Cyberwatch S p e c i a l
m e d i a
o f
s t r a t e g i c
c y b e r
s e c u r i t y
M A G A Z I N E
2019/1
360 CYBER ACADEMY – THE WINNING CONCEPT FOR YOUR CYBER POLICY
DRONE VULNERABILITIES AND CYBER GOOD LEADERSHIP IS THE MOST IMPORTANT FACTOR OF SUCCESS IN CYBER WORLD
How to avoid digitalization disaster from Cyber security perspective
How to avoid digitalization disaster from Cyber security perspective
2019/1
4 Drone vulnerabilities and cyber 7 Why is strategic analysis of cyber events important for businesses? 8 Frostering trust is key 10 Defending the aerospace and defense sector 12 Autonomous future of cars 14 Accelerating Digital Revolution Has Serious Implications for National Preparedness and Cyber Security 16 360 Cyber Academy 23 Information manipulation – the cyber security’s so far undefeated challenge 26 Cyberwatch monthly review 32 Digital Branding and Marketing in China
Special media of strategic cyber security Cyberwatch-Magazine 2019-1 is special edition published by 360 Cyber Academy Cyberwatch Finland. Publisher 360 Cyber Academy www.360cyberacademy.com Producer and commercial cooperation Pertti Jalasvirta pertti.jalasvirta@soprano.fi Layout Atte Kalke, Vitale Ay atte@vitale.fi ISSN 2490-0753 (painettu) ISSN 2490-0761 (verkkojulkaisu) Print house Printall, Tallin
360Cyberacademy
Importance Of Education Businesses continue to be hit harder and harder by increasingly sophisticated cyber-attacks. While many attacks are perpetrated from outside company walls, the reality is that the most looming threat comes from within the employees. Insider risk is more than 60 % and is the most significant point of failure in terms of security vulnerabilities. From phishing attacks luring employees to click suspicious links that contain spyware, too weak passwords and leaks on social media – all attack vectors can be avoided with effective. The idea that a company could lose its entire reputation as a result of inadequate or non-existent training needs to become a thing of the past. There’s far too much at stake to forgo training. If a company cannot train employees to protect themselves against cyber threats, how will those employees be able to help protect the company? 1. Cyber Security training means valuable content As Cyber security developers prepare content for e-learning platforms, they must optimize it to take full advantage of technology’s capabilities. Personalized learning plans, game and case scenarios and other engaging ways of presenting material to users should be capitalized upon to ensure that users are mastering individual standards for their grade levels and subjects. Multimedia cyber security content that incorporates video and audio helps users to retain more. Practice cyber security problem sets or scientific experiments that have users virtually solve real-world or in-the-lab problems are more likely to encourage paying attention than just reading an instructional text or typing in answers. 2. Educators and Staff Must be Trained as Cyber Security agents When users are studying digital cyber security material, trainers should be welltrained to answer their questions, and how to best utilize technology, in general, to help them learn. Even when users are at home or on the road, trainers should know how to incorporate the use of technological resources to supplement their users learning. While the goal may not be to completely change how educators teach, it should be to help them use technology to the advantage of their students as they prepare them for the 21st century. 3. Users must be cyber educated to use Digital Processes and Best Cyber security Practices to learn Cyber security complexity. As technology is utilized more and more to teach users of all ages, they still need to be trained in how to work, research, and study safely online. Users safety is of the utmost importance, and it is imperative the cyber students have high internet safety skills. Users should also know how to use
Cyberwatch strategy system (CWSS)
AT
CY BE R
AC
AD
Y?
WH
36 0
EM
IS
2 | CYBERWATCH
computers and technology to work with cyber security issues as it is necessary for working and living in the 21st century. We will have smart cities and drones in every service company for delivering goods and humans. IoT technology and understanding its complexity and risks is important. When these cyber training components are put into place, the cyber secure digitalization process can be relatively smooth and successful, and benefit teaching and learning alike. When they are not, the entire cyber security digitalization process can go awry and cause disagreements and huge expensive problems among and between staff, users, and customers. System complexity and Social Physics tools as the solution When countries are in conflict, the Internet is often used as a weapon to destabilize the opponent politically and economically. Social networking agents with fake profiles are often used to affect the social atmosphere inside countries and cybercriminals are hired to attack information technology (IT) dependent business infrastructures. In the recent past, there have been several international events when such incidents have taken place. For example, attacks on power grids in Ukraine in 2015 by hackers, and the involvement of Russian intelligence agency in social media propaganda against Hillary Clinton during US presidential elections in 2016. In addition, there are potential hybrid threats, like attacks on the Internet and national power lines to disrupt telecommunication and causing power outages. Even when states are not in a war like situations, there are so-called “patriotic” criminals who are tolerated so that they can be used as mercenaries in the future. The above situation makes it extremely vital for business establishments and government agencies to remain prepared for impending threats. Before such an action plan is designed to counter and evade the threats, we will construct a comprehensive overview of the incidences in the past whereby private and public organizations have been maliciously attacked allegedly by foreign agencies. Our aim is to forecast possible scenarios and generate overviews of the global situation by using state-of-theart data science and artificial intelligence tools, considering the past records of criminal activities in the cyber domain and relating them to the outcome of events that have occurred in global politics. Specifically, we analyse news reports published through the internet by various global media outlets using AI and different mathematical techniques which ultimately allow us to connect the chain of events that have led to one or more attacks. Our emphasis would be to interlink events happening at government levels to incidents at the level of business sectors as well as at the level of citizens, whose life is increasingly becoming dependent on smart devices that form a major chunk of the cyber world. Pertti
Jalasvirta,
Executive 360 Cyber
Director, Academy
Stock-images of cover and content: Shutterstock
Content
by Pertti Jalasvirta,
Editorial
Good leadership is the most important factor of success in cyber world OUR LIFE IS BECOMING INCREASINGLY DIGITAl and the development of digitalisation and emerging technologies is accelerating. Cyberspace has become an indispensable area of human activity, a sphere of regular security breaches and data threats, and an arena for inter-state conflict. When considering cyberspace from the nation state’s point of view, we must keep two intensifying trends in mind. Firstly, today’s cyber-related questions have become highly politicised. Thus, political commitment to and guidance on the development of cyberspace need to be strengthened. Secondly, cyberspace has created a new domain of warfare and is influencing the so-called cyber dimension of modern hybrid warfare. Hybrid threats have become one of the most prominent security challenges and an important part of security cooperation round the world. The vulnerabilities of modern societies are the main targets of cyber attacks. In the cyber context, vulnerability is commonly defined as weakness related to information technology. The EU Agency for Network and Information Security (ENISA) defines vulnerability as ”The existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved”. A MODERN SOCIETY’S SECURITY is based on the need to identify vulnerabilities and risks at all levels of
the whole ecosystem, including people, processes, technology and data – and also governance as well as leadership, where the prerequisites for success or failure are originally laid down. Identifying the need for a common understanding of the existing threats, regulations, standards, risks, and complexities will be essential for securing critical infrastructure and services in the future. It is up to the national authorities to decide who is responsible for the security of such critical infrastructure and services. In terms of potential targets, the most cited example are the vulnerabilities inherent in our critical infrastructure that could be taken advantage of to create major disruptions that could adversely affect the whole of society. Comprehensive situational awareness and understanding, as well as credible action plans and well-trained personnel, can prevent cyber-attacks and defend critical infrastructure against such attacks. Cyber education and training is the “fast line” in building resilience at modern societies. Modern e-learning tools are urgently needed to fill the cyber education cap. CYBER EXPERTS too often concentrate on analysing cyber security only from the technological – or so-called cyber-technical – perspective. But we should also see cyberspace as an information space; that is, we should approach it from a psychological or cognitive perspective. For some countries it is strategically decisive and critically important to control the domestic populace and influence adversary states. These cyber-psychological means attempt to change people’s behaviour or beliefs in favour of government’s objectives. I believe that the distinction between the cyber-technical and cyber-psychological domains will be more blurred and more combined in the coming years, and both aspects of the process of exerting influence through cyber-related means will have to be considered simultaneously. The building of a more resilient society should not be viewed merely as an extra burden for already economically struggling modern societies; it is also a wonderful opportunity. Structures that allow a society to respond in an agile way to hybrid and cyber threats also support our understanding of and ability to cope with the complex underlying interrelations that make modern societies so fragile. These defensive structures will help to make our societies more functional if decision-making processes become more transparent and inclusive. The key to success is better knowledge and effective leadership. Aapo Cederberg Managing Director, Cyberwatch Finland Chairman of Cyber Security Committee of
World
UAV
Federation
(WUAVF) CYBERWATCH | 3
Author: Janne Voutilainen, M S c s t u d i e s f o r c y b e r s e c u r i t y , University of Jyväskylä 1 5 - y e a r c a r e e r o f m i l i t a r y a v i a t i o n and flying
DRONE VULNERABILITIES AND CYBER Drones are easy to and fun to fly. 100 € drone can take extreme sharp pictures, 4K video is a standard today and even the prize is reasonable for better models. Those characteristics makes them data sensors available for everyone. The capabilities have been improved exponentially during last years as the amount of them. According Finnish Transport and Communications Agency, TRAFI there are 2000 registered drones in Finland for professional use. They estimate that total amount is over 10000. Finnish legislation does not require registration for privateuse.
