If you are having trouble viewing this email, click here to view this online

 

VOLUME 86

   ISSUE 86

26 September 2018
Article of the Month Around the World

 

DEVELOPMENT OF CYBERSPACE AND CYBER SECURITY
 

 

The cyberspace and cyber security have today reached a position which had initiated a discussion whether it�s a treat to the mere concept of states. But its origins were greatly different and mostly weak and vulnerable in nature. The historical development of the cyber space in relation to states can be described through three key stages.


 1. The age of individual contribution

The initial stage of Cyber security was the era of individual contributions. This era spans from the 1940s to the mid-1970s.The era is characterized with:

Limited number of individuals and private institutions taking steps in development and research related to cyberspace.
Private funding on research
Limited public knowledge
And limited government interest



During this era key events happened such as


● Nikola Tesla inventions Wireless Communications, Robotics


● Alan Turing inventing the Turing machine- the first personal computer, enigma machine- which decrypted German coded messages during the second world war,


● Maurice Wilkins and her team in Cambridge university developing the first large scale, fully functional digital computer


● ARPANET the first network created by the US forces for the military purposes.




 




 2. The age of state dependence

The time period between the mid-1970s to the early 21st century can be identified as the age of state dependence. During this period, we can observe developments such as The first microprocessor, Email, c programming, personal computers. States identifying the importance of the cyber space and establishing government funded institutions to fund research and experiment. Instead of individuals, state organizations implementing the progressive steps toward the development of the cyber space.

The cyberspace and cyber related elements becoming state owned property
And state gradually letting its citizens use the cyberspace in controlled capacities.
Simply said the cyberspace becomes a tool of the state.
During this era the world experienced


● The US government installing the GPS system for global consumption


●  Cryptologists broke the Enigma machine code for the German government.
 

● Turing, and some others worked towards developing the Bombe. The Enigma machine's use of a reliably small key space makes it vulnerable to brute force.
 

● First high-profile attacks on Microsoft's Windows NT operating system
 

● Love letter and Love Bug worm, is a computer worm written in VBScript
 


 3. The age of individual upheaval

During the early part of the 21st century the cyberspace went through a major shift. Instead of being fully controlled by the government individual activism and decentralized control emerged as the new identity of the cyber space

During this particular era which we are living through right now the following developments occurred. Initiation of social media such as twitter and Facebook which drew the public towards the cyber space. The expansion of technology and knowledge to all parts of the world
The centralized control maintained by several states such as the USA and Russia declined and the cyberspace became more decentralized. The world today has become more of a virtual than a realistic and people seem to be enjoying living in it.


 



 

By:

Akila Prabash

Akila is an undergraduate of the National School of Business Management who is currently following Bachelor of Computer Security, currently he is working as Intern - Information Security Engineer at Sri Lanka CERT|CC




 

 

 

 

 

 

 

 

 

 


 




 

 

 

 

 

 

 

 

 

 

 

 

References

1 Statistics on the Internet growth in Sri Lanka
http://www.trc.gov.lk/images/pdf/
statis_sep_2012.doc
2.The Dragon Research Group (DRG)
http://www.dragonresearchgroup.org/
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
https://www.jpcert.or.jp/english/tsubame/
4.Shadowserver Foundation
http://www.shadowserver.org/wiki/
5. Team Cymru
http://www.team-cymru.com
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
  
  Google Introduces Data Privacy Framework Ahead of Senate Hearing
  

  

"...Google has a lot of thoughts regarding privacy, so the company on Monday released a framework detailing its ideas about data protection.

The tech giant released the document ahead of an upcoming Senate hearing where Google will face questions, CNET reports. .."

 

Survey: Citizens Favor a More Digital Government

  

"...he survey, conducted by professional services company Accenture, found 86 percent of citizens view digital delivery of public services �as equally or more important� than traditional methods of public service delivery. The survey polled some 6,000 citizens aged 18 or older from the United States, United Kingdom, France, Australia, Germany and Singapore in May about a variety of public service topics....."

  Fake finance apps on Google Play target users from around the world
   

 

'...Another set of fake finance apps has found its way into the official Google Play store. This time, the apps have impersonated six banks from New Zealand, Australia, the United Kingdom, Switzerland and Poland, and the Austrian cryptocurrency exchange Bitpanda. Using bogus forms, the malicious fakes phish for credit card details and/or login credentials to the impersonated legitimate services....'

Smart homes, dumb devices: Making the IoT safe

   

  

'...The Internet of Things is growing by the second. Gartner predicts that by 2020, there will be 20.4 billion connected devices worldwide. Unfortunately, this vast network presents hackers with an equally vast array of easy access points to take advantage of....'

Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras

  

'....Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability that allows hackers to access surveillance cameras, spy on and manipulate video feeds or plant malware.....'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in August 2018
     
  Statistics - Sri Lanka CERT|CC

Manipulation tactics that you fall for in phishing attacks

'...It�s 6 p.m. on a Friday. Just as you finish packing up for the day, an email from your boss pops up on your phone asking why an urgent payment didn�t go out earlier in the week. He�s tied up in a business dinner, so he needs you to wire payment to a specific vendor immediately and send him a confirmation email here once you�ve done so. Eager to help (and get out of the office for the weekend) you transfer the money and email your boss. He thanks you for going above and beyond.

Come Monday morning, you�re pulled into an emergency meeting. The company has lost $157,000.....'

Facebook partners with Internet Society to accelerate African connectivity

"...Facebook has announced partnering with non-profit organisation the Internet Society to push connectivity across the African continent by developing Internet Exchange Points (IXP).

According to the Internet Society, around 42 percent of African countries do not have IXPs -- with only 44 active IXPs across all 32 nations -- meaning that much of their network traffic is managed via satellite connections or subsea cables...."
​'By 2025, Machines Will Do More Work Than Humans, a New Report Says

�...There�s one number that people forget to talk about when bemoaning the imminent robot apocalypse.

It�s not the number of seconds it takes a robot to solve a Rubix cube (.38) or the number of hours it takes to train an algorithm to detect cancer....�
How to improve hiring practices in cybersecurity

."...There are few things that cause the computer security industry more concern than the need to avoid �false negatives�. While no product or technology is a silver bullet for preventing every single genuine threat, we go to great lengths to provide comprehensive, ever-improving detection and protection � and to have this reflected in competent, independent tests. And yet, there is a huge number of systemic false negatives happening in our efforts to populate security positions.�. ...."

 
Notice Board
  

Training and Awareness Programmes - September  2018

  
DateEventVenue

Brought to you by:                           

  
 

Sri Lanka Computer Emergency Readiness Team | Coordination Centre
Room 4-112, BMICH, Bauddhaloka Mawatha, 
Colombo 07 
Tel. +94 - 112 691 692
www.cert.gov.lk