budget request - March 16, 2017, 36 pages. In this document, the Department of Defense (DoD) is submitting a request for
additional Fiscal Year (FY) 2017 appropriations. Among several lines, complementary funding is requested for cyber investments: information warfare, cyber security, new C4I (at Naval Computer and Telecommunications Area Master Station Atlantic building in Norfolk,
Virginia), ISR and cyber infrastructure at the Air Force, Weapons system cyber resiliency, Cyber operations
technology, etc.
Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications
"Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications", Testimony for the U.S.-China Economic and Security Review Commission, March 16th, 2017, John Costello.
Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité
Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité. Paris, 10 mai 2017. Cadre: défi 7 "sociétés sûres", programme Horizon 2020. Programme, inscription...
Séminaire "communication en milieu désorganisé" - ISCC
Le prochain séminaire "communication en milieu désorganisé" aura lieu le mardi 25 avril 2017 (et non le 11 avril comme il avait été initialement annoncé). Il se tiendra de 16 h-18 h à l'ISCC-CNRS / Paris-Sorbonne / UPMC - 20 rue Berbier-du-Mets, 75013 Paris. Le thème de cette séance sera : Risques et catastrophes : enjeux culturels et interculturels.
Le séminaire accueillera Benjamin Pelletier, formateur en management interculturel, maître de conférences honorifique à l'Ecole des Ponts et Chaussées. Auteur de plusieurs récits littéraires, dont le dernier, Toujours plus à l'est, est paru en 2016 aux éditions Picquier.
"Iran Sanctions" by Kenneth Katzman
"Iran Sanctions" by Kenneth Katzman, March 31, 2017, Congressional Research Service, RS20871, 89 pages, Washington. "This report analyzes U.S. and international sanctions against Iran and provides some examples,
based on open sources, of companies and countries that conduct business with Iran".
Concerning "cyber" issues, read:
- "Expanding Internet and Communications Freedoms" (p.30-31)
- "Iranians Sanctioned Under September 29, 2010, Executive Order 13553 on Human Rights Abusers" (p.81)
- "Iranian Entities Sanctioned Under Executive Order 13606 (GHRAVITY)" (p.82)
- "Entities Designated as Human Rights Abusers or Limiting Free Expression Under Executive Order 13628
(Executive Order pursuant to Iran Threat Reduction and Syria Human Rights Act)" (p.83).
3 rd French-Japanese meeting on Cybersecurity
"3 rd French-Japanese meeting on Cybersecurity", 24th - 26th
April 2017,
Tōkyō.
Cyber-Social-Physical Features for Mood Prediction over Online Social Networks
"Cyber-Social-Physical Features for Mood Prediction over Online Social Networks", article by Chaima Dhahri, Kazunori Matsumoto, Keiichiro Hoashi, DEIM Forum 2017, 6 pages.
Abstract : Context-Aware Recommendation Systems (CARS) are more effective when adapting their recommendations to a
specific user preference. Since modal context (mood) has a direct impact on user preferences, we aim at having an accurate mood
prediction to improve recommendation performance. Online social networks (OSNs) have grown rapidly over the last decade.
These social platforms provide the opportunity to gather the distributed online activities for each user. Tracking and aggregating
these data could result in useful insights for user modeling and understanding. In this paper, we built a personalized system that
can predict the upcoming user mood even in days without text-type tweets. We, first, studied the correlation of three types of
features (cyber, social and physical) with a user mood. Then, used these features to train a predictive system. The results suggest
a statistically significant correlation between user mood and his cyber, social and physical activities distributed among different
OSNs which leads to a low RMSE in our predictive system.
Attack Classification Schema for Smart City WSNs
"Attack Classification Schema for Smart City WSNs", article by Victor Garcia-Font, Carles Garrigues and Helena Rifà-Pous, Sensors 2017, 17, 771; doi:10.3390/s17040771,
In this article, the authors propose a schema to classify the evidence left by attacks against smart city WSNs into seven different
attack models.
Subscribe to:
Posts (Atom)