RQ-170 Sentinel
| C| Y B 4 4 CE YR BW EA RT WC AH TCH
Iranian reverse engineered version of RQ-170
DRONES ARE EASY TO AND FUN TO FLY. A 100€ drone can take extreme sharp pictures, 4K video is a standard today and even the prize is reasonable for better models. Those characteristics makes them data sensors available for everyone. The capabilities have been improved exponentially during last years as the amount of them. According Finnish Transport and Communications Agency, TRAFI there are 2000 registered drones in Finland for professional use. They estimate that total amount is over 10000. Finnish legislation does not require registration for private use. But what about drone cyber security? What malicious attacker might to do and which are best means for defend drones for such attacks? If we consider drone data, the versatility is surprisingly wide. A 500 € drone collects GPS-coordinates from flown routes, user info, camera settings, flight time and history of the equipment. Also, no-fly zones are included for monthly updates. I bought my first drone last august. It is DJI Mavic Pro. When I activated my account, I noticed that almost evert byte on data will be transferred to cloud-service. And, the approval of cloud usage was a requirement for flying. There we are! All data Is available somewhere and I don’t know what else data is collected. The easiness of flying is amazing. Just connect your phone to controller for real time display, make a connection between drone and controller and start a flight. After the flight the phone application created instantly 30 second video with music and it was ready to publish. It is possible to livestream videos online via phones 4G connection. In 2011 Iran was able to hijack American Lockheed Martin RQ-170 Sentinel UAV. It was captured by IRAN cyberwarfare unit. The encryption of military UAV control signals is extremely sophisticated, and everyone was surprised how Iranians were able to execute such operation. That it is a normal phenomenon in cyber domain. An endless competition. At this point Iran reached the goal first. Eventually no one knows what kind data Iranians decrypted from UAV’s memory, at least they were able to investigate the technology. In 2016 Iran released their own UAV which almost looked like Sentinel Drone. DRONE HACKING
There are several ways to make a cyberattack against drones, but two main types are: Denial of Service and Man in The Middle. What Iranians did, included both. They disturbed the control signal and modified it so that they were able to get the command and land the drone to their territory. To make a Denial of Service attack against commercial drone isn’t difficult. It requires Kali Linux installation, a WIFI adapter which can obtain monitor mode and a little bit of knowledge about Kali wireless attack tools. I used Aircracking suite to jam my drones WIFI based control signal. It was easy to find the correct ESSID, because
the default identification is named by manufacture. WIFI password is printed under the battery. In Mavic Pro the password is long and complicated so, cracking password is difficult and takes time some time. Instantly when I launched airplay-ng against BSSID, the command link was lost, IPhones display disappeared camera picture and the controller didn’t work anymore. My drone is equipped with return to home function so there wasn’t any real damage. Cheaper versions might crash due to intentional signal jamming. The WIFI itself is protected with password so modifying control signal requires some time, but I guess that experienced hacker can conduct such operation easily. The Internet is full of “How to Hack Drone” instructions. There are models that are vulnerable and accessing data is easy. Some versions have open FTP port and again using suitable KALI tools, stealing videos, pictures and navigation data is possible. There are also drone models that are not protected with network password, some models have a default one and if users don’t change it, the password is cracked in coupe of hours. Basically, we are talking about IOT security. One risk might lie behind intelligent drone batteries. Batteries are expensive, DJI’s battery costs almost 100 euros. Manufacturers have added some intelligence to batteries. Batteries are able to keep voltage suitable for maintaining battery life as long as possible. Recently there were observations that some models suddenly battery voltage dropped instantly to zero and drone fell down from the skies. My first idea and question were that could it be intentional? THREAT FOR AVIATION
A collision between drone and an aircraft might be fatal. In worst case the drone might hit the jet aircrafts engines. If a medium size bird might cause engine flameout, metal build drone will have same effect. That is reason why drone flying is denied near airports. Drones internal memories might include prohibited areas and they are updated monthly. Flying inside those areas is declined by software. Sometimes the upper limit it is also restricted. There are observations that restricted arears aren’t accurate enough and sometimes they are in wrong position. Breaking and modifying denied areas like sensitive national-security locations areas are one target for hackers. The web is full of instructions how to disable restricted areas. Finally, the pilot is responsible for safe flying CONCLUSIONS
Protecting privacy is a basic task for cyber security professionals and we need to understand that drones are part of cyber domain. So, modifying data and disturbing drone flying is something that malicious parties might want to do. There are technical means to protect data, but they are too heavy and expansive for commercial use. CYBERWATCH | 5
The best way to improve drone cybersecurity is shearing knowledge about cyber threats and basic IOT security. TRAFI have published a smartphone app, “Droneinfo” for drone pilots. It provides information about prohibited areas, flight rules, weather other essential information which is required for flying. One way to improve drone cybersecurity could be add a notification for password safety and other ways for data protection. I’m worried about “unknown” data that drones might collect. It is difficult to observe what kind of data is transferred to their cloud services. It is possible that drone pilots are unaware if the camera takes pictures or videos with satellite coordinates. That is an easy way to collect data from certain interesting areas. The military domain already uses Artificial Intelligence with drones. USA and China have tested drone swarming and it is new military trend. As usual, military technology will reach commercial world sooner or later so we will probably see intelligent drones flying together and connected to same network as well in non-military skies. AI itself includes risks and how can we be certain that AI guided drones have been tested well enough? Couple of years ago the was several unknown drone observations during war exercises in Finland. Also, garrisons and naval bases reported non-wanted drone activity. Other critical infrastructure targets are as well points of interest. Before, it was difficult to intervene such actions but luckily the legislation has developed so that officials have now means
Same area at DJI’s GO app. Note the area boundary compared to previous picture, it is dissimilar. Geo Zone info does not include the upper limit for flying.
to stop illegal drone flying. Investigating drone cyber vulnerabilities will reveal means for defending against unknown flights. There are devices for command signal interference which basically uses same method as mentioned in previous chapter. One challenge is, we don’t know who are behind these flights? It might be something between 15-year old schoolboy or nation-level intelligence service. Capturing a drone might be the one way to make a cyber-attack and achieve effects in physical world. As I did in my experiment, I was able to interfere the drones controlling signal. Unsophisticated and cheaper models do not include “return to home” function. So, if someone flies a drone over crowd and malicious attacker hijacks the drone or disconnects the controller there might be physical damage if the drone hits peoples below. Average done weighs somewhere between 0,7-1,5 kg. In such case, the might be some damage, but if the weight is more the consequences will be more serious. Again, the drone flying rules are one solution. According drone flying rules, it’s denied do fly a drone over crowded area. My opinion is that Finnish Transport and Communications Agency is going right direction with drone flying rules. The rules are as flexible as possible in drone pilot point of view, they share information well and flight safety is kept at high level. Drone cybersecurity is as relatively new area as cybersecurity in aviation. Cybersecurity is an essential part of safe drone flying. Fortunately, the manufacturers have noticed the cyber perspective. Jyväskylä airport CTR and restricted area with upper limit. Picture from DRONEINFO app
KALI LINUX airodump-ng and Mavic Pro’s WIFI network
Denial Of Service – attack against drones WIFI ABBREVIATIONS AND VOCABULARY: BSSID Basic Service SetIdentifier ESSID Extended Service Set Identifie Kali Linux Operating system meant for ethicalhacking FTP File TransferProtocol GPS The Global PositioningSyste IOT Internet OfThings UAV Unmanned AerialVehicle WIFI technology for radio wireless local area networking
6 | CYBERWATCH
Why is strategic analysis of cyber events important for businesses? THE NEED FOR A STRATEGIC VIEW OF CYBER SECURITY
has emerged in a number of recent surveys. Business leaders and other actors need a better strategic level of understanding of the cyber-world events, trends and their ramifications. The pace of change in the cyber environment can be daunting. Targets of cyber attacks are found throughout society, particularly in its vital functions and business community. Often, there are also third-party victims, companies, organisations and their clients who suffers from the attacks. Protection and safeguards are vital, but what is a sufficient level of protection and what are the right investments for cyber security? These are difficult questions for any organisation. Strategic level analysis of the cyber world enables leaders to make better decisions for the future. Cyber events are often characterized by strong technical and cryptic terms, understanding of which requires at least a reasonable familiarity with the subject. Media has done a great job of trying to portray cryptic cyber world events in a comprehensible form for all people. Media plays an important role in boosting cyber awareness among citizens and businesses.
360
Cyber
Increasing cyber awareness as well as cyber education are fundamental, but also cost-effective, elements in ensuring business continuity in the digital era. The ability of companies to analyse and understand the impact of cyber events on their own organization can become a critical competitive factor on tightening markets. Therefore, strategic level analysis, state-of-the-art reviews and discussion on how cyber events affect and how to respond to them are needed. Developing comprehensive security requires a shared overall understanding of the situation and the involvement of all stakeholders. This means a regular process of sharing knowledge, learning and development in a constantly changing situation – leadership. Strategic management of a company can not be outsourced – leadership in cyber security is an increasingly important part of strategic management.
Kim Waltzer Chief Analyst,
Cyberwatch
Finland
Academy TV
www.360cyberacademy.com/videos
CYBERWATCH | 7
Frosterin is key Digitalization has been the name of the game for Swiss Post in recent years in many parts of the business. One example is how new technologies offer promising potential for next generation logistics. Claudia Pletscher, Head of Development and
trust assets is its nationwide presence: if we use the IoT to connect our physical infrastructures such as bus stops, post offices, mailboxes, buildings, ATMs and parcel terminals to the internet, we can optimize our operational processes and offer our customers new and more flexible services – such as individualized parcel delivery methods, for example.
lnnovation, explains how Swiss Post deals with cyber security at an early stage in
HOW DO YOU THINK THE CYBER THREAT RESULTING
projects to avoid hindering innovation. One
FROM THE DIGITAL TRANSFORMATION WILL CHANGE
such compelling example is the future of
SWISS POST?
e-voting.
One direct effect of the digital transformation is that Swiss Post will be more vulnerable to cyber threats. The issue is thus becoming increasingly important for us. Swiss Post has already been active in digital business for a long time with services such as lncaMail. Relevant processes have been established and are being constantly adapted to new or updated conditions as part of an ongoing improvement process. For this, we are using an information security management system. We are also ISO 27001- and ISAE 3402-compliant, for example, so our processes are assessed periodically by the respective certification bodies.
WHAT DOES DIGITALISATION MEAN FOR SWISS POST’S CURRENT AND FUTURE BUSINESS?
