260 entries categorized "Cyberlaw / Cyber Security"

November 15, 2012

US defence firm Lockheed Martin warns on cyber-attacks

11/15/12:  The BBC reports US defence firm Lockheed Martin says it has seen the number and sophistication of international cyber-attacks increase dramatically in recent months. According to the firm, 20% of threats directed at it are now considered "advanced and persistent". The news come as US officials step up their warnings about cyber-attacks on US institutions. Lockheed Martin declined to say where any of the attacks had originated. China and Iran have been linked to a series of attacks against western targets in recent months.

November 15, 2012 at 09:11 AM in Intelligence, International Law / Law of War / Human Rights, Cyberlaw / Cyber Security, Developing Technologies |

November 01, 2012

Kremlin's new internet surveillance plan goes live today

11/01/12:  Wired's Danger Room reports on the surface, it’s all about protecting Russian kids from internet pedophiles. In reality, the Kremlin’s new “Single Register” of banned websites, which goes into effect today, will wind up blocking all kinds of online political speech. And, thanks to the spread of new internet-monitoring technologies, the Register could well become a tool for spying on millions of Russians.  Signed into law on July 28, the internet-filtering measure contains a single, innocuous-sounding paragraph that allows those compiling the Register to draw on court decisions relating to the banning of websites. The problem is, the courts have ruled to block more than child pornographers’ sites. The judges have also agreed to online bans on political extremists and opponents of the Putin regime.

November 01, 2012 at 09:58 AM in Surveillance / Privacy, Cyberlaw / Cyber Security, Russia |

October 30, 2012

Showdown set on bid to give UN control of Internet

10/30/12:  PhysOrg reports It is expected to be the mother of all cyber diplomatic battles. When delegates gather in Dubai in December for an obscure UN agency meeting, fighting is expected to be intense over proposals to rewrite global telecom rules to effectively give the United Nations control over the Internet. Russia, China and other countries back a move to place the Internet under the authority of the International Telecommunications Union, a UN agency that sets technical standards for global phone calls. US officials say placing the Internet under UN control would undermine the freewheeling nature of cyberspace, which promotes open commerce and free expression, and could give a green light for some countries to crack down on dissidents.

October 30, 2012 at 11:36 AM in Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Cyberlaw / Cyber Security |

October 25, 2012

As transition nears, China names new military leaders

10/25/12:  The New York Times reports China announced the promotions of five generals this week, shaping the top leadership of the rapidly modernizing military as it becomes a more dominant player in Asia and challenges American dominance in the region.  Even as the Chinese economy slows, the military is likely to remain well financed, analysts say. The new leaders are expected to push ahead with developing naval and air power that can rival the United States and with cyberwarfare capabilities, which the Chinese see as a new and effective way to project power.

October 25, 2012 at 10:40 AM in China, Cyberlaw / Cyber Security |

October 21, 2012

Russian opposition shadow election disrupted by cyberattack

10/21/12: Reuters reports an online election to choose a “shadow parliament” opposed to Russian President Vladimir Putin was disrupted on Saturday by a cyberattack.  “Today we already know that there are some problems with the server, there are some attacks,” Sergei Udaltsov, a prominent protest leader, said at rally on Saturday.  Opponents of Putin say elections in Russia are rigged in favor of his ruling party and are instead holding their own online vote which they hope will reinvigorate the flagging opposition movement.  Information on their website, www.cvk2012.org, told visitors there could be problems casting their votes and to try again later.  Organizers and activists did not suggest who was behind the attacks.  The Kremlin has said it will ignore the results of the separate poll.

October 21, 2012 at 10:38 AM in Politics, Europe / Eurasia, Cyberlaw / Cyber Security |

October 20, 2012

Weekly Tech Updates 10/20/12

10/20/12:  Here are this week's technology updates related to National Security:

October 20, 2012 at 10:47 AM in Intelligence, Surveillance / Privacy, Cyberlaw / Cyber Security, Developing Technologies, Week in Review |

October 19, 2012

Banks pushed to clear fog of cyberwar

10/19/12:  The Wall Street Journal reports a wave of cyberattacks over the past month is exposing a new kink in the armor of banks already laboring under the weight of a weak economy, low interest rates and tough new rules. Banks have long resisted admitting any online vulnerability. But as hackers get more sophisticated, lenders face growing pressure to share information with each other and with national intelligence agencies, and to communicate better with customers, security experts said.

