November 14, 2017
North Korea Will Launch ‘Destructive Cyberattacks’ – United Kingdom and North Korea
Robert Hannigan, the ex-director of the Government Communications Headquarters (GCHQ), has warned that the WannaCry ransomware attack on the NHS in May is just the start of despot leader Kim Jong-un’s cyber war. He said: “WannaCry was really a reasonably sophisticated tool, used rather ineptly. They will learn from that. People always do. The security expert added that greater state involvement in Pyongyang will lead to “more destructive” attacks and will result in “more of what I call collateral damage”. Mr. Hannifin went on: “If you look at the NHS, nobody would seriously believe that the North Koreans wanted to attack the NHS, and not least because they were never going to pay a ransom. UK Security Minister Ben Wallace detailed that the cyberattack on the NHS earlier this year that also saw over 230,000 computers in over 150 countries infected was caused by the hermit kingdom.
Security Breach and Spilled Secrets Shake NSA To Its Core – United States
Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the NSA, calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world's leader in breaking into adversaries' computer networks failed to protect its own. "These leaks have been incredibly damaging to our intelligence and cyber capabilities," said Leon E. Panetta, the former defense secretary and CIA director. "The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected." Fifteen months into a wide-ranging investigation by the agency's counterintelligence arm, known as Q Group, and the FBI, officials still do not know whether the NSA is the victim of a brilliantly executed hack, with Russia the most likely perpetrator, an insider's leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers far exceeds the harm to US intelligence done by Edward J. Snowden, the former NSA contractor who fled with four laptops of classified material in 2013. Snowden's cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.
Bill to Expand Precheck, Modernize TSA Gets Travel Groups on Board – United States
Travel groups are lobbying for legislation that would modernize the Transportation Security Administration by expanding the PreCheck program and updating security technology. Organizations including the Global Business Travel Association and the U.S. Travel Association for years have backed expanding the PreCheck program, which permits passengers to leave on their shoes, belts and light jackets when they go through security. They argue it enhances security, while also shortening security lines at airports. Just last month, a coalition of eight travel groups, including Global Business Travel Association and the U.S. Travel Association, sent a letter to Senate Majority Leader Mitch McConnell, R-Ky., and Senate Minority Leader Chuck Schumer, D-N.Y., advocating for the legislation and citing that in 2016, TSA screened more than 100 million travelers more than they did in 2013. They additionally noted that TSA has experienced two out of 10 of the busiest days in its history within the past year. The bill also would require TSA to create certification standards that would permit third party explosive-detections dogs to be used by TSA to assist with screening passengers and luggage. Furthermore, TSA must provide wait time information of each of the airport security checkpoints to the public online and in airport terminals.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!