Published on the Global Commission on the Stability of Cyberspace Website on September 9, 2019.
The Global Commission on the Stability of Cyberspace held its fourth meeting of 2019 in Addis Ababa, Ethiopia, on 11-12 October. The Commission meeting took place just after the Global Forum on Cyber Expertise (GFCE) Annual Meeting, hosted by the African Union Commission.
On Friday 11 October the GCSC held public Cyberstability Hearings, in partnership with the GFCE and hosted by the African Union Commission. The Hearings were dedicated to “Norm Implementation & Capacity Building: Two Sides of the Same Coin?”. The Hearings were conducted in an expanded roundtable format and featured discussions between GCSC Commissioners and representatives from government, the private sector and civil society on matters pertaining to international peace and security in cyberspace.
U.S. counter-spies launch campaign against ‘insider’ threats, Reuters.
U.S. Unleashes Military to Fight Fake News, Disinformation, Bloomberg.
Moving the Encryption Policy Conversation Forward, Carnegie.
Statement for the Record by the Honorable Michael Chertoff Co-founder and Executive Chairman of the Chertoff Group and Former Secretary of the U.S. DHS, The US Senate Committee on Homeland Security and Government Affairs.
France’s Major Statement on International Law and Cyber: An Assessment, Just Security.
International security and cyberspace at the UN, Australian Department of Foreign Affairs and Trade.
Trump admin weighing retaliatory action against Iran after Saudi oil attack, NBC News.
The American way of cyber warfare and the case of ISIS, Atlantic Council.
India and Russia share an evergreen relationship of trust and confidence, ORF.
The Urgent Search for a Silver Bullet Against Iran, The New York Times.
Iran denies successful cyber attack on oil sector, The Times of Israel.
Secret F.B.I. Subpoenas Scoop Up Personal Data From Scores of Companies, The New York Times.
Air Force unveils 10-year cyber warfare plan, FCW.
Biarritz Strategy for an Open, Free and Secure Digital Transformation, G7.
NATO will defend itself, NATO.
Joint Statement on Advancing Responsible State Behavior in Cyberspace, US Department of State.
Can Tech be Governed?, Berkman Klein Center.
CEPOL presented to the LIBE MEPs of the new parliament’s mandate, CEPOL.
EU Statement – United Nations Open-ended Working Group on Cyberspace: First Session, EEAS.
APC statement to the First Substantive Session of the Open-ended Working Group on developments in the field of information and telecommunications in the context of international security, APC.
Statement by the Association for Progressive Communications, APC.
The Operationalization of Norms and Principles on Cybersecurity, CircleID.
An Innovation Agenda for Europe, Project Syndicate.
Global Cooperation in Cyberspace Progress Roundtable – Palo Alto 2019, EWI.
World powers are pushing to build their own brand of cyber norms, CyberScoop.
New global cybersecurity process begins: APC presents statement at UN Open Ended Working Group, APC.
AfriSIG: Capacity-building role-play exercise results in concrete input to UN Secretary-General on digital cooperation, APC.
SESSION 7: ASSURING CYBER-SECURITY IN THE WESTERN BALKANS AND THE REST OF EUROPE, Belgrade Security Forum.
‘Right to Be Forgotten’ Privacy Rule Is Limited by Europe’s Top Court, The New York Times.
Threats and Risk Mitigation
Police hijack a botnet and remotely kill 850,000 malware infections, TechCrunch.
Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks, CyberScoop.
Symantec finds that a ‘new’ Chinese hacking group has actually been around for a decade, CyberScoop.
Report reveals play-by-play of first U.S. grid cyberattack, E&ENews.
ESET discovered an undocumented backdoor used by the infamous Stealth Falcon group, welivesecurity.
Pervasive Social Engineering Characterizes the Threat Landscape: Proofpoint Releases the Human Factor 2019 Report, ProofPoint.
Well-known ethical hacker describes recent cybersecurity and ransomware attack scenario, International Business Times.
New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction, WIRED.
CISA Chief: Ransomware Attacks ‘Pretty Close’ to Large-Scale Cyber Event, Meritalk.
Hybrid and cybersecurity threats and the European Union’s financial system, Breugel.
Notorious GandCrab hacker group ‘returns from retirement’, BBC.
High-severity vulnerability in vBulletin is being actively exploited, ARS.
Tags: GCSC Commissioner Jeff Moss.
Conflict in Cyberspace
Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran, Yahoo.
‘Nederland hielp bij hackaanval op Iraans atoomprogramma’, NOS.
North Korea denies it amassed $2 billion through cyberattacks on banks, Reuters.
Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware, CyberScoop.
U.S. Files Criminal Charges Against Chinese Professor Linked to Huawei, The Wall Street Journal.
Information warfare should be treated like call-for-fire missions, Army Cyber says, Army Times.
The Saudi oil attacks could be a precursor to widespread cyberwarfare — with collateral damage for companies in the region, CNBC.
Senator Mark R. Warner on U.S.-China Competition, USIP.
CyberPeace Institute to Support Victims Harmed by Escalating Conflicts in Cyberspace, CISION.
Humanitarian Implications of Cyber Conflicts, CSIS.
Industry and Civil Society Developments
France says social media platforms will still sign hate speech pledge, Reuters.
