ICELA AN ND A Wapa ack Labs A Assessmen nt of Riskss to Inform mation Seccurity in IIceland Iceland is marketing th hemselves as the “Data cen nter to the W World”. In an effort to bettter understan nd dic data cente ers to Red Skky members aand Wapack LLabs customers, risks and rewards of uttilizing Iceland or Wapack LLabs analysts undertook a high‐level anaalysis of issuees associated with relocatiing primary o secondaryy data center resources to o Iceland as an n inexpensivee alternative tto geographicc diversity in managingg global data.
CONTTENT
Executive Summary S
2
Sources Use ed in this Report R
3
ntroduction In
4
Key K Finding gs
5
Analytic A Ga aps
6
Cyber C Risks to Iceland d
7
Ic celand’s Cyber C Cap pabilities
8
Energy Prod duction
9
celand as a Data Ce enter Ic
10
Ic celand as a Safe Haven
12
Crime C and Technolog gy
14
Undersea U Cabling C
16
Ic celand’s Banking Sysstem
18
Aluminum A Production P n
20
Ic celand’s Pirate Party y
23
Foreign Relations
24
China C
25
Autonomou A us Systemss
28
Conclusion C ns
30
End Notes
32
About A Wap pack Labs
35
© 2013 Wapack Labss Corporation n. All rights re eserved. 1 | P a g e
Execu utive Sum mmary Between n the Gree enland Sea and the North N Atlanttic Ocean rests the e island natiion of Icela and. Settled d by both N Norwegian and Celtic pioneers in the 9th h and 10th h centuries, Iceland’s parliame entary instittution, the “Althing”, “ founded in 930 A.D is the worrld’s oldestt continuou us governm ment body y. In 1918 Iceland became an a independent nation breaking free from Danish rule r and in n 1944 Icela and declarred itself a republic. Through industrializzation of its i fisheries and aid from the United States S thro ough the Marshal M Pla an, Iceland d enjoyed decade es of econo omic prosp perity until 2008 2 when Iceland’s upheaval banking g system co ollapsed re esulting in economic e and political unrestt. Left in th he aftermatth, Iceland finds itself in the dawn d of ne ew awakening and a shift in pollitical and social discourse, d a new con nstitution, and a the atttention of some off the world’s most pow werful nation ns. In Grindavik, rises frrom the sea a a spur of the Emera ald Express transatla antic cable e. Ready fo or service in 2014, the e Emerald dth to the Express will w give Ice eland an ab bundance of bandwid Internet.. Matched with a richn ness of inexxpensive ge eothermal power and a a well-e educated workforce, w Iceland is iin position to beco ome the wo orld’s data warehouse w . With an un ncertainty of susta aining a fisheries f ba ased econ nomy and growing concern ns over th he environmental im mpact of aluminum producttion, the pu ush to explo ore Iceland d’s cyber ca apabilities is as tantalizing as itt is provoca ative. Iceland’’s underta akings are not free e from co ontroversy howeve er. With clo ose ties to Julian Assa ange and WikiLeaks, Pirate Bay, B and a failed atttempt to give g asylum m to NSA leaker Edward E Sno owden, Ice eland has the attenttion of its longtime e ally the United U State es. Meanwh hile, China is forming strong political p tiess with Icela and in hop pes of esta ablishing a forward trade porrt to serve as a gateway to Eu rope and Arctic ric ches, a key y to China’ss global am mbitions. This repo ort documents a high h level glance of the e evolving security threat lan ndscape, what w could d be vuln erable to attack, and the sig gnificant an nd unique cyber threa ats facing Iceland today.
IC CELAND D AT T‐A‐GLAN NCE Ca apital – Reykkjavik Na ational langu uage – Ice elandic Po opulation – 3 321,857 Eth hnic groups – 298,618 Ice elandic (93.4 44%), 9,049 Po olish (2.83%), 11,908 others (3.73%) Go overnment – Unitary pa arliamentary y constitution nal republic Pre esident – Óla afur Ragnar Grrímsson Priime Minister – Sigmundu ur Da avíð Gunnlaugsson Arrea – 103,001 1 km2 = 39,770 sq mii GD DP (PPP) – To otal $12.831 billlion (U.S.), Pe er capita $3 39,233 (U.S.) Cu urrency – Ice eland Króna (ISSK) Ch hief Import – Petroleum Ga ases (13%) Ch hief Export – Unwrought Aluminum (38% %) Le ead Import C Country – No orway (12%) Le ead Export C Country – Ne etherlands (2 27%) Tim me zone – G GMT (UTC+0) Drrives – On the e right Ca alling code – +354 Intternet TLD – .is
© 2013 Wapack Labss Corporation n. All rights re eserved. 2 | P a g e
SOURCES USE ED IN THIS REPORT Wapack k Labs an nalysts fuse ed open source s info ormation tto produce the analysis necessa ary in the crreation of th his report. Unless U spec ifically state ed, the ana alysis conta ained in this report r represents da ata collected and a analyzed b between O October 1 and Novemb ber 30, 2013 3. The findings in this report reprresent a surrface-level examinatio on of cyber se ecurity relatted matterss involving Iceland and d Icelandic c interests.
© 2013 Wapack Labss Corporation n. All rights re eserved. 3 | P a g e
INTRO ODUCTIO ON Iceland has a num mber of verry positive qualities fro om many d differing pe erspectivess. As such, Ice eland has become b an n attractive e location fo or technolo ogy adoption by dom mestic and forreign invesstors. Som me key ch haracteristi cs that are contributing to tthese investme ents include e:
Geography: G : Iceland iss a Nordic nation ge eographica ally isolated d between n the Arctic A Ocea an and No orth Atlantic c along th he Mid-Atla antic Ridge e. This isola ation contributes c greatly g to Ic celand’s sta ability and reduced th hreat of fore eign invasio on.
Political Stab bility: Iceland political system re mains stab ble despite the collapsse of its banking system. s A peaceful p protest force ed the gov vernment o of Prime Min nister Geir G Haarde e to call for new elections in 2009 .
Connectivity C y: Iceland maintains moderate e diversity in high sp peed unde ersea cabling, c with h primary connections c s in the sou uthwestern c corner of th he island na ation and a one hig gh-speed connection in the north heast. Expa ansion of cabling currrently under construction will add signific cant bandw width.
Natural N Ressources: With W signific cant wate er and ge eothermal resources, the predominan p nce of Icela and’s electrricity is gree en energy w with little ca arbon emisssions.
Ec conomy: Ic celand hass a highly educated workforce and low u unemploym ment. Business an nd social policies offers o a n umber of attractive e attribute es to entrepreneu e urs and crim minal activitties alike.
Te echnology Adoption: Second on nly to the Falkland Isla ands, Icelan nd is one o of the world’s w most connecte ed countrie es per cap pita. Icelan nd ranks 30 0th in the 2 20122013 World Economic c Forum’s Global Co ompetitive Index, where educa ation, te e all echnology adoption, flexibility and quali ty of busin ness enviro onment are 1 considered. c
Crime: C Icela and is consid dered one of the safe est countrie es in the wo orld, consistently ra anked first in the Global Peac ce Index w which mea asures secu urity in soc ciety, in ncluding ho omicide rattes and prisson popula ation size.2 Violent crim me in Iceland is almost a non-e existent and d petty crim mes are rare ely seen.
Gender G Gap p: Iceland ranks r first in n gender eq quality and d has closed d 73 perce ent of 3 its gender ga ap.
Liife Expecta ancy: Icelan nd ranks fo ourth globa lly with an overall life expectanc cy of 82.4
© 2013 Wapack Labss Corporation n. All rights re eserved. 4 | P a g e
KEY FINDINGS S
With W the Iceland Comp puter Emerg gency Resp ponse Team m (IS-CERT) in its embry yonic sttage, Iceland remainss reliant on the cyberr security exxpertise of other coun ntries and a may no ot be able to fend efffectively offf either cam mpaign driven large-sscale overt o or targ geted attac cks.
Ic celand ha as been subject s to cyber esspionage specifically y targeting g its parliament. p
Ic celand’s Central Bank is the so ole entity rresponsible for the flo ow of financial trransactionss on and offf the island d creating a highly likkely centrall point of c cyber weakness. w
Exxisting netw worked infra astructure, particularly y newly ac cquired 4G cellular ph hone sy ystems and transatla antic cablling, may be vulne erable to sabotage and espionage. e
In ndustrial Controls and Supervissory Contro olled Auto omated Da ata Acquissition (ICS/SCADA A) systems in use at some geo othermal a and hydroe electric en nergy production p plants p have e been pro oven vulnera able to the e same atta acks carried d out against a othe ers with simiilar infrastructure syste ms.
Renewable energy te echnologie es are prio ority targetts for spec cific advan nced persistent p threat (APT) actors. As Iceland ma atures its re enewable e energy offe erings it will likely become an attractive target.
Ic celand appears (currrently) imp pervious to o hacktivistts targeting controve ersial practices p su uch as wha aling, but fu uture attac cks should not be rule ed out. A m more lik kely target of cyber “h hacktivism”” is the use of hydroele ectric dam ms and utiliza ation of o natural re esources.
Aluminum, A Ic celand’s ch hief export may be vu ulnerable to market m manipulatio on by competitors c , environme ental hackttivism, and cyber sabo otage.
Sttrengthenin ng of relationships with w China a could le ead to inc creased cy yberespionage e threats through both external e and d insider ac ctivities.
Sttrong priva acy and ro obust data safe have en polices may conttinue to atttract criminal c cyb ber activity.
© 2013 Wapack Labss Corporation n. All rights re eserved. 5 | P a g e
ANALLYTIC GA APS
Wapack W Labs’ analystts have not acquired or analyze ed any spe ecific malic cious d on files or softw ware targetting Iceland dic interestts. Assessm ents are m made based analysis a of similar and historical h da ata.
IS S-CERT’s stru ucture, reso ources, and d investme ents have y yet to matu ure and ca annot be b determin ned.
Th he Iceland dic parliament identifiied an unm marked co omputer co onnected tto its networks in 2010. 2 The computer c was w believe ed to be co ollecting information. It has not been de etermined who targetted Iceland d’s parliam ment and w what informa ation was w being collected. c
Liittle open source information exists e that demonstra ates speciffic targetin ng of Ic celandic asssets from APTs. A
Th he redunda ancy and emergency e ntral Bank o of Iceland in n the protocols ffor the Cen event e of a cyber-attac c ck has not been iden tified or ev valuated by y Wapack Labs personnel. p
Ic celand’s in nformation security community y’s plan ffor the ne ext phase es of developmen d nt has yet to be determined.
Wapack W Lab bs was una able to dete ermine if a comprehe ensive natio onal strateg gy for cyber c securiity exists tha at addresse es specific rrisks to critic cal infrastruc cture.
A national risk assessm ment desc cribing risks with Icela and’s cybe er infrastruc cture re esulting from volcanic c activity iss not yet c complete a and the fu ull scope o of risk cannot c be accurately a assessed.
Only O a small sample of o landing stations s tha at connectt undersea cabling to o the country c has been asse essed for risk. A more comprehe ensive risk a assessment may yield significant vulnera abilities as seen at land ding station ns in other c countries.
© 2013 Wapack Labss Corporation n. All rights re eserved. 6 | P a g e
CYBER R RISKS TO T ICELA AND The dire ect result off Iceland being b a fav vorable cho oice for tec chnology rrelated bussiness and its liiberal priva acy policies have resullted in Icela and being a potential high-risk ta arget for a wid de range off cyber acttivities. Though this report covers man ny cyber re elated risks to Iceland, Table 1 su ummarizes w what Wapack k Labs believes to be e the most critical to Iceland to oday. Thesse risks musst be considered carefu ully during any plann ning for rel ocating da ata centerrs to this issland nation: TABLE 1. Cyber C Risk Matrix Cyb ber Incid dent Typ pe
Se everity (Un niversal)
Impact if Su uccessful
Probabiility of Targe eting
G General Targ gets
Industrial ge Espionag (Can also o be statesponsore ed)
Hig gh
Lo ost intellectual property fo or new techno ologies co ompromise off hosted information, dissruption of se ervices and su upply chain, co ommodities market m manipulation. m
Moderate - High
echnology, Te In ndustry, Busine ess In ntelligence, Po ower G Generation, Pu ublic Se ervices (Sewe er, W Water)
State Sponsore ed Espionag ge
Hig gh
High – If Iceland d becomes a safe haven fo or cyber crriminals, they will w likely not be e able to prottect th hemselves as cyber c be ecomes a norrmal way of life e in the future e.
