Yesterday TARGET announced that the hackers who committed the breach that has potentially affected as many as 110 million customers gained access to its systems through one of its vendors. Although the details are still emerging as the forensic investigation continues, this early report is a reminder that your vendors can be a potential source
January 2014
Republican National Committee draws fire for resolution condemning NSA
Almost immediately after the Republican National Committee adopted an error-filled resolution attacking the NSA and its telephone metadata program, current and former GOP officials took a strong stand against the RNC resolution:
[T]he RNC resolution threatens to do great damage to the security of the nation. It would be foolhardy to end the…
Is the Congressional Response to the Target Breach Off-Target?
In the aftermath of the TARGET breach announced last month, there has been much talk of how to respond to large-scale breaches of this type. Lawmakers are eager to write legislation to increase the FTC’s enforcement powers and create a national breach notification standard. But if the congressional response focuses entirely on breach notification and…
Tightening the Screws on Chinese Investment
The Committee on Foreign Investment in the United States, or CFIUS, reviews foreign investments for national security risks. It is now beyond doubt that Chinese investment is getting much closer scrutiny from CFIUS. A total of ten transactions failed to survive review in 2012, according to a just-released Treasury report. That may not sound…
The Shorter Matt Blaze: NSA Hacking Is OK, As Long As We Take Away Its Best Hacking Tools
Matt Blaze, a well-known public cryptographer and NSA critic, offered what seemed like a modest concession in the relentless campaign against NSA intelligence gathering:
The NSA’s tools are very sharp indeed, even in the presence of communications networks that are well hardened against eavesdropping. How can this be good news? It isn’t if you’re…
Video Interview: Discussing the Target Data Breach with LXBN TV
Following up on my recent commentary on the Target data breach, I had an opportunity to discuss its fallout in a video interview with Colin O’Keefe of LXBN. In the interview, I describe litigation Target now faces and share my opinion on what lawmakers should do to combat breaches like this.