Skip to content

Category Archives: Cybersecurity: Crime and Espionage

Learning from the Attack against Sony

By
Friday, January 23, 2015 at 10:38 AM

On June 26, 2014, the BBC reported that North Korea threatened war against the United States if a Sony-produced movie (“The Interview”) was released. On November 24, 2014, Sony Pictures Entertainment was the victim of a cyberattack that compromised unreleased films, private correspondence, and other sensitive information. A group calling itself Guardians of Peace (GOP) . . .
Read more »

What David Cameron Doesn’t Get

By
Tuesday, January 20, 2015 at 10:30 AM

Last week British Prime Minister David Cameron gave an extraordinary speech in which he urged the the banning of private communications, that is communications to which the government could not listen into when legally authorized to do so. Cameron is not the first government official to do so; GCHQ Director Robert Hannigan urged the same . . .
Read more »

New NSA Documents on Offensive Cyberoperations

By
Sunday, January 18, 2015 at 2:10 PM

Jacob Appelbaum, Laura Poitras and others have another NSA aticle with an enormous Snowden document dump on Der Spiegel, giving details on a variety of offensive NSA cyberoperations to infiltrate and exploit networks around the world. There’s a lot here: 199 pages. (Here it is in one compressed archive.) Paired with the 666 pages released . . .
Read more »

FBI Director James Comey’s Remarks at International Conference on Cyber Security

By
Thursday, January 8, 2015 at 5:55 PM

Yesterday, FBI Director James Comey delivered a speech entitled “Addressing the Cyber Security Threat” at the International Conference on Cyber Security at Fordham University. During the speech, Director Comey doubled down on the FBI’s assertion that North Korea was behind the cyber attack on Sony Pictures, saying the hackers who attacked Sony had operated on . . .
Read more »

FBI Director James Comey’s Remarks Today

By
Thursday, January 8, 2015 at 12:23 AM

I have been unable to find video or audio of FBI Director James Comey’s remarks today adding to his prior attribution of the Sony hack to North Korea. Nor has the FBI itself released the text. That said, Fortune magazine has published the following, describing it as “Comey’s remarks in full”: As you know, we . . .
Read more »

North Korean Internet Down

By
Monday, December 22, 2014 at 3:36 PM

The New York Times is reporting that the entire North Korean network is off line as of right now.  No information at all on the cause.  Here is the opening from the article: North Korea’s already tenuous links to the Internet went completely dark on Monday after days of instability, in what Internet monitors described . . .
Read more »

The Sony Hack: Will the United States Take Countermeasures Against North Korea?

By
Friday, December 19, 2014 at 3:56 PM

Now that the United States has concluded that North Korea was responsible for the hack into Sony’s computers, it has begun to make noises about responding to that hack in some way. If the United States wants to make its response consistent with international law, how should it think about how to proceed? Mike Schmitt posted an . . .
Read more »

On the Sony Hack

By
Friday, December 19, 2014 at 1:28 PM

I’ve written two essays on the Sony hack, one for the Wall Street Journal, and the other for Vice Motherboard. The former opens: Earlier this month, a mysterious group that calls itself Guardians of Peace hacked into Sony Pictures Entertainment’s computer systems and began revealing many of the Hollywood studio’s best-kept secrets, from details about unreleased . . .
Read more »

Sony Counter Attacks

By
Thursday, December 11, 2014 at 11:32 AM

The reality of conflict (not war) in the cyber domain — Sony is now reported to be launching DDoS attacks against the hackers attempting to distribute its confidential documents: Sony has launched a counterattack against people trying to download leaked files stolen from its servers after a massive hack. Re/code is reporting that Sony is . . .
Read more »

Mysterious ’08 Turkey Pipeline Blast Opened New Cyberwar Era

By
Wednesday, December 10, 2014 at 1:47 PM

Bloomberg has the story.  For those who think that cyber conflict is a bit of a myth, this is a cautionary tale.  From the opening: The pipeline was outfitted with sensors and cameras to monitor every step of its 1,099 miles from the Caspian Sea to the Mediterranean. The blast that blew it out of . . .
Read more »

