#cyberwarfare

The Plane Truth

A4016F47-12EE-4476-80F8-F87F46393099.jpeg

The plain (plane?) truth is that commercuial airlines face a growing risk of cyber attacks. It is a frightening prospect. Airline safety has never been better from an aeronautics perspective. Yet more pilots are switching to iPads to access airport information including runway approaches. No more need for heavy paper flight maps. Cockpits are digital. Air to ground links open up vulnerabilities which could allow nefarious actors to place an aircraft at the wrong height, even if the display tells otherwise.

Think of how politicians or high value targets could be assassinated this way. Hackers could dump the fuel, while sending normal consumption data to the pilots. The black box would record all the conflicting data. Who needs to take a bomb onboard? It could be made to look like an accident. The cockpit voice recorder could be switched off by remote leaving the investigators precious little to go on. The Israeli National Cyber Directive views this as a growing risk.

After a week of visiting Israel’s best cyber companies, many staffed with former members and leaders of the elite military cyber unit 8200, solutions will be found but the game is growing riskier by the day. The lack of adequate protection is evident. The live hacks (from low level amateurs to state sponsored) we were witness to show just how naked so many businesses and government agencies are. The access points to hack are also exposed by the fact less than 1% of people have security on the hand held devices they make so many decisions from.

What happens in 60 seconds on the internet?

E8AAA0E4-4F08-44C5-9A33-C25F26AE29CB.jpeg

Director General of Israel’s National Cyber Directorate Yigal Unna posted a snapshot of what we are doing around the world in 60 seconds on the internet. There is a certain sadness to know that more people are swiping on Tinder than posting to Facebook or tweeting. Is it because technology is allowing us to become more transactional? There are more people absorbed by YouTube than searching on Google.

In any event there is a clear understanding that with so many online in any given minute, hackers and nefarious actors are working hard to breach defences. The more worrying aspect is less than 1% of people have cyber protection installed on their smartphones where most spend time accessing the data. So as we allow ourselves an invisible shield of emotional vulnerability protection on social media many of us are fish in a barrel unknowingly awaiting to be shot.

We want your business!

0E7C723C-4B8D-4771-9006-6281E478753D.jpeg

Israeli Prime Minister Binyamin Netanyahu ran through the nation’s commitment to cyber noting the country has 200x the next country in per capita revenue in the area. They are 20% of global cyber revenue. Very scary outlook for the capabilities that cyber can do if in the wrong hands. In closing though the Prime Minister said four words:

We want your business!

It would be nice to see the Aussie PM shout as loudly for investment at home.

Oi vey Australia! Time to develop innovation

124A4390-E022-42AD-995E-50FB729ED80D.jpeg

While the Australian school system seems obsessed dealing with LGBT awareness, gender fluidity and social causes, a day in the most up to date Israeli cyber park in the Negev Desert shows just how seriously the small nation deals with the real world and preparing future generations for it.

It should come as no surprise that Israel lives under constant threat. The Jewish State is happy to leave LBGT 20yr celebrations to rainbow flags on the beachfront in Tel Aviv. When it comes to education it is all about working kids hard to be competitive, hungry and innovative. Primary school students learn computer coding and mathematics. They don’t hold cross dressing presentations or participate in Family Day as a replacement for Mothers Day to show inclusiveness for minorities. Survival matters.

Those same primary schoolers learn even more skills when they hit high school. The government monitors 13yo kids for their cyber acumen to screen the best possible assets for the future. By 16yo the weeding out process is all but done.

The notorious IDF cyber unit 8200 is relocating to this cyber centre in Negev where over a dozen buildings are being erected to gather the finest innovators in the world. It’s a $50bn investment. Even the Israeli Defence Force standard cyber units will relocate there. As Israelis have compulsory military service from 18 years of age, the best and brightest get automatically assigned to these cyber teams.

The universities are collaborating with corporates and government. They work on real solutions that matter rather than shoot for research on questions nobody is asking. Companies like Intel are setting up R&D centres in Israel because the talent is there.