High
D Dissidents, Ec conomic, G Government, M Military, Journa alists
Mass Ma alware & Crimew ware
Me edium
High
Pe ersonal Id dentifiable In nformation (PII), C Credit Card Numbers, Bankking C Credentials
Hacktivissm and Distribute ed Denial off Service (DDoS) attacks
Low w - High
High – The curre ent InfoSec landscape in Ic celand is mmature but growing. g im Crime, targeting not only anks, but indiv viduals has ba be ecome widesspread in otther areas of the t world. Va aried – Motiva ations vary fro om simple we ebsite de efacement to o disruption off services.
Moderate, spiking to High – ty ypically compound ded risk during time es of crisis or heighten ned activities co ounter to the cause ((police action, gov vernment crackdown n.
Varied – variety y of political m motivations particularly banking, prosecution of w whistleblowers,, and environme ental causes.
© 2013 Wapack Labss Corporation n. All rights re eserved. 7 | P a g e
ICELA AND’S CYBER CA APABILITTIES Assessment: Icelan nd’s defensive cyberr capabiliti es are still in their in nfancy butt the establish hment on June 1st, 2013 of the Iceland dic National Computer Emerge ency Responsse Team (C CERT-IS), Iceland has ta aken a sign nificant step p forward in n developin ng its 5 defensiv ve cyber capabilities c s. The IS-C CERT opera ates under the Postt and Tele ecom Administtration and d places emphasis on n handling g serious cy yber securiity incidentts for critical in nformational infrastruc cture (CII). Prior to the t opening g of CERT-IS S, it was an nnounced o on April 12, 2013 by Ic celand’s Forreign Minister Össur Skarphéðinsson, that Ice eland will join the N NATO Coop perative C Cyber 6 Defence e Centre of o Excellenc ce (CCDCE E). The dec cision to jo oin the NATTO CCDCE was largely in n part at th he urging off the Estonia an Foreign Minister. Iceland’’s cyber capabilities are difficu ult to asse ss as limite ed informa ation is pub blicly available; howeve er, on Marc ch 1st of 2013, 2 a stra ategic parttnership be etween Virginia based Kyrus, K a se ecurity con nsultancy specializing s g in incide ent responsse and crritical infrastruc cture, and Syndis, a Reykjavik ba ased penettration testing company “specializing in the prrovision of offensive o se ecurity” wass announce ed.7 This pa artnership b brings additional capabiliity to Syndis’s offering gs to the Ic celandic cy yber comm munity inclu uding comp puter forensicss and malw ware reverse e engineeriing. Cyber significance s e: Ranking g second worldwide e in Intern net penetra ation rate, an 8 estimate ed 96 perce ent, Icelan nd is develo oping its de efensive ca apabilities m much later than would be b expecte ed. In comparison, Ug ganda, with h an estimated Intern net penetra ation rate of ju ust 14.7 perrcent,9 esta ablished its own o CERT i n August o of 2013.10 The large num mber of conn nected use ers coupled d with an untried u CER RT may be e problema atic for Ice eland when re esponding to t significant cyber ev vents. For e example, a large scale cyber-atttack on Icela and’s bankiing system may overw whelm the CERT-IS wh hile a smaller and disc creet attack iss conducte ed on critica al infrastruc cture. CERT-IS, those associated Although not offic cially listed as a cybe er-capabili ty of the C directly or indirectly with the CERT-IS hav ve the cap pability to c complemen nt such acttivity. On August 30th, 20 013 Reykjav vik University held its th hird “RU Ha acking Con ntest” hoste ed by 11 Syndis’s Cofounder and Chief Science Officer, O Ým ir Vigfússon n, PhD. A member o of the 12 CERT-IS participate ed in this ev vent and was w on one e of eight fiinalists. Th his may illustrate that CE ERT-IS, at least on the t scale of individ duals, has the techn nical skills and understa anding of needed n cyb ber defensive and offfensive cap pabilities an nd the abiliity to draw up pon experts if needed..
© 2013 Wapack Labss Corporation n. All rights re eserved. 8 | P a g e
Analytic c gaps: The e extent to which CERTT-IS and Syn ndis collaborates is un nknown, if a at all. The offic cial govern nment posittion on the use of offensive cyb ber capabillities canno ot be found; however, h th he CCDCE,, which Iceland is now w a membe er of, has c codified the e use 13 of offenssive cyber tactics t in se elf-defense as defined d in the Tallinn Manual.
ENERG GY PRODUCTIO ON amount o Assessment: Iceland genera ates an enormous e of electric city from both geotherrmal source es and hydroelectric c; both of which are e believed susceptiblle to cyber-attack and potential p disruption. In n addition, the locatio on of energ gy production in an area with high volcanic v ac ctivity, may pose a riskk of disruptio on by naturral means. Located d along the e Mid-Atlan ntic Ridge, Iceland is g geologically unique d due to the high This volcan concentration of volcanoes. v nic activity provides Ic celand an abundanc ce of enewable geothermal g l energy an nd represen nts approxim mately 24.5 5 percent o of the clean re 14 country’’s total elec ctricity production and a more ssignificantly y 87 percen nt of the A Arctic 15 nation’s heating re equirementts. In add dition to ge eothermal e energy, ap pproximately 75 percent of Iceland’s energy iss generated d by hydroe electric pow wer plants.16 The National Energ gy Authority y of Iceland operatess seven ge eothermal p power plan nts at various locations along a the southwest tip of the e island ne ear Reykjavík and in n the northeast of the isla and near Húsavik. Of them, the Hellisheiði P Power Station is the largest geotherrmal powerr station in the t world, in n terms of c capacity. C Commission ned in 2006 6, the 17 7 plant bo oasts six 45mW turbine es and a single 30mW W turbine. Located jjust seven miles northeast, Nesjave ellir Geothe ermal Power Station is Iceland’s second largest an nd is equippe ed with four 30mW generators. Combined, C both plantts representt approxima ately two-third ds of Icelan nd’s geothe ermal energ gy productiion capaci ty.18 Iceland’’s geotherrmal energ gy production is dw warfed by its hydroe electric en nergy droelectric producttion. Icelan nd maintaiins some fo ourteen hyd c power pla ants the largest being th he Kárahnjú úkar Hydrop power Plantt in the easstern part o of the counttry near the e city of Egilssttaðir. Conssisting of fiv ve dams alo ong the Jökkulsá á Dal and the Jö ökulsá í Fljótsdal glacial rivers, r the plant p generrates 5TWh of electriciity annually y and was built exclussively to suppo ort Alcoa’s production n of aluminu um, Iceland d’s largest e export com mmodity.19 Cyber significance: The Hellissheiði Powe er Station m makes use o of Siemens’ss SIMATIC P PCS 7 digital control c syste em (DCS). Two T recenttly installed generator units (5/6) were fitted with Siemenss’s SPPA-T30 000 digital control sysstems that are backw ward comp patible with h the 20 0 older PC CS7 contro ol system. The PCS7 7 DCS auto omates the e controlle er environm ment, including g system monitoring, m and facilitates remo ote monito oring and access via a the Internet..
© 2013 Wapack Labss Corporation n. All rights re eserved. 9 | P a g e
There arre several known k vuln nerabilities with the Sie emens’s SIM MATIC PCSS7 DCS systtems. On July 23, 2012 the ICS-CE ERT issued advisory IC CSA-12-205-02 outlinin ng a .dll lib brary hijacking g vulnerab bility, that when rem motely expl oited can be used to attackk the underlying system. To note, this vulnera ability was exploited b by the “Stu uxnet” malw ware 21 used to target Iran nian nuclea ar enrichme ent facilitiess. More rrecently, on n June 14, 2013 Secunia released advisory a SA A530805 citiing a PCS7 7 SQL injecttion vulnera ability that may give an unauthorize ed threat actor a authe enticated usser privilege es on the c control syste em.22 In Janua ary, 2013, tw wo U.S. pow wer plants reportedly suffered a cyber-atta ack, taking g one plant offfline for thrree weeks and the other o found d a malwarre infection n on comp puters 23 that con ntrol turbine e systems. The Hellish heiði plant a alone acco ounts for ne early 87 perrcent 24 2 of the he eating requ uirements fo or Iceland. A prolon nged cybe er-attack in mid-winterr that would cause c the plant p to go offline wou uld have a significant impact on the popula ation and the island’s ec conomy. In addition to cybe er sabotag ge, Wapack Labs has analyzed and docum mented sev veral attacks from Adv vance Persistent Threat (APT) a actors targ geting rene ewable en nergy technolo ogies. Analytic c gaps: Although pow wer genera ation, partic cularly hydrroelectric, is a conten ntious issue am mong enviro onmentalistts due to im mpact on a river’s eco osystems and habitatts, no specific targeting activities a to Iceland’s power p syste ems are kno own. This c could be a rresult of little monitoring g for such activity, bu ut attacks on criticall infrastructture by wa ay of Siemenss’s SCADA systems are e not unhe eard of. In 2010, a ha acker going g by the o online name of “pr0f” gained accesss to a Hou uston sewag ge facility tthrough a SSiemens Sim matic 25 interface e protected d with a we eak passwo ord. The variety of con ntrol systems in use at other pow wer plants is unknown n; howeverr, the Nesjavellir Geothermal Powe er Plant ma akes use o of a Progra am Logic C Controller ((PLC) network k, wired to a central SCADA sy ystem, mon nitored rem motely in Reykjavík.26 This aggrega ation of sysstems in on ne central monitoring m system could represe ent poor de esign resulting g in a single point of atttack that could c comp promise sev veral disparrate system ms. In January y 2000, an insider to a sewage treatment p plant in Australia discharged 264 4,000 gallons of sewage e in a nearrby waterw way when he covertly y took con ntrol the plant’s 27 SCADA system. s
ICELA AND AS A DATA CENTER R Assessment: With an a abunda ance of ren newable e nergy, low--cost cooling capabiilities, low corp porate taxe es, highly ed ducated workforce, w a and incentiv ves for fore eign investm ment, Iceland is marke eting itself as the world’s w glo obal data a center. Despite tthese differenttiating factors, reloca ating to Ic celand hass been met with a great dea al of skepticissm from we ell-known American A technology t y countries, such as A Apple, Goo ogle, © 2013 W Wapack Labs C Corporation. All rights resserved. 10 | P a g e
and Mic crosoft, who o have optted instead to build da ata centerrs in other N Nordic coun ntries 28 2 such as Sweden an nd Finland. ar comparrative adva antages, Ic celand hasn’t attracte ed the lev vel of Even with the clea investme ent that would w merrit an incrrease in c cyber-security experttise. This c could potentia ally leave Ic celandic so ourced data center o operations m more vulne erable to atttack than oth her areas off the world with more depth in infformation ssecurity pra actitioners. Perhapss a concern for man ny companies consid dering relo ocating to Iceland iss the uncertainty of the e island’s volcanic v activity. a Ice eland has 30 active volcanos with eruption ns every 2-3 3 years on average.299 In 2010, tthe eruptio on of Eyjafja allajökull ha alted internatiional air tra avel for six days d and co ost the airlin nes nearly $ $2 billion. In 2011, the e BBC reported d that incre eased seism mic activity y near Katla a, one of Ic celand’s la argest volca anos, was an ominous sig gn of things to come. The reporrt continued to say th hat Katla, w which has had d twenty do ocumented d eruptions between 9 30 and 191 18, was long g overdue for a 30 major erruption. The perrception th hat Iceland d is vulnerrable to n atural disa aster from earthquakke or volcanic c activity is i not the only drive er of appre ehensions. Concerns over Icela and’s financia al recovery from the 2008 banking crisis still looms heavily on n the mind ds of 31 businesss leaders. Banking crisis c aside, Iceland is starting to make iinroads on n the misperception thatt the countrry is both an economi c and natu ural disasterr risk. Indeed, several European and American n companiies are taki ng advantage of the cost savings and have located l da ata centers in Iceland . In a rece ent study, PrricewaterHouse Cooperss reported a 10,000 sq quare foot data d cente er located i n Iceland w would resultt in a savings of a $130 million m overr 15 years, when com mpared to o one locate ed in the Un nited Kingdom m.32 Some notable da ata center projects inc clude:
Opera O Softw ware ASA of Norwa ay, creatorr of the O Opera web b browser, has announced a that it is creating c the world's G GREENEST D Data Cente er by moving a significant part p of its electronic e data d traffic to a new Data Center constructed and a operate ed by THOR R DC in Hafnarfjörður, Iceland.33 BMW re-loca ated some of its high performanc p ce application compu uting suppo ort to 34 Verne V Globa al’s data ce enter in Kefflavík in Octtober 2012.. Risk Management Solutions (RMS S), a cata astrophic in nsurance p provider, be egan 35 hosting its RM MS Cloud Environment in Iceland d on Septem mber 19 of 2 2013.