Swiss Post will leverage its core strengths from the physical world in the digital sphere too. This means that we won’t just fulfil our traditional! role as the transmitter of confidential information in a physical sense, but in an electronic one too, and we will offer the people of Switzerland the corresponding digital infrastructure. Swiss Post is thus working on various digital solutions and is using cutting-edge technologies to develop new business areas; with eHealth and e-voting solutions, for example, or with the lncaMail encryption service. We are also launching a standard digital ID in partnership with the SBB and so, as a semi-public company, are helping promote simple and secure digital business in the economy and public sector. Swiss Post will also change with regards to logistics and mobility. Digitalization will allow us to supplement existing services with new ones. In Lugano, for example, we are trialling the use of drones to transport lab samples between two hospital sites. In Sion, we are testing self-driving shuttles, and in the Bem region, we have carried out tests using delivery robots for deliveries in the local area. One of Swiss Post’s greatest 8 | CYBERWATCH
WHAT ARE THE KEY ELEMENTS OF YOUR SECURITY STRATEGY TO PROTECT YOUR DIGITAL PRODUCTS AND SERVICES?
The key elements are forward-looking measures (Predict: e.g. security by design, certifications, security processes, etc.) combined with preventative measures (Prevent: e.g. ICT architecture, end-to-end encryption, four-eye principle, etc.). We have also implemented surveillance related measures (Detect; e.g. logging, monitoring, etc.), which make it possible to identify deviations and irregularities. Specialized teams are trained to deal with any incidents as quickly and expertly as possible (Response: CERT team, communication,
Digitalization will allow us to supplement existing services with new ones. In lugano, for example, we are trialing the use of drones to transport lab samples between two hospital sites. - Claudia Pletscher, Head of and Innovation at Swiss Post
DSB processes), and to learn from them. In general, there are two critical aspects of our security strategy: firstly, constant compliance with our information security baseline – i.e. the implementation of best practices -and secondly, the specific focus on business risks, where additional security measures are required. HOW DO YOU ENSURE THAT CYBER-SECURITY MEASURES DON’T INHIBIT YOUR ABILITY TO INNOVATE?
That’s a challenge, of course. We aim to develop services with architecture that already meets the relevant requirements (security by design), and to begin testing even during the development cycle. We also aim to treat innovation projects in a special way from an early stage and to integrate them gradually into higher requirements levels. This includes aspects such as: use of a protected development environment with secure APls to our system landscape, performance of automated tests, agile development and gradual risk elevation, and transparent communication of risks to users. THE INTERNET OF THINGS POSES SIGNIFICANT CHALLENGES TO COMPANIES WITH REGARDS TO CYBER SECURITY. HOW DOES SWISS POST ADDRESS THESE CHALLENGES AS AN OPERATOR OF AUTONOMOUS POST BUS AND PARCEL DRONES?
In terms of ICT security, the Group’s IT department is involved in our SmartShuttle project, as it is in all project and we make it a priority to evaluate all suppliers in an assessment. We also carry out penetration tests on solutions
Development
that contain user data or other sensitive information. There are additional technological hurdles that make it more difficult for a hacker to gain access to the vehicles. The vehicles from the manufacturer Navya cannot be remotely controlled directly over a web interface. The manual control takes place over a control panel, which is connected to a computer in the vehicle. Then, of course, there are other technical security measures that prevent, or at east impede, external access. But as we know, a cyber attack in the field of IT can never be 100% ruled out. CAN YOU USE A SPECIFIC POSTAL SERVICE TO DEMONSTRATE HOW THE CORE ELEMENTS OF YOUR CYBER-SECURITY STRATEGY HAVE BEEN IMPLEMENTED?
Our e-voting system is subject to the most stringent security requirements. Various inbuilt mechanisms and special security-related and cryptographic precautions guarantee security and data privacy. The data is end-to-end encrypted and no persona! data is stored on Swiss Post servers. The votes can be individually verified, which means each voter can check whether their electronic vote has been saved in the same way it was sent. In the future,” universal verifiability” will also be possible. Cantons and the federal government can then carry out comprehensive checks when they open the ballot boxes to determine whether the electronic votes have been counted correctly and were not falsified. So, we can’t rule out attempts to attack the system but, thanks to mechanisms like these, we can guarantee complete transparency. This is extremely important in fostering trust in such solutions.
Text produced by:
CYBERWATCH | 9
Defending the
aerospace
and
defense
Closing
gaps
in
A&D
Your organization is under constant and malicious attack. Your defenses are under siege. Your assets are under threat. And your people are being unknowingly subverted. Are you confident in your cyber security? RIGHT ACROSS the aerospace and defense (A&D) sectors,
the cyber threat is rising. Hackers, hacktivists, organized crime syndicates, state- sponsored actors, and even bored teenagers are constantly testing cyber defenses. And when they find a breach, they waste no time sowing havoc. Thankfully, cyber security and defense capabilities remain high across the sector and (for the most part) the major players and their suppliers have avoided any massive intrusions. Capabilities are so strong, in fact, that a growing number of defense players now offer cyber security “as a service” to other industries and business sectors. But that does not mean that the sector is immune to the growing cyber threat. In fact, our experience suggests that A&D organizations may continue to face significant exposure that could put their organizations’ futures at risk. Many may not even be aware of the extent of the threat. We believe that A&D organizations must redouble their cyber security efforts by working across the enterprise, the value chain and the ecosystem to close any remaining gaps. And we believe there is no time to waste. A FORTRESS ERECTED When it comes to cyber security, the aerospace and defense (A&D) sectors have every reason to be confident. The reality is that the sector has not yet suffered any “major” cyber breaches (that we are aware of). No aircraft have fallen out of the sky due to a denial of service attack or electronic hijacking (again, that we are aware of). Hackers have yet to wrest control of an active military vehicle by electronic means alone. Closing gaps in A&D cyber security Defending the aerospace and defense sector In part, this high level of 10 | CYBERWATCH
cyber
sector security
cyber awareness and security is driven by regulation. Commercial aerospace and defense organizations have always been a priority target for attackers, particularly terrorist and state- sponsored espionage groups. Ever since the first hijacking of a commercial aircraft, security— physical and cyber— has been top of mind for the FAA, the DoD, and other related regulators. Not willing to take any chances, the two sectors have also taken unprecedented measures to help ensure their cyber defenses, particularly at the product level. Commercial aerospace manufacturers, for example, have completely segregated their operational flight systems from their (ever-growing) entertainment systems. To date, this has effectively eliminated the risk of a passenger taking down the aircraft through direct hacking. In the defense sector, products tend to be secured through the use of “closed systems” that (theoretically at least) are segregated from the rest of the network. At the same time, state secrets, design plans, financials, and other valuable data “jewels” have been locked up in ever-tighter rings of security. Defense players have become so adept at cyber security (either through development or acquisition) that many now offer their services to other industries, creating an important new growth opportunity for the sector. TRACKING ABNORMAL THREAT VECTORS
While all business sectors— particularly financial services, healthcare, and retail—face a growing cyber threat, the A&D §sector has become the target of particularly sophisticated and ruthless actors. On the defense side, not only must manufacturers contend with the usual threat of IP theft by organized crime rings, they are also increasingly facing off against very well-resourced state-sponsored actors. Design schematics are often the top prize. But these spies are also snapping up data from across the organization—from employee records to maintenance reports. The commercial aerospace sector faces very similar threat actors, but also some unique challenges. Very few other industries, for example, need to worry about suicidal customers bent on
massive destruction. But ever since 9/11, commercial aerospace manufacturers have been acutely aware of the threat from inside the plane as well as from outside. It is not just the threat actors that are more dangerous for the A&D sectors, it is also the risks. The bottom line is that military hardware and commercial aircraft both hold a high level of lethality. And this means that A&D manufacturers are held to a higher standard. An intrusion into a retail bank ATM is one thing. Bringing down an airplane or turning a military drone on a civilian population is another thing entirely. Besides the high potential for loss of life, the most immediate and obvious risks for the A&D sector are Reputational and financial. The loss (or loss of control) of a multi-million-dollar product due to cyber attack would have an immediate impact on the manufacturer’s reputation and that, in turn, would have a significant financial impact in this highly competitive environment. Order books could quickly dry up, and access to military contracts could be lost. Even the loss of “lower-grade” data could create reputational and financial challenges. A breach into employee data, for example, can attract a significant regulatory fine and penalties if defenses were not deemed up to standard. The loss of financial data may have an impact on stock prices and valuations. Losing design schematics and research outcomes to a less ethical competitor could have long-term financial implications.