Lawfare Buys a Bitcoin — Introduction

By
Tuesday, December 9, 2014 at 8:04 AM

Lawfare has decided to buy a bitcoin. We do this not as an investment but as an experiment in journalism. Buying a bitcoin will let us explore the mechanics of how the market works and also give us a fun platform to look at some of the legal and policy issues surrounding crypto-currency. This introductory . . .
Read more »

NSA Hacking of Cell Phone Networks

By
Monday, December 8, 2014 at 3:01 PM

The Intercept has published an article—based on the Snowden documents—about AURORAGOLD, an NSA surveillance operation against cell phone network operators and standards bodies worldwide. This is not a typical NSA surveillance operation where agents identify the bad guys and spy on them. This is an operation where the NSA spies on people designing and building . . .
Read more »

New CNAS Report on China’s Cybersecurity Strategy

By
Thursday, December 4, 2014 at 12:06 PM

Over at the Center for a New American Security, researcher Amy Chang is out with a detailed report entitled, “Warring State: China’s Cybersecurity Strategy.” As the report points out: Devising an optimal strategy to address the challenges in the U.S.-China cyber relationship first requires an understanding of the motives, agendas, and stakeholders embedded in the . . .
Read more »

More on Pass Phrases and Fingerprints …. Gestures

By
Saturday, November 8, 2014 at 9:36 AM

Yesterday I posted a short blog on an interesting VA decision regarding the application the Fifth Amendment privilege to the question of unlocking cell phones and other devices.  The short summary is that the court held that compelling disclosure of a pass phrase or code was protected and could not be compelled, but that the . . .
Read more »

The FBI Impersonates the Media: Some of the Rules Governing Cyber-Subterfuge

By
Friday, November 7, 2014 at 2:54 PM

The developing story of the FBI’s impersonation of journalists is, in a way, really the story of Timberline high school in Washington State. In June of 2007 Timberline had received a series of bomb threats, prompting a week of evacuations. The FBI and local law enforcement traced the problem to an anonymous account on the . . .
Read more »

How Not to Do Remote Computer Searches

By
Sunday, November 2, 2014 at 3:00 PM

Recently The Guardian reported on FBI demands new powers to hack into computers and carry out surveillance. The FBI is seeking to make several changes to Rule 41 of the Federal Rules of Criminal Procedure, which governs how law enforcement can conduct court-approved searches.  Under the proposal, in investigating compromised machines (e.g., those in a botnet), law . . .
Read more »

Axiom — A Chinese APT

By
Tuesday, October 28, 2014 at 4:39 PM

And just to prove that we are equal-opportunity victims, I also saw, today, this report from Novetta on “Operation SMN” – a report on a Chinese APT dubbed Axiom.  Here’s a bit of the Executive Summary: Axiom is responsible for directing highly sophisticated cyber espionage operations against numerous Fortune 500 companies, journalists, environmental groups, pro-democracy . . .
Read more »

Russian APT28

By
Tuesday, October 28, 2014 at 11:58 AM

We tend to focus our attention on Chinese APT cyber threats for good reason — they tend to be more overt and focus on American business interests.  But we should not lose sight of the fact that Russian cyber skills are just as good (perhaps even better) than Chinese ones. And now, FireEye has reminded . . .
Read more »

So How Does Vladimir Putin Feel About Cyber, Anyway?

By
Friday, October 3, 2014 at 4:15 PM

Two days ago, Russian President Vladimir Putin gave a significant cybersecurity speech to Russia’s Security Council. For all you Russian speakers, the original text and video can be found on the Kremlin’s website here.  For everyone else, I have translated the speech and posted it below. Though the speech is interesting for all sorts of . . .
Read more »

Why Indictments Won’t Stop China’s Cybersnooping

By
Tuesday, July 29, 2014 at 8:58 AM

The Chinese government and its proxies have recently ratcheted up harassment of U.S. IT firms doing business in China.  In the last week, China has deployed its antitrust laws against Qualcomm and Microsoft.  This comes on the heels of recent attacks in China on Apple and Cisco and IBM.  China has also increased its harassment of . . .
Read more »