Cyber significance s e: Studies have sho own that highly edu ucated prrofessionals are emigratiing from Iceland to otther regions of the wo orld. Highly y skilled pro ofessionals, such as doctors, and otthers with technical t sk kills are mo oving abroa ad to fill po ositions in o other 36 countrie es with morre lucrative e wages. In 2012, i t was estim mated thatt 33 percent of Iceland’’s research hers emplo oyed in sciience and technolog gy have e emigrated from 37 Iceland to the Unitted States. With an n estimated d shortage of 20,000 tto 30,000 c cyber © 2013 W Wapack Labs C Corporation. All rights resserved. 11 | P a g e
security professiona als in the United State es alone, Ice eland may y find it diffiicult to properly staff its data d centers as the wo orld deman nd for quali fied talent increases.338 Iceland’’s tourism and a data center c indu ustry downp play Icelan nd as geolo ogically vo olatile location n; however, risks to infrastructure cannot c be ignored. M Most earthq quake activ vity is <2 on the Richter scale. Ea arthquakes and volca anic activitty has cau used little o or no 39 damage e to infrasttructure in the past few f decad des. Seissmic activitty in Icelan nd is concentrated in th he South Ic celand Seissmic Zone and the TTjörnes Frac cture Zone and large ea arthquakes in these areas, >7 on n the Richte er scale, although unc common, h have occurred. Air pollu ution from the t eruption n of Laki in 1783-1784 led to wide espread famine 40 and livestock shorta ages. Although, volcanoss are relativ vely distantt from Vern e’s Global Data Centter, the facility is located on the Rey ykjanes Ridge and vollcanism ca n occur. N New underw water lava fflows in the re egion were e discovere ed in 1992 after swarrms of seism mic activity y, but the most recent known k erup ption on the rift system m was in 18 879. A much larger e eruption in 1830 produce ed a VEI-3 eruption, much m like the t eruptio on at Grímssvötn in 200 04 that caused significant pollution n and disru upted air travel t in an nd out of Europe.41 Worsening any eruption n is the high h concentra ation of silic con sand th hat is both abrasive and conduc ctive. These sm mall particle es easily slip p through th he vents an nd air cond ditioning sysstems even with 42 filters insstalled. Moreover, M despite d prevailing win ds blowing g west to ea ast, ash plu umes are unp predictable e and can n affect areas as la arge as many hundrreds of sq quare 43 kilomete ers. Opinions differ on the stabiliity of Icela and’s volca anoes and the poten ntial harm they could do d to the issland’s peo ople, industtry, econom my, and in nfrastructure e. In 2011, the Icelandiic governm ment autho orized a thorough riskk assessme ent that wiill evaluate e the potentia al hazards and a vulnera abilities cau used by the e hazards o of volcanic c eruptions. The risk assessment is estimated e to o take any ywhere from m 15-20 yea ars to complete. Unttil this report is completed d, the effec cts of a larg ge volcanic c eruption im mpacting th he island w will be uncertain.44 c gaps: Re ecently, Te echWeek Europe E rep ported on Verne Glo obal’s phy ysical Analytic 45 security safeguard ds. Absen nt from our findings w were any sstrategies tthat may b be in place to o mitigate the t effects of a naturral disaster as in the e event of an n earthquakke or volcanic c activities.
ICELA AND AS A DATA SAFE HA AVEN Assessment: Outsid ders may la ack trust in both Icelan ndic desire e and ability to keep d data safe on the island. Iceland ha as made a concerted effort to sttimulate ec conomic gro owth aven” and in 2010 pa assed legisla ation to pro otect by offeriing the Island as a “data safe ha 46 “..expresssion and freedom f off informatio on.” The driving forc ce behind this propo osal is © 2013 W Wapack Labs C Corporation. All rights resserved. 12 | P a g e
the Inte ernational Modern M Me edia Institu ute (IMMI) and their Icelandic Modern M Media Initiative e. The initiative is aimed a to protect in nvestigative e journalism m and pro ovide whistleb blower prottections to o organizattions and individualss such as WikiLeaks and Edward Snowden.. Iceland’s movemen nt to prov vide the p protections is not witthout controve ersy and co ontroversiall figures. In Marc ch of 2010 0, WikiLeak ks founderr Julian Asssange be egan rentin ng a housse in 47 Reykjavíík. While in Iceland,, Assange recruited r a handful o of volunteers including g the Directorr of the IM MMI and member m off the Icela andic parlia ament, Birg gitta Jónsd dóttir. Anotherr volunteer,, Sigurður “Siggi” “ Þórð ðarson, a 2 20 year old citizen of Iceland, w would 48 later allegedly become an FBI informa ant in 2011 1. By the end of 20 012, the g group 49 splintere ed over Assa ange’s lead dership style e and perso onal politic cs. WikiLea aks wouldn’t be the only y group attracted to Ic celand’s ne ew policies. In early April of 201 13, notoriou us BitTorrent site “The Pirate Bay”” relocated d its Greenland50 based domains d to Iceland. By the end d of April, o out of fear o of imminent seizure of their domainss, the site e had relo ocated to the island d nation o of Saint M Maarten in the Caribbe ean.51 Deild du.net, an Iceland-based BitTorre ent site rem mains opera ational, de espite complaints to the Icelandic government g t by copyrig ght groupss wishing ac ccess to the e site 52 be bloc cked. In October, O th he FBI and CIA seized d infrastructture of the “Silk Road””, an online black b marke et website known k for the t sale of iillegal drug gs, which ha ad a numb ber of 53 TOR serv vers hosted in Iceland.. In the case of WikiiLeaks, Icela and has prrovided som me cover ffrom interna ational pressure including g from lon ngtime ally y, the Unitted States.. In 2010, DataCell, the comp pany responsible for processing Wik kiLeaks don nations, had d its credit card gate eway shut d down by the Iceland’s Ministry M of Finance for what intern national credit card c companies had seen as illegal don nations to WikiLeaks. W The donatio ons were ea armarked ffor a large new 54 data ce enter to be hosted in Iceland. Six monthss later, DattaCell resum med opera ations with pay yment proc cessor Valito or only to have that sitte quickly shut down a again. Afterr two years off legal hearings and a ruling by Iceland’s SSupreme C Court in fav vor of Data aCell, the com mpany once e again beg gan processsing donattions for WikkiLeaks.55 In 2011, the FBI arrived in Icela and under the preten nse of thwa arting “an im mminent atttack on Icela andic gove ernment databases” d . When lea arning of the FBI’s p presence, then Minister of the Inte erior, Ögmu undur Jóna asson, prom mptly asked d the FBI to o leave Ice eland because e he believed that the e FBI was on nly there to collect info ormation on WikiLeakss.56 Iceland’’s citizens are a not the only targett of cyber e espionage.. In January y of 2011, itt was reported d that emp ployees fou und a com mputer in a an empty rroom inside e the Icela andic parliame ent building g. All identiifying numb bers had b been remov ved. When n the comp puter was disc connected a routine deleted th he files from m the hard drive.57 N No one claiimed
© 2013 W Wapack Labs C Corporation. All rights resserved. 13 | P a g e
responsibility for the t incident, but ru umors of W WikiLeaks’s involveme ent had b been 58 mention ned. Cyber significance e: The WikiiLeaks affair may imp pede Icelan nd’s goal tto become e the world’s data safe haven. Itt is likely that sensitiv ve US data a was disc closed thro ough Iceland’’s network and a it is cle ear that Ice eland does not want to o be subjec ct of further law enforcement or in ntelligence operationss. In June of 2013, th he Obama a administra ation admitted to spying g on Herbe ert Snorraso on and Smá ári McCarth hy, both Icelandic cittizens 59 with ties to WikiLeaks. Iceland will continue to draw w the intere est of questtionable Intternet figurres likely fueling more in nternationa al involvem ment. In August o of 2013, K Kim Dotcom m, founde er of MegaUp pload, an Internet file sharin ng site se eized by authorities for copy yright infringem ment, has plans to move m his new n site “M Mega” to d data serve ers in Iceland;60 howeve er, the assisttance from m Icelandic authorities in the take e down of Silk Road’ss TOR infrastruc cture, may y cause Dotcom D and other q uestionable e enterprisses to que estion Iceland’’s sincerity in providing g true Intern net privacy.. Analytic c gaps: It is unknown who w plante ed the com mputer insid de the Althiing or what the objectiv ve was.