(such as NIST SP 800-171) are sharpening the urgency for manufacturers and the supply base. Access control is also an ongoing challenge for many A&D organizations. Most are fairly good at on boarding their new employees and granting access when job roles and requirements change. But few are as good at closing down employee access once an individual leaves the organization or changes roles. The loss of what might be regarded as a low-level access code could have unexpected implications. The commercial aerospace sector (and, to a lesser degree, defense players with products or services in non-defense industries) must also start to focus on a new and growing gap: the protection of consumer data. Intentional or not, airplanes capture masses of consumer data – from WI-FI connections, entertainment selection and even USB drives plugged into the system – and few commercial aircraft OEMs have yet to create a robust strategy for protecting this growing source of data. STAYING TWO STEPS AHEAD
We believe that the path to the long- term security of the A&D sector lies in heightened standards, improved data governance, and deep industry cooperation. At an industry level, standards will largely be driven by industry and regulatory pressure. Efforts are already underway to develop a Service Organization Control (SOC)-type attestation program to assess the security controls and processes within third-party suppliers in the sector. Greater focus must be CLOSING THE GAPS placed on driving improved internal standards as well, particularly related to access control and consumer data. The challenge for today’s A&D sector is two-fold. Improved data governance will also be key. A&D On the one hand, the sector must strive to executives will need to focus on ensuring that remain not just one but two steps ahead policies, controls, and training reinforce the of the cyber threat. They must need for heightened risk awareness and continue to invest into new data protection across the business. The bottom line is capabilities, technologies, and ideas. Most organizations could also improve that military They must remain vigilant against a the way data is currently categorized, hardware and highly adaptive threat. And they stored, and transferred between commercial must place more focus on systems and suppliers. Most imporaircraft both hold tantly, however, the industry must embedding security into their a high level of continue to work together to share best products from the design phase. At lethality. practices, threat awareness, incident the same time, however, A&D players reports, and other critical information in a way will need to ensure they are closing any that improves the overall security and resilience of gaps in their current cyber security stance. Our the sector. This will certainly require collaboration with new experience suggests there are a number of areas that may partners in the value chain and may necessitate the require urgent attention. One area of immediate concern, development of consortiums or joint ventures. Cyber particularly for the defense sector, is the heightened risk of security is a critical capability for players in the A&D sectors. cyber attack through third parties. Indeed, as the A&D But while the industry has fared well so far, there is a sectors’ supply base widens to incorporate new technology constant danger of complacency. We believe it is time for players, service providers, and infrastructure, many A&D organizations to redouble their efforts. There is no manufacturers are losing sight of the risks that these time to waste. relationships create. At the same time, new regulations CYBERWATCH | 11
Autonomous Cyber security is a threat and an opportunity for hyper-linked cars.
future
situations and report to their manufacturer that develops better software code and autonomous functions. The best example is the car manufacturer Tesla, who already work exactly like this. Cars are also linked to different traffic control systems, which are developed to operate more independently on the basis of the data they collect. The key question will be who has access to all the accumulating data and how the data will ultimately be used.
IN THE FUTURE CARS WILL CONNECT to the internet like mobile phones and computers. Research suggests that the car’s internet connection and the ease of use of digital services on the road may become even the most important car selection criteria in the coming years. Also learning, autonomous cars are becoming more common, although ETHERNET COMES INTO CARS currently there are only early pilots. And despite their Shared cars typically use the internet connection to safety systems, the first humanitarian car control and monitor the use of cars in detail and crashes caused by autonomous cars have the location of the GPS technology. Through already been seen. Economy of sharing is the car´s connected automation system and a strong trend. Everyone does not its data bus, the car can be taken into necessarily get their own car. Shared Retroactive control remotely, which in the wrong hands cars can have drivers with varying patches do not is more than dangerous. However, the skills and backgrounds, all of which do solve structural traditional data bus is slow and cramped, not treat a car like theirs – the car may weaknesses. which means that it needs a standardized even be used for criminal activities. replacement. One possible solution is an DATA COLLECTING CARS Ethernet network for cars in the near future. But In the near future, cars can be remotely it also comes with its vulnerabilities. Ethernet connected. For example, maintenance services can delivers much faster connections to cars than the current data diagnose faults remotely, or cars themselves can proactively bus, needed for camera and video usage, for example. It communicate with the service company about their future adheres to open standards, enables decentralized network needs. Cars already have millions of software code lines that architecture, and works well with the tcp/ip architecture on can be remotely upgraded, just like computers and mobile the Internet. At the same time, there is a growing number of phones. Cars continuously collect data from driving people with long-term expertise in Ethernet vulnerabilities. 12 | CYBERWATCH
of
New network connections of cars will expose them to be targeted by sabotage.
cars Bluetooth technologies with several very serious vulnerabilities are already being used in automobiles on many occasions, including the integration of mobile phone services into the cars’ systems. Also, many cars’ physical security features, such as adaptive cruise speeds, lane watcher, and pocket parking assistant, which typically take on the camera’s technology, shift the responsibility from the driver to other hands. WHAT SHOULD BE DONE
Human error is likely to continue to be an even greater risk of accident than autonomous vehicles – at least when it comes to accidents. However, new network connections of cars will expose them to be targeted by sabotage in quite different ways than before. The comparison between the early computer technology stand-alone computers and today’s hyper-connected computers also applies to cars. It is, however, much more difficult to anticipate human driving errors than weaknesses in technical solutions. For example, Ethernet vulnerabilities are constantly searched and replaced by thousands of experts, but at least one of them looks for gaps for less acceptable purposes. CYBER SAFE CAR AND DRIVER
In new situations, the automotive industry should, together with the users, start building a culture of action where everyone has their own responsible role. The automotive production network is often global and fragmented and
consists of at least one hundred smaller and larger subcontractors and other partners. Nevertheless, car manufacturers should look for a holistic solution in which new digital solutions have been constructed from the beginning with cyber security. Products and services are only safe when this aspect comes from the beginning. Retrospective patches do not solve structural weaknesses, for example in the architecture of information systems. Cyber secure mode of operation also requires a change of attitude from car users so that access to information systems, services and accumulation of data is only allowed for trusted parties. At the system level, the vehicles can be fitted with features that, for example, remind about safety actions on the reflection screen, or require something from the user – like an alcohol lock. Drivers may also be required to have certain cyber security knowledge, for example, when getting a driver’s license. Hyper-connected cars and traffic are all new things to which adaptation takes time. However, car operators should urgently seek solutions together. In Finland, the Ministry of Transport and Communications could play an active role in this – they already have a progressive and enabling attitude and a role in both transport and cyber security matters.
Text:
Jukka
Viitasaari
CYBERWATCH | 13
Accelerating Digital Revolution Has Serious Implications for National Preparedness and Cyber Security While it may hold true in several earlier occasions in human history of technological development, we are currently living amidst of a major technological upheaval, or as many calls it – fourth industrial revolution. THE ONGOING REVOLUTION is having its roots set in number of advances made during the past two decades in global communications infrastructure, globe-spanning services built on top of it, more powerful data management and analysis tools, and recent speedy development in artificial intelligence together with its application areas. Technology has also become cheaper and thus also more accessible to wider number of people and businesses. It can be considered to be a great leveler, as it offers similar starting points to users across the globe, whether them being civilians, or militaries. This sweeping revolution penetrates all aspects of our lives transforming the ways how we live and communicate, how our surroundings operate, and disrupts businesses by destroying some and giving a rise to some completely new ones. The rise of global digital infrastructure and services has also empowered number of relatively recently founded companies originating from places such as Silicon Valley, Hangzhou, and Singapore to have a great weight and importance in global competition.
DIGITAL REVOLUTION HAS GOT SERIOUS SECURITY IMPLICATIONS
Technological advances offer both individuals and societies increased efficiency and new ways of doing things and achieving results that were considered unattainable just a few years back. Nevertheless, these same developments; low bar for entry, shrinking geography, concentrated power in technology industry, and ubiquitous technology offering access to all corners of our societies, our cognition included, offer an ever-expanding attack surface. This attack surface comprises of our societies in general, our societal processes and vital functions, national defense capabilities, critical infrastructure, business entities, individual citizens, and our hearts and minds. While Gutenbergian revolution made information available to those, who could read, the ongoing revolution makes our societies and individual minds accessible to external parties in unprecedented ways. The 14 | CYBERWATCH
geopolitical competition between rivalling powers appears to be getting worse by the day having its impacts also in the global security environment. Increased instability in our security environment will make risks greater, as more threat actors, including terrorists and organized crime, have not only the capabilities in place, but a greater number of potential targets for their capabilities and increasingly also the will and intent to use the capabilities to achieve their political goals. PARTICIPATION IN THE GAME IS MANDATORY
In the world of increased risks, hiding behind a veneer of “but we are not interesting as targets” will not work. Attackers will find their way in, and in most cases, it is for the planning purposes safe to assume that they have already penetrated many of the critical systems having established a relatively permanent foothold there. Even smaller powers have various kinds of globally interesting strategic assets; such as their geostrategic position, companies operating in global scale in key sectors such as telecommunications and logistics, being a key supplier of strategic minerals, or leading research and innovation in interesting areas such as artificial intelligence; making them interesting as targets. Aside of intelligence operations and the information pilfering from target systems, cyber operations may use technology as an avenue in addition of it being a target. Targets may include information and its integrity, processes ranging from human decision making to manufacturing, individuals and their understanding over the world and events unfolding, and in the widest sense of the word also societal fractures through amplification of divisive issues. Finding protective solutions is a hard undertaking, as building defensive walls on the digital perimeter will not work and suggesting that any country could become an imaginary fully self-sustainable island does not hold truth in cyber and information domains. Moreover, cutting off from digital global commons would have got an enormous toll on efficiency, as it would force us to duplicate much of the work already done by one of those global commercial giants that offer cheaper prices, higher quality, and most importantly often also better security. The businesses and other players in this domain should build their cyber security capabilities to match the riskier operating environment, considering the businesses’ and nations’ global footprint and relevance.
Watch video!
