GEOPOLITICA DEL MONDO MODERNO

Category archive

Tech & Cyber

Focus on Estonia: chapter 2

Tech & Cyber di

As we mentioned in our previous and first article on Estonia, we are now going to concentrate on its evolution in the EU institutions context. Let’s start from something easy to be told. Better: let’s start from something very difficult and technical, but very easy to be explained to readers. Let’s talk about eu-LISA. We mentioned this agency in some of our previous articles last year, speaking about the specularity between UN Agencies and EU ones. eu-Lisa is special, and has no twins in the UN context.

downloadIts acronym refers literally to eu (of course, Europe), L(iberty), I (“I” or “J” mean the same: is the first letter for Justice), S(ecurity), A(gency). The extended name is European Agency for the operational management of large-scale IT Systems in the area of freedom, security and justice.

The Agency is settled in Tallinn, the pretty Estonia’s capital, since 2012, and provides technological support for EU Member States and Institutions, managing the large-scale integrated IT systems whose aims are to maintain internal security in the Schengen countries, to enable Schengen countries to exchange visa data and to determine which EU country is responsible for examining a particular asylum application, according to the well known Dublin system.

The Agency is also in charge to test new technologies to put in place a modern and secure border management system in the EU. For example, it was tasked to put in place and start the testing and follow-up phases of the “Smart Borders” project, the operational step of the “Smart Borders package” drawn by the European Commission, and discussed by the Council of the European Union, in its Justice and Home Affairs modality. This “package” will institute – only after an agreed and well-concluded co-legislation process – an Entry-Exit System (EES) and an European Travel Information and Authorisation System (ETIAS). Both of them are supposed to start in 2020. The first one will ensure border security tracing all the movements of third countries citizens through the external borders of the Union in both directions. Of course, monitoring the flow of tourists and travellers, the system should check visas, passports, ID documents, verifying if any of the checked persons are criminals, terrorists, or involved in some way in illegal immigration or, worst, in migrant smuggling. This EES should in effects prevent and deter crimes related to immigration, terrorism, and human trafficking. In addition, it should automatically alert the law enforcement agencies about the so called “overstayers”, people who exceeded the maximum period of their stay within the EU borders, according to their visa.

The ETIAS will be very similar to the American ESTA, and is instituting a sort of reservation for achieving a permission to travel to Europe. The entrance of this system in the EU legislation environment is meaning that the Schengen Border Code must be changed. But, of course, it will increase the prevention and the prosecution of crimes involving borders and internal security. That’s sure: people suspected to be criminals or terrorists will not be allowed to enter the Union.download (1)

We think that eu-LISA presence in Estonia is a source of pride for this evoluted, smart and resolute country.

The Agency has a management board that meets twice a year and in which all Member States are equally represented, and uses some advisory groups, made of technicians and experts in both the IT and JHA issues. It manages the 3 main JHA systems and databases: the Schengen Information System, the Visa Information System and the Eurodac (whose main task is to collect and examine the fingerprints of people asking for asylum in the EU).

Of course, the Agency studies the way to make Europe safer, from a technical point of view, but has no legislative or cogent powers. It cooperates with single Member States and all the European Institutions – in the JHA area – aging as a high specialized and very qualified consultant and advisor.

 

The Agency is also part of the network of the JHA Agency which, once a year, organize a joint meeting of their key representatives, in order to exchange methodological information, best practices and training. The network chair is rotational and is chosen from all the agencies Directors for one year. The agency which holds the presidency of the network is also in charge to host the meeting in the country in which is settled in. All the Agencies, after the meeting, approve and disseminate a document containing their joint conclusions, whose aim is to make their policies and actions more coherent, deconflicted, and better linked.

eu-Lisa and Tallinn were in charge of this in 2015. Another reason to look to Estonia as a key partner and actor in the EU, which is increasing its role in the european security framework.

