Skip to content

Category Archives: Cybersecurity

Problems with Cyber Arms Control

By
Thursday, February 26, 2015 at 3:17 PM

The New York Times has an editorial today, calling for an arms control effort in cyberspace.  The Times effort is, honestly, a bit simplistic, as is its conclusion: The tougher challenge is on the global level. Cyberwarfare has already done considerable damage and can lead to devastating consequences. The best way forward is to accelerate . . .
Read more »

Senate Commerce Committee Hearing on “Preserving the Multistakeholder Model of Internet Governance”

By
Wednesday, February 25, 2015 at 9:55 AM

The Senate panel, led by Chairman John Thune (R-SD), will discuss internet governance matters this morning at 10:00 a.m. A livestream can be found at the Commerce Committee’s website; we’ll post embedded video if it is available. The witnesses (with links to testimony): Mr. Fadi Chehadé CEO, Internet Corporation for Assigned Name and Numbers (ICANN) Ambassador . . .
Read more »

Making Progress on the Encryption Debate

By
Tuesday, February 24, 2015 at 1:24 PM

In a recent debate between NSA director Mike Rogers and Yahoo Chief Information Security Officer Alex Stamos, the topic of law-enforcement restricted access to encrypted communications once again came up. To summarize the debate as it has been expressed to date, one side believes in encryption that only the user can decrypt. Those on this . . .
Read more »

The Real Story Behind Citizenfour’s Oscar

By and
Monday, February 23, 2015 at 4:21 PM

Like a lot of Lawfare readers, we were pretty surprised by Citizenfour‘s triumph at the Oscars last night. It wasn’t just that there was Glenn Greenwald, foe of all things mainstream, holding—of all things—that picture of establishment respectability, the Oscar. It was, more importantly, the question of who the heck decided to honor this paranoid and self-congratulatory film? . . .
Read more »

Two Historical Notes on Equation

By
Wednesday, February 18, 2015 at 5:25 PM

Yesterday’s New York Times carried a story about how the United States has found a way to “permanently embed surveillance and sabotage tools in [targeted] computers and networks.” If the reporting on Equation is to be believed, the scope and sophistication of the enterprise is truly breathtaking. But the particular technique—hiding malware in the firmware . . .
Read more »

Echoes From the Past on Encryption

By
Wednesday, February 18, 2015 at 3:44 PM

President Obama’s recent comments calling for a public debate on encryption are, as Susan Landau recently pointed out, some much-needed straight talk about the issue. In Susan’s words, “the debate is not about perfect security versus privacy and civil liberties; it is about our society’s willingness to accept risk.” What’s striking about this debate is . . .
Read more »

The New White House Information Sharing Executive Order

By
Wednesday, February 18, 2015 at 8:30 AM

Last Friday, as part of the Cybersecurity summit at Stanford, President Obama announced a new information sharing initiative, and issued an Executive Order that was tied to the initiative.  The EO will, in the end, do some modest good, but not nearly enough to really stem the tide.  Put prosaically, my best sense is that . . .
Read more »

The Equation Group’s Sophisticated Hacking and Exploitation Tools

By
Tuesday, February 17, 2015 at 12:31 PM

This week, Kaspersky Labs published detailed information on what it calls the Equation Group — almost certainly the NSA — and its abilities to embed spyware deep inside computers, gaining pretty much total control of those computers while maintaining persistence in the face of reboots, operating system reinstalls, and commercial anti-virus products. The details are . . .
Read more »

Finally … Some Clear Talk on the Encryption Issue

By
Monday, February 16, 2015 at 12:30 PM

The president gave a clear and thoughtful interview on the encryption debates Friday, and he nailed the issue. It is not about perfect security versus privacy and civil liberties; it is about our society’s willingness to accept risk. As I write on this snowy Sunday morning, the New York Times has a headline about an . . .
Read more »

Two Reflections on the White House Cybersecurity Summit

By
Friday, February 13, 2015 at 10:27 PM

As many know, the White House held a summit on cybersecurity and consumer protection at Stanford University today.  In addition to President Obama, a number of CEOs also spoke on privacy and security issues in the context of consumer protection, and of course the backdrop for much of the summit was the Snowden revelations and . . .
Read more »