To learn more about Pasi’s views on technical development and its impacts on cyber security see his recent presentation:
RESILIENCE BUILDING REQUIRES NETWORKED APPROACH BOTH NATIONALLY AND INTERNATIONALLY
Building resilience both on national and international levels plays a key role in operating in this kind of environment. As it was already noted, the planning of operations should be based, both in companies and especially in organizations dedicated to national security, on an assumption that all of the digital operating environment is hostile grounds. On national level increasing resilience lends itself to activities that aim at improving the overall awareness over the systemic interdependencies and ability to co-operate closely across all kinds of gaps, silos, and layers such as public and private sector; military and civilian; national, regional, and local level; and organizations of all sorts and individual citizens. On an international level, nations should collaborate closely to ensure finding a common understanding of international law and norms governing the global internet, its acceptable uses, and rules of the road. Like-minded countries should also share the burden of defending cyber domain, and increase each other’s resilience through increased interconnectedness, interdependence, and reciprocal trust enhanced by shared activities such as exercises. Same is true also with companies working in global business arena, security offers a great platform for co-operating on common interests. Such wide-reaching co-operation and reciprocity between parties both on national and international levels is not optional but should be considered to be more of a necessity to secure the digital domain. PRIVATE-PUBLIC PARTNERSHIPS SHOULD BE EMBRACED
In most technologically advanced countries private sector entities push the technological boundaries, own parts of critical infrastructure, and operate also the services that public sector is dependent on. Government functions, those of military included, are relying on functioning of this infrastructure both at the times of perceived peace and crises of all sorts. Thus, cyber security, capabilities and maturity of critical private sector entities is crucial in the larger strategic picture. On top of this, the private sector produces much of the capabilities that members of national security apparatus possess and apply in cyber operations. Thus, it becomes clear that deep and wide public-private partnerships and
cooperation are necessary, not optional. In practical terms such cooperation can manifest itself in many different forms, including but not limited to commercial co-operation and shared innovation between public and private sector, information exchange, and organizing shared exercises and training events that build not only shared capabilities, but also human networks and trust among the participants. Various kinds of venues and platforms for cooperation offer a great opportunity to cross-pollinate experiences and lessons learned from one sector to another. Due to these developments, the boundaries between civilian and military infrastructure and services can be said to be imaginary at best due to interplay between parties and their complex inter-dependencies. Moreover, making clear separation between those two becomes even more elusive due to the second and third order effects that digital domain perpetrators might actually be looking after by targeting seemingly civilian infrastructure. THERE ARE NUMBER OF WAYS TO MOVE FORWARD
As it was already discussed in detail above, both companies and nations are locked in deep co-operation in cyber domain. Without close co-operation on all levels, building sustainable solutions for improving the cyber security for all parties is not possible. Private-public partnerships play a key role in improving the cyber resilience. On a more tactical level, the large variation in potential targets, delivery vectors, and impact mechanisms suggest that in order to apply effective countermeasures on top of resilience building, it is necessary to upkeep an up-to-date understanding over adversaries’ strategy and goals, not just their tactics and technologies. In a general level, as the technological developments are both ubiquitous and pervasive, it is safe to assume that the technological developments will be paled by the cultural changes that for example advances in artificial intelligence may bring to the working life and its demands for workers. The potential negative societal impacts that rapid technological disruption may bring along has to be internalized also by the technology innovators partly responsible for the ongoing change. As controlling or even containing disruption is impossible, building citizens an inclusive passage, particularly for those most vulnerable to the change, to the next developmental stage will be crucial and urgent task for the political decision makers. Text:
Pasi
Eronen,
Huginn
CYBERWATCH | 15
360
Cyber
Academy
360 Cyber Academy brings together Finnish pedagogy, cyber security and e-learning expertise under one roof. In collaboration with our highly qualified partners, we provide strategic situational awareness of the cyber world and training globally onsite, remote and online. 360 Cyber Academy is powered by MIF Academy, Cyberwatch Finland and Claned Group.
Cyber
security
360 Cyber Academy will help you to understand how to navigate in the complex cyber world in a secure way and without losing important data. By following our events and reports based on strategic analysis, you are always aware of the latest cyber threats and topics. OUR WEBINAR SERIES will tackle different themes centred around the cyber environment, courtesy of our varied and interesting guests. The first webinar’s topic concentrates on
360 Cyber Academy Learning Experience
kuvan otsikko 360 Cyber Academy Learning Experience
CERTIFICATES
Online education
RESILIENCE Remote education
Basic education
–
The
winning
CYBERWATCH FINLAND offers strategic situational awareness, training and consultations for the decision makers both at the private sector and at the government side with the goal of bringing real value to decision makers. Enabling leaders to apply their know-how into company’s strategy to create a robust cyber security foundation. MIF Academy is a part of Nasdaq listed Soprano Plc, the leading Nordic private training group. MIF Academy and the Soprano Group’s 6 Business Schools have over 70 years of
learning
path
how an organization can protect its most valuable assets and build resilience at the cyber era. The security reports and reviews that we provide will help you learn how the most significant events and incidents in cyberspace will affect your organization. We bring real value to your company’s decision makers and better their situational awareness in order to enable them to apply these insights to an organization’s strategic decisions. Within the cyber security environment, it is most important to enhance the top-level management knowledge. 360 Cyber Academy provides high level cyber security and
Strategig awareness
situational
Level 5. Developing roboust cyber security culture constantly Level 5. Developing roboust cyber security culture constantly Level 4. Working as an internal cyber security supervisor Level 4. Working as an internal cyber security supervisor Level 3. Able to develop and utilize cybersecurity developmentLevel skills 3. Able to develop and utilize cybersecurity development skills Level 2. Become a skilled cyber security developer Level 2. Become a skilled cyber security developer Level 1. Know, understand, figure out Level 1. Know, understand, figure out
CYBER SECURITY LEARNING CURVE CYBER SECURITY LEARNING CURVE 16 | CYBERWATCH
Y VE
concept
for
your
cyber
policy
pedagogical experience, students from 2.000 organizations in more than 50 countries. With an ISO 9001 quality standard in all their units. Claned Group provides 360 Cyber Academy an online learning platform that can deliver learning analytics by applying Artificial Intelligence that reveals the factors that impact individual learning. Our combination of content and educational technology results in optimized study
motivation, reduced drop-outs and improved learning results. 360 Cyber Academy offers a unique package that helps you to upgrade your organizations cyber security and face the modern threats of the cyber world. Don’t be an easy target. Learn how to protect your most valuable information with 360 Cyber Academy.
safety knowledge through our partner programs and courses to achieve your company’s strategic goals in the cyber environment. On top of this, we assist in increasing the top-level management’s ability to lead cyber security development. In addition to short courses, we provide higher-level certifications for cyber leaders and professionals. STRATEGIC SITUTATIONAL AWARENESS STRATEGIC SITUTATIONAL AWARENESS
The biggest cyber security threat to your company are your employees. It is believed around 60% of cyber risks are attributable to insider risk. Insider risk is based on employee’s behavior and level of knowledge. Cyber threat mitigation needs to be part of everybody’s daily routine, no matter what your role or title is. We aim to help you educate your personnel and improve your organizational security. Your Organization is only as strong as its weakest link. 360 Cyber Academy provides suitable training to manage and implement your company’s overall security. Our trainings cover everything from the basics to advanced professionals.
INSIDER RISK INSIDER RISK
OUTSIDER RISK
OUTSIDER RISK
LEADERSHIP LEADERSHIP RISK MANAGMENT RISK MANAGMENT
CYBER SECURITY CYBER SECURITY
Professional cybersecurity education
Professional cybersecurity education
RESILIENCE RESILIENCE WISDOM
WISDOM KNOWLEDGE KNOWLEDGE INFORMATION INFORMATION DATA DATA
Sufficient level of cyber resilience Sufficient level of cyber resilience Prioritised cybersecurity goals Prioritised cybersecurity goals Better education level Better education level Improved personnel processes Improved personnel processes Technical solutions Technical solutions Penetration testing Penetration testing Awareness Awareness
ORGANIZATION’S STEPS TO CYBERSTEPS SECURITY ORGANIZATION’S TO CYBER SECURITY CYBERWATCH | 17
CYBERWATCH FINLAND STRATEGIC ANALYSIS STRATEGIC SITUATIONAL AWARENESS Cyberwatch Finland provides strategic situational reviews and consultation based on a holistic view of the cyber world and hybrid threats. Our reviews are based on data from publicly available sources including news, industry reports, and vulnerability and incident disclosures. The data is processed using Artificial Intelligence (AI) and analyzed by cyber security experts to deliver the timely conclusions and insights needed by today’s leaders and executives.
VALUE FOR DECISION MAKERS Our goal is to bring real value to decision makers and enable them to apply these PEOPLE LEADERSHIP TECHNOLOGY PROCESSES
insights to an organization’s risk analyses, strategic decisions and tactical execution. Correct and reliable information form an understanding and strategic awareness that creates a robust foundation for cyber security. Improved situational awareness and education helps organizations to prepare and protect themselves from constantly changing cyber and hybrid threats.
18 | CYBERWATCH
MONTHLY REVIEW
QUARTERLY REVIEW
THEME REPORTS
The Cyberwatch Monthly Review
The Cyberwatch Quarterly Review
A Cyberwatch Theme Report
is a compact analysis of the most
is a broad perspective analysis of
provides deep analysis of
significant cyber incidents,
the most significant events in
a specific theme, business
security breaches, vulnerabilities
cyberspace, evaluating the
sector or topic of importance.
and cyber attacks, analyzed
backgrounds, trends and
Theme Reports can be
through the lens of their relative
forecasting emerging themes that
ordered on a case-by-case
impact and importance to today’s
deliver actionable insights.
basis and updated as
organizations.
required.
EDUCATION AND CONSULTATION
CYBERWATCH TV
CONTACT US
Cyberwatch Finland offers both
Cyberwatch Finland provides
Cyberwatch Oy, Eteläranta 10
live and e-learning training to
an Internet TV channel with
00130 Helsinki, Finland
facilitate learning and awareness
topical interviews, discussions
of cyber security and hybrid
on cyber security and hybrid
threats at all levels of your
threats and live TV broadcasts
organization. Focused briefings
of important cyber security
on topics specific to your
industry events.
organization are also available.
Aapo Cederberg, CEO +358 40 024 6746 aapo.cederberg@cyberwatch.fi Kim Waltzer, Chief Analyst +358 40 771 4737 kim.waltzer@cyberwatch.fi
www.cyberwatchfinland.fi
CYBERWATCH | 19
Welcome to MIF Academy MIF ACADEMY is pioneering global online education with an AI learning environment. In collaboration with our highly qualified partners and universities we provide Diplomas and Certificates, Vocational Qualifications and University Degrees that are valid in all European Countries. All theoretical studies, projects, tests and contact with students can be done 100% online. We deliver Finnish world-class education globally onsite, remote or online. The choice is yours.
MIF ACADEMY has digitally designed course content, made by industry expert trainers, based on Finnish pedagogy and leading educational psychology in an AI online learning environment. We are able to deliver learning analytics by applying Artificial Intelligence that reveals what factors impact individual learning. Our combination of content and educational technology results in optimized study motivation, reduced drop-outs and improved learning results.
The journey awaits behind qr!
