Our blockchain colleagues recently published an article on the rapidly evolving landscape where blockchain intersects with data security and privacy. If you’ve ever wondered how blockchains can be considered secure even though hacks of cryptocurrency exchanges routinely make headlines, or whether distributing a permanent ledger to every participant in a network might run afoul of
hacking
Treasury Sanctions on Cyber Attackers
The executive order allowing the President to impose OFAC sanctions on hackers is good news. I’ve been calling on the government for several years to go beyond attribution to retribution. See, for example this post from 2012, this Foreign Policy article, and this recent podcast with Juan Zarate. Similar sentiments were expressed …
A Week of Bad News and Good News in Cybersecurity – Here’s What You Need to Know
It was a busy week for companies and government agencies struggling to combat the growing threat of cyber-attacks, with some bad news and some good news. Here’s what you need to know, and how we can help.
What you Need to know
First, the bad news:
- Lawsuits against Target move forward and lawsuits against Home
…
9/11 Commission Gingerly Embraces “Direct Action” Against Hackers
I’ve long been an advocate for fewer restraints on how the private sector responds to hacking attacks. If the government can’t stop and can’t punish such attacks, in my view the least it could do is not threaten the victims with felony prosecution for taking reasonable measures in self-defense. I debated the topic with co-blogger…
“Groundhog Day” for Data Breaches
Here we go again. A prominent company suffers a data breach. The company publicly alerts its customers. The company almost immediately finds itself the subject of inquiries from Congress and the target of investigations by regulators. Before long, class action lawyers will crank out complaints as if they’re Mad Libs, filling in the name of…
Are You Prepared for a Data Breach?
I recently spoke to mainjustice.com (subscription required) about how companies can help prepare for a data breach in this “blame the victim” environment. The video of that interview can be found here:
Another Takeaway from TARGET: Are you being targeted through your vendors?
Yesterday TARGET announced that the hackers who committed the breach that has potentially affected as many as 110 million customers gained access to its systems through one of its vendors. Although the details are still emerging as the forensic investigation continues, this early report is a reminder that your vendors can be a potential source…
Is the Congressional Response to the Target Breach Off-Target?
In the aftermath of the TARGET breach announced last month, there has been much talk of how to respond to large-scale breaches of this type. Lawmakers are eager to write legislation to increase the FTC’s enforcement powers and create a national breach notification standard. But if the congressional response focuses entirely on breach notification and…
The Shorter Matt Blaze: NSA Hacking Is OK, As Long As We Take Away Its Best Hacking Tools
Matt Blaze, a well-known public cryptographer and NSA critic, offered what seemed like a modest concession in the relentless campaign against NSA intelligence gathering:
The NSA’s tools are very sharp indeed, even in the presence of communications networks that are well hardened against eavesdropping. How can this be good news? It isn’t if you’re…
Video Interview: Discussing the Target Data Breach with LXBN TV
Following up on my recent commentary on the Target data breach, I had an opportunity to discuss its fallout in a video interview with Colin O’Keefe of LXBN. In the interview, I describe litigation Target now faces and share my opinion on what lawmakers should do to combat breaches like this.