October 19, 2012 at 01:21 PM in Executive Branch, Cyberlaw / Cyber Security, Iran |

October 18, 2012

Iran renews internet attacks on US banks

10/18/12:  The Wall Street Journal reports Iranian hackers renewed a campaign of cyberattacks against US banks this week, and openly defying US warnings to halt, U.S. officials and others involved in the investigation into the attacks said. The attacks, which disrupted the banks' websites, showed the ability of the Iranian group to sustain its cyberassault on the nation's largest banks for a fifth week, even as it announced its plans to attack in advance. US officials said the attacks were sponsored by the Iranian government and approved at high levels as part of a low-grade cyberwar that officials warned could lead to retaliation. Unclear is at what point attacks would call for a forceful response from the US.

October 18, 2012 at 10:52 AM in International Law / Law of War / Human Rights, Cyberlaw / Cyber Security, Iran |

October 16, 2012

UK blocks hacker McKinnon's extradition to US

10/16/12:  CNN reports the UK government Tuesday blocked the extradition of computer hacker Gary McKinnon to the United States to face trial for what the U.S. government says is the biggest military computer hacking of all time. Home Secretary May said McKinnon's Asperger syndrome and depressive illness meant "there is such a high risk of him ending his own life that a decision to extradite would be incompatible with his human rights." Gary McKinnon has admitted to breaking into computers at NASA and the Pentagon but says he did so to find out if the U.S. government was covering up the existence of UFOs. The 46-year-old has fought a decade-long battle against extradition.

October 16, 2012 at 09:07 AM in Judiciary / Cases, Law Enforcement / Criminal Law, Europe / Eurasia, Cyberlaw / Cyber Security, Extradition / Fugitives |

China cracks down on web criminals

10/16/12:  The BBC reports Chinese police have broken up more than 700 gangs who were using the web for criminal ends. In a series of raids, police arrested 8,900 suspects involved in everything from net fraud to online pornography. The raids are the latest in a series that China has mounted against "harmful and illegal" elements online. Earlier operations have tackled internet cafes but the latest round has been aimed specifically at thieves and conmen. Police say hackers who stole online identities, cyber-thieves who targeted banks as well as virus writers were all grabbed during the raids.

 

October 16, 2012 at 09:00 AM in Law Enforcement / Criminal Law, China, Cyberlaw / Cyber Security |

October 14, 2012

Iran denies role in gulf cyberattacks

10/14/12: The Miami Herald reports Iran has denied any role in recent cyberattacks against oil and gas companies in the Persian Gulf and said it welcomes a probe of the case.  Mahdi Akhavan Bahabadi, secretary of the National Center of Cyberspace, dismissed American allegations of an Iranian link to the Shamoon virus that hit Saudi state oil company Aramco and Qatari natural gas producer RasGas in remarks carried by Iran’s semiofficial news agency.  The virus can spread through networked computers and ultimately wipes out files by overwriting them.  US Defense Secretary Leon Panetta said it rendered more than 30,000 computers useless, calling them probably the most destructive cyberattacks the private sector has seen to date.  Last week reports indicated American authorities believe Iranian hackers, likely supported by the government, were responsible for the attacks.

October 14, 2012 at 11:28 AM in Diplomacy / Foreign Assistance, Middle East / Northern Africa, Cyberlaw / Cyber Security, Iran |

October 13, 2012

Task force tells DHS to offer cybersecurity jobs to gov't workers, test them like pilots

10/13/12:  Wired's Threatlevel reports in order to attract the highly skilled and qualified cybersecurity workers the Department of Homeland Security needs to fulfill its mission of protecting government computer systems and overseeing the security of critical infrastructure systems, DHS has to reserve its coolest cybersecurity jobs for federal workers, not contractors, according to a task-force report submitted to DHS this month. This means, in part, hiring at least 600 new cybersecurity professionals, including ones who have proven, hands-on experience to take on critical tasks, the task force recommended in its 41-page report.

October 13, 2012 at 09:53 AM in Executive Branch, Commentary / Opinion, Cyberlaw / Cyber Security |

Galileo: Europe's version of GPS reaches key phase

10/13/12:  The BBC reports the third and fourth spacecraft in Europe's satellite navigation system have gone into orbit. The pair were launched on a Russian Soyuz rocket from French Guiana. It is an important milestone for the multi-billion-euro project to create a European version of the US Global Positioning System (GPS). With four satellites now in orbit - the first and second spacecraft were launched in 2011 - it becomes possible to test Galileo end-to-end. That is because a minimum of four satellites are required in the sky for a smartphone or vehicle to use their signals to calculate a positional fix.
 

October 13, 2012 at 09:47 AM in Military, Europe / Eurasia, Cyberlaw / Cyber Security |

October 12, 2012

Commentary: Private Security: How companies meddle in Cyberwar

10/12/12: Foreign Policy published an article by Tim Maurer which argues it's clear that governments across the world are bolstering their cyberwarfare capabilities. But there is a counterforce to the global cyber arms race: an entire industry built on identifying and neutralizing malware. In fact, two races are taking place simultaneously -- an arms and a disarmament race. This disarmament race is driven by the Symantecs, McAfees, and Kasperskys of the world.