Our next step will be a focus on the upcoming Estonian Presidency of the Council of the EU.     

 images

Moscow and the extradition of blogger Alexander Lapshin

Moscow has made a statement on the extradition of blogger Alexander Lapshin, who holds Russian citizenship, to Azerbaijan. “According to the available information, the Supreme Court of Belarus, having considered the case in a closed session on Feb. 7, dismissed the complaint of the citizen of Russia and Israel Alexander Lapshin against the decision of the General Prosecutor’s Office of the Republic of Belarus on his extradition to Azerbaijan. The Russian side expresses disappointment with this decision,” reads a message on the website of Russia’s Ministry of Foreign Affairs. “We intend to continue taking all the necessary measures to protect the rights and legitimate interests of the Russian citizen to quickly return him to his family,” the message said.

Civil pact on nuclear power signed by India and Japan

BreakingNews @en/Tech & Cyber di

Prime Minister Shinzo Abe on Friday signed a civilian nuclear cooperation pact with visiting Indian leader Narendra Modi as he pushed to promote exports of Japanese nuclear technology to keep the teetering economy afloat. The basis of the treaty was agreed on last December, before his three-day visit to Japan. The treaty will allow Japan to transfer nuclear technology-related components and help build reactors in India, where countries like China and France are eyeing opportunities for similar investments.

Behind DYN attack: Mirai malware

Tech & Cyber di

Dyn, Inc. is an Internet management company, offering products to monitor, control, optimize online infrastructure, and a domain registration services and email products that, on october 21st, was attacked with a distributed denial of service and, as a consequence, sites as Twitter, Reddit, Github, Amazon, Netflix, Spotify, Runescape became unreachable.

The double attack took place in the same day agains the company’s DNS infrastructure:

  • First Attack: began around 11:10 UTC against the Managed DNS platform in the Asia Pacific, South America, Eastern Europe, and US-West regions that presented in a way typically associated with a DDoS attack. Mitigation efforts were fully deployed by 13:20 UTC; the attack subsided shortly after:
  • Second Attack: it began at 15:50 UTC and was different from the first. The company managed to cope with the attack at 17:30 UTC, but it really finished in the evening, around 20:30 UTC.

It’s now clear that it was an IOT botnet attack with an open source software called Mirai.

Mirai serves as the basis of an ongoing DDoS-for-hire ‘booter’/‘stresser’ service which allows attackers to launch multiple DDoS attacks.

Nowadays the original Mirai botnet has been modified by users all around the world and high concentrations of Mirai nodes have been observed in China, Hong Kong, Macau, Vietnam, Taiwan, South Korea, Thailand, Indonesia, Brazil, and Spain.

Using thousands of devices all around the world (thanks to Internet of things technologies), with an estimated load of 1.2 terabits per second, the attack is the largest DDOS ever.

U.S. authorities investigations haven’t identified the authors yet, even if Anonymous and New World Hackers claimed responsibility for the attack.

G7 and Japan cyberstrategy

Innovation/Tech & Cyber di

During the last meeting held in Japan last may, G7’s head of state adopted a joint declaration about cybersecurity issues.

Representatives of the biggest 7 economies in the world stated that Internet is a key driver for global economy: openness, interoperability, reliability and security are the cornerstones of this vision, as well as the free flow of informations and protection of human rights on line.

How G7 countries are going to empower their principle declaration?

Firstly, cooperation between all the actors responsible for cybersecurity: governments. business, research and society as a whole.

Secondly, international law: according to the G7 governments it is applicable, including the United Nations Charter, in cyberspace. Furthermore, cyber activities could amount to the use of force or an armed attack within the meaning of the United Nations Charter and customary international law.

A new UN Group of Governamentals Experts (GGE), is expected to discuss more how existing international law can be applied to cyberspace.

Finally, G7 encourage more states to join the Budapest Conventionon Cybercrime and support the work done by the G7 Roma – Lyon Group’s high-tech Crime subgroup.

Even though cybersecurity is one the most important issue in the international agenda, G7 declaration sounds quite predictable without introducing any important innovation in policies.

 

JAPAN CYBERSECURITY STRATEGY

What’s the framework of the country, the third economy in the world?

As most of the cybersecurity strategies, Japan adopted a white paper. The first edition was released in 2013, while a second one in september, 2015.

The Japan Cybersecurity basic act focus on govenerment led and non government actors.

Japan Cert and National Center of Incindent REadiness and Strategy for Cybersecurity are the responsible for developing national cybersecurity policy and ensuing the security of different public sector organizations, to put forward proposals as well the Basic Cybersecurity act.

