The most recent ransomware attack, which spread across Europe, the United States, and Asia yesterday, represents a chilling evolution in the worm-as-weapon.
Latest in Cybersecurity
Ending The Endless Crypto Debate: Three Things We Should Be Arguing About Instead of Encryption Backdoors
Recently I participated in a fascinating conference at Georgia Tech entitled “Surveillance, Privacy, and Data Across Borders: Trans-Atlantic Perspectives.” A range of experts grappled with the international aspects of an increasingly pressing question: how can we ensure that law enforcement is able to obtain enough information to do its job in the twenty-first century, while also ensuring that digital security and human rights are protected?
The CrashOverride program represents the first-in-the-wild case of a generic automated attack: one that is designed to affect all systems of a given family, not just a particular installation. If someone were to couple this warhead to a self-propagating worm for delivery, it could constitute a global threat.
The courts take up questions over authorization to access the third-party accounts of former employees, the CFAA's definition of "loss," and bitcoin.
After months of international consternation, China’s cybersecurity law (CSL) went into effect today. For a deep dive on what foreign companies should expect from the law, see Samm Sacks’s excellent piece posted to Lawfare this morning.
China's cybersecurity law is broad and ambiguous, but we actually know more about how it might operate in practice than it seems at first glance.
With the attention of the United States and its allies at present focused on North Korea's nuclear activity, North Korea potentially has greater latitude to act aggressively in the cyber realm, especially against the private sector.
I thought the Windows tools were the most damaging the Shadow Brokers have to offer. Today, with the announcement of the Shadow Broker’s Data Dump of the Month club, I may need to eat some crow.
The most important policy question raised by the WannaCry ransomware fiasco is not the most obvious one.