Part 28 (1/2)

Italy

Italy has expressed interest in setting up a Cyber Defense Command (CDC), and in May 2010 the Italian parliament's intelligence commission formally investigated taking such action.[159] Currently, the Italian cyber warfare and security operations are divided among the military, police, and government departments, without any real coordination or fusion. The end result is expected to set up two separate cyber divisions: one that handles foreign issues, and one that is more domestically focused. Like many other countries, the Italians are looking at the NATO cyber centers for a possible cheap alternative to setting up their own center.[160]

In August 2011 a group called the Anonymous Hackers for Anti Operation released over eight gigabytes of stolen files from the Italian National Anti-Crime Computer Center for Critical Infrastructure Protection (CNAIPIC). The files included correspondence indicating the CNAIPIC has been spying on Russian-owned government energy and defense industries primarily, but that Italy may have also gathered much of its Russian information from the Indian emba.s.sy's Air Attache to Russia.[161]

[159] Tom Kington, ”Italy Weighs Cyber-Defense Command,” Defense News, May 31, 2010, accessed August 30, 2011, /story.php?i=4649478&c=FEA&s=SPE.

[160] Ibid.

[161] Joseph Fitsanakis, ”Computer hacking reveals Italian spying on Russia, India,” IntelNews.org, entry posted August 1, 2011, accessed August 30, 2011, intelligencenews.wordpress.com/2011/08/01/01-776/.

Kenya

In June 2010 the Kenyan Internet Governance Forum (KGIF) proposed the formation of a national cyber security management framework. Citing the growing accessibility to Internet access and the attacks on critical national infrastructure in Estonia and Georgia, the proposed CERT would coordinate response to cyber security incidents at the national level.[162]

A year later the Kenyan government had set up a CERT as the first steps to a future cyber-combatting department.[163] The Kenyan CERT has partnered with cyber experts from the United States to help shape the newly founded departments.

[162] Vincent Ngundi, ”Cybercrime, Cybersecurity and Privacy,” East Africa Internet Governance Forum (EAIGF), July 29, 2010, accessed August 31, 2011, , July 26, 2011, accessed August 31, 2011, allafrica.com/stories/201107261874.html.

Myanmar

Myanmar has long used cyber warfare capabilities to silence domestic political opposition. In 2008 the military regime used denial of service attacks on several opposition websites. The Defense Services Intelligence (DDS) set up the Defense Services Computer Directorate (DSCD) in 1990, which was then focused primarily on military communications, but it soon became more focused on information warfare.[164] In 2004 the service was disbanded as a result of the former prime minister and intelligence chief being arrested during a military coup. The DDS was later reformed as the Military Affairs Security (MAS), which took on the majority of the cyber warfare functions. The MAS reportedly received major a.s.sistance from Singapore, but many of the cyber experts in MAS received training from Russia and China.[165]

The military cyber warfare division surfaced again in March 2011 when it was tracked to the hacking of an exiles media website that routinely criticizes the regime.[166] The media website was also taken down in 2008, presumably by the MAS.[167] In the first quarter of 2011 Myanmar was the world's leader in received cyber attacks, not necessarily indicating that the MAS was at fault, but rather that hackers around the world are taking advantage of Myanmar's weak Internet security laws.[168]

[164] Brian McCartan, ”Myanmar on the cyber-offensive,” Asia Times, October 1, 2008 accessed August 31, 2011, /atimes/Southeast_Asia/JJ01Ae01.html.

[165] Ibid.

[166] ”Exile Website Hacked,” Radio Free Asia, March 14, 2011, accessed August 31, 2011, puterweekly.com/Articles/2010/11/18/243979/NATO-gears-up-for-cyber-warfare-with-latest-exercise.htm.

[170] Ibid.

[171] ”NATO adopts new Strategic Concept,” North Atlantic Treaty Organization (NATO), November 19, 2010, accessed August 31, 2011, mercial interests and cooperating with international initiatives, as well as improving existing capabilities and creating collaborations with the private sector. The doctrine is short, and most of the proposed ideas are capable of being attained without major investment-if any at all.

One of the biggest takeaways is the establishment of two cyber agencies: the National Cyber Security Council and a National Cyber Security Center (NCSC). The NCSC will coordinate cyber security through all Dutch organizations and departments.[174] All involved parties will create a strategy, and the NCSC will execute those policies. The already-existing Cyber Security and Incident Response Team (GOVCERT)[175] will be incorporated into the NCSC. Absolutely no budget is allotted for this doctrine, which will challenge the effectiveness.

[174] Don Eijndhoven, ”Dutch National Cyber Security Strategy-Blessing or Curse?” Infosec Island, April 1, 2011, accessed August 31, 2011, /blogview/12746-Dutch-National-Cyber-Security-Strategy-Blessing-or-Curse.html.