Cybersecurity

Latest in Cybersecurity

Don’t Worry About KRACK

Nicholas Weaver Mon, Oct 16, 2017, 5:53 PM

For the bulk of internet users, the WPA2 vulnerability is a non-issue.

Read more about Don’t Worry About KRACK

Breaking WPA2

Paul Rosenzweig Mon, Oct 16, 2017, 1:21 PM

Sometimes we are reminded that the "noise" of policy drowns out important practical news. Today is one of those days. While we sit around worrying about Harvey Weinstein and Trump's latest tweet, it turns out that the encryption protocol at the core over almost all WiFi is vulnerable to attack.

Read more about Breaking WPA2

Cybersecurity

The Real Threat from Kaspersky Security Software

Herb Lin Thu, Oct 12, 2017, 7:30 AM

It’s far more grave than one compromised NSA contractor.

Read more about The Real Threat from Kaspersky Security Software

China

U.S. Criticism of China’s Cybersecurity Law and the Nexus of Data Privacy and Trade Law

Chris Mirasola Tue, Oct 10, 2017, 12:00 PM

The U.S. needs a more robust legal campaign to prevent China’s growing body of cybersecurity regulations from disrupting international business data flows.

Read more about U.S. Criticism of China’s Cybersecurity Law and the Nexus of Data Privacy and Trade Law

Cybersecurity

Is the State Department Reorganization Undermining Cyber Diplomacy?

Garrett Hinck Tue, Oct 3, 2017, 3:32 PM

The Trump administration downgraded the State Department's cyber diplomacy office, and nobody can say whether State has produced a report on cyber strategy required by the president's cybersecurity executive order. Are the two related?

Read more about Is the State Department Reorganization Undermining Cyber Diplomacy?

Cybersecurity

Source Code Review for Thee... But Not For Me...

Paul Rosenzweig Mon, Oct 2, 2017, 12:14 PM

A supplier of cyber defense systems to the U.S. military has allowed the Russian government to review the source code for the defense system. That seems a bit unwise...

Read more about Source Code Review for Thee... But Not For Me...

Cybersecurity

Protecting Electoral Infrastructure–Klobuchar/Graham and the NDAA

Paul Rosenzweig Tue, Sep 5, 2017, 10:46 AM

Our electoral infrastructure consists of two distinct pieces (or so it seems to me): a broader public context in which elections occur and a narrower system of election management. To date, almost everything we know about Russian electoral interference has dealt with the larger broader context—fake news, Russian troll factories, the hack of the DNC and other efforts to spread disinformation. As

Read more about Protecting Electoral Infrastructure–Klobuchar/Graham and the NDAA

Cybersecurity

Open-Source Software Won't Ensure Election Security

Matt Bishop Thu, Aug 24, 2017, 2:00 PM

Open-source systems are only one step towards guarding our votes against manipulation—and the hypothesis that using open source software will by itself improve security is questionable at best.

Read more about Open-Source Software Won't Ensure Election Security

Cybersecurity

Blockchain Standards

Paul Rosenzweig Sat, Aug 19, 2017, 11:34 AM

What if the Russian FSB were responsible for defining the ISO standards for blockchain technology?

Read more about Blockchain Standards

Cyber Command

Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Robert Chesney Mon, Aug 7, 2017, 1:01 PM

The Government Accountability Office last week published a report that, among other things, weighs in on the pros and cons of the NSA/CYBERCOM “dual-hat” system (pursuant to which the director of the NSA/CSS and commander of CYBERCOM are the same person). The report deserves attention but also some criticism and context. Here’s a bit of all three.

1. What is the “dual-hat” issue?

Read more about Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Cybersecurity

Subtopics

Cybersecurity

Don’t Worry About KRACK

Cybersecurity

Breaking WPA2

Cybersecurity

The Real Threat from Kaspersky Security Software

China

U.S. Criticism of China’s Cybersecurity Law and the Nexus of Data Privacy and Trade Law

Cybersecurity

Is the State Department Reorganization Undermining Cyber Diplomacy?

Cybersecurity

Source Code Review for Thee... But Not For Me...

Cybersecurity

Protecting Electoral Infrastructure–Klobuchar/Graham and the NDAA

Cybersecurity

Open-Source Software Won't Ensure Election Security

Cybersecurity

Blockchain Standards

Cyber Command

Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Subscribe to Lawfare

Support Lawfare

Explore