Better Security And Business Outcomes With Security Performance Management, Forrester.
Seventh African School on Internet Governance to take place in N’Djamena, Chad, on 4-9 September, APC.
Regulator Weighs Disclosing Names of Utilities That Violate Grid Security Rules, The Wall Street Journal.
Submission to Global Commission on Stability of Cyberspace on the definition of Cyber Stability, CIS.
Cyber AI Platform, DarkTrace.
The Great Anti-China Tech Alliance, Foreign Policy.
Why Companies Are Forming Cybersecurity Alliances, Harvard Business Review.
Raising the resilience quotient, PWC.
Cyber Crisis: Foundations of Multi-Stakeholder Coordination, Council to Secure the Digital Economy (CSDE).
The C2 Consensus on IoT Device Security Baseline Capabilities, Council to Secure the Digital Economy (CSDE).
My way or the Huawei: how US ultimatum over China’s 5G giant fell flat in Southeast Asia, SCMP.
The NCCoE released a draft of the NIST Cybersecurity Practice Guide, SP 1800-23, Energy Sector Asset Management, on September 23, 2019, and is requesting your feedback, NCCoE.
Companies Face Uncertainty Over Challenges to Trans-Atlantic Data Transfers, The Wall Street Journal.
The side projects of Mark Zuckerberg, from building a nightlight and a robot to his new podcast, BI India.
Recent ransomware surge linked to Russian criminal group, StateScoop.
Paige Thompson Charged With Hacking 30 Organizations, Bank Info Security.
Supermicro Bug Could Let “Virtual USBs” Take Over Corporate Servers, Wired.
iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources, Forbes.
Hong Kong Cyber Attack Briefly Disrupts Key Protester Forum, Bloomberg.
IoT security: Now dark web hackers are targeting internet-connected gas pumps, ZDNet.
Political targets at risk as Fancy Bear returns with refreshed backdoor malware, ZDNet.
‘Carpet-bombing’ DDoS attack takes down South African ISP for an entire day, ZDNet.
Security Warning For 23 Million YouTube Creators Following ‘Massive’ Hack Attack, Forbes.
Democracy and Electoral Infrastructure
Unlike U.S., Canada plans coordinated attack on foreign election interference, Politico.
Trump extends national emergency on foreign election interference, The Hill.
Former DHS chiefs: We should anticipate efforts to interfere in the upcoming election, CBSNews.
What would a vulnerability disclosure program look like for voting equipment? Expect an RFI soon, CyberScoop.
Tags: GCSC Commissioner Jeff Moss.
The Cybersecurity 202: How counties are war-gaming Election Day cyberattacks, Washington Post.
Senator Warner and Michael Chertoff at Digital Disinformation Symposium, C-SPAN.
Democracy, Disinformation, and the 2020 Threat: Recapping a PEN America Symposium, PEN.
Microsoft will offer free Windows 7 support for election officials through 2020, CyberScoop.
“Technology should not disrupt democracy and the rule of law”, ERSTE Foundation.
Avoiding Unintended Harm to Internet Infrastructure, IAB.
Marietje Schaake to Join Stanford Cyber Policy Center and Institute for Human-Centered Artificial Intelligence in Dual Policy Roles, Stanford.
Emerging Technologies and Managing the Risk of Tech Transfer to China, CSIS.
Hacking, Privacy, and Democratic Freedoms in the Information Age, New America.
Christopher Painter on Cyber Politics, UCD Clinton Institute.
The Law & Politics of Cyberattack Attribution, UCLA Law Review.
Exclusive: Edward Snowden’s First Adventures in Cyberspace, The Nation.
Foreign intelligence in the digital age. Navigating a state of ‘unpeace’, The Hague Program for Cyber Norms.
JPMorgan Hacker Will Plead Guilty Over Role in Vast Cyber-Attack, Bloomberg.
Decoding the GRU indictment, Medium.
Dear network operators, please use the existing tools to fix security, ZDNet.
Tags: GCSC Norm to Protect the Electoral Infrastructure, GCSC Norm to Reduce and Mitigate Significant Vulnerabilities.
The Art of Cyber Journalism, CSIS.
11 September 2019: Japan’s Response to Cyber Threats: Mega Events and Beyond, Reischauer Center for East Asian Studies.
21-22 September 2019: The Dark and the Digital, Institute of Art and Ideas.
26 September 2019: Securing Elections – Global Lessons Learned, Center for Cyber and Homeland Security.
1-3 October 2019: Singapore International Cyber Week, SICW.
2-3 October 2019: CyberCrimeCon/19, Group-IB.
4 October 2019: The state of OT cybersecurity in the utilities industry, Atlantic Council.
8-10 October 2019: GFCE Annual Meeting 2019, GFCE.
11-12 October 2019: GCSC Meeting in Addis Ababa, Ethiopia, GCSC.
14-16 October 2019: CyFy, ORF.
20-22 2019: 6th World Internet Conference Wuzhen Summit, Wuhzen Summit.
21-25 October 2019: Cyberweek, CyberScoop.
28-29 October 2019: AI Ethics, Policy, and Governance, Stanford University.
12-13 November 2019: Paris Peace Forum, PPF.
25-29 November 2019: Internet Governance Forum, IGF.
28-29 November 2019: CyberCrimeCon 2019 – Singapore, Qwoted.