Header graphic for print
Steptoe Cyberblog

Tag Archives: attribution

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

We start 2017 the way we ended 2016, mocking the left/lib bias of stories about intercept law.  Remember the European Court of Justice decision that undermined the UK’s new Investigatory Powers Act and struck down bulk data retention laws around Europe?  Yeah, well, not so much.  Maury Shenk walks us through the decision and explains… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ed Hammersla and Brian White

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 126 – The podcast goes to the conventions If Vladimir Putin can do it, so can we. This week the podcast dives deep into the US presidential campaign. I of course talk with Maury Shenk about evidence that the Russians are behind “Guccifer 2.0” and the DNC data leak – aided by a Wikileaks… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jeremy and Ariel Rabkin

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In the news roundup, Michael Vatis covers Microsoft’s surprising Second Circuit victory over the Justice Department in litigation over a warrant for data stored in Ireland.  The hidden issue in that case was data localization – the same issue driving the Justice Department’s new legislative proposal to allow foreign nations to obtain information from US… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dmitri Alperovitch

Posted in Blockchain, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Virtual Currency

Ransomware is the new black.  In fact, it’s the new China.  So says our guest for episode 116, Dmitri Alperovitch, the CTO and co-founder of CrowdStrike.  Dmitri explains why ransomware is so attractive financially – and therefore likely to get much worse very fast.  He and I also explore the implications and attribution of the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ellen Nakashima and Tony Cole

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Did China’s PLA really stop hacking US companies for commercial secrets? And does it matter? In episode 92, we ask those questions and more of two experts on the topic ‒ Washington Post reporter Ellen Nakashima, who has broken many stories on PLA hacking, and Tony Cole, the Global Government CTO with FireEye, who has… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mikko Hypponen

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Are Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth?  That’s one of the questions we pose to Mikko Hypponen in episode 86 (right after we ask about how to pronounce his name; turns out, that’s harder than you think).  Mikko is the Chief Research Officer at F-Secure and a… Continue Reading

Steptoe Cyberlaw Podcast – Atlantic Council Panel

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Bonus Episode 78:  Dmitri Alperovitch, Harvey Rishikof, Stewart Baker, and Melanie Teplinsky debate whether the United States should start doing commercial espionage I know, I know, we promised that the Cyberlaw Podcast would go on hiatus for the month of August.  But we also hinted that there might be a bonus episode.  And here it… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Andrews

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Our guest for episode 77 is Bruce Andrews, the deputy secretary of the Commerce Department. Alan Cohn and I pepper Bruce with questions about export controls on cybersecurity technology, stopping commercial cyberespionage, the future of the NIST cybersecurity framework, and how we can get on future cybersecurity trade missions, among other things. In the news… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Annie Antón and Peter Swire

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 76 of the podcast features the power couple of privacy and cybersecurity, Peter Swire and Annie Antón, both professors at Georgia Institute of Technology.  I question them on topics from the USA FREEDOM Act to the enduring gulf between writing law and writing code. In the news roundup, as our listeners have come to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Catherine Lotrionte

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Virtual Currency

Our guest commentator for episode 74 is Catherine Lotrionte, a recognized expert on international cyberlaw and the associate director of the Institute for Law, Science and Global Security at Georgetown University.  We dive deep on the United Nations Group of Government Experts, and the recent agreement of that group on a few basic norms for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Robert Knake

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 73 is Rob Knake, currently the Council on Foreign Relations Senior Fellow for Cyber Policy and formerly with DHS, the White House, and the Richard Clarke finishing school for cybersecurity policymakers.  Rob and I are quickly embroiled in disagreement; as usual, I mock the cyberspace “norms” that Rob supports and disagree… Continue Reading

Steptoe Cyberlaw Podcast – Interview with James Baker

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

James Baker, General Counsel of the FBI, is our guest on this week’s podcast. He fearlessly tackles the FBI’s aerial surveillance capabilities, stingrays, “Going Dark,” encryption, and the bureau’s sometimes controversial attribution of cyberattacks.  But he prudently punts on the Hack of the Century, refusing to reveal details of the FBI investigation into the Houston Astros… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dan Kaminsky

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 70 of the Cyberlaw Podcast is Dan Kaminsky, a famous cybersecurity researcher who found and helped fix a DNS security flaw.  Dan is now the Chief Scientist at WhiteOps, but I got to know him in an unlikely-bedfellows campaign against SOPA because of its impact on DNS security.  Dan and I… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Julian Sanchez

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guests for Episode 68 include Julian Sanchez, senior fellow at the CATO Institute where he studies issues at the busy intersection of technology, privacy, and civil liberties, with a particular focus on national security and intelligence surveillance. They also include the entire May meeting of ISSA- NOVA, which kindly invited the Cyberlaw Podcast to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Schneier

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 65 would be ugly if it weren’t so much fun.  Our guest is Bruce Schneier, cryptographer, computer science and privacy guru, and author of the best-selling Data and Goliath – a book I annotated every few pages of with the words, “Bruce, you can’t possibly really believe this.”  And that’s pretty much how the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Joseph Nye

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 61 of the Cyberlaw podcast is Joseph Nye, former dean of the Kennedy School at Harvard and three-time national security official for State, Defense, and the National Intelligence Council.  We get a magisterial overview of the challenge posed by cyberweapons, how they resemble and differ from nuclear weapons, and (in passing)… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Richard Bejtlich

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Richard Bejtlich is our guest for episode 59 of the Cyberlaw Podcast.  Richard is the Chief Security Strategist at FireEye, an adviser to Threat Stack, Sqrrl, and Critical Stack, and a fellow at Brookings.  We explore the significance of China’s recently publicized acknowledgment that it has a cyberwar strategy, FireEye’s disclosure of a gang using… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Siobhan Gorman

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 56 of the Cyberlaw Podcast is Siobhan Gorman, who broke many of the top cybersecurity stories for the Wall Street Journal until she left late last year to join the Brunswick Group, which does crisis communications for private companies.  Siobhan comments on the flood of attribution stories in recent days, including… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Thomas Rid and Jeffrey Carr

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

  Episode 51 of the podcast features a debate on attributing cyberattacks.  Our two guests, Thomas Rid and Jeffrey Carr, disagree sharply about how and how well recent cyberattacks can be attributed.  Thomas Rid is a Professor of Security Studies at King’s College London and the author of Cyber War Will Not Take Place as… Continue Reading

Using Attribution to Deter Cyberespionage

Posted in China, Cybersecurity and Cyberwar, International, Security Programs & Policies

Foreign Policy has published my article on how attribution can be used to deter foreign governments’cyberespionage. Excerpts below: The Obama-Xi summit in Sunnylands ended without any Chinese concessions on cyber-espionage. This came as no surprise; cyber spying has been an indispensable accelerant for China’s military and economic rise. And though Beijing may someday agree that… Continue Reading