October 12, 2012 at 10:22 AM in Military, Commentary / Opinion, Cyberlaw / Cyber Security, Military Contractors |

Panetta warns of dire threat of Cyberattack

10/12/12:  The New York Times reports Defense Secretary Panetta warned that the US was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government. He was responding to a recent wave of cyberattacks on large American financial institutions. He also cited an attack in August on the state oil company Saudi Aramco, which infected and made useless more than 30,000 computers. The Defense Department is finalizing “rules of engagement” that would put the Pentagon’s cyberweapons into play only in case of an attack on American targets that rose to some still unspecified but significant levels. Short of that, the Pentagon shares intelligence and offers technical assistance to the F.B.I. and other agencies.

October 12, 2012 at 10:04 AM in Executive Branch, Military, Cyberlaw / Cyber Security |

October 09, 2012

US panel calls Huawei and ZTE ‘national security threat’

10/09/12: The New York Times reports in the latest development to highlight the sensitive terrain that the United States and China are navigating on economic issues, a House committee issued a blistering bipartisan report on Monday that accused two of China’s largest telecommunications companies of being arms of the government that had stolen intellectual property from American companies and could potentially spy on Americans. The House Intelligence Committee said that after a yearlong investigation it had come to the conclusion that the Chinese businesses, Huawei Technologies and ZTE Inc., were a national security threat because of their attempts to extract sensitive information from American companies and their loyalties to the Chinese government.

October 09, 2012 at 10:33 AM in Congress, Intelligence, China, Cyberlaw / Cyber Security |

October 04, 2012

EU and banks stage DDoS cyber-attack exercise

10/04/12:  The BBC reports the European Union is hosting what it describes as its biggest cybersecurity exercise. Governments, businesses and ISPs (internet service providers) are being faced with 1,200 separate incidents during a simulated DDoS (distributed denial of service) attack. A similar event was staged in 2010, but this is the first time that the bloc's banks have been involved. The results will be used to find ways to improve co-operation.

October 04, 2012 at 10:17 AM in Military, Europe / Eurasia, Cyberlaw / Cyber Security |

October 02, 2012

Growing concern over Huawei's hiring strategy

10/02/12:  NextGov reports telecom giant Huawei, accused by lawmakers of cyberespionage, has hired a number of well-connected former U.S. officials.  The concern with Huawei’s hiring strategy is that the multinational tech company, founded by a former People’s Liberation Army member, may be acting on behalf of the Chinese military. House members are investigating the company for allegedly inserting backdoors into products that can remotely siphon data or incapacitate computers.  No policies prohibit federal employees from working for Chinese companies following their federal service.

October 02, 2012 at 12:55 PM in Congress, China, Cyberlaw / Cyber Security |

Hackers shifting to 'destruction': US cyber chief says

10/02/12: PhysOrg reports, citing the AFP, that General Keith Alexander, who is director of the National Security Agency and commander of the US Cyber Command, told a Washington forum that the new tactics could move beyond mere annoyances and begin causing severe economic damage. "We are seeing the threat grow from exploitation to disruption to destruction," he told the group at the Woodrow Wilson Center. He argued that these attacks could impact organizations ranging from stock markets to power grid operators—"all of that is in the realm of the possible."

October 02, 2012 at 11:21 AM in Executive Branch, Military, Cyberlaw / Cyber Security |

September 29, 2012

Weekly Tech Updates

09/29/12:  Here are some of the latest technology updates from this week related to national security.

September 29, 2012 at 11:24 AM in Chemical Weapons / Bioterrorism, Cyberlaw / Cyber Security, Developing Technologies, Emergency Preparedness, Week in Review |

September 27, 2012

Safeguarding against cyber attacks

09/27/12:  CNN Security Blog reports the Cybersecurity adviser to the White House, Michael Daniel, gave a candid assessment today of the cyber risks the U.S. faces. This comes as there are rumblings that the President is getting ready to issue an executive order on cybersecurity in light of Congress failing to pass legislation on this issue. (includes video)

September 27, 2012 at 12:24 PM in Executive Branch, Cyberlaw / Cyber Security |

Cyberwarfare emerges from shadows for public discussion by US officials

09/27/12:  The New York Times reports for years, even as the United States carried out sophisticated cyberattacks on Iran’s nuclear program and the Pentagon created a Cyber Command, officials have been hesitant to discuss American offensive cyberwarfare programs openly.  But the reticence is giving way. The chorus of official voices speaking publicly about American cyberattack strategy and capabilities is steadily growing, and some experts say greater openness will allow the United States to stake out legal and ethical rules in the uncharted territory of computer combat. Next month the Pentagon’s research arm will host contractors who want to propose “revolutionary technologies for understanding, planning and managing cyberwarfare.” It is an ambitious program that the Defense Advanced Research Projects Agency, or Darpa, calls Plan X, and the public description talks about “understanding the cyber battlespace,” quantifying “battle damage” and working in Darpa’s “cyberwar laboratory.”

