Yeah, just in case Americans didn't already have a "come hack me bro" bullseye on their collective shirts, there's this.
America tops ITU's Global Cyber Security Index, UK in tie for second with Saudi Arabia
The United Nations International Telecommunication Union (ITU) published its 2020 Global Cyber Security Index on Tuesday, and listed the US first in overall ranking, followed by a tie for second place tie between the UK and Saudi Arabia. The index ranks nations using 82 questions developed by a panel of experts. ITU members …
-
-
Wednesday 30th June 2021 08:51 GMT Pascal Monett
I wondered about that myself
Is there some sort of anathema around the words Middle East ?
Is it because the news has been referring to conflicts in the Middle East for the past fourty years (if not more) ?
Like it or not, it's the Middle East. Isreal is not part of Europe. It's not even guaranteed that the movements of tectonic plates will ever make that happen.
-
Wednesday 30th June 2021 11:37 GMT Xalran
Tectonically
Tectonically Israel is in Africa... as is a good part of Italy.
Most of Turkey and a good chunk of what is called Middle East is on the Arabian Plate
Tectonic, when you look at boundaries can be a mess of broken chunks of some plate or another that moved away from their main plate ( another example : Corsica and Sardigna are pure European, but they did drift away because of that Italian chunk of Africa. )
-
-
-
Wednesday 30th June 2021 07:45 GMT Pete 2
All about policies
The questions that this survey is based on asks questions about whether countries have plans and organisations in place.
For example, the first question about Technical measures is "Is there a National/Government CIRT/CSIRT/CERT?" and follow-ups are in the form of "Are the above mentioned CIRTs (CSIRT or CERT) affiliated with FIRST?"
There is no requirement for any of these processes or bodies to actually be effective. Just that there is a office door with a title on it.
As thereport is nothing more that an administrative exercise full of YES/NO questions. It does not address any realistic issues about the actual security of internet users or the number of hacks that succeeded or tried.
You get the impression that if these people were surveying national health services, they would be asking questions like "Do you have hospitals?" rather than inquiring about the diseases that affect people or the ages that they die.
-
Wednesday 30th June 2021 09:17 GMT Anonymous Coward
Re: All about policies
I also get the impression that they've looked at how the US handles the issues and this is to check how like America's strategy the rest of the world is.
The proof of the pudding is usually in the eating so there should also be stats about the number of successful attacks/intrusions but I doubt most governments would be truthful about those....
-
-
Wednesday 30th June 2021 07:46 GMT amanfromMars 1
El Dorado.... King Solomon Mines Minings Sourcing Leads in COSMIC Travel/Magical AIMystery Tours
IT's a Novel and Noble Wild West out there, with Injuns and Cowboys Morphed into Code Junkies and SMARTR Cookies Presenting Future Tested ProVision for Current Supply of Live Realisations for Universal Hosting.
Please note that is not a question requiring an answer or futile denial.
-
-
Wednesday 30th June 2021 09:03 GMT Pascal Monett
They decided to give countries with the same score the same rank, so no, Estonia ranks 3rd because both the UK and Saudi Arabia rank 2nd.
Then you have Korea, Singapore and Spain that all rank 4th.
Once you understand the process, it becomes logical.
How would you rank the difference between the UK and Saudi Arabia given that they have the same score of 99.54 ?
-
Wednesday 30th June 2021 09:20 GMT Graham Cobb
Uhhh... you count the number of countries that have a higher score and add one. That is what the words "Estonia is 4th" mean: they mean there are 3 countries with a higher score. Whether some of those three have the same score or not is irrelevant - how could the ranking of Estonia change if the ITU discovered they had got the Saudi score wrong and added 0.01 to it?
Is this misunderstanding of ranking the reason the median appears to have increased?
-
Wednesday 30th June 2021 12:04 GMT Captain Hogwash
Re: "How would you rank the difference between the UK and Saudi Arabia given that they have the same score of 99.54 ?"
In the same way as it is customary to rank two sprinters, horses or match anglers who came in at exactly the same time or weight behind the winner. That is why Estonia is fourth.
-
-
Wednesday 30th June 2021 14:13 GMT amanfromMars 1
The Virus of Jealous Envy .... A Worm Granting Open Source Access to the Base Root of the Condition
You're not answering the question.
Is Saudi Arabia ahead of the UK or not and why ? ..... Pascal Monett
If the answer is on a par with the UK raises the question as to whether it is perceived as vital virile competition in feats to excel in, or troubled and troubling opposition to be vilified and belittled too constantly with a wilful persecution, which is a dastardly deed indeed, worthy of successful prosecution and extinction by Almighty IntelAIgent Virtual Defence Forces and Sources.
In such very novel and only just now really unfolding and expanding fields of cybersecurity, to imagine that anyone is leading the field rather than realise all are just following SMARTR tales imparted/imported and exported via ITs Fields, has everyone at similarly advanced levels of greater understanding and facility.
You'd have real trouble at believing what is created for y'all to Play Greater IntelAIgent Games in from those Rare Raw Spaces ..... Surreal Sp00Key Places.:-) ..... hence the need for Programs and Projects to present them daily for your very own eyes and ears/brains and intelligence to realise/see and hear. The Secret then when on that trail of a tale is to travel back along it to find the source beginning which has resulted in the destination you have arrived at with a whole host of other plans vying for presentations tomorrow.
-
-
-
-
-
Wednesday 30th June 2021 08:34 GMT Anonymous Coward
Given the enormous farce that was the Aramco hack; and comes out a high-scoring country; really, this index serves no purpose. It is little more than an acknowledgement that some areas are more dreadful than others.
I would hazard a guess the results reflect those that have been on the receiving end of cyber attacks; and a therefore minimal number of outfits have reactively responded to them at a low level.
In industry I still see every major consumer OS launched from 1990 onwards in widespread circulation. Default passwords being used on industrial computers, routers and managed switches; and god knows what else.
The malpractise won't end until something is hit people really give a hoot about. Clever "theoretical" attacks like the side channel stuff causing so much consternation are great for academics, but until basic hygiene is dealt with it's rather redundant when there are much easier things to hit.
-
Wednesday 30th June 2021 08:36 GMT _andrew
Sloppy report, worth the paper it's printed on.
Looked up the local country (AUS): the scatter-plot of the results is clearly buggy, so what else is wrong? We were pipped on "Technical Measures" by Mauritius, Khazakstan and Azerbaijan, so that's making a lot of sense, especially since we have essentially the same sorts of CERT bodies and reporting schemes as all of the other early-internet players. Scroll down a bit further and by the time you get to Serbia they've stopped bothering to score their dimensions out of 20, and are just making the numbers up. Reading a bit more deeply, it seems that the person in Australia who answered their questionnaire was someone at ASPI, a defense-industry funded think-tank who were among the loudest voices shouting down Huawai's role in 5G, not an actual government body or representative of any sort.
In short: don't bother. And treat anyone who makes reference to it in any forum with deep suspicion.
On the other hand, perhaps they're paying attention to our nationally-legislated ability to overrule mathematics and decrypt messages by official fiat.
-
-
Wednesday 30th June 2021 10:06 GMT Anonymous Coward
Funny isn't it that the piece in El Reg...and maybe the report itself......doesn't mention.........
........snooping on citizens! You know....the STASI in Cheltenham and Ford Meade, MD.
*
Fantastic "cyber capabilities" to read everyone's email and snoop on phone metadata!!
*
Fantastic backdoors embedded in Cisco Systems kit!!
*
Fantastic software from our "friends" at NSO, Israel.....dedicated to hacking so called "end-to-end encryption" on any iPhone on the planet!!
*
Yes......the PRIMARY enemy is REALLY private citizens who are living honest, law-abiding lives....................
*
..........and maybe the spooks -- once in a while -- get to worry about Russia, China, Iran.....and other "second tier" problems!!
*
Democracy and privacy and security......all undermined using our taxpayer dollars....and taxpayers are the ones attacked by their own governments. Go figure!!
-
Wednesday 30th June 2021 11:44 GMT Xalran
ITU... as in Internationnal Union of Telecommunications
Basically the Telecom kit vendor and Telecom operator union... so that long ago all the country operators had protocols to talk to each other.
They went for a broader range, but that's still at the heart a standardization body, not an expert group on cybersecurity.
( even if they did branch out in that domain along with a few other )
-
-
Wednesday 30th June 2021 16:38 GMT DS999
Re: So the U.S. ranked number 1
Hacking is asymmetric warfare. The defenders have to get it right 100% of the time, the attackers have to get it right only once.
There's also more incentive to attack richer countries, so while they are the "most secure" they are also more desirable and thus are targeted more often.
-
Biting the hand that feeds IT