MIF is part of Nasdaq listed Soprano Plc, the leading Nordic private training group.
Finland – World Famous in Education The Happiest Country
World Economic Forum 2018
The Most Stable Country Fund for Peace 2018
The Best Primary Education World Economic Forum 2018
The Cleanest Air
World Health Organization, 2018
The Best Human Capital Potential Human Capital Report 2016
The Best Quality of Life Social Progress Index 2016
Technology Superpower based on education and skills The 1st In Innovation, The 1st Educated Nation, The 1st Digital Country, The 1st Qualified Engineers, The 1st Information Technology Skills, The 1st Funding for Technology Development, the 1st Start-Up Ecosystem.
20 | CYBERWATCH
Visit the education center
Finland export
THE FINLAND EDUCATION Export Center lies in the heart of Helsinki City, in a park by the sea. Location between The National Opera and The Finlandia Hall and standing opposite two major five stars hotels is unique. It combines beautiful Finnish nature and Helsinki City historic architecture. Finland has become known as a home for world-class education and Finnish education system has been in the focus of international interests for several years. Education Export Center offers brilliant facilities for exploring high-quality Finnish education and training. New center has a large selection of highly qualified Finnish education organizations under the same roof. The best parts of Finnish education are always present due to our university partners education export specialists having their own workspaces in the facilities. The Center also includes the main office of an award-winning intelligent learning platform developer which allows for seamless collaboration. Scan qr to see our Center.
The education experience lab
EdTech Innovations for International Delegations THE EXPERIENCE LAB combines the Finnish Education system, highly qualified Finnish education organizations and EdTech startups into a total experience. Education Export Center and Experience Lab together with a wide network of Finnish Education pioneers give visitors an opportunity to explore and experience the best innovations for lifelong learning on all levels of Finnish education. In addition, Education Export Center is also a home for the Finnish Cyber Security Innovation Lab. The visitors receive a memorable picture of what Finland has to offer and how Finnish education organizations can support the development of learning and education in other parts of the world. The visits of international delegations can be planned and adapted according to each visitor’s own field and level of expertise. Experience Lab is created in cooperation with Finnish Education authorities, Education Finland and their member organizations.
CYBERWATCH | 21
claned-group
@claned_
clanedgroup
clanedworld
22 | CYBERWATCH
INFORMATION MANIPULATION – the cyber security’s so far undefeated challenge You think you have covered your Confidentiality-Integrity-Availability (CIA) -triad?
Should you think integrity is about encryption and
blockchain, you have a good reason to read on. Moreover, if you are not familiar of information manipulation threat, you have an even better case to continue reading, as this is something that many top intelligence officers consider to be the next push of the envelope in information and cyber security.
CYBERWATCH | 23
TYPICALLY, INFORMATION can be stolen without much impact to operations. In some cases, access to information may be denied, causing temporary harm until backups can be restored. Compromising information integrity, its trustworthiness, however can have far more devastating operational effects as it might cause an organization to make decisions based upon bad information or reduce customer trust in their platform or business. Imagine the impact if there is even a suspicion that business critical information might not be all correct. The manufacturing blueprints could have an intentional error, invoices might have wrong account numbers in them, financial statements affecting stock prices might have faulty numbers. And for all this, it might not be possible to know when exactly the manipulation started. Soon the lack of trust will drive all operations to a grinding a halt. Or it could get even sneakier. See, information is the key resource for processes. Processes make up operations, which in turn form the business itself. By subtle, unnoticed, manipulation of information, it is possible to manipulate the processes to serve the manipulators purposes. In effect, changing where the business is going. This is what happened with the Carbanak APT and the SWIFT banking hacks.
WHAT IS INFORMATION MANIPULATION, AND WHY AREN’T WE ALREADY COUNTERING IT?
Enter, information manipulation. We define information manipulation to be deliberate hostile action aimed at target’s information assets with an intention of having desired effect on the target through manipulation of information, which results in change or hindrance in operations as key decision making and operational information has become untrustworthy. The craft of encountering this method of attack is not mature yet, unfortunately. The reason for that is that we,
24 | CYBERWATCH
information and cyber security professionals, are detached from the business and operations we are supposed to secure. To put bluntly, in many cases information security and cyber security are mere security of technology and infrastructure. Information security professionals fail to secure that which matters and to which their very name implies to – information itself and the processes dependent on that information. To counter information manipulation a dramatic change in the mind set is needed, otherwise the game is over even before it began. In the world of business, cyber criminals have been recruiting business process experts. And they probably aren’t doing it to pass quality certifications or tax audits. To keep up, traditionally technology-oriented security specialists should also start looking in the direction of business. To thwart such an advanced threat, security should be an integral part of the business processes themselves. Not just something that is added as an additional shell, or even worse, a patch or a band aid. At the core of countering information manipulation is understanding the role of information at process level and how it animates and enables the business. Improving the understanding begins by identifying the information assets that form the basis for critical processes. These are the assets that, if manipulated, can change the processes’ outcomes. Understanding of these assets formulation and behavior is also necessary to establish. This can in turn be translated into rules and conditions, on which information can be deemed to be valid and trustworthy. In practice this translates into information’s business integrity, meaning that information is complete, accurate, valid and reflects the reality truthfully in certain time, place and process phase based on sources both internal and external. This is a major leap forward from mere technical integrity, such as data being timely and consistent, which we can assure with encryption and blockchain.
While this may sound on paper, it often proves to be complicated in practice. Main reason for this is the previously mentioned gap between cyber and information security, namely ICT systems’ security, and actual business operations. The unfortunate outcome from this gap between security and business is sub-optimized efforts to secure separate functional points, such as databases, applications, and infrastructure, instead pf the whole of the system comprising of information, processes, and technology. The root cause that we have identified to be behind of this problem is not understanding, what is it that really needs to be protected: business process and the related information. CASE EXAMPLE - PREVENTING INTERNAL FRAUD IN FINANCIAL SECTOR
To concretize the solution for countering information manipulation, we present a case example that concentrates in preventing internal fraud through manipulation invoice information. In many cases, invoices present any company’s touchpoint to information manipulation attack. The question is, how to secure financial assets against such an external attack or internal fraud? The first task is to get out of the technology trenches we have dug ourselves into and begin to talk to the business accountants, business controllers, CFO. The agenda for discussions is simple, we need to understand the last part of procure-to-pay business process – where we receive invoices of services and goods bought and need to process them into payments. The outcome from a short chat with business should be that the process consists of roughly four steps (Business process level in the picture). We have now built ourselves an understanding of who does what, and in which order in the process, when it is executed as it should be done in the daily work. Furthermore, we get an idea of the ICT involved (Technical process level in
the picture) and the lifecycle of data in the process. These pieces of information lay a foundation for identifying and creating controls through which we can detect almost any malicious information manipulation attempt compromising the process, information and importantly, our financial assets. These discussions with business also allow us to understand the logic and the constraints which need to be respected for the business validity and integrity of the information to exist. These constraints can be turned into security controls (Process oversight in the picture). In this case, we have a security technology available, which can tap into relevant systems’ data and capture any change in the data, such as changes in invoice payment information. Once the relevant data changes in the systems, we bring the change into the business context, the invoice process in this case, and validate, whether the change makes sense, whether it has its business integrity in place. In the context, data turns into information. To tackle information manipulation this contextual understanding, a thorough analysis of information’s behavior across the process of data is needed. A mere technical data integrity is not enough. The controls that have been presented in this case, and those that we have built together with our clients, show that they are typically based on common sense. Anyone can create them after a short chat with the business. And coming up with them is rewarding – you understand better how the business operates and how can you secure what really matters. Moreover, through efforts put in countering information manipulation, the business starts to see security as something beneficial to them, providing real value with increased process integrity, not just a source of incapacitating security policies and costs. The gap between security and business is getting bridged with real co-operation and common targets. All win but for the potential perpetrator. Text:
Jani
Antikainen
and
Pasi
Eronen
About the authors PASI ERONEN is an international security analyst, consultant, and an advisor. He has focused in his research and analysis work on hybrid influencing and warfare. His additional fields of expertise include cyber security, information warfare and influence operations. Pasi’s policy work, insights and comments have been featured by a number of national and international media outlets, such as CNN, The Wall Street Journal, and The Washington Post. He is a member of advisory board at Sparta Consulting and serves as an external analyst for Cyberwatch Finland.
JANI ANTIKAINEN is a serial entrepreneur, venture capitalist, and researcher. His latest start-up, Sparta and its Huginn product, focuses on protecting organisations’ critical information assets from malicious manipulation. His academic research concentrates on identifying and countering information manipulation. Combining both academic and practical views, Antikainen develops comprehensive and powerful means for protecting both public and private sectors’ information assets. He is finalizing his dissertation in Economics and holds earlier M.Sc. in Economics and M.Sc. in Technology.
Watch video!