Australia may have a Department if Innovation & Science which has a billion dollar budget. The Israeli tech infrastructure organizers in places like the Negev encourage start ups. They award grants thru competitive processes based purely on merit. Instead of cutting grant cheques to all for participating in the Aussie “everyone wins a prize” mentality, the idea is that only the “best” idea out of 500 wins. The rest are forced to make more compelling arguments and work to secure alternative funding. That weeds out waste. If Australia just divvies out with fairness in mind, resources are misallocated and it is more likely the capital allocators are clueless.

The system is impressive beyond words. Listening to a dozen presenttions ranging across medical, cyber and agricultural fields, one cannot be thoroughly in awe of an early-thirties doctor from the neighboring university who has racked up 20+ patents for his inventions.

Then there is the tale of a 17yo intern who was given an asssignment to hack the vulnerability of a mobile phone manufacturer whose PR department lied through its back teeth to cover up a flaw in the system they boasted was secure. They cited the original hack wasn’t done over a secure VPN. In 3 days the 17yo kid hacked that too. Take about a face plant.

The same group told a large American corporate that it’s video streaming had a bug. Instead of admitting the lapse, the tech giant hunkered down and dug in its heels. They put a bandaid on it and were hacked again. They have managed to make a computer that is next to another but not connected in anyway, even via WiFi to make functions purely based on heat.

The answer is simple though. There are many cultural reasons why this type of education system works in Israel. While Australia has no hope of holding a candle to the Israelis there are huge lessons to be learnt about fostering a culture of individual excellence rather than move down the slippery slope that fails to prepare our kids for the future. It maybe too late.

Thoughts for the day – Group think, crypto and taxi drivers

6FE1E60D-D240-464D-AB5A-E4305B63F7E6

It is important to challenge convention. I have had countless questions from people on bitcoin and crypto lately. Sort of reminded me of the above. Perhaps the golden rule of investing doesn’t lie in complex models and sci-fi scenario analysis but the simple question of whenever an overwhelming majority think something is great, it is time to take the opposing view and vice versa. I haven’t been in a taxi yet to confirm Bitcoin is overdone. As I put it – gold needs to be dug out of the ground with effort. The thing that spooks me about crypto (without trying to sound conspiracy theorist) is that state actors (most top end computer science grads in China end up working in the country’s cyber warfare teams), hackers or criminal minds (did you know 70% of top end computer science grads in Russia end up working for the mob (directly or indirectly) the value of coins in the system could be instantaneously wiped out at the stroke of a key. We’ve had small hiccups ($280m) only last week. So as much as the ‘security’ of these crypto currencies is often sold as bulletproof, none of them are ‘cyberproof’.

Think of why your Norton, Kaspersky or Trend Micro anti-virus software requires constant upgrading to prevent new threats trying to exploit new vulnerabilities in systems. We need only go back to the Stuxnet virus of 2010 which was installed inside computers controlling uranium centrifuges in Iran. The operators had no idea. The software told the brain of the centrifuges to spin at multiples faster than design spec could handle all the while the computer interface of the operators showed everything normal. After a while the machines melted down causing the complete destruction of the centrifuges which were controlled from a remote location.

So much in life is simple. Yet we have lawyers writing confusing sentences that carry on for pages and pages, politicians complicating simple tasks, oil companies trying to convince us their additives are superior to others and so on. The reality is we just have to ask ourselves that one question from Mark Twain,

It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.

The concern is the risk of Kim Jong Un missing the target

IMG_0485
At 6am this morning North Korea conducted a missile test which flew between Hokkaido and Japan’s main island Honshu. The real question is not so much the capability of his missiles but their short comings. The reality is a reasonable failure rate (c.33% in the past 3 years alone) has a high level of risk attached to it, especially when sending them over Japanese land. While most failures have been at the launch pad stage, the risk is that should the tracking and guidance systems fail mid flight over Japan even without warheads, considerable damage could be inflicted. Japan said it would shoot down such test missiles when Trump was threatening to intervene several months back but clearly swerved first in this game of chicken.

While Kim Jong Un’s technology is undoubtedly improving, the risk is that eventually it will reach a stage where he can be a belligerent imp with real capability. Up til now his armaments have been relatively crude. The sanctions put on the $12bn economy, mostly China, are biting. These missile tests would undoubtedly be costing Kim a relative bomb (no pun intended) to conduct. Still allowing his people to suffer isn’t a priority. The saber rattling is no different to his father and grandfather before him. Fire a few missiles, threaten others and get a cash injection to shut up and then go away.

Unfortunately this game of geopolitical chess gets worse as his capability gets better. He has nothing to lose whereas his neighbours stand to suffer relatively catastrophic downside. Tokyo is 125x larger in GDP terms than NK. Seoul 68x.

Does he intend to point one at Tokyo, Seoul, Guam or even Washington DC when he has the capability? This argument that a pre-emotive strike on North Korea won’t happen is getting weaker. China knows its strategic value as a buffer to the US. Bribing Pyongyang by buying its ginseng and coal is a cheap form of diplomacy. Beijing’s stance last month was telling. If the US preemptively strikes China will defend Kim. If Kim does anything stupid then he’s on his own.

Still if you know your enemy will eventually get to the stage it can physically harm you and threatens to do so it makes perfect sense militarily to eliminate the threat before it eventuates. After the capability is reached  the risks are factorfold higher. So for every argument that says conflict won’t happen (odds favor it not) the smarter bets will begin to ponder the growing chance something does.

Korean 5yr CDS have jumped 4bps to 62 today, still below the 70 during last month and well below Kim Jong Un’s first missile test at 120bps. GFC was around 700bps. So markets aren’t panicked just yet but gold back over $1300/oz is pricing it gets worse.

Don’t rule out a modern day Gulf of Tonkin incident. With each of these tests, electronic interference (cyber attack) could be a factor. To justify a retaliatory attack, guiding these missiles to hit a remote paddyfield in Aomori or inside Japan’s territorial waters is possible. China must be concerned about this. Electronic warfare is getting seriously capable. Remember when the Iranian centrifuges mysteriously blew up due to the Stuxnet virus? The virus told the centrifuge computers to spin the motors well above design tolerance such that they exploded.

Conspiracy theory maybe but geopolitics is a dirty game with huge long term implications and the rules are that there are none. Kim’s preemptive strike might not start with his finger on the button.

The petulant President land mines the White House

img_9154

True colours are coming out everywhere. Perhaps we could cynically say that this is the most work Obama has done on foreign relations in 8 years. His petulance couldn’t be more obvious. Such is the mark of his total lack of disrespect for his successor he is literally planting land mines around the White House to obstruct him in anyway he can. It certainly isn’t the mark of a great leader that so many fawn over him for. It is clear Obama never read Aesop’s fables. If he had perhaps he might reflect on the NSA’s hacking of Angela Merkel’s mobile phone calls in 2013. Somehow to me eavesdropping on an ally is more egregious than seeking intel from a historical foe.

The Russian response (above) to Obama shows once again their lack of respect for him much the same as China. The allegations of election hacking are absurd. I’ve made the point many times before but the intelligence agencies of all major powers hack each other on an industrial scale. The CIA, NSA and so on are cyber-droning for competitive intelligence. The Russians, Chinese, Brits, Germans, Italians, Israelis, Australians (busted for spying on ally Indonesia), Iranians, Saudis and so on.Where does he think intelligence comes from? Do the CIA call up and ask the enemy? No it steals it. That is why in wartime, armies use encryption to make sure it isn’t hacked.

Despite recounts, riots, protests, hopelessly biased mainstream media and many other forms of excuses to undermine the legitimacy of the incoming President the outgoing President is doing his utmost to ensure a smooth transition is impossible. At the very least with less than a month to go he might have consulted Trump on his intentions on Russia and Israel.

Abstaining from voting on the UN resolution was gutless. Not voting at all was a weak act. If Obama truly wanted to give his disapproval he could have voted against Israel with a direct act of disapproval. Instead he did what he has one for 8 years on foreign policy – nothing.

The irony of all of this is simple. If Trump manages to fill the potholes and clear the garden of land mines laid by Obama in short order once again it will highlight just how empty those 8 years have been. Nothing but hollow posturing and moral preening. Outside of that his legacy will be neutered and that is the true hallmark of a lame duck.