Cybersecurity: Crime and Espionage

Latest in Cybersecurity: Crime and Espionage

Cybersecurity

The GCHQ’s Vulnerabilities Equities Process

In the U.S. there has been a long debate about “vulnerability equities”—that is, whether the government should disclose a vulnerability it discovers to the vendor, which will then allow users to apply a patch and be defended against exploitation, or keep the vulnerability secret to enable the government’s exploitation of targets. There is little data on how the process works. But the U.S. has the potential to learn how the British handle the same problem.

Cybersecurity and Deterrence

What’s the Point of Charging Foreign State-Linked Hackers?

The May 7 indictment of a Chinese national and unnamed conspirator for hacking and stealing data from nearly 80 million customers of the health care company Anthem in 2015, which researchers previously linked to Chinese state-sponsored actors, is the latest iteration of a four-year U.S.

Cybersecurity: Crime and Espionage

Project Raven: What Happens When U.S. Personnel Serve a Foreign Intelligence Agency?

It’s been known since 2012 that a Baltimore-based company called Cyber Point had a contract with the United Arab Emirates (UAE) to assist its newly-established signals intelligence agency (then called the National Electronic Security Authority) with “advice on cyberdefense and policy,” as Ellen Nakashima reported at the time for the Washington Post.

espionage

Document: Justice Department Charges Chinese Intelligence Officers and Recruits in Commercial Hacking Conspiracy

On Tuesday, the Department of Justice unsealed an indictment in the Southern District of California charging 10 defendants, including Chinese intelligence officers and their recruits, in two conspiracies to steal sensitive commercial aerospace information and technology from American companies in violation of provisions of the Computer Fraud and Abuse Act. The full indictment is below.

Cybersecurity

The China SuperMicro Hack: About That Bloomberg Report

According to Jordan Robertson and Michael Riley in Bloomberg Businessweek, China has recently engaged in bulk supply-chain sabotage, corrupting thousands of servers on computers that end up in the server rooms of major U.S. companies such as Amazon or Apple, government systems and other locations around the planet.

Subscribe to Lawfare

EmailRSSKindle