Lisa Monaco Announces New Cyber Threat Intelligence Integration Center

By
Tuesday, February 10, 2015 at 12:53 PM

At the Wilson Center, Lisa Monaco, Assistant to the President for Homeland Security and Counterterrorism, delivered a keynote address about the evolving nature of the cyber threat and the Obama administration’s plan to address it. The speech announced the creation of a new Cyber Threat Intelligence Integration Center, which will be modeled on the National . . .
Read more »

The New Cyber Threat Intelligence Integration Center

By
Tuesday, February 10, 2015 at 12:43 PM

According to the Washington Post, the Obama administration is establishing a new agency to fuse intelligence from around the government when a cyber crisis occurs. Lisa Monaco, assistant to the president for homeland security and counterterrorism, is quoted as saying that “policymakers and operators will benefit from having a rapid source of intelligence [about incoming . . .
Read more »

On the Anthem Hack

By
Tuesday, February 10, 2015 at 7:00 AM

On February 5, 2015, Anthem—a health insurance company—announced that hackers had been able to access records containing tens of millions of names, birthdays, Social Security numbers, addresses and employment data. Because such information can easily be used by identity thieves, concerns have arisen about a rash of identity thefts in the future. Such accounts are . . .
Read more »

Searching the Dark Web

By
Monday, February 9, 2015 at 11:15 AM

“By some estimates Google, Microsoft Bing, and Yahoo only give us access to around 5% of the content on the Web.” The Dark Web is vast and difficult to search — you have to know where you are going to get there.  Until now … Memex is a new, DARPA-funded search engine that allows law . . .
Read more »

The Internet of Things and Security — Process Not Standards

By
Monday, February 9, 2015 at 10:25 AM

Earlier this year, Herb posted a nice summary of the FTC’s report on the security of the internet of things.  Today, Senator Ed Markey joins the conversation with a staff report on the insecurity of automobiles.  As the Post summarizes it, the Markey report says that: “Automakers are cramming cars with wireless technology, but they . . .
Read more »

Live: Bob Litt Speaks at Brookings on Intelligence and Surveillance Reform

By
Wednesday, February 4, 2015 at 11:58 AM

At the top of the hour, Robert S. Litt, General Counsel at the Office of the Director of National Intelligence will speak at the Brookings Institution. His address is expected to examine what has been done so far to implement the directives announced in President Obama’s January 2014 speech at the Department of Justice as . . .
Read more »

Bits and Bytes

By
Wednesday, February 4, 2015 at 9:12 AM

What War in the Cyber Age Looks Like.  “To the young Syrian rebel fighter, the Skype message in early December 2013 appeared to come from a woman in Lebanon, named Iman Almasri, interested in his cause. Her picture, in a small icon alongside her name, showed a fair-skinned 20-something in a black head covering, wearing . . .
Read more »

On Cybersecurity for the Internet of Things

By
Saturday, January 31, 2015 at 4:30 PM

On Tuesday, January 27, 2015, the Federal Trade Commission released a staff report on cybersecurity and the Internet of Things. Although as a staff report, the report has no binding authority on anyone, and the report merely stated that “commission staff encourages companies to consider adopting the best practices highlighted by workshop participants,” it was . . .
Read more »

“Shane, You Ignorant Slut”: A Speech by General Hayden and Stand-Up Comedy from Shane Harris and Me

By
Wednesday, January 28, 2015 at 12:47 PM

We will be podcasting both of these events, which took place at a Washington and Lee School of Law symposium on “Cybersurveillance in the Post-Snowden Age” over the weekend. The first is a speech by General Michael Hayden about NSA and surveillance matters that took place Friday night. It’s a smart and thoughtful take on the late . . .
Read more »

Harvard Event with Bruce Schneier and Edward Snowden

By
Monday, January 26, 2015 at 12:20 PM

On Friday, the former spoke by videolink with the latter, about (unsurprisingly enough) surveillance, privacy and data security. Youtube has a video of their discussion: