Total Pageviews

Friday, April 28, 2017

Hearing on China’s Technological Rise: Challenges to U.S. Innovation and Security

Testimony of Robert D. Atkinson President Information Technology and Innovation Foundation Before the House Committee on Foreign Affairs Subcommittee on Asia and the Pacific, Hearing onChina’s Technological Rise:Challenges to U.S. Innovation and Security, April 26, 2017 Washington, DC, 28 pages

Governing the “Digital Shadows”

"Governing the “Digital Shadows”: Public Policy and Information Communication Technology (ICT) Acquisition and Utilization in Africa. Article by Ebenezer Olatunji Olugbenga, Open Access Library Journal,, 23 pages

Remarks by OSCE Secretary General Lamberto Zannier

Remarks by OSCE Secretary General Lamberto Zannier, 6th Moscow Conference on International Security, 26 April 2017, 4 pages. 
"The norms and principles that underpinned the international order for decades are being contested. Some tools have become obsolete, and we are struggling to develop policies to address new challenges like cyber-threats. In this regard, we have some measures in place to prevent conflict stemming from cyber-threats, but implementation is lacking."

Thursday, April 27, 2017

Attacks with Exploits: from everyday threats to targeted campaigns - Kaspersky Lab Report

"Attacks with Exploits: from everyday threats to targeted campaigns" - Kaspersky Lab Report, April 2017, 28 pages.
"An ‘exploit’ is a computer program created to take advantage of a security vulnerability in another software program. Exploits provide malicious actors with a way of installing additional malware on a system". According to the conclusions of the report, "in 2016 the number of attacks with exploits increased 24.54%, to 702,026,084 attempts to launch an exploit." but "4,347,966 users were attacked with exploits in 2016 which is 20.85% less than in the previous year."  

The "Smart" Fourth Amendment - by Andrew Guthrie Ferguson

"The "Smart" Fourth Amendment", article by Andrew Guthrie Ferguson, Cornell Law Review, Vol.102, pp.547-632, 2017. "This Article addresses the question of how the Fourth Amendment should protect “smart data.” It exposes the growing danger of sensor surveillance and the weakness of current Fourth Amendment doctrine. The Article then suggests a new theory of “informational curtilage” to protect the data trails emerging from smart devices and reclaims the principle of “informational security” as the organizing framework for a digital Fourth Amendment."  

Cybersecurity: Critical Infrastructure Authoritative Reports and Resources - CRS Report

"Cybersecurity: Critical Infrastructure Authoritative Reports and Resources", by Rita Tehan - CRS Report. April 21, 2017, 43 pages. This document provides a lot of information about critical infrastructures in the U.S (through a sectorial presentation: energy, financial industry, health, telecommunications, transports), and their vulnerabilities to cyber operations (for instance, let's notice that "U.S. critical infrastructure systems experienced a 20% increase in attempted cybersecurity breaches in FY2015, ICS-CERT responded to 295 cybersecurity incidents involving critical infrastructure, compared with 245 in fiscal 2014"). 

Symantec - Internet Security Threat Report. Vol. 22

Symantec - Internet Security Threat Report. Vol. 22, April 2017, 77 pages. 
"The Symantec Global Intelligence Network tracks over 700,000 global adversaries and records events from 98 million attack sensors worldwide. This network monitors threat activities in over 157 countries and territories through a combination of Symantec products, technologies, and services, including Symantec Endpoint Protection™, Symantec DeepSight™ Intelligence, Symantec Managed Security Services™, Norton™ consumer products, and other third-party data sources, generating more than nine trillion rows of security data... "    Download the report. 

Hacking Back – Offense/Defense in Enterprise IT Security

"Hacking Back – Offense/Defense in Enterprise IT Security", by Edgar Hurtado Jr, East Carolina University ICTN-4040: Enterprise Information Security, April 2017, 9 pages. 

IISS Cyber Report: 13 to 19 April, 2017

"IISS Cyber Report: 13 to 19 April", 2017. This online report is a weekly digest of the world's cyber security news.

A Tech Accord to protect people in cyberspace

"A Tech Accord to protect people in cyberspace", Microsoft Policy Papers, April 2017. 
"People need to trust technology, the makers of technology, and cyberspace itself" [...] "The government and the technology industry must partner on cybersecurity". 
Microsoft suggests to share responsibilities in the governance of cybersecurity between private and state actors. 

A Digital Geneva Convention to protect cyberspace

"A Digital Geneva Convention to protect cyberspace", Microsoft Policy Papers, April 2017. 
"Governments continue to invest in greater offensive capabilities in cyberspace, and nation-state attacks on civilians are on the rise" [...] "A Digital Geneva Convention would create a legally binding framework to govern states’ behavior in cyberspace". 

An attribution organization to strengthen trust online

"An attribution organization to strengthen trust online", Microsoft Policy Papers, April 2017. 
"The world needs a new form of cyber defense. An organization that could receive and analyze the evidence related to a suspected state-backed cyberattack, and that could then credibly and publicly identify perpetrators, would make a major difference to the trust in the digital world." [...] "The expertise of private sector technology firms should be the basis of this non-political, technicallyfocused attribution organization."

But should the privatization of such attribution function guarantee transparency, efficiency, and politically-neutral analysis and interpretation of facts and data? 

Wednesday, April 26, 2017

Cybersecurity in the Defense Acquisition System

"Cybersecurity in the Defense Acquisition System", DAU, USA, April 2017, 27 pages. Download

UK - Cyber security breaches survey 2017

"Cyber security breaches survey 2017", Main Report, April 2017, 66 pages, UK. 
"This report details the findings from a quantitative and qualitative survey with UK businesses on cyber security. The Department for Culture, Media and Sport (DCMS) commissioned the survey as part of the National Cyber Security Programme, following a previous comparable study by the Department published in 2016. 1 It was carried out by Ipsos MORI, in partnership with the Institute for Criminal Justice Studies at the University of Portsmouth, and comprised: ▪ a telephone survey of 1,523 UK businesses from 24 October 2016 to 11 January 20172 ▪ 30 in-depth interviews undertaken in January and February 2017 to follow up businesses that participated in the survey...."

Telstra Cyber Security Report 2017

"Telstra Cyber Security Report 2017", 2017, 52 pages. Download. "Telstra engaged a research firm, Frost & Sullivan, to interview professionals responsible for making IT security decisions within their organisation to obtain a number of key insights on a range of security topics. The report also draws on analysis of security information and data gathered from Telstra infrastructure, security products and our third-party security partners. The research firm’s online surveys obtained 360 responses. 58 per cent of these responses were from Asia and the remaining 42 per cent were from respondents based in Australia...."

Cyber Security in Canada

"Cyber Security in Canada: Practical Solutions to a Growing Problem", The Canadian Chamber of Commerce, April 2017, 44 pages. 

UNODA - Developments in the field of information and telecommunications in the context of international security

G7 Declaration on responsible states behavior in cyberspace

"G7 Declaration on responsible states behavior in cyberspace". Lucca, 11 April 2017. 5 pages. Download the document

Getting beyond Norms When Violating the Agreement Becomes Customary Practice

"Getting beyond Norms When Violating the Agreement Becomes Customary Practice", Melissa Hathaway, CIGI Papers No. 127 — April 2017, 16 pages. 

About Cyber-Routine Activities Theory

"Capable Guardianship and CRISIS of IdentityTheft in the United States: ExpandingCyber-Routine Activities Theory", Back Sinchul, Sung Yongeun, Cruz Erik, International journal of crisis & safety, 2017 2(1) 16-24. 

Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media

"Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media. Policing and Protecting Licenses, Copyright and Trademark Rights ", April 26, 2017, Strafford. Presenting a live 90-minute webinar with interactive Q&A. The online program provides a copy of "Copyright Fair Use", Excerpted from Chapter 4 (Copyright Protection in Cyberspace) of E-Commerce and Internet Law: A Legal Treatise With Forms, Second Edition, a 5-volume legal treatise by Ian C. Ballon (Thomson/West Publishing 2017). 

Cybercrime Coordination and Partnership Exercise

"Cybercrime Coordination and Partnership Exercise", 24-28 April 2017, Tbilisi, Georgia, Provided under iPROCEEDS and Cybercrime@EAP III projects. More information... 

Tuesday, April 25, 2017

Summer School on Cybercrime

"Summer School on Cybercrime", Milan, Italy, 3 – 6 July 2017. More information...

Monday, April 24, 2017

Theorizing cyber coercion: The 2014 North Korean operation against Sony

"Theorizing cyber coercion: The 2014 North Korean operation against Sony" by Trevis Sharp, Journal of Strategic Studies, Pages 1-29 | Published online: 11 April 2017.  Abstract...

Thursday, April 20, 2017

Cyber Security: strategies, policies...

  • "Cyber Security: Collaboration. Antigua and Barbuda". ITU, 23 March 2017, 30 pages. Download
  • "The UK’s National Cyber Security Strategy 2016 – 2021", UK Government, April 2017. Download
  • "CyberSecurity Strategy 2017-2019. State of Illinois", Department of Innovation and Technology, State of Illinois, 24 pages. Download
  • "National Security and Emergency Preparedness Department 2017 Cybersecurity Policy Priorities (Select Examples) ". US Chamber of Commerce. March 2017. 4 pages. Download.  

Safety of data - The risks of cyber security in the maritime sector

"Safety of data - The risks of cyber security in the maritime sector", Netherlands Maritime Technology, April 2017, 22 pages. Download the document. 

Ce type de documents est le produit d'une tendance de plus en plus affirmée dans le monde: des lectures sectorielles de la cybersécurité. Une lecture comparative de ces multiples approches sectorielles permettra (peut-être) de mettre en lumière des particularités. 

Australia's Cyber Security Strategy - 2017

"Australia's Cyber Security Strategy - Enabling innovation, growth & prosperity".First ANnual Update, 2017. 29 pages, Download the document

Saturday, April 15, 2017

Big Data Analytics

CSI Communications (India) published a special issue on "Big Data Analysis". Volume No. 41 | Issue No. 1 | April 2017, 52 pages. Among the topics covered in this issue: Role of Hadoop in Big Data Analytics, Data Lake: A Next Generation Data Storage System in Big Data Analytics, Sentiment and Emotion Analysis of Tweets Regarding Demonetisation, Enhanced Protection for Big Data using Intrusion Kill Chain and Data Science. Let's mention the more military-focused paper on "MiDeSH: Missile Decision Support System".  Download the issue

China Publishes Draft Measures Restricting Outbound Data Transfers

"China Publishes Draft Measures Restricting Outbound Data Transfers"', Latham & Watkins Data Privacy, Security & Cybercrime Practice, 14 April 2017 | Number 2119, "The Cyberspace Administration of China (CAC) has published a draft law that places wide-ranging restrictions on companies seeking to transfer personal information and critical data, as defined below, (collectively, Relevant Data) out of China..." Download the document. 

Friday, April 14, 2017

Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas

"Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas", Testimony presented before the U.S.-China Economic and Security Review Commission on April 13, 2017. Download the report

Tuesday, April 11, 2017

APCERT 2016 Report

"The Asia Pacific Computer Emergency Response Team (APCERT) is a coalition of Computer Emergency Response Teams (CERTs) and Computer Security Incident Response Teams (CSIRTs) within the Asia Pacific region. The organisation was established in February 2003 with the objective of encouraging and supporting the activities of CERTs/CSIRTs in the region". 

Thursday, April 6, 2017

2016 Payment Threats Trends Report

"2016 Payment Threats Trends Report", Report by the European Payments Council, 20 March 2017, 41 pages. "The present document aims to provide an insight in the latest developments during the last years on threats affecting payments, including cybercrime".

Note de recherche IRSEM sur les Global Commons

"Les Global Commons: retour sur l'itinéraire d'un concept stratégique américain (2009-2011)" par J.L. Samaan, IRSEM, Note de recherche n°35, mars 2017, 7 pages. 

