Let's Talk: UN Cybercrime Treaty, Anonymous Sudan, and Juice Jacking

Threats from Anonymous Sudan

International cyberwarfare and hacktivism are yet again making waves in the cybersecurity threat landscape. In April, it was Russian cyberwarfare, and this week, Anonymous Sudan has claimed responsibility for hacking Israeli rockets and the Iron Dome. On its Telegram channel, the hacker group flaunted its ability to take down Israeli rocket warning systems' websites along with their smartphone apps. They also promised more attacks of this kind in the US.

The Israeli Defense Force has reported that the Iron Dome's efficiency in intercepting rockets fell to 71% from its usual rate of 90 to 95% - seemingly validating Anonymous Sudan's claims. This example shows that hacktivist groups, generally far less funded than state-backed threat actors or cybercriminals, can cause major damage to countries' critical infrastructure.

Worried about Juice Jacking?

This week didn't just remind us of the danger of cyberwarfare and hacktivist groups - it also reiterated how things can look more grim than they actually are. Alarms were raised in the past month about hackers using juice-jacking, a practice consisting of extracting data from a fully locked phone via public chargers. While caution is always advised, we saw that some warnings were overstated, the GrayKey devices can allow for data exfiltration put this can take up to a few days and cost in the five figures to do. Simply put, it's too expensive and time consuming for hackers to carry out these attacks at a wide scale. Juice on!

UN Cybercrime Treaty - Cyber Bullying May be a Crime

We predicted that we would see more state involvement in cybersecurity and this week reminded us that cybersecurity is an international affair as the UN Cybercrime Treaty makes headway at the UN. The Treaty includes the following items:

• The introduction of over 30 criminal offences related to cyberattacks, including hacking, malware distribution, and cyberbullying.
• Enhanced protection of critical infrastructure, with power, transport, and communication explicitly mentioned.
• Improved procedural safeguards guaranteeing due process to individuals accused of cybercrime.
• Improved international cooperation for cybersecurity threats.
• Recommendations on protection of personal data from unauthorized use via data protection laws.

At the same time, critics point out that other measures in the Treaty, including punishment for insulting religions or humiliating others online, constitute overreach. Others claim that it would legitimize intrusive surveillance and limit civil liberties. As with any development in the?cybersecurity landscape, it's not clear if this is a good or a bad thing as of yet. We will be watching this unfold closely.

Our Advice

When we look at cyber events every week, we see different trends emerge. Going into the spring, we advise our readers to consider these steps in securing their cybersecurity posture:

1. Focus on cyber-resilience; we saw it a few weeks back with DDoS attacks striking down the PMO and Senate websites, disruptive cyberattacks will happen. Test your backups, incident response plans and playbooks - make sure you know what to do when an incident happens.
2. Zero-in on training; note that more than three quarters of IT attacks enter systems via social engineering, not malware. Make sure staff is your first line of defense against hackers - train them to recognize attacks and to appropriately respond to them.
3. Segment your security zones; this is especially relevant for critical infrastructure, think about how you protect and isolate privileged accounts and workstations used to access services with higher administrative privilege.