To learn more about information manipulation, see Jani Antikainen’s recent presentation:
CYBERWATCH | 25
CYBERWATCH MONTHLY REVIEW OCTOBER 2018
“Trident Juncture will show the world that NATO is relevant, united and ready to defend itself in the Article 5 scenario, testing our collective defense.” - Admiral James G. Foggo, Commander of Allied Joint Force Command Naples
26 | CYBERWATCH
OCTOBER WAS the European Cyber Security Month. The theme was surprisingly little discussed in the media this year. Cyber Security Nordic 2018 -event in Helsinki (October 10.-11.) brought together a significant coverage of current issues and phenomena of cyber security from both the public and commercial sectors. Finnish companies and public authorities exercised co-operation in the case of extensive cyber-security disturbances in Tieto18, which is one of the major exercises for improving national security and resilience in Finland. The Finnish news agency YLE also participated in the exercise. News reporting and communication in exceptional situations is a very important part of crisis management and leadership for all practitioners. Finland took part in the international Trident Juncture 18 exercise hosted by Norway in October and November. The exercise was also important from the point of view of cyber-world events due to the current statement of NATO: “In cases of hybrid warfare, the Council could decide to invoke Article 5 of the Washington Treaty, as in the case of armed attack.”. This include also national cyber-attacks. During the exercise, there were signs of GPS jamming in northern Finland, for which Russia is suspected. Russia has denied being behind the GPS jamming. The alternative theories of Russia give a good insight into how their information operations works - questioning the motivation of the subject and providing a variety of truths.1 Global narrative of the proliferation of external threats seems to be continuing. President Trump published a new national anti-terrorism strategy2 and urged the Member
October
States of NATO to strengthen their anti-terrorist activities and capacities. Growing threats and the expression of blame are used as an instrument for influencing both foreign and domestic policy. This was reflected, for example, in the United States midterm elections. The Ministry of Transport and Communications of Finland published a strategy for digital infrastructure, which demonstrates Finland’s desire to be involved in the development of the digital world and in enabling future needs. In practice, the implementation of the strategy means a widespread uptake of the 5G network and remains therefore largely the responsibility of operators. The report of Finnish Parliamentary Administration Committee on Data Protection Law was completed. The government has also submitted a proposal on the implementation of the new Money Laundering Directive, which creates an easier way for Finnish authorities to investigate bank accounts, including for non-money laundering. From the point of view of privacy and potential information leaks, the development projects at state level give cause for concern, even if the digital economy has more benefits than disadvantages. CGI (Consultants to Government and Industry) published report on Cyber security status for Finnish organizations 2018, which provides alarming signs of lacking strategic management in Finnish companies. Another worrying remark is the low investments on cyber management in the healthcare sector, which may be a sign of relying on the IT system reforms.
- European Cyber
OCTOBER WAS THE EUROPEAN CYBER SECURITY MONTH, ECSM. In Finland, the
theme was raised by the National Cyber Security Centre (FICORA), VAHTI (Public administration Digital Security Management Group), EK (Confederation of Finnish Industries) and by some commercial cyber companies, but in the media cyber theme was hardly reflected. A Twitter channel #CyberSecMonth3 provides a moderate overall picture of various events at EU level. VAHTI organized presentations and seminars for public administration
Security
organizations whose presentation material can be viewed online.4 National Cyber Security Centre (FICORA) campaigned on social media5 and localized6 the awareness campaign on 7 most common online financial scams7 launched by Europol and the European Banking Federation. EK Brought up The importance of cyber security8 From the perspective of Finnish society and companies. Cyber Security Nordic 2018 event in Helsinki (October 10.-11.) brought together
Month
a significant coverage of current issues and phenomena of cyber security in both the public and commercial sectors. Interviews with speakers can be found online CyberwatchTV.fi channel. There is a risk that thought-provoking presentations and good debates become too prominent as cyber-experts. Therefore, it would be important to involve wide range of leaders of businesses and society in order to provide strategic-level dialogue around the business and cyber security themes.
1 https://www.is.fi/ulkomaat/art‐2000005898277.html 2 https://www.whitehouse.gov/wp‐content/uploads/2018/10/NSCT.pdf 3 Https://twitter.com/CyberSecMonth 4 https://vm.fi/digitaalisen‐turvallisuuden‐teemakuukausi 5 https://twitter.com/viest_virasto 6 https://www.viestintavirasto.fi/kyberturvallisuus/tietoturvanyt/2018/10/ttn201810161521.html 7 https://www.europol.europa.eu/newsroom/news/click‐here‐and‐see‐how‐your‐money‐disappears‐–‐criminal‐cyberscams‐of‐21st‐century 8 https://ek.fi/kategoriat/blogi/ekkyberblogi/
CYBERWATCH | 27
Cyberwatch monthly
Tieto18
review
october
2018
Co-operation
TIETO18 EXERCISE gathered 140 people from dozens of companies and industries responsible for the national cyber security. The aim was to train companies and public authorities who produce critical services in society for the case of major cyber incidents. Tieto18 exercise plays an important role in improving national security and resilience in Finland. The Finnish news agency YLE also participated in the exercise. News and communication during a crisis situation are
Exercise
very important part of crisis management and leadership for all practitioners. The integration of the media into the exercise also helps to understand how big the role of news and information influencing is having and how it affects the decision-making processes.9 The simulated emergency situation exercise is one of the best ways to improve cyber security and to promote genuine dialogue between different stakeholders. Various simulation exercises have gained popularity in companies.
9 https://www.huoltovarmuuskeskus.fi/tieto18-harjoitus-valmentaa-suomea-selviamaan-kyberturvallisuushairioista/
Trident
Juncture 18
TRIDENT JUNCTURE 18 is NATO´s biggest exercise in recent years, which mainly took place in Norway in October-November and in the area of North-Atlantic. All allies, as well as partner countries Sweden and Finland took part the biggest LIVEXexercise. In align with Trident Juncture 18 there was a separate Northern Coasts 2018 (NOCO) exercise in the Baltic Sea lead by Finland. The total number of approximately 2 400 soldiers in Finland was participating in both exercises. Trident Juncture 18 have an Article 5 (collective defense) scenario, which connects
-Exercise
also to the cyber world, since the current statement the NATO Council could decide to invoke Article 5 in the case of hybrid or cyber-attack. There is also an inherent role in the practice of electronic and cyber-warfare, which have a significant part of modern warfare.10 Form the Finnish point of view, the training raises many questions, for example. What should be a non-NATO Finland obligation to help within the NATO-EU country, either in a military or cyberworking environment? GPS jamming during exercise was pretty much expected reaction, as Russia has used
this type of method earlier in various military exercises; during Russia’s own military exercises in the spring of 2018, during the exercises of the Swedish Aurora 17 and Russia’s Zapad 2017, and earlier in the Black Sea in summer 2017. Using GPS jamming and public response of the officials were both strong diplomatic messages. So far, there are no known significant cyber-attacks on Finland or other countries involved in the exercise, with direct links to the NATO exercise. Taking into account the collaborative nature of the joint capacity and exercise of the participating countries, no extra real-life cyber capabilities should be encouraged. There was a doubt about active cyber intelligence. Active cyber reconnaissance will surely take place during the exercise.
10 https://www.reuters.com/article/us-nato-cyber/ nato-cyber-command-to-be-fully-operational-in2023-idUSKCN1MQ1Z9
28 | CYBERWATCH
Suomi.fi denial of service attack suspect was found? ACCORDING TO THE Central Bureau of Investigation (NBI), suspected of a denial of service attack on Suomi.fi services was a Finnish male under the age of 30. Investigation of the case does not proceed to the prosecutor, because the suspect has died. Further information has not been published.11 This case shows how easily even a single operator could take advantage of existing attitude atmosphere to stage up even state actors. On the other hand, it is equally easy for individuals to be able to become the perpetrators or scapegoats of governmental operations. The case also shows how dangerous the climate of doubt and distrust is. For this reason, information and hybrid operations are so powerful. 11
https://yle.fi/uutiset/3-10505886
Digital infrastructure strategy: Turning Finland into the world leader in communications networks
The Finnish Parliamentary Administration Committee report on Data Protection Law was completed
MINISTRY of Transport and Communications published The Digital infrastructure strategy, which aims to promote competitiveness and prosperity by enabling future phenomena such as the use of data economy and artificial intelligence in both private and public sectors.12 The strategy is, in principle, significant, as it is the political will of Finland to be involved in the development of the digital world and in enabling future needs. One of the goals slightly drains the big vision and reflects the realities of the strategy: ”The objective of Finland is to develop digital infrastructure at least in line with the European Union’s broadband targets”. Without visionary and strong leadership, the strategy is at risk of being a network and mobile operator project with the aim of increasing the speed of broadband at national level to 100 Mbit/s, which could possibly be upgraded to 1 Gbit/s in some cases. In practice, this means the introduction of a 5G network. The strategy for the security of the digital infrastructure is hardly a stand.
THE EU’S DATA PROTECTION Regulation is exceptionally in the sense that it leaves a number of matters to the Member States for maneuver, which has slowed down the introduction of national laws. The Administrative Committee’s report on Data Protection Law was returned to Parliament for approval with some changes, and with a requirement for the government to clarify whether the data protection supervisory body should be developed into an agency form. If necessary, the government should also prepare legislative changes needed.13
12 https://www.lvm.fi/-/digitaalisen-infrastruktuurin-strategia-suomitietoliikenneverkkojen-karkimaaksi-984519
12 https://www.eduskunta.fi/FI/vaski/Mietinto/Sivut/HaVM_13+2018.aspx
CYBERWATCH | 29
The Finnish Data Protection Ombudsman concerned about the control system envisaged by the government THE GOVERNMENT HAS ALSO submitted a proposal on the implementation of the new Money Laundering Directive, which creates an easier way for Finnish authorities to investigate citizens´ bank accounts, including for non-money laundering. The Finnish Data Protection Ombudsman, Reijo Aarnio, expressed his concern about the potential threat of current development, and the fact that the governmental recitals of the digital development barely show the paradigm to protect sensitive information nor the idea of informational self-determination. This paradigm comes even more
distracting when listing some other ongoing or planned projects: “A credit information registry, account information registry, income information registry, nationwide study and study registers, data hub for centralized energy consumption, secondary use of healthcare data etc”. As a whole, these services could form frighteningly comprehensive control system, which by the misuse of data create serious threats for the privacy of citizens´, and they also form severe threats to national security.