Public – private partnership is another pillar of this strategy.

Surprisingly, for a country like japan, there are weak points, too, according to a Deloitte’s Asia Pacific Defence outlook 2016.

Japan is an aging country, and its population is quite unaware of the risks of cybercrime: the system as whole is weak because people don’t behave properly in the net.

There few efforts to promote domestic expertise on cyber issues.

Cooperation is a problem, too, because admitting of being attacked a behavior socially unaccepted: frauds or cyberattack are hidden to the community.

Island mentality is another element: japanese believe no threats can hit them because they live on an island protected by the sea. Obviously, it’s not the case when we talk about cyber attacks.

To sum up, Japan is an high-value target for its economic and technology power, and its policies and its approach toward cyber issues doesn’t seem fitting.

 

Leonardo Pizzuti

 

Simulated war, French Army acquires a global license for SWORD

BreakingNews @en/Europe/Tech & Cyber di

Automated war game simulating battles, but with realistic applications. It’s the case of SWORD, the flagship constructive simulation software created by MASA, an innovative company leader in the field of artificial intelligence, which global license has been acquired by French Army. SWORD enables simulated units to act large-scale exercises in the most realistic way possible, while minimizing the combined operating costs and animation effort.

Preparing military staff for action is made much more efficient by training in a realistic operational environment, with joint forces and allies, in a variety of different battlefield scenarios. It means an immediate solution to SOULT (the simulation program for Combined Forces and Ground Logistics Units’ Operations), for the operational preparation of Combined Forces at division, brigade, and battle group command posts. According to Colonel Philippe Dutroncy, (Network Operations Development Service, Land Forces Command), «SOULT will allow the French Army to achieve the following objectives: systematize simulation training as a way to prepare for a wide number of operational engagements, streamline simulation tools deployed in the forces and at training centers, continue expanding the use of simulation for capability preparation or for support on operations.

The flexibility of employment and evolution of SWORD effectively allows us to foresee its use in all types of operational preparation for command posts, but also in training specialist areas (Engineering, Intelligence, Logistics, or CBRN – Chemical, Biological, Radiological, Nuclear), the testing of future military doctrines, the preparation of operations, and for post-operation analysis and conclusions». The military deployment of SWORD is the culmination of a process that responds optimally to the needs expressed by the Armed Forces, which fragmentation has made it necessary to have flexible training tools that let us work effectively with reduced staff numbers and simulate a large variety of situations. The Centre of  Expertise for Information validation and SIMulation (CEISIM), which oversees simulation and digitalization within the French Armed Forces,  will now be tasked to manage the deployment of SOULT and its assimilation by the Army.

Colonel Claude Chary, Commander of CEISIM, adds: «The testing of SWORD, led in conjunction with the military engineering school, conforms perfectly with our policy of deploying simulation solutions whose purpose is to support the decentralized operational preparation of Land Forces. Compatible with the interoperability framework of the French Land Forces, SOULT connects seamlessly with current and future operational information and communication systems».

Viviana Passalacqua

 

Operation “Pangea VIII”. EU against counterfeit medicines.

The Hague: – “Our” European security agency Europol has provided its support to an Interpol operation aimed at dismantling a criminal network involved in the trafficking of counterfeit drugs, through online illegal pharmacies.
“Pangea VIII” is the name of the operation, which ended with the arrest of 156 suspects worldwide, and with the seizure of potentially harmful medicines, worth a total of $ 81 million.
The whole operation involved 115 countries and provided impetus to 429 different criminal cases. 550 were the ads for online sales network and well-removed from the 2,414 sites blacked out.
For the occasion, the European Agency – since its foundation involved in the security of the continent on the strategic plan, and even at the operational one – has seconded its experts at the Interpol HQ in Lyon, France.
Specifically, Interpol specialists and representatives of Europol have shared all the data in their possession, including those from the database held by the Haguean agency, finding numerous matches, useful for investigations.  They also provided valuable legal support to the BKA, the Austrian Federal Police, as well as the Customs Agency and the Health of that country beyond the Alps.