CRIME AND TECHNO T OLOGY Assessment: Iceland is often n described d as peace eful having a very low w rate of c crime when compared c to other countries. c A country y with a re elatively sm mall popula ation, Iceland’’s people enjoys stro ong cultura al and anc cestral con nnections that may b be a leading factor in the country’s outward tranquillity. The a attitude tow wards crim me in Iceland differs grea atly from other Western countrie es, particula arly the United States, and long-term m incarceration is very v rare. Although determining attitude es on crim me is complexx and beyo ond the sc cope of thiss report, atttitudinal co omparisonss can be m made with other populatiions that arre highly ho omogenouss or econom mically prossperous. A leadin ng contributor to Icela and’s low crrime rate m may be its p pre-empting g of crime isssues before they t occur. In 1973, a special court c was e established to tackle the problem of drug pro oliferation and a in the first f ten yea ars, roughly 90% of the cases brou ught before e the court wa as settled with w a fine. 61 Anothe er argumen nt is that the country’ss social we elfare and ed ducation programs promote p an n egalitaria an culture e, resulting in virtually y no 62 tensions between economic c classes. Addition nally, Icelan nd’s geogrraphic isola ation simplifiess its protec ction from criminals c un nknowingly entering th he country y. Unfortuna ately, cyber crriminals are e not forced d to clear customs c to c conduct an n attack. In 2006, Iceland en nacted cyb bercrime leg gislation tha at defined changes in n its penal c code to address some cybercrim me issues. The legi slation prim marily defines regula atory © 2013 W Wapack Labs C Corporation. All rights resserved. 14 | P a g e
obligatio ons and do oes not add dress crimina al behaviorr or punishm ment for tho ose found g guilty of cyber-crimes. Regardless, the law do oes require disclosure o of cyber se ecurity incid dents to the Post P and Telecom T Ad dministratio on. Article 24 in Reg gulation 1222/2007 places responsibility on op perators to report r secu urity inciden nts involving g critical infrastructure.63 e: Icelanders may be b lulled intto a false sense of ssecurity, fro om a Cyber significance cyber-perspective.. Low crime e rates in th he physical world do n not necessa arily translate to low crim me rates in cyberspac ce and it’s only natura al to equate the rela ative safety that one feels in their na atural surrou undings to all facets o of their lives,, including c cyberspace. Anecdo otal evidenc ce suggests that a ge eneral awa reness abo out the riskss of cyber iss low among the genera al population and this most likelly transcen nds to busin ness as well. In 2010, the e Post and Telecom Administratio A on reported d that 98 pe ercent of th he enterprisses in Iceland were connected to the Intern net, yet on ly 25 percent had fo ormally deffined 64 security policies. This may re epresent a significant awarenesss gap in Ice eland’s bussiness sector. There arre efforts be eing made to educatte the publiic about th he risks of cybercrime. The website Netoryggi..is is one su uch resourc ce that worrks to educ cate Icelan nd’s connected population about the risks of o cyberspa ace. The site include es topics ssuch as virruses, Trojans and a spywa are as well as instructtions on ha ardening o operating systems suc ch as Window ws 7, Vista and XP. Although informative e, the site is geared more tow wards individua als and sma all businesse es, and doe es not refle ect the com mplex cyberr realities fa acing larger orrganizations. It is important to point p out th hat persiste ent threat a actors, hac cktivists, and d cyber-terrrorist are using techniqu ues, tactics, and proto ocols (TTPs)) that challenge even n the defensive capabiliities of org ganizationss with robu ust security y counter--measures and seaso oned incidentt responderrs. The und derstanding g to fight th ese sorts off attacks is far beyond d the reach of o an inform mational we ebsite but requires a deep und derstanding g of defensse indepth practices. p Universitties are atte empting to fill the gap and educa ate the nexxt generatio on of comp puter scientistss and IT tec chnicians about a comp puter securrity. Reykjav vik University, for insta ance, is makin ng an activ ve push tow wards inclu uding adva anced cybe er-security courses in their computer science e curriculum m and stim mulating a wider dia alogue on cyber-sec curity 11 through the “RU Ha acking Con ntest”. Wh hile importa ant, the sca ale and aud dience of tthese operatio ons is limite ed and the expertise students ac cquire from m academic courses may not feed d directly into strategic c security decisions ma ade by bussinesses. A country that is banking its future on o being tthe world’ss data cen nter, signifiicant investme ents in nott just gene eral securitty awarene ess but in developing g a large and capable e cyber sec curity workfo orce is vital to the suc ccess of the e country’s forward loo oking ambition ns. The safe ety of Icela and’s data centers go oes far beyo ond cyber ssecurity po olicies © 2013 W Wapack Labs C Corporation. All rights resserved. 15 | P a g e
and Inte ernet safety y. A concerted efforrt by both g governmen nt and bussiness to nu urture domestic cyber-security profe essionals orr attract the em from otther countrries should be a national priority. Until then,, the need d for seaso oned profe essionals from all sec curity disciplines will grow w exponentially. Analytic c gaps: Sta atistics on cyber-crime c e in Iceland d is difficult to capture e. Much o of the informattion available to ope en source research c comes in tthe form o of raw num mbers without context. Statistics specifically detailing a activity tarrgeting Ice eland’s bussiness sectors has not been b analy yzed by Wapack W La abs and rrequires a much de eeper investiga ation. Additionally, witth CERT-IS in n its infanc y, it is likely y that cybe er-crime is g going largely underreported unlesss an attac ck is widesspread or far-reaching with broad implicattions to the general pu n Vodafone ublic, taking g the recen nt attack on e Iceland a as an example e.65
UNDERSEA CA ABLING Assessment: Risks created by Iceland’s depende ence on itts undersea infrastruc cture should be b taken se eriously. Wapack W Lab bs believess the risk to o be real, p primarily fro om a physicall protection n perspecttive. Comm mercial ima agery and historical events sug ggest Iceland may not be b prepare ed to adeq quately deffend susceptible endpoints, and d the cables could c be ta ampered with distant end e termina ation pointss. Lying alo ong the oc cean floor is Iceland’ss cyber co onduits to the world. Connected by four sub bmarine co ommunicattions cable es just unde er 11,000 kkilometers (6,835 mile es) in 66 length, Iceland ha as potentially 422.5GB’s of bandw width for itts consump ption. In 2 2014, work willl be comp plete on the e “Emerald d Express”, a spur off the 5,200 kkilometer (3 3,231 miles) tra ansatlantic cable that will add an a addition al raw cap pacity pote ential of 40TTBs of 67 bandwid dth to an island whose e populatio on is that of St. Louis, M Missouri’s. The infra astructure that t conne ects the wo orld’s conti nents bene eath our oceans is w widely believed d to be the e “Achilles’ Heel of th he Internet”” and activ vity that oc ccurred in early 2008 ma ay support that claim m. On January 30th o of that yea ar, CNN reported at least three un ndersea Intternet cablles had be een cut off the coast of Egypt b by, what at the 68 time, wa as reported to be a ship’s anchorr. The alleged accid dental ruptu ure was on nly the beg ginning. Frrom late Ja anuary to early February y as many as nine un ndersea cables had b been severe ed, causing g 70 percent of the Inte ernet trafffic in Egy ypt and as a much as three-q quarters o of international communication between Eu urope and the Midd dle East to o go down n.69 A de eeper ation of the e circumstances surrou unding the cables in E Egypt and rreviewing v video examina footage e of the waters where the cabless were seve ered revealed that no o shipping trraffic had bee en in the arrea 12 hours precedin ng and follo owing the ttime of the initial outage.70 It is still unknown u who carried out the atttacks. In 20 013, three Eg gyptians w were arreste ed for © 2013 W Wapack Labs C Corporation. All rights resserved. 16 | P a g e
attemptting to cut the t SEA-ME E-WE-4 unde ersea cable e off Alexandria that, had they b been 71 successfful, could have taken an entire continent c offfline. Most de ebate abou ut undersea a cabling vulnerabilitties focus o on the cab bles themse elves, but a grreater dang ger to these e circuits exxists out of the water w where they y make landfall. Cable landing site es are liste ed among the U.S. S tate Depa artment’s m most vulnerrable 72 critical infrastructu i re. Landing sites arre typically y clustered or in rem mote areas and access to t a site wo ould give a skilled adversary the a ability to co ontrol the c cable system ms or portions of the da ata and vo oice traffic flowing th hrough them. Additionally, an a aerial observation of sev veral landin ng sites in other o coun tries reveals inadequate protec ctions making them easily y vulnerable e to physica al attacks a and sabota age. Cyber significance e: Undersea a infrastructure is vital to Icelan d’s econom my. Signifiicant disruptio ons in thesse circuits would sig gnal Icelan nd’s inabilitty to deliv ver the sy ystem redunda ancy requirred to be the t “world’’s data ce nter”. The risk create ed by Icela and’s depend dency on n its un ndersea infrastruc cture shou uld be take en very seriously y. For exxample, Fiigure 1 demonsstrates uncertain defenses surround ding the perimeter of the Landeyjasandur landing statio on. The fallout from a prolonged outage may ha ave a subsstantial economic Figure 1: Landeyjasan ndur cable lan nding station. impact on o the islan nd. Analytic c gaps: It is unknow wn if a form mal nationa al strategy y for protec ction of crritical infrastruc cture existss for Icelan nd. As suc ch, Wapac ck Labs wa as unable to identify y the redunda ancy chara acteristics of o Iceland’ss undersea cabling infrastructure e; howeverr, the addition n of the Emerald E Exxpress shou uld give s ome relieff and add ditional failover capacitty. In addition, not all landing stations s are e likely own ned and op perated by y the same prrovider and d it is unkno own if contrracts exist for providing mutual a assistance in n the event off a prolonged outage. This would d be critica l to system resiliency. Other th han Lande eyjasandur, no other landing sta ations were e observed d. As such,, the physicall securities of o the rema aining statio ons are unkknown.
© 2013 W Wapack Labs C Corporation. All rights resserved. 17 | P a g e
ICELA AND’S BA ANKING G SYSTEM M Assessment: Icelandic bankiing moves all of its m money and d transactio ons through h the Icelandiic Central Banking B sysstem. This sy ystem, like others in th he world, iss likely targeted routinely y, and shou uld be considered an extreme e cy yber and fin nancial risk. In 2008, Iceland’s banking system s collapsed whe en all thre ee of the c country’s m major privately y owned commercia c l banks failed to refin nance shorrt-term deb bt. Althoug gh a deep an nalysis of th his crisis as it relates to o cyber is w well beyond d the scop pe of this re eport, the events surround ding the co ollapse are e mainly ressponsible fo or the rise o of the Icela andic Pirate Pa arty as a po olitical force e in the Parrliament, ass the dema and for transparency in n the banking g sector is high. With a Moody’s credit c ratin g of Baa3, average g grade, Icela and’s credit is a medium risk but stable. Vital to Iceland’s economic c recovery is the Ce entral Bankk of Icelan nd (Seðlab banki Íslands). The Centtral Bank is responsible for settin ng monetarry policy th hat brings p price stability to the nattion’s econ nomy. Ano other funda amental ro ole for the Central Ba ank is maintain ning the country’s c external e resserves and d promotin ng an effic cient and safe financia al system. Key K to this activity is the t establisshment of tthe payme ent systems that controls the flow of o money on o and off the island with foreig gn countriess as well ass the issuing of o Iceland’s currency, the t Króna. The Cen ntral Banks of the Unite ed States,733 Russia,74 A Australia,75 a and Estonia a have all b been subject to cyber-attacks. The e attack on n the U.S. C Central Ban nk had bee en attribute ed to the hac cker collective “Anony ymous”; however, in t he case off Estonia, it is believed d the Russian government was be ehind the attacks a an nd NATO e experts were called in to provide assistance.76 Iceland is also member of the So ociety for World W Wide Interb bank Financial Telecom mmunication network or SWIFT. SWIFT S enablles over 10,000 financ cial institutio ons in 212 cou untries to communica c ate financial transacttions in a secure and standard dized nected to tthe SWIFT n way.77 There T are currently c six banks in Ic celand conn network, bu ut the Central Bank of Ice eland, bein ng the SWIFFT node, sh hould be considered and treate ed as 78 highly ta argeted. The U.S. Treasury De epartment and the CIA have ha ad program mmatic access to the SSWIFT network k’s transaction databa ase since at a least 200 06.79 Acc cess was grranted with h the intention n of tracin ng transac ctions to al-Qaeda a tto preventt the fund ding of terrrorist activities. In Septem mber of 201 13, it was re evealed in tthe so-calle ed “Snowden docume ents” A had been n using the SWIFT netw work for spy ying on nattion states, a claim de enied that NSA 80 by the EU E and SWIFFT.
© 2013 W Wapack Labs C Corporation. All rights resserved. 18 | P a g e
In 2011-2 2012, the SW WIFT netwo ork saw unp precedente ed levels of attacks on n its membe ers, a 81 trend that continue ed in 2013. Use of SWIFT S could d lend itself to more su ubtle attacks as reported d by Cisco. In October of 2013, Cisco fou nd SWIFT p payment no otifications that containe ed spam messagess with an attachme ent titled, “Bank Sw wift Copy.zip”. Contained in th he zip archive a were two files, “Ba ankSwiftCopy1.exe” and “BankSw wiftCopy2.e exe”. Whe en execute ed, the file e infected the host with malic cious 82 software e. Much lik ke the Cen ntral Bank of o Iceland, Reiknistofa a Bankanna a (RB) performs many y key central banking activities a in ncluding payment p sy ystems and d banking managem ment software e hosting. The deve elopers of Iceland’s main paym ment clearring system m, RB ensures that paym ment transa actions bettween pay yers and re ecipients a are secure and efficientt. Additionally, foreiign transac ctions mad de through h the SWIFFT networkk are facilitate ed by RB de eveloped software s an nd play a m major role in n the purchase and sa ale of foreign currency for f much of Iceland d. RB also offers a large array y of data and g services to o the banking industry y throughou ut Iceland. applicattion hosting Cyber significance s e: As witne essed with many oth her central banking ssystems, cy yberattacks are increasingly frequ uent occurrrences. Unpopular p public polic cies, particu ularly the harv vesting of whales w or denial d of asylum a of fu uture whistlleblowers, may ferme ent a desire to o send a message to the t govern nment or dirrectly to the Icelandic c people. SSuch attacks are not unlikely. Betw ween 2010 and a 2011, A Anonymouss launched a wide spread DDoS ca ampaign ag gainst finan ncial instituttions in both h the United d States an nd Sweden..83 Although Iceland’ss credit rating has sttabilized sin nce the co ollapse of 2008, a cy yberattack on o the Cen ntral Bank could erod de confide nce in the banking ssystem. Even a brief disruption in the t Centra al Bank’s ab bility to ma anage the country’s ffinances an nd a prolonge ce in ed DDoS attack, or much worse,, a significa ant breach, may erode e confidenc the banking system m and have e harmful, lo ong-term efffects to Ice eland’s fina ancial recov very. t banking g collapse, temporarry capital c controls we ere instated d to stop rrapid During the 84 depreciation of the e Króna. These contro ols have no ot yet been n lifted five years later,, and obstructt virtually all a currency y transactio ons, includ ding all fore eign curren ncy excha ange. Howeve er, these im mpedimentss have likely reduced incentivess for attackkers to dev velop banking g Trojans, phishing and a pharm ming attac ks, targete ed againstt customerrs of Icelandiic banks, since s the attackers would w hav ve difficulty y moving ffunds from m the compromised acc counts out of o the country. A surg ge in attac cks against online ban nking services and their customers c in Iceland can c be exp pected whe en the cap pital controls are lifted. It is likely the Central Bank’s financial activity a thrrough the SSWIFT netw work will rem main targeted d by foreig gn surveillance. As th he focal p point in Icelandic ban nking, Icela and’s
© 2013 W Wapack Labs C Corporation. All rights resserved. 19 | P a g e
Central Bank is posssibly one of, o if not the most crim minally sign nificant cyb ber target in n this otherwisse isolated country. c RB poses another central c poin nt of failure in Iceland’’s banking scheme. P Prolonged D DDoS attacks against ba anking solu utions prov viders who provide services de escribed in RB’s portfolio o can have e a devasta ating impa act on its b business cusstomers. In n 2012, ban nking services provider Jack Henry & Associates suffered d a disrupttion in busin ness opera ations 85 that lastted monthss. Despite e Jack Hen nry’s charac cterization of the atta acks lasting only “finite periods p of time”, whiich they could c not sservice its customerss, Wapack Lab analysts interviewe ed a numb ber of bankers who rreported th he disruptio ons were m major and resulte concern ns for its customers c ed in acc counts bein ng closed and a lo oss in confiden nce for the bank’s abilities to pro ovide a sec ure banking g environm ment. Analytic c gaps: Wapack Labs has not an nalyzed the e attachme ents referenced by C Cisco. An anallysis of thosse files may y indicate the t purposse of the m malicious co ode and w who is responsible for wrriting it. RB B’s ISO2700 01 and PC CI complian nce inform mation wass not examine ed for this re eport.
