Header graphic for print
Steptoe Cyberblog

Monthly Archives: March 2012

Can Chinese Hackers Self-Police?

Posted in China, Cybersecurity and Cyberwar, International

Chinese hackers call for “self-discipline” and an end to commercially motivated cybercrime. The Wall St. Journal (subscription required) suggests it’s because former hackers have grown up and become security professionals. But does it occur to anyone that the Chinese government might be worried about the rising tide of complaints about Chinese hacking, particularly cyber espionage against the… Continue Reading

Cyberhacking is the New Spying

Posted in China, Cybersecurity and Cyberwar, International, Security Programs & Policies

General Keith Alexander, the head of US Cyber Command and the National Security Agency, testified to Congress yesterday that China continues to hack into “defense industrial base companies” and steal military technology (see Don Reisinger‘s latest blog post). And he confirmed what was widely believed already—that China was responsible for the hacks on RSA last… Continue Reading

Green Light Means Go – European Air Passenger Data Made Available to the US

Posted in International, Security Programs & Policies

With mixed feelings, I note that a European Parliament committee has recommended approving the latest PNR deal with the US. It’s a bit of a surprise, especially since the vote wasn’t especially close, and that makes it highly likely the Parliament will also approve the deal. That makes sense, this is a much better deal… Continue Reading

Microsoft Crime Raid – Another Thought

Posted in Cybersecurity and Cyberwar

I wonder whether this strategy will really be all that effective. Apparently “Microsoft does not believe the operators of the facilities it raided on Friday, which rent space to clients on computers connected to the Internet, are in league with the people behind the botnets. And those operators said they had no idea that equipment inside… Continue Reading

Microsoft Net Crime Raid: Innovative Lawyering or Busy Work?

Posted in Cybersecurity and Cyberwar

An article by Nick Wingfield and Nicole Perlroth in the New York Times today details the recent raid Microsoft and United States Marshalls conducted in order to disrupt a string of botnets at work harvesting account and other personal information from millions of other computers. As cybercrime grows more profitable, the criminals are starting to match… Continue Reading

Facebook Log-In Overkill

Posted in Privacy Regulation, Security Programs & Policies

A few weeks ago, everyone agreed that the CFAA civil liability provisions were way overbroad, and the Senate judiciary committee proposed amending the CFAA to abolish CFAA liability for violating a website or webservice’s terms of service. That was the right decision; the unamended law essentially enforced commercial terms of service with criminal penalties. But… Continue Reading