September 27, 2012 at 12:12 PM in Intelligence, International Law / Law of War / Human Rights, Surveillance / Privacy, Cyberlaw / Cyber Security |

September 25, 2012

Iran sees cyber attacks as greater threat than actual war

09/25/12:  Reuters reports Iran is prepared to defend itself in case of a "cyber war" which could cause more harm than a physical confrontation, a commander in the country's Revolutionary Guards said on Tuesday. The Islamic Republic has tightened cyber security since its uranium enrichment centrifuges were hit in 2010 by the Stuxnet computer worm, which it believes came from Israel or the United States. "We have armed ourselves with new tools, because a cyber war is more dangerous than a physical war," said Abdollah Araqi, deputy commander of ground forces in the Islamic Revolutionary Guard Corps (IRGC), according to the Iranian Students' News Agency (ISNA).

September 25, 2012 at 11:13 AM in Military, Cyberlaw / Cyber Security, Iran, Nuclear Weapons |

September 22, 2012

Weekly Tech Updates

09/22/12:  Welcome to the first weekly tech updates post.  This will list some of the weeks updates in technology news that may have some impact on national security.

September 22, 2012 at 03:03 PM in Cyberlaw / Cyber Security, Developing Technologies, Emergency Preparedness, Week in Review |

Iran blamed for cyberattacks on US banks and companies

09/22/12:  The Washington Post reports Iran recently has mounted a series of disruptive computer attacks against major U.S. banks and other companies in apparent retaliation for Western economic sanctions aimed at halting its nuclear program, according to U.S. intelligence and other officials. In particular, assaults this week on the Web sites of JPMorgan Chase and Bank of America probably were carried out by Iran, Sen. Joseph I. Lieberman (I-Conn.), chairman of the Homeland Security and Governmental Affairs Committee, said Friday.

September 22, 2012 at 01:57 PM in Cyberlaw / Cyber Security, Iran |

Facebook’s $9.5 million ‘beacon’ settlement approved

09/22/12: Wired reports a divided federal appeals court is approving a $9.5 million settlement to a class-action lawsuit challenging Facebook’s program that monitored and published what users of the social networking site were buying or renting from Blockbuster, Overstock and other locations. The case concerned allegations Facebook’s now-defunct “Beacon” program breached federal wiretap and video-rental privacy laws. Terms of the settlement, in which Facebook denied any wrongdoing, require the site to finance what the deal calls a “Digital Trust Fund” that would issue more than $6 million in so-called cy pres grants to organizations to study online privacy.

September 22, 2012 at 01:48 PM in Judiciary / Cases, Surveillance / Privacy, Cyberlaw / Cyber Security |

September 20, 2012

Iran preparing internal version of Internet

09/20/12:  The Washington Post reports the Iranian government, determined to limit Western influence and defend itself against cyberattacks, appears to have laid the technical foundations for a national online network that would be detached from the Internet and permit tighter control over the flow of information. The concept of a self-contained network has been reverberating within Iran for almost a decade and has often been treated with skepticism, given the significant investment in infrastructure and security that would be required. But Iranian officials and outside experts say that development of the network has accelerated following cyberattacks aimed at the country’s nuclear program.

September 20, 2012 at 11:36 AM in Cyberlaw / Cyber Security, Iran |

Harold Koh on International Law in Cyberspace

09/20/12: Opinio Juris posted the text of speech given Tuesday from Harold Koh, the Legal Adviser of the U.S. State Department, at the U.S. Cyber Command Inter-Agency Legal Conference on the applicability of international law to cyberspace and, particularly, cyberwar/ cyberconflict.  The speech lays out the answers to many common questions.

September 20, 2012 at 11:21 AM in Executive Branch, Intelligence, Cyberlaw / Cyber Security |

September 18, 2012

New malware linked to Flame developers

09/18/12: PhysOrg reports that the Flame virus is linked to at least three other malware programs citing a report by Kaspersky Labs. The report suggests that the effort to develop Flame, widely reported to be part of a US-Israeli effort to slow Iran's suspected nuclear weapons development, has been going on longer than initially believed and has more components, including some not yet fully understood. Kaspersky said the latest analysis shows that "at least three other Flame-related malicious programs were created" but added that "their nature is currently unknown."