ALUM MINUM PRODUC CTION Assessment: Not directly d related to cyber c but should be e considere ed is Icela and’s aluminum industry. The production of alu uminum is b both an eco onomic be enefactor and a depend dence thatt must not be overrlooked in any deciision proce ess in loca ating operatio ons to Icela and. The dependen nce on the e globally marketed product c could make Ic celand a very v lucratiive target for entrep preneurs in the future e and coun ntries requiring g natural re esources. Bo oth bring ad dded risks o of hacking,, industrial e espionage,, and physicall threat. The need for aluminum is i increasing g. As the world w looks to reduce CO2 emisssions, engin neers have turned to lighter mate erials to cut fu uel costs. Manufactu urers of today’s mode ern transporrtation veh hicles, cars, and aircraft are a increassing the use e of aluminu um in their designs. A Alcoa predicts deman nd for aluminum to increa ase tenfold in the nextt eight yearrs.86 Alumin num comp prises 38 perrcent 87 of Iceland’s exportts and the e USGS listss the coun try as twelffth in world d productio on at 88 790,000 tons per ye ear. The aluminum a industry rem mains a ma ajor econom mic influenc ce in 89 Iceland’’s econom my and ge enerates a total of 4,000 job bs. Howe ever, aluminum manufacturing is no ot without its critics. Despite the 2008 economic collapse e, Iceland continuess to grow w its aluminum 90 producttion, which now repressents one-seventh of tthe island e economy. 0 Fierce debate between businesse es and environmentalists has rag ged for som me time ove er the industry’s growth. For envirronmentalissts, at the heart of t he debate e, is the drrain on na atural resource es and the e energy re equired for aluminum productio on. Alumin num produc ction consumes 71 perrcent of the t island’s electricitty. This c consumptio on led to the © 2013 W Wapack Labs C Corporation. All rights resserved. 20 | P a g e
controve ersial con nstruction of the Kárahnjúka K r Hydropo ower Plan nt, a ma assive hydroele ectric proje ect involvin ng the damming of two rivers with five dams and d the construc ction of 73 kilometers (45 mi) of undergroun u nd water tu unnels in som me of Icela and’s 91 most prisstine wilderrness. As the world shifts from the e industrial age to th he informa ation age, the worldw wide demand d for resources has inc creased dra amatically a and along with it the tthreat of cy yberattack. In 2011, th he threat was serious enough e forr Australia’ss federal Atttorney-Gen neral Robert McClelland M d to bring to t the table e twenty C CEO’s from big resourrce compa anies, banks, and a others to t discuss cyber-attac c cks. McCle lland concluded the m meeting saying: “Security y agenciess are findin ng malicious cyber a activity to be increassing to a p point where systems s in both gove ernment and a the prrivate secttor are und der contin nuous 9 threat.”92 The meeting was held on the t heels of a repo rt that aire ed the pre evious yea ar on Australia a’s ABC. The program m “Four Corrners” desc cribed cybe er-attacks o originating from China ta argeting BH HP Billiton, Rio R Tinto, and Fortesc cue Metals Group, all of whom h have global in nterests in th he mining and a metals industries. For Rio Tintto, the atta ack required d the Singapo ore office to o go offline e for three days so the e network c could be “upgraded”” but 93 most like ely sanitized d from infec ction. In July 2012, a Ca anadian mining m firm operating in the Ph hilippines w was victim to a sophistic cated cybe er-attack involving a se et of emailss alleging tthe firm’s to op officials w were involved d in a murder and other criminal behavior a against othe er smaller m miners. Fore ensic examina ation of the e emails sh howed thatt at least o one of the authors ma ay have ha ad a military backgroun nd. It was ultimately concluded d that the attack wa as a strateg gy to discreditt the minin ng compan ny and dam mage its re eputation tto give the e smaller mining compan nies accesss to lands owned o by the Canadiian firm. Th his is not the e first or the e last 94 incidentt of its kind. In 2011, it was repo orted that Samin Tan,, the chairm man of the e coal mining group B Bumi, was vic ctim to a cyber-attac c ck where a person claiming to be doin ng research h for Wikipedia sent a malicious m lin nk to Tan in n a successsful spear p phishing ca ampaign. D Data compromised by the attack was later used u by an n anonymo ous whistleb blower that sent 95 the stoc ck of Bumi tumbling. t The attac ck was neve er attribute ed to any p particular g group but wass successful in driving the value of Bumi do own and se ending the e company y into chaos, which w Bumi has yet to fully recove er from. tal causes have taken an intere Adversa aries who champion environmen e est in the mining and pro oduction of o metals too. t In 2011, Anonym mous activists launch hed “Opera ation Green Rights” (#OpGreenRights) to protest a number o of environmental ca auses including g the targe eting Anglo American,, the world’’s primary p producer of platinum. In a
© 2013 W Wapack Labs C Corporation. All rights resserved. 21 | P a g e
stateme ent by Ano onymous Anglo A Amerrican was accused o of destroying nature and 96 killing ind digenous people. Cyber significance e: In 2011, researche er Dillon Be resford dev veloped co ode that c could take do own Siemen ns industrial control sy ystems; spe ecifically, Sie emens S7 c computers that are used d to contro ol tens of th housands of o engines, turbines, a and machines in indu ustrial 97 facilities. A patc ch was rele eased for th he vulnerab bility; howe ever, in 201 12 another flaw was discovered that exposed encryp pted traffic c in hardw ware owne ed by Siem mens subsidiary RuggedCom that illustrates continuing c difficulty in n securing SCADA co ontrol 98 systems and critica al infrastructture. Iceland is in a unique position in the alum minum prod duction ma arket. The issland’s ability to supply the t smelting facilities with relatiively inexp ensive and d renewab ble energy puts Iceland at a com mpetitive ad dvantage over otherr aluminum m supplying g countries. This compettitive advan ntage may y entice co ompeting i nterests to target Ice eland’s sme elting facilities or power stations to disruptt the islan d’s ability to produ uce exporttable aluminum. A cybe er-attack on o any on ne of the three Icela andic smelters or en nergy supplierss may have e significantt impact on n Iceland’s economy. As presssure increases on the world’s na atural resou urces, so w will compettition. Glob bally, cyber-attacks on mining m and d metals prroducts ha ave significa antly increa ased. Evide ence has sho own cyber--attacks orriginating from nation n states lo ooking to m manipulate e the market price for raw r materrials, attack ks by com mpetitors who seek to o damage e the reputation of othe er companiies to win over o mining g rights, an nd environmental acttivists 99 who purrsue public city for theirr causes. Wapack LLabs predic cts this tren nd will conttinue upward. Cyber th hreats from m environme ental group ps are also o a growing g trend on a global sc cale. Continued growth of Iceland d’s aluminu um smelting g and enerrgy produc ction capac cities on what is believe ed by man ny to be prristine land may draw w the atten ntion of ac ctivist groups such as Anonymous. A quick review of the group p’s #OpGre eenRights b blog, illustrate es a numbe er of DDoS attacks ag gainst powe er compan nies, deface ed homepages of minin ng compan nies, and lin nks to ex-filtrated datta most like ely obtaine ed by nefa arious cyber-attack tactic cs. Analytic c gaps: Wap pack Labs was unable e to determ mine the co ontrol system ms in use a at the smelting g or hydroelectric plants; howe ever, conssidering the e market penetratio on of Siemenss control systems, it is likely that Siemens S co ontrols are being used d. Missing from this repo ort is a morre detailed d analysis of o supply ch hain deficie encies thatt may indirrectly impact aluminum production n. Supplies of corundu um, Iceland d’s 4th larg gest import, are also vuln nerable to market m fluc ctuations brought on b by cyber related activiities.100
© 2013 W Wapack Labs C Corporation. All rights resserved. 22 | P a g e
ICELA AND’S PIRATE PA ARTY Assessment: A posssible target in the Alth hing espion nage case may be Birrgitta Jónsd dóttir. Founderr of Iceland d’s “Pirate Party”, P Jónsd dóttir holdss a seat in Ic celand’s pa arliament a and is a strong g advocate e of Internet privacy and a govern ment transsparency. A As founderr and Chairwo oman of the IMMI, Jón nsdóttir is re esponsible for introducing legisla ation to pro otect 101 whistleb blowers such h as Bradle ey Manning g, Julian Asssange, a and is symp pathetic to NSA 102 gical leaker Edward E Sno owden’s bid d for asylum m in Icelan nd. Desp pite the stro ong ideolog ties with h The Pirate e Bay, Jónssdóttir on the t topic o of The Piratte Bay’s move to Ice eland distance ed the Pira ate Party from the mo ovement a and claime ed to have e no role in n the decision n.103 Birgitta Jónsdóttir J remains a central, c if not a contro oversial figu ure, in Icela and’s data safe haven movement. m . Jónsdóttiir distancing herself frrom The Pirrate Bay is not unique for publically elected officials belonging b to the Pira ate Party. This distan ncing of n newly elected officials fro om their Pira ate Party ro oots has be een observ ed in otherr countries such as the United U Kingdom,104 Sw weden, and d Norway w where assoc ciations witth the BitTo orrent 105 site have e been see en as jeopardizing the party’s legiitimacy. Cyber significance: Birgitta Jó ónsdóttir re emains symp pathetic to o The Pirate Bay, Snow wden, Manning g, and Assa ange, often n tweeting about a them m. The likelih hood of Jón nsdóttir beiing a target of o cyber-atttack or esp pionage is a continue ed high risk to Iceland d’s emergin ng as the world’s data sa afe haven. As leade er of Iceland’s Pirate Party, P Jónsd dóttir may fiind it difficu ult to separa ate her pollitical aspiratio ons with herr affiliationss. Her contiinued involv vement witth the Pirate e Party will likely draw attention to the t island nation n as a target for future hac cktivism or sstate sponssored espionage. Regardless of Jónsdóttir’s ac ctivities, the e Pirate Pa arty does keep close ties with h the hacktivisst group Anonymous A s. For example, Ope eration Ma arine Life, #OPmarinelife, Anonym mous’s antii-whaling campaign, c , is sched duled on the officia al Pirate P Party 106 nks to a Facebook ev Internatiional (PPI) website. w The calendar entry lin vent page ttitled 107 #OPMarrinelife that t links again to a Paste bin entry with spe ecific targe eting 108 informattion. Internatiionally, po olitical partties adopting the P irate Party y label are e not new w to controve ersy or implicated of running r afo oul of the la aw. The pa arties were very vocal and pressed charges against a ban nks that blo ockaded W WikiLeaks’s donations and in Ma ay of 2011, Ge erman offic cials confisc cated serve ers belongi ng to the P Pirate Party y in German ny.109 As a ressult of the actions taken by the e Germanss, Anonymo ous returne ed the favo or by 110 taking down d both h the www w.polizei.de and www w.bka.de w websites. In a sepa arate case, se ervers belon nging to the e German Pirate Party y were imp plicated in an attack on a © 2013 W Wapack Labs C Corporation. All rights resserved. 23 | P a g e
nuclear power plant belongin ng to Frenc ch energy s upplier EDFF.111 An SSH key origina ating from a Pirate P Party y owned se erver was used in the attack butt it is unkno own if the P Pirate 112 Party ha ad fallen vic ctim to Ano onymous or if this was a case of p plausible de eniability. Analytic c gaps: Th he extent of o Jónsdótttir’s relation ns with the e international arm off the Pirate Party P is unknown, bu ut likely to be favorrable and no eviden nce exists that Jónsdóttir, or the Pirate P Party y of Icelan nd, was spe ecifically ta argeted in the espion nage campaign on Icelland’s parliament. Itt is also un nknown if JJónsdóttir h has a direc ct or indirect relationship p or involve ement with Anonymou us operation ns but she iss likely awa are of the grou up’s activitie es.