In addition to the discovery of a huge warehouse of counterfeit drugs in Indonesia, the various police forces involved focused on the e-mail accounts, on the domains registerers and on all those involved in delivering of goods and in electronic payments.
Among the drugs seized, they stood out  – obviously – those for erectile dysfunctions, for blood pressure and certain anticancer drugs. Many drugs were expired, or badly preserved and one of the tasks of the organization was right to alter the dates of maturity or the amount of active ingredient present in the contents.

236 was the number of involved police forces and agencies, and of course many of them were European ones.

To be noted is the fundamental and substantial support provided by some private companies and e-commerce giants such as Google, Mastercard, American Express and PayPal.
Another hit scored by the international police cooperation. Even and especially European.

European Agencies and ATM Security.

skimmer_800_800On June 10th, Europol and ATM Security Team reiterated their collaboration in contrasting the so-called “payment crimes”, during one of the three annual meetings of the Team, held to Europol Headquarters in The Hague. “Security team” means EAST, the European ATM Security Team, a European non-profit organization, whose task is to collect and disseminate information to and from installe  rs and bank ATM networks (ATM = Automated Teller Machine).

Europol Centre against Cybercrime (EC3) has signed a memorandum of understanding (MoU) with EAST, in order to further strengthen cooperation in the fight against all forms of crime linked to ATM cards and credit cards, including virtual fraud, i.e. those that are committed in the absence of normal magnetic supports, by malware or other hi-tech techinques, or by physical attacks to ATMs themselves.

The MoU will allow to exchange data and strategic information, between the Agency and the EAST, meaning that one of the three annual meetings of the tastierino-400x300same team will be always held at the Europol headquarters in The Hague, just as has happened for the first time in the abovementioned cisrcumstance.

Beyond the statements made by leaders of the two organizations, Europol has recognized the seriousness of the physical or virtual attacks to ATM systems, and has prepared a document containing guidelines about the threat. The document (the drafting was coordinated by the EAST) will be disclosed in the coming days and is an example of a coordinated response between security agencies and the world of finance banking, aimed to contrast the emerging and increasingly worrying growth of some criminal phenomena such as, for example, the “skimming”.

For non-experts, we point out that “skimmers” are devices that can read the magnetic strip of debit cards and credit cards, directly into the ATM slots. Obviously, the very high nanotechnology of these “readers”, is associated with the use of illegally concealed cameras, positioned in such a way to spy on the finger movements of the money pickers, recording the numbers that form the PIN sequence.Un momento della prima della firma del protocoloo d'intesa

Europol: Operation “Triangle”, cybercrime net dismantled.

Yesterday, an international joint police operation, called Operation “Triangle”, has led to the dismantling of a group of criminals, who were active in Italy, Spain, Poland, United Kingdom, Belgium and Georgia, and are suspected of committing financial fraud and intrusion in e-mail accounts.

The operation – which took place simultaneously with searchs in 58 homes in the involved countries – led to the arrest of 49 alleged members of the criminal group. Law enforcement officials from different Member States have seized forged documents and bank accounts, credit cards and cash, as well as numerous laptops, hard drives, phones, tablets, and SIM cards.

The brilliant operation, which was coordinated by the European Centre for the Europol Computer Crime (EC3) and Eurojust (the European agency in charge of cooperation in the field of criminal justice), and whose principal actors were the Italian Postal & Communications Police, the Spanish State Police, the Polish Central Bureau of Investigation and some law enforcement agencies in the UK, dismantled this organization and discovered an international 6-milions-euro fraud.

Money was earned in a very short time, because the modus operandi used by this criminal group was the so-called “man in the middle”, and was based on repeated attacks in telematics systems, through the use of malwares and social engineering techniques, against European companies of medium and large business volume.

Once entered into the corporate accounts mail, hackers began to monitor communications to detect requests for payment. Customers were then asked to send the money on bank accounts controlled by the criminals.

Criminals, mainly coming from Nigeria, Cameroon and Spain, transferred their illegal gains outside the European Union, through an intricate money laundering bank transactions.

To allow a rapid coordination, a fast communication between the different actors and an effective exchange of information, a coordination center was set up at the Europol headquarters in The Hague, which hosted all representatives from the different national police forces and Eurtojust.

In short, the famous former “third pillar” is finally working.

Domenico Martinelli
Vai a Inizio