Chinese hacking continues to build anger in American business and government circles. As a result, private companies may be encouraged to do more than passively defend their networks as evidenced by the recent report of a commission headed by two Obama appointees, former US Ambassador to China (and minor GOP Presidential candidate) Jon Huntsman and
cybersecurity
Amendments to CISPA a Threat to Cybersecurity?
In response to some of the privacy criticisms of the Cyber Intelligence Sharing and Protection Act (CISPA), the House Intelligence Committee is proposing amendments to the bill. Politico’s Tony Romm reports on some of the likely amendments:
Still another amendment specifies clearly that CISPA won’t allow companies to “hack back” their hackers in pursuit of
…
The Question of ‘International Law of Cyberwar’
Will international law and diplomacy limit cyberwar? Those who believe in international “norms” for cyberwar usually argue that cyberattacks on financial institutions are beyond the pale.
For example, Harold Koh has declared the State Department’s view that cyberwarriors “must distinguish military objectives … from civilian objects, which under international law are generally protected from attack.”…
Europe Tries to Catch Up on Cybersecurity
Europe has typically been seen as the world’s leader in protecting privacy (for good or ill). But it has generally lagged behind the US when it comes to cybersecurity. Last month, it began playing catch-up when the European Commission put forth a cybersecurity strategy as well as a proposed Directive on network and information security…
Cyberattacks Ranked As Top Global Threat To US National Security
Ten to fifteen years ago, some of us on this blog (well, both of us) were called fear-mongers, and worse, for trying to raise the alarum about the threat to our security posed by cyberattacks. Times certainly have changed—or at least attitudes. Today, Director of National Intelligence James Clapper, in testimony before the US Senate,…
Hacking Hollywood
That might sound like breaking news from 1983, but this time we’re not talking movie plots, we’re talking business. Specifically how Chinese cyberespionage could affect Hollywood’s bottom line. The Hollywood Reporter asked me to talk about that impact in a guest column, out this week. Here’s some of what I said:
Hollywood might be…
The Hackback Debate Revisited
Last fall, Orin Kerr and I engaged in an online debate over the Computer Fraud and Abuse Act — specifically whether it is lawful for the victim of computer crime to follow his stolen data into networks controlled by the thief. The debate spread across several posts and into the comments, but it’s been pulled…
Found: The PLA’s University of Hacking
Bloomberg Businessweek has a remarkable story about the identification of another Chinese hacker. It’s a long, tangled, and fascinating tale of good sleuthing by several researchers, but the trail ends with Zhang Changhe, a digital entrepreneur and teacher — at a People’s Liberation Army school that is suspected of training PLA hackers.
In the denouement,…
Up the Ladder We Go
Once again, Ellen Nakashima of The Washington Post has broken a cybersecurity story:
A new intelligence assessment has concluded that the United States is the target of a massive, sustained cyber-espionage campaign that is threatening the country’s economic competitiveness, according to individuals familiar with the report.
The National Intelligence Estimate identifies China as the…
Corporate Network Defense: When Seconds Count, the FBI is Years Behind
The Washington Post’s Ellen Nakashima wrote another cutting-edge article on innovative approaches to network defense. I’ve blogged before about honeytokens, deceptive files that leave hackers with false data while flagging the intrusion to defenders. The article suggests that their use is growing, as other defensive techniques prove ineffective:
Brown Printing Co…began planting fake data…