 

September 18, 2012 at 12:25 PM in Intelligence, Cyberlaw / Cyber Security |

August 17, 2012

New Zealand high court denies US request to limit evidence disclosure in copyright extradition request

08/17/12: JURIST reports the Supreme Court of New Zealand declined Wednesday to overturn a lower court decision holding that US authorities must turn over a large amount of evidence in order to secure the extradition of Megaupload.com founder Kim Dotcom, who is accused of orchestrating the largest copyright infringement in the country’s history.  Justice Helen Winkelmann rejected Washington’s appeal to limit the amount of information requested, which includes all records connected to covert operations undertaken by agents involved in the investigation.  Dotcom, 38, was indicted in the US on charges of generating more than $175 million in criminal proceeds from the exchange of pirated film, music, book, and software files.  The US is currently seeking his extradition for a trial in Virginia; he faces a possible twenty-year prison sentence on each charge.

August 17, 2012 at 12:47 PM in Judiciary / Cases, Law Enforcement / Criminal Law, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Cyberlaw / Cyber Security |

August 11, 2012

Congressman confronts law enforcement, DOJ over growing cell phone requests

08/11/12: The Hill reports that Representative Ed Markey (D-Mass.) on Thursday released a discussion draft of legislation that would limit such digital searches and seizures after investigations revealed a startling number of law enforcement requests for private cell phone data in recent years.  As co-chairman of the Congressional Bipartisan Privacy Caucus, Markey’s inquiry with nine major wireless carriers revealed that law enforcement officials at all levels of government made 1.3 million requests for user data from the companies in 2011.  The responses also showed that the number of requests by law enforcement is increasing each year, in some cases by as much as 16 percent.  Markey’s proposed Wireless Surveillance Act of 2012 would require law enforcement to provide regular disclosure of information on the requests and to obtain search warrants prior to conducting geolocation tracking.

August 11, 2012 at 02:22 PM in Congress, Executive Branch, Law Enforcement / Criminal Law, Politics, Constitutional Law, Surveillance / Privacy, Cyberlaw / Cyber Security |

August 05, 2012

Obama weighs executive action after defeat of cybersecurity bill

08/05/12: The Hill reports the White House hasn’t ruled out issuing an executive order to strengthen the nation’s defenses against cyberattacks if Congress refuses to act.  Although Senate Republicans killed possible legislation this week, White House Press Secretary Jay Carney refused to rule out executive action.  “In the wake of Congressional inaction and Republican stall tactics, unfortunately, we will continue to be hamstrung by outdated and inadequate statutory authorities that the legislation would have fixed,” Carney said in response to whether the President is considering a cybersecurity order.  “Moving forward, the President is determined to do absolutely everything we can to better protect our nation against today’s cyber threats and we will do that,” Carney said.

August 05, 2012 at 11:35 AM in Congress, Executive Branch, Law Enforcement / Criminal Law, Politics, Cyberlaw / Cyber Security |

August 03, 2012

Republican filibuster blocks cybersecurity legislation

08/03/12: The New York Times reports a cybersecurity bill that had been one of the Obama Administration’s top national security priorities was blocked by a Republican filibuster in the Senate on Thursday, severely limiting its prospects for this year.  The Senate voted 52-46 to cut off debate, falling short of the sixty votes needed to force a final vote on the measure, which had bipartisan support but ran into a fight over what amendments to the legislation could be proposed.  The White House released a statement calling the outcome “a profound disappointment.”  The bill’s most vocal opponents were a group of Republican senators led by John McCain (R-Ariz.) who took the side of the US Chamber of Commerce and steadfastly opposed the legislation, arguing that it would be too burdensome for corporations.

August 03, 2012 at 08:48 AM in Congress, Law Enforcement / Criminal Law, Politics, Cyberlaw / Cyber Security |

August 02, 2012

Senate may go on recess without passing cybersecurity legislation

08/02/12: The Washington Times reports the Senate could leave town this week for a month-long break without passing legislation to protect the US electrical grid, water supplies, and other critical industries from cyberattack and electronic espionage.  Congressional sponsors of cybersecurity legislation scrambled Wednesday to overcome Republican resistance to the measure, but they appeared short of the votes needed for passage despite dire warnings from top national security officials about the potential for devastating assaults on the computer networks that control the country’s essential infrastructure.  President Obama urged lawmakers to pass the legislation as soon as possible.  The President “strongly, strongly believes that this nation’s well-being is at risk from cyberattacks and intrusions,” said White House counterterrorism adviser John Brennan.  “We find it hard to believe there is any reason or basis to oppose this legislation.”