FOREIGN RELATIONS Assessment: Icelan nd, while a memberr of many internation nal organizzations, ha as no leadersh hip role in any. a Each of o these org ganizationss is believed d to be targ geted by m many differing g adversarie es and shou uld be causse for conc ern by the Icelandic g governmen nt. Internatiionally, Iceland enjoy ys strong re elationships with Norw way and th he other No ordic states as well as strong ties to o the United d States. In n 1986, Iceland hoste ed the so ca alled “Reagan-Gorbach hev summitt” in Reykja avik, leadin ng to the end of the e Cold Wa ar. A peacefu ul nation with w no stan nding army y, Iceland’ss internatio onal dispute es are typiically over fish heries and fishing f limits resulting in i several c confrontatio ons with Great Britain n in a 11 13 series of skirmishess known as a the “Co od Wars”. More rrecently, Ic celand leftt the Internatiional Whaliing Commission (IWC) due in pa art to the c commission n’s refusal tto lift the ban n on whaling; however, Icelan nd has ma ade severa al attempts to rejoin n the commisssion.114 In Septe ember 2013, Iceland gave up talk ks to becom me a memb ber of the E European U Union 115 (EU) ma ainly over fishing quotas. Desp pite the faiiled bid to become a an EU mem mber, Iceland belongs to o several in nternationa al organizattions but do oes not pla ay a leade ership role in any.116 The list includes:
United Natio ons NATO N Organization O n for Security and Coo operation in n Europe Arctic A Council Organization O n for Econo omic Coope eration and d Developm ment In nternationa al Monetary y Fund World W Bank World W Trade Organizatiion
Cyber siignificance e: Several of o the organizations lissted above e have bee en known to be targeted d by hacktivists and pe ersistent thrreat actors.. Iceland’s governme ent or busine esses © 2013 W Wapack Labs C Corporation. All rights resserved. 24 | P a g e
could ea asily fall und der attack simply as a result of a actions take en by an orrganization with which Ic celand identifies, or iss seen as actively a or passively e endorsing. TThe risk of such attack would w be elevated if Ic celand is se een as a co ountry with w weak cybe er defenses. While no ot been a specific ta arget of ha acktivism in n the past,, it is Iceland’s contin nued practice e of whalin ng that ma ay draw the e most inte ernational attention ffrom hacktivists. Along with w Japan n and Norw way, Iceland is still a actively whaling. In n 2010, Ice eland 117 harveste ed 148 fin whales w and 60 minke whales. w In n June of 2 2013, Anony ymous relea ased a YouTu ube video warning Japan tha at Anonym mous “no longer will allow this to 118 happen”. Analytic c gaps: Ano onymous ha as dubbed d its anti-wh haling cam mpaign “Op peration Ma arine Life”. De espite the rh hetoric, no evidence exists that ssuggests Anonymous has carried d out a succe essful opera ation againsst any whaling nation;; however, Anonymou us targeting g has be concentrated on the fissheries of the t two otther whalin ng countrie es, Japan and 119 Norway,, while spec cific targeting against Iceland ha as been absent.
CHINA A Assessment: The Chinese C parrtnership in Iceland o offers great reward to o this financ cially recoveriing nation but at the same time poses a g reat risk to both Icela and’s econo omic future and enterprrising ambittions. China has long g been view wed by ma any in the w world as preda atory in the eir cyber esspionage practices, p b but at the ssame time, could pro ovide financia al backing that might create c an in ndentured Iceland. 008 the nation has loo As Iceland continu ues its recov very from th he financia al crisis of 20 oked for new w opportuniities in unlikely place es. Perhapss better pu ut, opportu unity has c come knocking g. Diploma atic relation ns between n China an nd Iceland have been n strengthe ening over the e past several years. In n 2012, it wa as estimate ed that Chin na’s embasssy housed fivehundred d diplomatss, making itt the largesst diplomattic presenc ce in the co ountry. To n note, the second largesst, France, was estim mated to h ave a tota al of twenty diploma ats.120 Perhapss clues to China’s C inte erest in Iceland can b be found in n a statem ment by Ch hina’s State Oc ceanic Adm ministration n that argue es China is a “near Arrctic state” and the A Arctic 121 is “the in nherited we ealth of all humankind.” A fo orward pressence in th he Arctic w would serve Ch hina well. On April 15th of 20 013, Iceland and Chin na signed a free-trad de agreement signifying a ment by Ch hina to the e country a and the reg gion, markin ng the first such long term commitm agreement betwee en China and a any Eurropean cou untry. Prior tto the agre eement, Ch hina’s central bank b exten nded a currrency swap p between the two co ountries to h help streng gthen 122 the trad de and ma aintain stab bility. Iceland in retu urn has be een providing enginee ering expertise e to help China exploit its ow wn geothe ermal capacity to h help reduc ce its depend dence on co oal. The co ooperation hasn’t stop pped there. © 2013 W Wapack Labs C Corporation. All rights resserved. 25 | P a g e
In Octo ober, Icela and’s pressident Óla afur Ragna ar Grímsso on, reaffirm med Icela and’s commitm ment to China C by saying the e island iss ready to o expand programm matic coopera ation in geothermal energy, economy, e social dev velopmentt, science and 123 technolo ogy in Arcttic research h. In 2012, China ssailed its icebreaker, tthe Xuelong, to Reykjaviik to atten nd the Sin no-Iceland workshop on Arctic c studies rresulting in the 124 establish hing of an observation o n station in Northern N Ic eland. The rela ationship between Iceland and d China is coming a at a time w when Icela and’s relevanc ce may be seen as wa aning. Prior to World W War II and tthe Cold W War, Iceland d was a seclud ded nation but that changed c as the Unite ed States and NATO h had foresight to see Icelland’s geo ographic position as a strategic c location to meet itts wartime and peacekeeping objjectives. Ev ventually, the t Cold W War came to an end a and in 2006 6 the NATO airbase was taken ove efence Ag er by the Ic celandic De gency and closed in 2 2011. Without a NATO pre esence, Ice eland’s stra ategic relev vance is onc ce again questionable e. Perhapss sensing tro ouble to co ome, in 2008 8 five mem ber states o of the Arctiic Council – The U.S., Ca anada, Den nmark-Gree enland, No orway, and d Russia reiterated their jurisdictional rights ov ver in the Arctic region n under the e terms of th he United N Nations Con nvention on n the Law of the Sea. That decla aration kno own as the e Ilulissat D Declaration, also inclu uded Iceland,, Sweden, and a Finland d. In what appeared to be an attempt a to press its inf luence in Ic celand, Ch hinese billion naire property y develope er and forrmer Chine ese Centra al Propaga anda Depa artment wo orker Huang Nubo, N put in a bid to o purchase one-hund red square e miles of la and in nortthern Iceland to build a luxury hotel and golf resort for “wealthy C Chinese se eeking clea an-air and soliitude.” This was mett with a lo ot of skeptiicism and even minissters suppo orting Chinese e relations, were left baffled by y the planss. The plans were quashed by y the Icelandiic governm ment and when w word was w leaked d that Chin na based Zh hongkun G Group were pla anning on renovating r a small air strip in Grím msstaðir an nd outfit it w with ten airc craft, suspicions grew th hat China was build ding an airrbase. Ev entually th he project was stopped d and for no ow all Chine ese development plan ns are curre ently in limb bo.125 China’s real ambittions in Iceland lack clarity. c Ma ny have sp peculated tthat ice melt in the Arcttic would open o the Northwest N Passage, P a sea lane that links tthe Pacific and Atlantic by going over the to op of Cana ada, but a report pu ublished by y the Cana adian Internatiional Coun ncil illustrate ed that the e Northwestt Passage is not the shortest route.126 The more likely intterest in Ic celand and d the Arctiic is China a’s insatiab ble appetite e for natural resources. r To support its Arctic exploration ambitio ons, China has investe ed handsom mely in its c coldweatherr capabilities. With a large fleett of icebre eakers, new wly acquire ed technolo ogies including g carriers and a tankers capable e of comm mercial Arcttic navigattion, as we ell as
© 2013 W Wapack Labs C Corporation. All rights resserved. 26 | P a g e
aircraft that can withstand w po olar weathe er conditio ns; a signifiicant investtment that may 127 extend beyond b shipping lanes. Cyber significance e: Iceland’’s exit from m recent EU U membership talks co oupled with an expandiing relation nship with China hass significan t implicatio ons. Althou ugh there iis no indicatio on that the e relationsh hip betwee en the Unite ed States, Europe, an nd Iceland d has been strrained ove er cooperation with China, C one can assum me that bo oth Brussels and Washing gton are mo onitoring the relationsh hip closely. The rebu uffing of Hu uang Nubo o’s bid to buy b real esttate on the e island cou uld invite c cyber espionage to asse ess the sen ntiments off Iceland’s decision m makers during any fu uture negotiations. Altho ough there e are no specific s cy yber-threatss to Icelan nd from China, evidenc ce suggests that China a has been n involved iin nation state espionage when their interests are at stake. In a so oon-to-be released re port by the e US-China Economic and Security Review Commission C n it was concluded c that the Chinese governme ent is engage ed in a con ncerted ca ampaign off cyber-atta acks led b by a Shang ghai-based unit. The repo ort states that t the Ch hinese gov vernment is “directing g and executing a la argescale cy yber espion nage camp paign again nst the Unite ed States a and that it has successsfully targeted d the netw works of the e US govern nment and d private orrganizations, including g the DoD, de efense conttractors, an nd private firms.” f The rreport goess on to say y these activities are designed to ac chieve a nu umber of brroad econo omic and sttrategic ob bjectives.128 China’s cyber colle ection efforts may be aided by iits own Hua awei Techn nologies. N Nova, a provid der cellpho one and Intternet serviices has pa artnered w with Huaweii to build itts 4G 129 infrastruc cture. Huawei H hass been implicated in n cyber espionage in n the past and Australia an intelligen nce agenc cies warned d officials o of “credible e evidence” the comp pany was con nnected to o the Third Departme ent of the People’s LLiberation A Army, who o are 130 responsible for cyber espionage. The same s warn ning was sounded in W Washington D.C. 131 by former NSA and d CIA Direc ctor, Micha ael Hayden n. China a and Huaw wei vehemently deny th hese alleg gations. Re egardless, the Chine ese intellig gence nettwork is h highly sophistic cated and active an nd the tiess between the gove ernment an nd Huaweii are undenia able. Wapack k Labs has been b follow wing the ac ctivities of se everal threa at actor gro oups of Chinese origin fo or the passt two yea ars. The asssessment iin the Rev view Comm mission’s re eport matches the same behaviors observed by b Wapackk analysts. It is highly unlikely that t China’s flourishing g relationsh hip with Icelland will de eter China’s use of cybe er espionag ge techniq ques from acquiring strategic in ntelligence e on the issland ased nation. Additionally, it is like ely that closer relation ns with Beijing will lea ad to increa cyber co ollection by y Iceland’s NATO partners.