US DOD - Request for additional FY 2017 Appropriations

US DOD - Request for additional FY 2017 Appropriations - Budget request - March 16, 2017, 36 pages. In this document, the Department of Defense (DoD) is submitting a request for additional Fiscal Year (FY) 2017 appropriations. Among several lines, complementary funding is requested for cyber investments: information warfare, cyber security, new C4I (at Naval Computer and Telecommunications Area Master Station Atlantic building in Norfolk, Virginia),  ISR and cyber infrastructure at the Air Force, Weapons system cyber resiliency, Cyber operations technology, etc. 

Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications

"Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications", Testimony for the U.S.-China Economic and Security Review Commission, March 16th, 2017, John Costello. 

Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité

Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité. Paris, 10 mai 2017. Cadre: défi 7 "sociétés sûres", programme Horizon 2020. Programme, inscription... 

Séminaire "communication en milieu désorganisé" - ISCC

Le prochain séminaire "communication en milieu désorganisé" aura lieu le mardi 25 avril 2017 (et non le 11 avril comme il avait été initialement annoncé). Il se tiendra de 16 h-18 h à l'ISCC-CNRS / Paris-Sorbonne / UPMC - 20 rue Berbier-du-Mets, 75013 Paris. Le thème de cette séance sera : Risques et catastrophes : enjeux culturels et interculturels. 

Le séminaire accueillera Benjamin Pelletier, formateur en management interculturel, maître de conférences honorifique à l'Ecole des Ponts et Chaussées. Auteur de plusieurs récits littéraires, dont le dernier, Toujours plus à l'est, est paru en 2016 aux éditions Picquier.

"Iran Sanctions" by Kenneth Katzman

"Iran Sanctions" by Kenneth Katzman, March 31, 2017, Congressional Research Service, RS20871, 89 pages, Washington. "This report analyzes U.S. and international sanctions against Iran and provides some examples, based on open sources, of companies and countries that conduct business with Iran". 

Concerning "cyber" issues, read: 
- "Expanding Internet and Communications Freedoms" (p.30-31)
- "Iranians Sanctioned Under September 29, 2010, Executive Order 13553 on Human Rights Abusers"  (p.81)
- "Iranian Entities Sanctioned Under Executive Order 13606 (GHRAVITY)" (p.82)
- "Entities Designated as Human Rights Abusers or Limiting Free Expression Under Executive Order 13628 (Executive Order pursuant to Iran Threat Reduction and Syria Human Rights Act)" (p.83).  

3 rd French-Japanese meeting on Cybersecurity

"3 rd French-Japanese meeting on Cybersecurity", 24th - 26th April 2017, Tōkyō. 

Cyber-Social-Physical Features for Mood Prediction over Online Social Networks

"Cyber-Social-Physical Features for Mood Prediction over Online Social Networks", article by Chaima Dhahri, Kazunori Matsumoto, Keiichiro Hoashi, DEIM Forum 2017, 6 pages. 

Abstract : Context-Aware Recommendation Systems (CARS) are more effective when adapting their recommendations to a specific user preference. Since modal context (mood) has a direct impact on user preferences, we aim at having an accurate mood prediction to improve recommendation performance. Online social networks (OSNs) have grown rapidly over the last decade. These social platforms provide the opportunity to gather the distributed online activities for each user. Tracking and aggregating these data could result in useful insights for user modeling and understanding. In this paper, we built a personalized system that can predict the upcoming user mood even in days without text-type tweets. We, first, studied the correlation of three types of features (cyber, social and physical) with a user mood. Then, used these features to train a predictive system. The results suggest a statistically significant correlation between user mood and his cyber, social and physical activities distributed among different OSNs which leads to a low RMSE in our predictive system.  

Attack Classification Schema for Smart City WSNs

"Attack Classification Schema for Smart City WSNs", article by Victor Garcia-Font, Carles Garrigues and Helena Rifà-Pous, Sensors 2017, 17, 771; doi:10.3390/s17040771, 

In this article, the authors propose a schema to classify the evidence left by attacks against smart city WSNs into seven different attack models.