August 02, 2012 at 10:17 AM in Congress, Homeland Security / Immigration, Politics, Cyberlaw / Cyber Security |

July 28, 2012

NSA chief and cybersecurity czar says cyberattacks up in recent years

07/28/12: The New York Times reports the top American military official responsible for defending the United States against cyberattacks said Thursday that there had been a seventeen-fold increase in computer attacks on American infrastructure between 2009 and 2011, initiated by criminal gangs, hackers, and other nations.  The assessment by General Keith B. Alexander, who heads the National Security Agency and also the newly created United States Cyber Command, appears to be the government’s first official acknowledgment of the pace at which America’s electricity grids, water supplies, computer and cell phone networks, and other infrastructure are coming under attack.  Those attacks are considered potentially far more serious than computer espionage or financial crimes.

July 28, 2012 at 07:57 AM in Executive Branch, Law Enforcement / Criminal Law, Homeland Security / Immigration, Cyberlaw / Cyber Security |

July 27, 2012

Senate to take up cybersecurity legislation

07/27/12: The Washington Times reports the Senate on Thursday agreed to debate a long-delayed bill to secure the nation’s power grid, water supply, and telecommunications system from cyberattack by hackers or foreign enemies.  The Cybersecurity Act of 2012 has supporters from both parties, but it is unclear whether it will garner enough votes to pass in the face of opposition from Republican and business leaders who oppose provisions that would give the Department of Homeland Security authority to set standards for computer security at thousands of private facilities such as power stations and oil refineries.  Several Democrats said they would offer amendments strengthening privacy protections in the bill.  The bill’s backers, led by Senators Joe Lieberman (I-Conn.) and Susan Collins (R-Me.), said they already made major concessions to critics in the latest draft.

July 27, 2012 at 09:38 AM in Congress, Executive Branch, Homeland Security / Immigration, Politics, Surveillance / Privacy, Cyberlaw / Cyber Security |

July 25, 2012

Report: Iranian nuclear facilities "Thunderstruck" by AC/DC-related cyberattack

07/25/12: The San Francisco Chronicle reports Iran’s nuclear facilities have suffered a cyber attack that shut down computers and played music from the rock band AC/DC.  The F-Secure Security Labs website said a new worm targeted Iran’s nuclear program, closing down the “automation network” at the Natanz and Fordo facilities, citing an e-mail sent by a scientist inside Iran’s Atomic Energy Organization.  The virus also prompted several of the computers on site to play AC/DC’s song “Thunderstruck” at full volume in the middle of the night.  F-Secure Security Labs said that while it was unable to verify the details of the attack described, it had confirmed that the scientist who reported them was sending and receiving the e-mails from within Iran’s Atomic Energy Organization.

July 25, 2012 at 02:30 PM in Intelligence, Diplomacy / Foreign Assistance, Middle East / Northern Africa, Cyberlaw / Cyber Security, Iran |

July 20, 2012

Senators introduce revised cybersecurity bill

07/20/12: The Hill reports Senate Homeland Security Committee leaders Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Me.) introduced a revised version of their cybersecurity bill on Thursday.  The latest version of the legislation includes elements of a voluntary program outlined in a compromise framework drafted by a bipartisan group of senators led by Senators Sheldon Whitehouse (D-R.I.) and Jon Kyl (R-Ariz.).  The revised bill proposes to establish a multi-agency council, called the National Cybersecurity Council, that would assess the risks and vulnerabilities found in computer systems of critical infrastructure.  The council would be chaired by the Homeland Security Secretary and include members from the Pentagon and Commerce and Justice Departments as well as the intelligence community and federal regulatory agencies that oversee critical infrastructure for specific sectors.

July 20, 2012 at 08:52 AM in Congress, Law Enforcement / Criminal Law, Politics, Cyberlaw / Cyber Security |

Senator questions Facebook official over facial recognition tool, raises privacy concerns

07/20/12: The Hill reports Senator Al Franken (D-Minn.) pressed a Facebook official on Wednesday to provide stronger privacy protections for the company’s tool that identifies users’ faces.  He argued that Facebook should require that users opt in to the feature, rather than just allowing them to opt out of it.  He also expressed concern that Facebook does a poor job of explaining how the feature works.  “I’m worried about how Facebook handles the choices it does give users about this technology,” Franken said at a hearing of the Senate Judiciary Committee’s subcommittee on Privacy, Technology and the Law, which he chairs.  Facebook began using a tool last year that identifies a user’s friends in pictures based on their facial features and suggests that the user should tag them.

July 20, 2012 at 08:38 AM in Congress, Politics, Surveillance / Privacy, Cyberlaw / Cyber Security |

July 17, 2012

Hearing begins on renewed dismissal motion in Manning Wikileaks case

07/17/12: The Miami Herald reports the Army private charged in the biggest leak of classified information in US history is renewing a request to have two of the twenty-two charges against his client dropped.  The attorney for Private-First Class Bradley Manning made his argument before a military judge Monday, the first day of a planned five-day hearing at Maryland’s Fort Meade.  Lawyers for Manning and the government are discussing a number of issues in advance of his trial, which is set for September.  The now 24-year-old is accused of giving hundreds of thousands of classified diplomatic cables and war logs to the secret-sharing website WikiLeaks.  Manning’s attorney argued Monday that two charges alleging Manning exceeded his authorized access to a Defense Department computer network are improper.  The judge has yet to rule.