© 2013 W Wapack Labs C Corporation. All rights resserved. 27 | P a g e
Analytic c gaps: The scope, de epth, and complexity c of the rela ationship be etween Ice eland and Chiina go bey yond the inttentions of this report.. A much d deeper examination o of the relationsship would be required d to fully assess the cyber-threat China pose es to Icelan nd.
AUTONOMOU US SYSTE EMS Wapack k Labs performed a cursory c exam mination off announce ed Iceland dic Autonom mous Systems (AS). The results show w reasonab bly good n network hyg giene; how wever, in sev veral instance es crime-wa are hosting was reported in some e relatively ssensitive loc cations. The HE Index, is used by hostexploit.com and d represen nts hosted “badnesss” of Autonom mous System ms (AS), on a scale fro om 0 (no ba adness dete ected) to 1,000 (maxim mum badnesss). The HE Index is ca alculated by b using th he data fro om Host Exploit and o other sources. The aggre egated datta is processsed throug gh Site Vet using uniqu ue algorithm ms in a simple e qualitative e method of o calculatio on. Data u used include es the serve er’s history o of:
malware m sp pam exploits e command c and a controll servers botnet b activ vities phishing p RFI Other O attacks
Data un nique to ea ach server iss collected d and weigh hted according to da ata significa ance and the e size of the e server to give the HE H Index. TThis enable es the malic cious activiity of servers of o different sizes to be accurately y compared d. The HE Rank is the e global ranking of th he badnesss of an Auttonomous SSystem (ASS), as measure ed by the HE H Index. Therefore, T an a AS with HE Rank o of 1 is meassured as ha aving the worsst record off malicious activity of all a tested se ervers. The following tab ble illustrate es AS rankings using g the beta version of Site Vet.132
ASN
Name
HE Index
HE Rank
AS6677
Síminn hf
23.5
1556
AS12969
Fjarskipti ehff
16.5
2566
AS31236
Reykjavik City Hall
15.1
3009
Malicious URLs
Badware
Phishing servers
S SPAM ac ctivity
YES
YE ES
YES YES
© 2013 W Wapack Labs C Corporation. All rights resserved. 28 | P a g e
ASN
AS59396
Na ame Tölvu- og Rafeindaþjónusta Suðurlands ehf
AS50613
THOR zData a Center ehf
AS48685
Opin Kerfi ehf. e
AS44925
1984 ehf AS number
HE Index
HE Rank
Phishing servers
S SPAM activity
5409 9
YES
13
3499 9
YES
12.5
3573 3
12.1
3662 2
IP Fjarskipti ehf
2.4
8422 2
AS47545
Verkís hf
1
10562 2
AS39472
1
27504 4
AS1850
Arion Banki hf Internet Ice eland Inc. (ISNIC)
1
20494 4
AS60690
Opex ehf
1
28992 2
AS57729
1
12983 3
AS51296
Kópavogsb bær Median - Ra afræn Miðlun hf
1
11456 6
AS47828
Valitor hf
1
10636 6
AS42888
Mannvit hf
1
9571 1
AS35834
CCP hf
0.9
33149 9
AS56704
Farice ehf
0.9
32002 2
AS43892
Basis ehf.
0.9
31294 4
AS198815
Rikisútvarpið ð ohf
0.9
32876 6
AS51017
Nethönnun ehf
0.9
31674 4
AS44644
Árvakur hf
0.9
31348 8
AS44275
Fjölnet ehf
0.9
31316 6
AS197973
Registers Iceland
0.9
32788 8
AS197403
Íslandsbank ki Ltd.
0.9
32979 9
AS51969
GreenQloud ehf
0.8
37246 6
AS24743
Snerpa ehf
0.8
35989 9
AS39418
Nýherji hf Hringiðan ehf e / Vortex Inc
0.7
39316 6
0.7
39130 0
0.7
39318 8
AS31410
Landsbankii Íslands hf. Network Communications ltd.
0.7
39234 4
AS25244
Decode
0.7
39122 2
AS34678
Tölvun
0.7
39274 4
AS29689
Nýherji hf
0.7
39202 2
AS29348
0.7
39195 5
AS31441
FSNET Gagnaveita a Reykjavíkur ehf
0.5
41325 5
AS15474
SURIS/RHne et
0.2
42642 2
AS44515
Advania hf.
0.2
43592 2
AS39532
Badware
4.7
AS21268
AS25509
Malicious URLs
YES YES
YES
© 2013 W Wapack Labs C Corporation. All rights resserved. 29 | P a g e
CONC CLUSION NS Iceland is known as a the “Land of Fire an nd Ice”, a fitting refra ain for a co ountry that finds itself at the t dawn of o a new ag ge and unw written futurre. Historica ally isolated d by the oceans and ofte en overlook ked, Iceland is now co onnected t o the world d in ways un nimaginable by its Norse e ancestors.. The quic ck turnaround of Icela and’s econo omy after tthe financia al collapse was a stan nding testame ent to the re esolve and d strong character of the people es of Icelan nd. From tthose darkest hours, Iceland has reawakene r ed with a desire with hin its peo ople to hold its governm ment accou untable to the t people e and for th e people. In efforts to pull itself up from m one of th he world’s m most disasttrous econo omic collapses, Iceland has turned d to its abun ndance of natural reso ources as itts well of prrosperity. LLarge public projects p to unleash u Ice eland’s gre een power generating g capacity and a soo on-tobe surplus of bandw width that connects Ic celand to t he world’s economy, are vital pieces of the blueprint to the island’ss economic c future. Allong with Ic celand’s clo ose proximity to the richn ness of the Arctic’s raw w materialss, Iceland iss no longerr ignored d diplomatica ally or strategic cally. Howe ever, not all attention will have p ositive consequencess. In the po olitical turm moil followin ng the bank king crisis, Ic celand’s desire for po olicy chang ges in the area as of transsparency and a privacy happene ed rapidly,, a naturall reaction to a distressin ng situation n. Capitalizzing on the e uncertain nty of the ttimes, the P Pirate Party y has risen to political p distinction and now hold ds seats in th he Althing. Parallel with the Piirate Party’s ascent in nto politica l influence is the rise of some of the most sig gnificant controversie es to date in the ag ge of inforrmation. JJulian Assa ange, WikiLeak ks, Bradley Manning, Edward Sn nowden, th he Pirate Ba ay, and the e Silk Road d are more th han mere subplots s in Iceland’s story s of rec cover, but may indic cate more of a symptom matic and unwanted u circumstan nce. The ev vidence of c cyber-espio onage directed squarely y at the Icelandic parliiament may be a porttent of thing gs to come e. No long ger pursuing g memberrship with the t Europe ean Union or saddled d by Amerrican influence with the closure of the NATO base b in Kefflavík, Icela and enjoys a new sense of freedom m to pursue e relationsh hips it sees consistent with its ge eopolitical and econo omic ambition ns. The influ uence of Ch hina in Icela and is bein g watch closely by bo oth the U.S.. and Europe. As the rela ationship grows, g evidence sugg gests so too o will China a’s flexing of its cyber ca apabilities to t put itself at a comp petitive adv vantage in diplomatic and econo omic matters.. Standing g juxtapose with Ice eland’s new w prosperiity, is its c connection n with its past. Keeping g consistentt with its Nordic herita age and c culture, actiivities such as whaling g will
© 2013 W Wapack Labs C Corporation. All rights resserved. 30 | P a g e
continue e to draw the attentiion of activ vist and the e perceive ed misuse o of pristine lands may enc courage ac ctions from those who feel ordain ned to prottect them. In many y ways, Icelland is a co ountry com ming of age e and into its own but from a cy yberperspec ctive Iceland is at an embryonic e stage whe ere its ability y to protec ct itself from m the rest of th he world wiill be tested d. Enemies won’t com me in ships o or planes b but right thro ough the very y thing that much of th he island is banking b on n for its futurre – the Inte ernet.
© 2013 W Wapack Labs C Corporation. All rights resserved. 31 | P a g e
ENDN NOTES The Glob bal Competitiv veness Index 2012–2013: Strengthening R Recovery by R Raising Productivity, World Econom mic Forum 2 http://ww ww.theguardian.com/new ws/datablog/2 2013/jun/11/g global-peace--index-2013 3 http://ww ww3.weforum m.org/docs/GGGR12/MainC Chapter_GGG GR12.pdf 4 http://ap pps.who.int/gho/data/nod de.main.688?la ang=en 5 http://ww ww.newsofice eland.com/ho ome/business-economics/p public-sector//item/1616-ice elandic-natio onalcert-begin ns-operating 6 http://ww ww.mfa.is/new ws-and-public cations/nr/766 64 7 http://ww ww.kyrus-tech h.com/cyberssecurity-experrts-kyrus-syndi s-announces--strategic-parrtnership/ 8 http://en n.wikipedia.orrg/wiki/List_of_ _countries_by y_number_of__Internet_userss 9 http://en n.wikipedia.orrg/wiki/List_of_ _countries_by y_number_of__Internet_userss 10 http://w www.newvision.co.ug/newss/645810-ugan nda-sets-up-u unit-to-fight-cy yber-crime.html 11 https://is-is.facebook k.com/events//509698522450937/permali nk/510711802 2349609/ 12 http://w www.ymsir.com m/hacking/do oku.php?id=ru u_hacking_co ontest 13 http://issuu.com/nato o_ccd_coe/d docs/tallinnma anual?e=5903 3855/1802381 14 http://w www.nea.is/ge eothermal/ele ectricity-gene eration/nr/76 15 http://w www.landsvirkjjun.com/ 16 http://w www.nea.is/hy ydro-power/electric-powerr/ 17 http://w www.mannvit.com/Geothe ermalEnergy/G GeothermalPo owerPlants/GeothermalPro ojectHellisheid di/ 18 http://w www.nea.is/media/nationa al-energy-auto ority/popup/1 3-generation__of_electricity y.jpg 19 http://w www.worldene ergy.org/docu uments/20090 0917__wec_krrahnjkar_bb.p pdf 20 http://w www.energy.siiemens.com/c co/pool/hq/a automation/a automation-co ontrol-pg/spp pat3000/doc cuments/ Helliisheidi-Iceland d_process-automation-systtem_sppa-t3000.pdf 21 http://ic cs-cert.us-certt.gov/advisories/ICSA-12-20 05-02 22 http://se ecunia.com/a advisories/538 805/ 23 http://news.yahoo.co om/american n-power-plantt-shut-down-b by-cyber-attack-104208349 9.html 24 http://w www.cleanene ergyactionpro oject.com/ 25 http://g gcn.com/Artic cles/2011/12/1 13/DHS-warns--US-water-pow wer-plants-ha acked.aspx?P Page=1 26 http://w www.geotherm mal-energy.orrg/pdf/IGAsta andard/WGC//2000/R0596.P PDF 27 www.un nicri.it/special_ _topics/cyber_threats/cyber_crime/exp planations/sca ada/ 28 http://w www.compute erweekly.com m/news/2240179109/Iceland d-prepares-to o-lure-Silicon-V Valley-IT-giantts-tobuild-data acentres 29 http://w www.foxbusine ess.com/mark kets/2011/12/0 02/katla-volca ano-eruption--fears-played--down-byicelandic--scientists-and d-tourism/ 30 http://w www.bbc.co.u uk/news/world d-europe-15995845 31 http://w www.compute erweekly.com m/news/2240179109/Iceland d-prepares-to o-lure-Silicon-V Valley-IT-giantts-tobuild-data acentres 32 http://w www.compute erweekly.com m/news/2240179109/Iceland d-prepares-to o-lure-Silicon-V Valley-IT-giantts-tobuild-data acentres 33 http://w www.greendataisland.com/whyiceland.html 34 http://w www.triplepun ndit.com/2012 2/10/bmw-switches-iceland d-data-centerr-reduce-carb bon-emissions/ 35 http://w www.verneglo obal.com/new ws/in-the-presss/create-presss-86 36 http://w www.docsopin nion.com/2013/10/12/brain n-drain-may-se eriously-harm -health-care--in-iceland/ 37 Brain Drrain and Brain Gain: The Glo obal Compettition to Attrac ct Highly Skille ed Labor, Edite ed by Tito Boe eri, Herber Bru ucker, rederic Docquier, 20 012, Oxford Un niversity Press 38 http://w www.npr.org/ttemplates/sto ory/story.php?storyId=12857 74055 39 http://w www.landsvirkjjun.is/media/p pdf/20130529 9_Iceland_DC _Report.pdf 40 http://w www.episodess.co.in/www/b backissues/33 3igc/22-hazard ds.pdf 41 http://w www.wired.co om/wiredscien nce/2010/02/rrockin-on-the--reykjanes-ridge-iceland/ 42 http://w www.crn.com//news/networking/2244004 459/volcanic-a ash-may-impact-icelands-data-centerplans.htm 43 http://w www.zerohedg ge.com/articlle/air-travel-d disrupted-overr-europe-again-major-glob bal-disastermaking-%E2%80%93-pa art-i 44 http://e en.vedur.is/ab bout-imo/newss/nr/2280 1
