Episode 181: Equifax and the Upside of Nation-State Cyberattacks

Was the Equifax breach a nation-state attack? Nick Weaver parses the data, and I explore the surprising upside for Equifax if it was.

Twitter comes to Capitol Hill to talk Russian election interference; it goes home with a flea in its ear and plenty of homework to do. Stephen Heifetz and I ask why the Foreign Agent Registration Act could not be used to discipline nation states’ use of social media.

Twitter isn’t alone in getting sideways with the government. The Justice Department says that Google is defying court orders on disclosure of data — while building a system to make compliance impossible.  Nick gives the company a chutzpah award.

Jim Comey is still taking hits from the Hill, months after his departure from public life. Sens. Wyden and Lee are hoping to call him a liar, and they’d like the DNI’s help. The good news for Jim Comey is bad news for Section 702, since the attack on Comey is really a way of paving the ground for a major reduction in the kinds of intelligence collection the government can conduct using section 702.

Bet you never thought you’d hear the phrase “Bush-Obama Consensus,” but the Trump administration’s CFIUS policies are turning “BushObama” into a single word summary of the ancien regime. Stephen Heifetz makes these and other observations in laying out the latest from CFIUS’s (2015!) annual report. What can we tell from it?

Finally, Nick and I explore his latest essay viewing the vulnerability equities process through a Vault7 and ShadowBrokers lens: What should the government do when it’s pretty sure its critical hacking tools have fallen into enemy hands?

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 181st Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.