Tag Archives: network security

Lessons From the New York ATM Heist

By Jason M. Weinstein on May 10, 2013 Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

The announcement yesterday of charges in New York against eight members of a cybercrime ring that stole $40 million from ATMs in 24 countries, all within 10 hours, is the latest in a series of episodes that illustrate the constant threat of cyber attacks against our corporate networks. This case should be a wake-up call… Continue Reading

The Question of ‘International Law of Cyberwar’

By Stewart Baker on March 22, 2013 Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Will international law and diplomacy limit cyberwar? Those who believe in international “norms” for cyberwar usually argue that cyberattacks on financial institutions are beyond the pale. For example, Harold Koh has declared the State Department’s view that cyberwarriors “must distinguish military objectives … from civilian objects, which under international law are generally protected from attack.”… Continue Reading

Europe Tries to Catch Up on Cybersecurity

By Michael Vatis on March 13, 2013 Posted in Cybersecurity and Cyberwar

Europe has typically been seen as the world’s leader in protecting privacy (for good or ill). But it has generally lagged behind the US when it comes to cybersecurity. Last month, it began playing catch-up when the European Commission put forth a cybersecurity strategy as well as a proposed Directive on network and information security… Continue Reading

Hacking Hollywood

By Stewart Baker on March 7, 2013 Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

That might sound like breaking news from 1983, but this time we’re not talking movie plots, we’re talking business. Specifically how Chinese cyberespionage could affect Hollywood’s bottom line. The Hollywood Reporter asked me to talk about that impact in a guest column, out this week. Here’s some of what I said: Hollywood might be blinded… Continue Reading

Up the Ladder We Go

By Stewart Baker on February 13, 2013 Posted in China, Cybersecurity and Cyberwar, International, Security Programs & Policies

Once again, Ellen Nakashima of The Washington Post has broken a cybersecurity story: A new intelligence assessment has concluded that the United States is the target of a massive, sustained cyber-espionage campaign that is threatening the country’s economic competitiveness, according to individuals familiar with the report. The National Intelligence Estimate identifies China as the country… Continue Reading

Anonymous Attacks Again

By Stewart Baker on January 28, 2013 Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Anonymous is claiming to have struck a blow in Aaron Swartz’s memory. It has hacked the website of the US Sentencing Commission and posted a long manifesto and a group of files named after Supreme Court Justices. The manifesto suggests that the files contain embarrassing secrets and says that the secrets will be revealed in… Continue Reading

Corporate Network Defense: When Seconds Count, the FBI is Years Behind

By Stewart Baker on January 4, 2013 Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

The Washington Post’s Ellen Nakashima wrote another cutting-edge article on innovative approaches to network defense. I’ve blogged before about honeytokens, deceptive files that leave hackers with false data while flagging the intrusion to defenders. The article suggests that their use is growing, as other defensive techniques prove ineffective: Brown Printing Co…began planting fake data in… Continue Reading

The Hackback Debate

By Steptoe on November 2, 2012 Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

The vulnerability of computer networks to hacking grows more troubling every year. No network is safe, and hacking has evolved from an obscure hobby to a major national security concern. Cybercrime has cost consumers and banks billions of dollars. Yet few cyberspies or cybercriminals have been caught and punished. Law enforcement is overwhelmed both by… Continue Reading

Taking the Offense to Defend Networks – Another Perspective

By Michael Vatis on June 22, 2012 Posted in Cybersecurity and Cyberwar, Privacy Regulation

One can certainly understand the frustration of private companies that are repeatedly subject to cyberattacks, and seem to have little ability to keep the intruders out or to get overstretched law enforcement agencies interested in investigating. But the idea of changing the law to authorize “hacking back” is a dangerous one, and unlikely to fix… Continue Reading

Taking the Offense to Defend Networks

By Stewart Baker on June 19, 2012 Posted in Cybersecurity and Cyberwar, Privacy Regulation

Joseph Menn has an interesting Reuters article on a growing sentiment within network security circles: Frustrated by their inability to stop sophisticated hacking attacks or use the law to punish their assailants, an increasing number of US companies are taking retaliatory action. Known in the cyber security industry as “active defense” or “strike-back” technology, the reprisals… Continue Reading