© 2013 W Wapack Labs C Corporation. All rights resserved. 32 | P a g e
http://w www.techwee ekeurope.co.u uk/news/icela and-verne-glo obal-darta-ce entre-gallery128000?piid=1701#galle ery 46 http://w www.chicagonow.com/the e-lowe-down//2010/06/the-llowe-down-ic celand-passess-proposal-to-become- internet-safe--haven/ 47 http://w www.newyorke er.com/reporrting/2010/06//07/100607fa__fact_khatcha adourian?currentPage=all 48 http://a arstechnica.co om/tech-polic cy/2013/06/iceland-a-nexu us-for-us-wikile eaks-investigations-new-yorrktimes-sayss/ 49 http://w www.independ dent.co.uk/ne ews/world/po olitics/wikileakks-splits-as-volu unteers-quit-to o-set-up-rival-website-2157420.html 50 http://to orrentfreak.co om/pirate-bay y-finds-safe-ha aven-in-icelan nd-switches-to o-is-domain-130425/ 51 http://w www.webpron news.com/the e-pirate-bay-m moves-to-the--caribbean-to o-avoid-doma ain-seizure-201 13-04 52 http://to orrentfreak.co om/copyright--groups-dema and-pirate-ba ay-blockade-iin-iceland-131 1007/ 53 http://w www.theguard dian.com/tec chnology/2013 3/oct/08/silk-rroad-hack-susspicion-fbi-serrver 54http://ww ww.slate.com m/articles/tech hnology/futurre_tense/2013 3/08/sigurdur__thordarson_ic celandic_wikilleaks_ volun_turn ned_fbi_inform mant.html 55 https://w www.datacelll.com/news/v victory-over-c credit-card-co ompanies-wikileaks-donatio ons-possibleagain/ 56 http://a arstechnica.co om/tech-polic cy/2013/06/iceland-a-nexu us-for-us-wikile eaks-investigations-new-yorrktimes-sayss/ 57 http://ic celandpulse.c com/icelandre eview/1144-su uspicion-of-esspionage-at-ic celands-parlia ament 58 http://ic celandpulse.c com/icelandre eview/1156-w wikileaks-rep-in n-iceland-werre-not-hackerrs 59 http://c consciouslifene ews.com/icelandic-wikileaks-collaborat ors-targeted-obama-admiinistration/ 60 http://news.softpedia a.com/news/Kim-Dotcom-M Might-Move-M Mega-Privacy y-Services-to-Iceland374377.shttml 61 http://w www.bbc.co.u uk/news/mag gazine-25201471 62 http://w www.bbc.co.u uk/news/mag gazine-22288564 63 www.pffs.is/upload/files/REGULATIO ON_no.1223_IP%20commun nication.pdf 64http://ww ww.pfs.is/uplo oad/files/T%C3%B6lfr%C3%A A6%C3%B0isk% m.%C3%A1rsinss_201 %C3%BDrsla_PFS_fyrri_helm 0.pdf 65 http://w www.theregister.co.uk/2013 3/12/02/vodaffone_iceland__hacked/ 66 http://w www.submarin necablemap.com/ 67 http://w www.emeraldnetworks.com m/wp-contentt/files_mf/1362 2960356_mag gicfields_link_p pdf_1_1.pdf 68 http://w www.cnn.com m/2008/WORLD D/meast/02/0 01/internet.ou utage/?iref=hp pmostpop 69 http://w www.studentp pulse.com/artiicles/44/a-vulnerable-netw work-undersea a-internet-cab ble-attacks 70 http://w www.abc.net.au/news/2008 8-02-04/ships--did-not-cut-in nternet-cable es-egypt/1031698 71 http://w www.dailymail.co.uk/scienc cetech/article e-2300595/Pic ctured-Egyptia an-divers-tried d-hack-cablessattack-cra ashed-interne et-worldwide.h html 72 https://c citizenlab.org/cybernorms2 2012/sechrist.p pdf 73 http://w www.itnews.co om.au/News//331435,us-cen ntral-bank-intternal-site-bre ached-by-ha ackers.aspx 74 http://news.softpedia a.com/news/Russia-s-Centrral-Bank-and--Other-Financ cial-Institutionss-Hit-by-DDOS92528.shtml Attacks-39 75 http://w www.nytimes.c com/2013/03//12/technolog gy/australian--central-bankk-hit-by-cybera attack.html?__r=1& 76 http://w www.theguard dian.com/worrld/2007/may y/17/topstoriess3.russia 77 http://w www.swift.com m/about_swiftt/index 78 http://w www.theswiftc codes.com/iceland/ 79 http://w www.nytimes.c com/2006/06//23/washingto on/23intel.htm ml?pagewantted=all 80 http://w www.ibtimes.c co.uk/articles//508882/20130 0925/edward--snowden-nsa a-scandal-swift-tftp-eu.htm 81 http://w www.smartbrie ef.com/03/08//12/hacker-atttacks-financiial-networks-a all-time-high-sw wiftsays#.Unb bMNvnYdLU 82 http://to ools.cisco.com m/security/ce enter/viewThre eatOutbreakA Alert.x?alertId=31182 83 http://w www.pcworld..com/article/2 2052360/us-indicts-13-anon nymous-memb bers-for-ddos--attacks.html 84 http://w www.voxeu.orrg/article/icela and-s-capital-controls 85 http://w www.jackhenrry.com/Regula atoryNewsReport/DDoS%20 0Communica ation-v2.pdf 86 https://c citizenlab.org/cybernorms2 2012/sechrist.p pdf 87 http://a atlas.media.mit.edu/countrry/isl/ 88 http://m minerals.usgs.g gov/minerals/pubs/commo odity/aluminu m/mcs-2012-a alumi.pdf 89 http://a askjaenergy.orrg/2013/05/27 7/aluminum-a and-icelandic--gdp/ 45
© 2013 W Wapack Labs C Corporation. All rights resserved. 33 | P a g e
http://a articles.latimess.com/2011/m mar/26/busine ess/la-fi-icelan d-economy-2 20110326 http://w www.nea.is/hy ydro-power/p power-intensive-industries/ 92 http://w www.theaustra alian.com.au//business/mining-energy/m miners-under-c cyber-attack-fromeverywhe ere/story-e6frg g9df-1226065199596 93 http://w www.news.com m.au/breakin ng-news/chine ese-cyber-atta acks-on-bhp--billiton-rio-tintto-and-fortesc cuemetals-gro oup/story-e6frrfku0-1225855710032 94 http://w www.interaksy yon.com/infotech/sophistic cated-cyber-a attack-uncove ered-vs-mining-firm-in-thephilippines 95 http://w www.theguard dian.com/bussiness/2013/jan/11/fake-wikkipedia-researcher-hack-bumi-chairman n 96 http://th hehackernew ws.com/2013/0 03/worlds-larg gest-platinum--producer-hacked.html 97 http://w www.compute erworld.com/ss/article/9218 8892/A_powerr_plant_hack__that_anybod dy_could_use 98 http://news.cnet.com m/8301-1009_3 3-57498572-83 3/dhs-warns-siiemens-flaw-c could-allow-p power-plant-hack/ 99 http://w www.theaustra alian.com.au//business/mining-energy/m miners-face-inc creasing-risk-o of-cyberattacks/sttory-e6frg9df-122676479836 66# 100 http://a atlas.media.m mit.edu/counttry/isl/ 101 http://w www.newsofic celand.com/h home/blog-opinion/item/1 1211-birgitta-jo onsdottir-cybe er-poet-news--oficeland-blog 102 http://w www.dailykos.com/story/20 013/06/23/121 18165/-Icelan dic-MP-Birgittta-Jonsdottir-o on-Snowden-ssassylum-chances# 103 http://p piratetimes.ne et/report-from m-iceland-2/ 104 http://ffalkvinge.net/ /2012/12/20/a as-uk-pirate-pa arty-takes-dow wn-pirate-bay y-proxy-two-o other-pirateparties-briing-new-ones-up/ 105 http://w www.theinquiirer.net/inquire er/news/2252 2203/norwegia an-pirate-partty-cancels-ho osting-the-pira atebay 106 http://c calendar.pp-iinternational.n net/month.ph hp 107 https:// /www.facebo ook.com/even nts/165859993 3594658/?ref__dashboard_fiilter=upcomin ng 108 http://p pastebin.com m/Jc7LBmu2 109 http://ffalkvinge.net/ /2012/12/17/p pirate-party-prresses-charge es-against-ban nks-for-wikilea aks-blockade// 110 https:// /twitter.com/a anon2060/statuses/7157723 32199524352 111 http://w www.spiegel.d de/netzwelt/n netzpolitik/0,1518,763939,00 0.html 112 https:// /news.ycombinator.com/item?id=2567535 113 http://w www.britains-ssmallwars.com m/RRGP/CodWar.htm 114 http://w www.iwcoffice.org/Meetings/meeting20 002.htm#icela and 115 http://e euobserver.co om/enlargem ment/121419 116 http://w www.state.go ov/r/pa/ei/bgn/3396.htm 117 http://w www.ifaw.org g/united-states/our-work/whales/which-c countries-are--still-whaling 118 http://w www.youtube e.com/watch?v=PiwlA5-yQ Q1g 119 http://d digitaljournal.c com/article/3 351165 120 http://rrendezvous.bllogs.nytimes.c com/2012/10//05/china-and d-the-northern n-great-game e/ 121 http://o origin.www.usscc.gov/sites//default/files/R Research/Chiina-and-the-A Arctic_Apr2012.pdf 122 http://w www.mfa.is/fo oreign-policy//trade/free-tra ade-agreeme ent-between--iceland-and-china/ 123 Ólafur Ragnar Gríms sson 124 http://n news.xinhuanet.com/englissh/sci/2012-08 8/18/c_131793 3870.htm 125 http://w www.nytimes..com/2013/03 3/23/world/eu urope/iceland d-baffled-by-c chinese-plan-ffor-golf-resort.html 126 http://w www.openca anada.org/wp p-content/uploads/2011/05 5/China-and-the-Arctic-Fre ederic-Lasserre e.pdf 127 http://w www.usnwc.e edu/getattachment/31708e e41-a53c-45d d3-a5e4-ccb5 5ad550815/ 128 http://ffreebeacon.c com/china-cy yber-espionag ge-grows/ 129 http://is2.mofcom.gov.cn/article/ /chinanews/2 201106/201106 607579618.shtml 130 http://w www.theaustrralian.com.au u/national-affa airs/policy/sp ies-feared-ch hina-was-hackking-the-nbn//storye6frg8yo-122631179648 83# 131 http://w www.businesssinsider.com/h huawei-spies-ffor-china-sayss-michael-hay yden-2013-7 132 http://s sitevet.com/ 90 91
© 2013 W Wapack Labs C Corporation. All rights resserved. 34 | P a g e
ABOU UT WAPA ACK LAB BS Wapack k Labs fun nctions as the opera ational arm m of Red Sky Allian nce, suppo orting members of the Alliance through th hreat inforrmation so ource development and exploitation, deep p research and analy ysis, tool de evelopmen nt and fore ensics. Wap pack Labs’ en ngineers, re esearchers, and analy ysts design and delive er transform mational cy ybersecurity analysis to ools that fuse open so ource and proprietary y information, using d deep analysis technique es and vissualization. Informatio on derived d from these tools and techniqu ues serve as the fou undation of Wapack Labs’ info ormation re eporting to o the cyber-se ecurity team ms of its cusstomers and d industry p partners loc cated aroun nd the world.
Wapack Lab bs Corporation n | Manchestter, NH | (6033)606‐1246 | www.wapacklabs.com
Wapack Labs C Corporation. All rights resserved. 35 | P a g e © 2013 W