Header graphic for print

Steptoe Cyberblog

Episode 255: Imitation is the sincerest form of flattery: Russia and China revamp their military technologies

Posted in China, International, Russia

 

In our interview, Elsa Kania and Sam Bendett explain what China and Russia have learned from the American way of warfighting – and from Russia’s success in Syria. The short answer: everything. But instead of leaving us smug, I argue it ought to leave us worried about surprise. Elsa and Sam both try to predict where the surprises might come from. Yogi Berra makes an appearance.

Continue Reading

Episode 254: Skating on Stilts without Baker

Posted in China, International, Security Programs & Policies

 

On Episode 254 of The Cyberlaw Podcast, Stewart spends a few days off the grid, and David Kris, Maury Shenk, and Brian Egan extol the virtues of data privacy and the European Union in his absence.

Maury interviews James Griffiths, a journalist based in Hong Kong and the author of the new book, The Great Firewall of China: How to Build and Control an Alternative Version of the Internet.

Continue Reading

Episode 253: Where angels fear to tread: NewsGuard takes on fake news

Posted in Cybersecurity and Cyberwar, International, Russia

 

Our interview is with two men who overcame careers as lawyers and journalists to become serial entrepreneurs now trying to solve the “fake news” problem. Gordon Crovitz and Steve Brill co-founded NewsGuard to rate news sites on nine journalistic criteria. Using, of all things, real people instead of algorithms. By the end of the interview, I’ve confessed myself a reluctant convert to the effort. This is despite NewsGuard’s treatment of Instapundit, which Gordon Crovitz and I both read regularly but which has not received a green check.

Continue Reading

Episode 252: In the cyber adversary Olympics, it’s Russia for the gold and North Korea (!) for the silver

Posted in China, Cybersecurity and Cyberwar, International, Russia

 

We interview Dmitri Alperovitch of CrowdStrike on the company’s 2019 Global Threat Report, which features a ranking of Western cyber adversaries based on how long it takes each of them to turn a modest foothold into code execution on a compromised network. The Russians put up truly frightening numbers – from foothold to execution in less than twenty minutes – but the real surprise is the North Koreans, who clock in at 2:20. The Chinese take the bronze at just over 4 hours. Dmitri also gives props to a newcomer – South Korea – whose skills are substantial.

Continue Reading

Episode 251: Executive Orders and alien abductions

Posted in AI, CFIUS, China, European Union, International, Russia

 

The backlash against Big Tech dominates the episode, with new regulatory initiatives in the US, EU, Israel, Russia, and China. The misbegotten link tax and upload filter provisions of the EU copyright directive have survived the convoluted EU legislative gantlet. My prediction: the link tax will fail because Google wants it to fail, but the upload filter will succeed because Google wants YouTube’s competitors to fail.

Continue Reading

Episode 250: We give you Weaver

Posted in China, European Union, International, Privacy Regulation, Security Programs & Policies

 

If you get SMS messages on your phone and think you have two-factor authentication, you’re kidding yourself. That’s the message Nick Weaver and David Kris extract from two stories we cover in this week’s episode of The Cyberlaw Podcast – DOJ’s indictment of a couple of kids whose hacker chops are modest but whose social engineering skillz are remarkable. They used those skills to bribe or bamboozle phone companies into changing the phone numbers of their victims, allowing them to intercept all the two-factor authentication they needed to steal boatloads of cryptocurrency. For those with better hacking chops than social skills, there’s always exploitation of SS7 vulnerabilities, which allow interception of text messages without all the muss and fuss of changing SIM cards.

Continue Reading

Episode 249: Black swans, black ops, BlackCube, and red herrings

Posted in Data Breach, International, Russia, Security Programs & Policies

 

In this episode, I interview Chris Bing and Joel Schectman about their remarkable stories covering the actions of what amount to US cyber-mercenary hackers. We spare a moment of sympathy for one of those hackers, Lori Stroud, who managed to go from hiring Edward Snowden to hacking for the UAE in the space of a few years.

Continue Reading

An Overview of Blockchain Cybersecurity Risks and Issues

Posted in Block Chain, Blockchain, Data Breach

Our blockchain colleagues recently published an article on the rapidly evolving landscape where blockchain intersects with data security and privacy. If you’ve ever wondered how blockchains can be considered secure even though hacks of cryptocurrency exchanges routinely make headlines, or whether distributing a permanent ledger to every participant in a network might run afoul of privacy laws and regulations then be sure to check out “Cybersecurity Tech Basics: Blockchain Technology Cyber Risks and Issues” and learn more about these issues.”

Episode 248: Tomayto, Tomahto: Right to be Forgotten Meets Right to Die

Posted in China, European Union, International, Privacy Regulation, Russia

 

If the surgeon about to operate on you has been disciplined for neglecting patients, wouldn’t you like to know? Well, the mandarins of the European Union privacy lobby beg to differ. Google has been told by a Dutch court not to index that story, and there seems to have been a six-month lag in disclosing even the court ruling. That’s part of this week’s News Roundup. Gus Hurwitz and I are appalled. I tout my long-standing view that in the end, privacy law just protects the privileged. Gus agrees.

The interview is with John Carlin, author of Dawn of the Code War. It’s a great inside story of how we came to indict China’s hacker-spies for attacking US companies.

Continue Reading

Episode 247: “If I save Earth, you’re gonna owe me.”

Posted in International

 

So says the remarkable Jeff Jonas, CEO of Senzing. And he’s got a claim to be doing just that. A data scientist before data science was cool, Jeff has used his technical skills and an intuitive grasp of complex data problems to stop card counters in Las Vegas and terrorists targeting the US, and then to launch an initiative making voter registration more accurate and widespread. Most recently, in the course of an effort to improve maritime security around Singapore, he also found a key to identifying asteroids that are about to collide with each other and head off on a new course (one that might intersect with, well, ours).

Continue Reading