Cybersecurity
On Kaspersky
Nicholas Weaver Tue, Jul 25, 2017, 2:39 PM
No government or defense contractor should use Kaspersky Lab products.
Title
DayZero: Cybersecurity Law and Policy
DayZero dives deep in cybersecurity vulnerabilities, and the crime, espionage, and warfare taking place on networked computers. We look at legislation, practice, and litigation over how to keep our networks and critical infrastructure secure; new and emerging threats and how the policy process responds to them; the relationship between cybersecurity other security goods; and cybersecurity in American relations with foreign adversaries and allies.
Latest Reporting
Podcasts
Steptoe Cyberlaw Podcast: Governments to Internet: STFU
Stewart Baker Mon, Jul 24, 2017, 6:54 PM
This week's podcast covers the Russia sanctions bill, radio silence from Silicon Valley on 702 renewal, and an interview with Dave Aitel.
CYBERCOM
Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year
Robert Chesney Mon, Jul 24, 2017, 2:36 PM
In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.
Cybersecurity: Crime and Espionage
Cybercrime Roundup: Russian-born US Citizen Sentenced for Committing Cybercrime Within the United States
Sarah Tate Chambers Mon, Jul 24, 2017, 9:00 AM
On July 10th, Alexander Tverdokhlebov was sentenced to 110 months for his activities renting out botnets on Russian-language cybercrime forums.
Cybersecurity
Rediscovering Vulnerabilities
Trey Herr, Bruce Schneier Fri, Jul 21, 2017, 11:30 AM
Software and computer systems are a standard target of intelligence collection in an age where everything from your phone to your sneakers has been turned into a connected computing device. A modern government intelligence organization must maintain access to some software vulnerabilities into order to target these devices. However, the WannaCry ransomware and NotPetya attacks have called attention to the perennial flipside of this issue—the same vulnerabilities that the U.S. government uses to conduct this targeting can also be exploited by malicious actors if they go unpatched.
Cyber & Technology
A Continuing Need for Stealth with Loud Cyber Weapons
Herb Lin Tue, Jul 18, 2017, 9:38 AM
C4ISRNET recently published an interesting and useful four-part series exploring what U.S. Cyber Command will need to operate on its own, separate from the National Security Agency. (Part I is here and provides links to the other parts in the series.)
Podcasts
Steptoe Cyberlaw Podcast: The Tragedy of Federal IT Procurement
Stewart Baker Mon, Jul 17, 2017, 7:24 PM
In episode 175, IT procurement, the federal de-listing of Kaspersky Labs, and an interview with Eric Hysen take center stage.
Subscribe
Subscribe to DayZero: Cybersecurity Law and Policy via RSS.