July 17, 2012 at 09:31 AM in Judiciary / Cases, Executive Branch, Law Enforcement / Criminal Law, Military, Politics, Cyberlaw / Cyber Security |

July 16, 2012

Cybersecurity compromise still uncertain

07/16/12: The Hill reports that with the August recess nearly three weeks away, it will be difficult for the Senate to move forward on cybersecurity legislation, but some are holding out for progress to be made on a compromise framework drafted by Senators Jon Kyl (R-Ariz.) and Sheldon Whitehouse (D-R.I.) on provisions dealing with critical infrastructure, such as water systems and telecommunications networks.  The US Chamber of Commerce met with Kyl and his staff this past week to discuss the latest version of the framework.  A spokesman for the Chamber said the business lobby had a “constructive dialogue” with Kyl at the meeting and didn’t comment further.  The business lobby opposed an earlier draft of the compromise proposal circulated last month, but so far has not spoken out against the latest version of the framework.

July 16, 2012 at 08:38 AM in Congress, Law Enforcement / Criminal Law, Politics, Cyberlaw / Cyber Security |

US urged to recruit master hackers for counterterrorism efforts

07/16/12: The Guardian has this interview with cyberwarfare expert John Arquilla in which he argues that instead of prosecuting hackers, the United States should recruit them to assist our efforts in the war on terror.  The brilliance of hacking experts could be put to use on the United States' behalf in the same way as German rocket scientists were enlisted after World War II, said Arquilla, a defense analyst at the US Naval Postgraduate School in Monterey, California.  Arquilla, who invented the term cyberwarfare two decades ago, said a few master hackers had already been recruited but more were needed.  He acknowledged that many dabbled in illegal or questionable acts, but noted that Wernher von Braun, Hitler’s top scientist, was put to work on American rockets and space programs.

H/T to John-Michael Cummings

July 16, 2012 at 07:53 AM in Terrorism / Counterterrorism, Commentary / Opinion, Cyberlaw / Cyber Security |

July 11, 2012

Cybersecurity chief urges congressional action, addresses civil liberties concerns

07/11/12: The Washington Post reports the director of the National Security Agency (NSA) made a fresh appeal Monday for cybersecurity legislation to enable the sharing of threat data between the private sector and the government, asserting that the NSA and other agencies were not interested in reading Americans’ e-mails.  General Keith Alexander, who also heads US Cyber Command, said such data-sharing was necessary if the NSA and Cyber Command are to defend the nation against a cyberattack from a foreign adversary.  Several cybersecurity bills are pending in Congress, with Senate leadership expressing the intent to bring a package of legislation to the floor this month.  Senate Democrats and Republicans are hashing out a compromise on that legislation, which includes an effort to require critical private sector industries to set and meet network security standards.

July 11, 2012 at 09:20 AM in Congress, Executive Branch, Law Enforcement / Criminal Law, Intelligence, Politics, Surveillance / Privacy, Cyberlaw / Cyber Security |

July 08, 2012

Senators expected to unveil cybersecurity compromise soon

07/08/12: The Hill reports Industry groups are expecting to see the latest version of the cybersecurity compromise framework from Senators Jon Kyl (R-Ariz.) and Sheldon Whitehouse (D-R.I.) in the coming days.  A staff prepared draft of the framework released last month received poor reviews by some business groups, including the US Chamber of Commerce and Information Technology Industry Council, which saw it as too regulatory.  The compromise’s chances of breaking the stalemate in the upper chamber could be put in jeopardy if the updated version receives another round of criticism from powerful industry groups.  Pressure from these groups and Republicans who believe electronic security hampers business stalled a bill sponsored by Senators Joe Liberman (I-Conn.) and Susan Collins (R-Me.) and supported by the White House.

July 08, 2012 at 02:00 PM in Congress, Politics, Cyberlaw / Cyber Security |

July 06, 2012

"DNSChanger" malware could leave thousands offline when domains go dark Monday

07/06/12: Wired reports tens of thousands of US internet users could be left without Internet access on Monday when the FBI eliminates domains related to the DNSChanger malware.  Computers belonging to an estimated 64,000 users in the United States, and an additional 200,000 users outside the United States, are still infected with the malware, despite repeated warnings in the news, e-mail messages sent by Internet service providers (ISPs) and alerts posted by Google and Facebook.  About fifty-eight of the Fortune 500 companies and two government agencies are among those that own at least one computer or router that is still infected with DNSChanger.  This website has an easy test to determine whether your computer is infected.

