According to media reports, Russian government hackers have penetrated the systems of thousands of companies across a variety of industries, as well numerous US government agencies. Moreover, what has been publicly reported may be only the tip of the iceberg in terms of both the scope of the attacks’ victims and the attackers’ methodologies. The most recent reporting also suggests that victim companies are not just those that would be of obvious interest to Russian intelligence services. Accordingly, all companies should assess whether they have been affected by this attack, what steps they need to take to remediate those effects, and what legal and contractual obligations they may have to notify government agencies, business partners, customers, and individuals.
Continue Reading The Urgent Need to Assess and Respond to Russian Supply Chain Attacks
Cybersecurity and Cyberwar
Episode 341: It’s Time to Pay Attention When Attention Stops Paying
Did you ever wonder where all that tech money came from all of a sudden? Turns out, a lot of it comes from online programmatic ads, an industry that gets little attention even from the companies, such as Google, that it made wealthy. That lack of attention is pretty ironic, because lack of attention…
Episode 340: Henry Kissinger and Michael Daniel on How to be a Cyber Czar
Our interview in this episode is with Michael Daniel, formerly the top cybersecurity adviser in the Obama NSC and currently the CEO of the Cyber Threat Alliance. Michael lays out CTA’s mission. Along the way he also offers advice to the Biden cyber team – drawing in part on the wisdom of Henry…
Episode 338: Trump’s Multiple Re-Entry China Policy Vehicles
Another week, another Trump administration initiative to hasten the decoupling from China. As with MIRV warheads, the theory seems to be that the next administration can’t shoot them all down. Brian Egan lays out this week’s initiative, which lifts from obscurity a DoD list of Chinese military companies and excludes them from U.S. capital…
Episode 337: Could Kim Jong Un Kill 90% of All Americans Today?
This episode’s interview with Dr. Peter Pry of the EMP Commission raises an awkward question: Is it possible that North Korea has already developed nuclear weapons that could cause the deaths of hundreds of millions of Americans by permanently frying the entire electrical infrastructure with a single high-altitude blast? And if he doesn’t, could…
US DOE and NIST Partner to Improve Cybersecurity in Energy, Maritime Transportation Industries
On October 5, the US Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response (CESER) reached a $3 million partnership agreement with the National Institute of Standards and Technology (NIST) in order to “research and develop tools and practices that will strengthen the cybersecurity of the nation’s energy sector and maritime transportation system.”
According to CESER, 40% of all maritime traffic is comprised of energy products, which highlights the importance of addressing cybersecurity risks at seaports and in maritime transportation to safeguard US energy security. In the past several years, the incidence of cyber-intrusions, malware attacks and other dangerous lapses in cybersecurity impacting the maritime and energy sectors has increased tremendously across the globe.
Episode 333: Interview with David Ignatius
In this week’s episode I interview David Ignatius about the technology in his latest spy novel, The Paladin. Actually, while we do cover such tech issues as deepfakes, hacking back, Wikileaks, and internet journalism, the interview ranges more widely, from the steel industry of the 1970s, the roots of Donald Trump’s political worldview,…
Episode 331: Damned if You Do, Damned if You Don’t (Pay the Ransom)
In this episode, Jamil Jaffer, Bruce Schneier, and I mull over the Treasury announcement that really raises the stakes even higher for ransomware victim. The message from Treasury seems to be that if the ransomware gang is the subject of OFAC sanctions, as many are, the victim needs to call Treasury…
Episode 329: Dumpster Fire in Cyberspace
John Yoo, Mark MacCarthy, and I kick off episode 329 of the Cyberlaw Podcast diving deep into what I call the cyberspace equivalent of a dumpster fire. There is probably a pretty good national security case for banning TikTok. In fact, China did a lot better than the Trump administration when it …
Episode 327: “I’ll Take Hacking Tesla for One Million Dollars, Alex”
In our 327th episode of the Cyberlaw Podcast, Stewart is joined by Nick Weaver (@ncweaver), David Kris (@DavidKris), and Dave Aitel (@daveaitel). We are back from hiatus, with a one-hour news roundup to cover the big stories of the last month. Pride of place goes to the WeChat/Tiktok mess, which just gets messier…