Our friends and colleagues at Dryad Global, Experts in Global Issues and Maritime Security Risk Management, has provided us with their 2019 Global Security Review and 2020 risk assessment for the Shipping Industry. Red Sky Alliance has been working close with Dryad this past year and we have observed and appreciated their timely and actionable maritime intellgience reports. This information is of extreme valuable to our members who operate in the Transportation Sector.
From Dryad: "Managed b
Our friends at Global Rescue offer their 2020 Travel Trends, which are very usful for Red Sky Alliance members who travel internationally. Global Rescue is a trusted partner of Red Sky Alliance.
Link to full report:
https://www.globalrescue.com/common/blog/detail/Travel-Trends-for-2020/
SUMMARY
On 27 Dec 2019, the United Nations General Assembly approved a resolution proposed by Russia for the formation of an “ad hoc intergovernmental committee of experts to elaborate a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.” The first meeting of this committee is scheduled for August 2020.
The US has objected to this effort, and many democratic countries have also spoken against this proposal yet is als
After the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial. So now everyone is waiting to see how Russia will respond.
In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use. 2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but
Summary
Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani. Evidence indicates that these are low level attacks looking to target convenient and insecure targets. The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely
A class action lawsuit was filed in California against TikTok, the Chinese social media platform developer, in November 2019. The lawsuit claimed that the TikTok app was designed to “covertly tap into a massive array of private and personally-identifiable information” and used “non-standard encryption to conceal the transfer of such data from users’ devices to Defendants.”
The 46-page lawsuit text contained details about the data types that TikTok was collecting, including user-generated video
FBI Flash Bulletin / TLP GREEN
Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019. Maze encrypts files on an infected computer’s file system and associated network file shares. Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data. After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key. An international
Hong Kong conducted District Council elections on 24 November 2019. These local councils handle quality-of-life issues for their constituents, but the elections were seen as a referendum on the anti-Beijing protests that have rocked Hong Kong for several months. The election results strongly favored pro-democracy forces. Of the 452 seats contested, 388 were won by pro-democracy candidates and only 62 went to pro-establishment parties.
The clear message that most Hong Kong citizens supported w
Summary
RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.
In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age
California has recently created a law known as the California Consumer Privacy Act (CCPA) which will go into effect on January 1, 2020. Similar to Europe’s GDPR regulations, the act aims to inform consumers about the information being collected about them, while giving them the power to decide how that information is handled. This law only protects California consumers and exclusive to the following companies:
Red Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC). Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US. In total, 113 additional domains were registered by the same actors in August-November 2019.
Details
On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed. The attackers convinced the member’s pr
Red Sky Alliance has recently observed multiple Chinese, state sponsored, Advanced Persistent Threat (APT) groups targeting Chinese-Muslim non-governmental organizations (NGOs). Historically, Chinese APT groups have conducted specific cyber campaigns against these type organizations, traditionally with little or no overlap.
The US Secretary of State (SECSTATE), Mike Pompeo, issued a statement on 26 November 2019 reporting a collection of leaked documents that prove Chinese authorities are eng
By 12 November 2019, hacker Alexei Burkov was extradited from Israel to the US to face major credit card fraud charges. Originally arrested in 2015 for his role in Cardplanet, his extradition was delayed several times as the Russian government was fighting against his extradition to the US. Israel subsequently received a competing extradition request from Russia. Then, Russia arrested and sentenced to prison an Israeli/US citizen and offered Israel to exchange her for Burkov. This case show
China Coverage of Report on the Cyber Vulnerabilities of Asian Ports
SUMMARY
Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack. This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry. The report concluded tha
A reexamination of the academic work published by the Nanjing Military Region First Technical Reconnaissance Bureau showed its primary focus was on network security and computer operations issues. This suggests that, like some other Tech Recon Bureaus (TRB’s) in the Chinese military, this unit has likely developed a cyber operations mission.
Details about this unit were revealed by searches for its cover designator, the “73610 Unit.” This element is located in central Nanjing in a large admini
Emotet is a banking malware that emerged in 2014 and has since become a popular malware-as-a-service (MAAS) and a dropper for other types malware. In late September 2019, Emotet returned from a four-month hiatus and was observed in a rash of malicious spam campaigns.[1] The most common delivery mechanism consists of office documents distributed via email.
TIR-19-309-001.pdf This report examines the Emotet infrastructure and botnet observed in recent weeks. Indicators are available in a companio
From our Asia Desk - China has just opened a new airport near Beijing equipped with facial-recognition systems that let a passenger check in, clear security, and board an aircraft using only their face for identification. The 5G backbone for this airport system has been built by Huawei Technologies, while the facial-recognition software has been developed by the Chinese companies SenseTime and Yitu Technologies.
This airport technology is a significant benchmark in the Chinese development of ar
TikTok is a popular social media app for sharing short user-created video clips. TikTok is a youth-oriented app that is used primarily by those in the 16-24 age demographic. TikTok is hugely popular with about 500 million monthly users worldwide and more than 26 million users in the United States.
The problem is that TikTok is a Chinese social media app, developed in China by a young engineer named Zhang Yiming and the AI development company, ByteDance, that he founded. TikTok is the internat
On 6 August 2019, the Government of India struck down “Article 370A and 35A” from its constitution. Article 370 is a constitutional provision that grants special status and allows the Indian state of Jammu and Kashmir to make its own laws. The State of Jammu and Kashmir defined these privileges to include the ability to purchase land and unmovable property, the ability to vote and contest elections, seek government employment and possess other state benefits such as higher education and health
