Our guest for Episode 62 is is Dmitri Alperovitch, co-founder and CTO of CrowdStrike Inc. and former Vice President of Threat Research at McAfee. Dmitri unveils a new Crowdstrike case study in which his company was able to impose high costs on an elite Chinese hacking team. The hackers steadily escalated the sophistication of their attacks on one of Crowdstrike’s customers until they finally unlimbered a zero-day. When even that failed, and the producer was alerted to the vulnerability, the attackers found themselves still locked out and now down one zero-day. We mull the possibility that there’s a glimmer of hope for defenders.
Dmitri and I also unpack the Great Cannon – China’s answer to 4Chan’s Low-Orbit Ion Cannon. Citizen Lab’s report strongly suggests that the Chinese government used its censorship system to deliberately infect about 2% of the Baidu queries coming from outside China. The government injected a script into the outsiders’ machines. The script then DDOSed Github, a US entity that had been making the New York Times available to Chinese readers along with numerous open source projects. The attack is novel, shows a creative and dangerous use of China’s Great Firewall, and provoked not the slightest response from the US government. I ask why any company in the US that uses the Baidu search engine or serves China-based ads should not be required to notify users that their machines may be infected with hostile code before allowing them to receive ads or conduct searches. Finally finding something good to say about the FTC’s jurisdiction I ask why it isn’t deceptive and unfair to automatically expose US consumers to such a risk.
In other news: The courts are raking the Mississippi Attorney General over the coals for an ill-considered attack on Google. The DEA’s bulk collection program is still undercovered. The FCC is racing the FTC to investigate big telecom and internet companies for privacy violations. The Baker Plan for punishing North Korea in response to its attack on Sony has been implemented. And I break out my suits and ties from the early 1990s to celebrate the return of split-key escrowed encryption and arguments over the meaning of CALEA.
As always, send your questions and suggestions for interview candidates to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.