July 06, 2012 at 07:20 AM in Law Enforcement / Criminal Law, Surveillance / Privacy, Cyberlaw / Cyber Security |

July 05, 2012

European Parliament kills global anti-piracy agreement

07/05/12: Wired reports the European Parliament on Wednesday rejected the Anti-Counterfeiting Trade Agreement (ACTA).  The vote, 478-39, means the deal won’t come into effect in European Union-member nations, and effectively means ACTA is dead.  Its fate was also uncertain in the United States: despite the Obama Administration signaling its intent to honor the deal last year, there was a looming constitutional showdown on whether Congress, not the administration, held the power to sign on to ACTA.  Overall, not a single nation has ratified ACTA, although Australia, Canada, Japan, Morocco, New Zealand, Singapore and South Korea last year signed their intent to do so. The European Union, Mexico and Switzerland, the only other governments participating in ACTA’s creation, had not signed their intent to honor the plan.

July 05, 2012 at 11:54 AM in Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Europe / Eurasia, Analysis, Cyberlaw / Cyber Security |

July 02, 2012

Senate ready to move on cybersecurity legislation, but differences remain

07/02/12: The Hill reports the US Senate is set to tackle legislation to protect the nation’s computer system when it returns from its July 4th recess, but the efforts are being hampered by disagreements over the government’s role in overseeing cybersecurity standards. Lawmakers of both parties worry that hackers are stealing America's business secrets and that an attack on a vital computer system could cause thousands of deaths. But sharp differences remain. The House passed its own bill, the Cyber Intelligence Sharing and Protect Act (CISPA), in April. President Obama has threatened to veto CISPA, saying it would undermine privacy and would fail to protect the nation's critical infrastructure. The White House and Senate Democratic leaders have instead endorsed the Cybersecurity Act, sponsored by Senators Joe Lieberman (I-Conn.) and Susan Collins (R-Me.).

July 02, 2012 at 08:32 AM in Congress, Law Enforcement / Criminal Law, Politics, Surveillance / Privacy, Cyberlaw / Cyber Security |

June 29, 2012

New Zealand judge rules anti-piracy raids illegal in blow to US copyright infringement prosecution

06/29/12: Wired reports the US Government’s bid to extradite copyright infringement king Kim Dotcom to the United States was dealt a severe blow Thursday, when a New Zealand High Court judge ruled that the raids on Doctom’s home earlier this year were “illegal.”  The decision may doom the entire prosecution of the founder of the file-sharing site Megaupload; New Zealand authorities are appealing.  Justice Helen Winkelmann said that warrants for the raids “fell well short of” describing the offenses they were meant to relate.  She concluded words such as “breach of copyright” used in the warrants do not provide details of the alleged offense and therefore, the warrants did not comply with New Zealand law.

June 29, 2012 at 08:36 AM in Judiciary / Cases, Law Enforcement / Criminal Law, Constitutional Law, Cyberlaw / Cyber Security |

US worries payback could follow cyberattack

06/29/12: The Washington Times reports the chairman of the House Permanent Select Committee on Intelligence is warning that recent news reports describing a US role in a cyberattack against Iran’s nuclear program will cost the United States dearly.  The reports, which said the US and Israel were behind the Stuxnet cyberworm that sabotaged Iran’s uranium processing plants in 2009, started “a very dangerous speculation game that we are all going to pay the price for,” said Representative Mike Rogers (R-Mich.)  His comments underline growing concern among some US security officials and private-sector specialists about blowback from the Stuxnet attack itself, like retaliation from Iran, or the proliferation of cyberattacks against the kind of computer-controlled machinery for operations such as factories and city water systems.

June 29, 2012 at 08:28 AM in Congress, Intelligence, Cyberlaw / Cyber Security, Emergency Preparedness, Iran |

June 23, 2012

Commentary: Anatomy of a leak

06/23/12: The Washington Post features an op-ed by David Ignatius discussing the process of leaking and trying to put the recent outrage over intelligent leaks in context.  He points out, first, that this is something every administration has done, and that the recent information published about cyberattacks against Iran contained some stories that took place before President Obama was in office and could only have been known (and thus leaked) by operatives in George W. Bush's administration.  He also points out that rather than leakers simply going to reporters, a leak often begins with the reporter getting his information some other way and asking his source to corroborate it, or for clarification.  At that point, since the reporter is likely to go to press even without the source's cooperation, the source cooperates to put the story in the best light he can.

June 23, 2012 at 12:32 PM in Executive Branch, Intelligence, Politics, Secrecy / Transparency / FOIA, Commentary / Opinion, Cyberlaw / Cyber Security, Iran |

« Older | Newer »

Categories

Archives

More...