14 https://www.tivi.fi/Kaikki_uutiset/uhka-on-todellinen-yle-tietosuojavaltuutettu-huolestui-hallituksenkaavailemasta-valvontajarjestelmasta-6744574 https://tietosuoja.fi/artikkeli/-/asset_publisher/pyha-kayttotarkoitussidonnaisuus
White-hat hackers help EXPOSING ORGANIZATION´S vulnerabilities for white-hat hackers to find, might be an eye-opening experience and an effective way to find vulnerabilities in the critical systems. Even the weapons systems of the US have proven to be vulnerable to cyber-attacks. White-hat hackers found nearly 150 vulnerabilities for the US Marine Corps Cyberspace Command team,
finding
during a three-week-long bug bounty program. LähiTapiola is one of the most prominent organizations in the use of white-hat hackers in Finland, at the same time showing an example in the financial sector. Hackers can help organizations find vulnerabilities in their systems and processes and learn about hackers’ thinking. 16
vulnerabilities
During the weekend alone, we received 96 security reports from hackers, of which nearly 30 turned out to be vulnerables to be fixed. -
15 https://foreignpolicy.com/2018/10/09/many-u-s-weapons-systems-are-vulnerable-to-cyberattack/amp/ https://cyware.com/news/hack-the-marine-corps-over-150-vulnerabilities-uncovered-by-white-hat-hackers-b5ceb85a 16 https://www.lahitapiola.fi/tietoa-lahitapiolasta/uutishuone/uutiset-ja-tiedotteet/uutiset/uutinen/1509554822348
30 | CYBERWATCH
Leo
Niemelä,
CISO,
LähiTapiola
Cyber security Status Organizations 2018 IT CONSULTING
company CGI published a report Cyber security status for Finnish organizations 2018. The report provides alarming signs of lacking strategic management in Finnish companies, which is reflected in stagnation in cyber security investments and lack of resourcing. Another worrying remark is the low investment on cyber management in the healthcare sector, which may be a sign of relying on the SOTE
in
Finnish
and IT system reforms. The survey emphasizes the role or existence of CISO, which will slightly color the results. Despite the marketing perspective of the report, its results give an indication of the prevailing state of cyber security in companies. The results clearly highlight the fact that cyber security is a strategic factor of competition and also the issue of top management.17
17 https://www.cgi.fi/lataa/ kyberturvallisuuden-tila-suomessa-2018
Google took a hard line: Security Updates in shape or you will no longer manufacture Android phones GOOGLE FINALLY TOOK action on the security issue of Android phones and manufacturers lazy to update their phone software. Google’s policy is to improve the security of Android devices, even if it does not fix the complex security problem of the Android ecosystem. Much of the devices might be left out of the scope of compulsory upgrades quite quickly, as device makers are required to regularly install updates for any popular phone or tablet for at least two years.18 18 https://www.theverge.com/2018/10/24/18019356/android-security-updatemandate-google-contract
1. Review the online material pick up the most important
Key take aways
2. Regular exercises play of cyber security. 3. Cyber security digitalization 4. White-hat
an
and privacy projects.
hackers
help
of the cyber for you. important must
finding
5. Cyber security is a strategic the issue of top management.
be
role
security in
integral
the
month
and
development
parts
of
national
vulnerabilities. factor
of
competition
and
also
CYBERWATCH | 31
Five China Success Factors
Digital
Branding
Foreign companies entering the China market should realize that China is not a country but a continent where getting company message heard face huge challenges. Entering the market successfully requires foreign businesses to be able to distinguish their products and services from competition at this world´s biggest market and knowledge on what is in the mind of the Chinese people is crucial success. BRAND AWARENESS works differently in China and a number of mistakes have been made in believing that China is like any other market in the World. Brand recognition is related to trust and people’s minds, and a number of mistakes have been made in believing that the Chinese are like any other people in the West. However, achieving and retaining a proper brand consciousness in China is easier said than done since branding in China more than translating company name, material, trademarks and slogans in the Chinese. Brand experience has shown a workable three level of approach which are producing good results the rapidly evolving Chinese market which are explored below.
1
ONLINE PLATFORMS AND PROFESSIONAL USE
A great number of foreign companies make excellent business in China and are well known among their customer segments. Most of these China experienced companies have included Chinese style of branding approach in their entire business management and operations in China which today means digital branding and internet marketing in the market environment.
32 | CYBERWATCH
and
The Chinese are leading the world in the numbers of internet users, smartphone penetration uses and digital marketing. In accordance with the latest research over 95 percent of online population use social media and e-commerce platforms to access companies and product information which development trend has been often neglected by western companies. In the West, social media platforms such are Facebook and YouTube are used mainly for entertainment purposes, however, in their Chinese substitutes 70 percent of the uploads are for professional content. Foreign companies entering the China market and continuing their presence at this market are well advised to make their presence know at these digital marketing sites as the online trends continue to expand rapidly while new platforms constantly emerge to challenge existing branding and marketing methods
2
WECHAT BUSINESS PLATFORM AND MULTIPLE FUNCTIONALITIES
Peculiar for China, is the wide usage of messenger platform WeChat for digital marketing. WeChat is the Chinese equivalent for WhatsUp, developed by Tencent and used over a one billion people for their professional and social use. WeChat incorporates multiple functionalities and services including digital wallets, order management, delivery and tracking services for corporate clients and their customers. Users are constantly searching information about new products, solutions, review comment and recommendation using WeChat and corporate digital media experts shall build such marketing gateways in both English and Chinese to professionally target Chinese audiences.
Marketing Foreign companies should make the effort to study multiple Chinese online platforms and be present at least business and social media WeChat, Youku and Weibo as well as Chinese news and online community websites such as Sine China and Douban. Moreover, it is necessary to stay updated at these most popular platforms as well as offer latest issues, ideas and topics for publications and trending at platforms and develop and use them to promote your company, products and brand effectively. The Chinese marketing is moving fast and quick reaction are necessary to stay ahead the game and a new trend of corporate promotion is using the short entertaining and informative videos and posting them online to attract customers and buyers.
3
PROPER CORPORATE BEHAVIOUR AND CHINESE VALUES
Purchasing behaviour has changed in recent years in-conjunction with the development of online platforms and brand management must play a leading role in corporate marketing in China. The Chinese market is highly dynamic but very sensitive against offences to Chinese values and success in business in China depends on reputation in the market. Foreign brands shall communicate distinctive features and advantage of the company, quality management and ambitions in China. Chinese values are near to the hearts of the Chinese customers and whole chain of company leaders, officers and employees must understand values of customers and emergence of the word-of-mouth phenomenon in China. Chinese are very fast react to any corporate news good or bad and the maintenance of good image in China is a vital necessity.
in
China
The latest development at Dolce & Gabbana corporation indicates that it is crucial for company to be watchful of their own online behaviour and comments on China to preserve the image of the brand. Finally, foreign companies must take proper action for the protection of their intellectual property rights in the Chinese digital market including patents, trademark, copyright and software and react immediately when any in-proper uses are detected, however, one should remember that in contemporary China business without digital marketing and online brand management in impossible.
DOLCE & GABBANA’S BRAND image took a hammering boycott and a massive beating over racist comments and lack of style. The online reaction was a reaction of its controversial advertisement where a Chinese model in a red D&G dress is trying to use chopsticks to eat pizza and spaghetti and co-founder Gabbana’s crude reaction on social media to the criticism mocking China. The event led to D&G cancelling its Shanghai fashion show, removal of company products from Alibaba Group Holding, JD.com, Tmall and other websites following a criticism from Chinese celebrities and internet users. The company’s two founders apologised in a video posts in Mandarin five days after incident, however, the damage was done for corporate brand image and public perception of a luxury fashion brand in China and it remains to be seen whether the company can salvage its brand image in the eyes of Chinese consumers. Other luxury brands rapidly benefitted from D&G misfortune and they have learned what not to do in China from their competitor.
CYBERWATCH | 33
Cyberwatch CEO appointed as a Chairman of World UAV Committee THE CEO OF CYBERWATCH FINLAND, Mr. Aapo Cederberg, has been appointed as a Chairman of Cyber Security Committee of World UAV Federation (WUAVF). The Federation was established in June 2017 as a global platform for collaboration and development for drone systems, industry members, governments and professionals. At the moment it has 13 member countries. At the same assembly held in September 2018 in Jakarta, the Capital of Indonesia, Mr. Pertti Jalasvirta, Partner of Cyberwatch Finland was appointed to establish the Finland Chapter of World UAV Federation. The Federation holds conferences and seminars, conducts training courses, publishes pamphlets and newsletters and promotes the prerequisites for the whole industry. The second Drone World Congress and UAV Expo was held in June 22-24 at Shenzhen, China, and the next World Congress and Expo will be held again in June next year in Shenzhen. WUAVF International Headquarter and Secretariat Office is based in Shenzhen, China, and the Secretary General is Mr. Norman Ng.
Artificial intelligence to support selfregulated learning GOOGLE RECENTLY ANNOUNCED in its’ developer conference new steps for their Artificial Intelligence (AI) solutions. One of them was their commitment to helping people with their virtual assistant. Sundar Pichai stated that many small businesses still don’t have capabilities for online bookings and their system will come to help them. See video of the keynote, where they presented example calls made by their virtual assistant. Great! You can now book a haircut or a table in a restaurant with a phone assistant, that does the calling and talking for you. In short, Google has developed a system, which can fluently answer upcoming questions, take into consideration which dates are right for you and convey the pain of making the reservation. Although not quite HAL2000 or general artificial intelligence, we might be getting closer to the point in which a discussion system passes the Turing test. That is, computers being indistinguishable from humans as discussion partners. ...
READ FULL ARTICLE 34 | CYBERWATCH
Cyberwatch Finland CyberwatchTV.fi Cyberwatch Finland CyberwatchTV.fi
www.cyberwatchfinland.fi
V FEDE UA
CYBERWATCH | 35
TION RA
W O RL D
INTERESTED? ORDER NOW!
POWERED BY
Don’t Don’t be be an an easy easy target. target.
The Winning Concept For Your Cyber Policy The Winning Concept For Your Cyber Policy
REGISTER FOR WEBINAR
360 Cyber Academy offers a unique package that helps you to upgrade your 360 Cyber Academy offers a unique package organizations cyber security and face that helps you to upgrade your organizations the modern threats of the cyber world. cyber security and face the modern threats of Learn how to protect your most valuable the cyber world. Learn how to protect your most information with us. valuable information with us. www.360cyberacademy.com www.360cyberacademy.com
FIND OUT MORE