Header graphic for print
Steptoe Cyberblog

Tag Archives: North Korea

Episode 290: The Right to be Forgotten Shoots the Shark

Posted in CFIUS, China, International, Russia

  This Week in the Great Decoupling: The Commerce Department has rolled out proposed telecom and supply chain security rules that never once mention China. More accurately, the Department has rolled out a sketch of its preliminary thinking about proposed rules. Brian Egan and I tackle the substance and history of the proposal and conclude… Continue Reading

Episode 285: ByteDance bitten by CFIUS

Posted in CFIUS, China, International

  We open the episode with David Kris’s thoughts on the two-years-late CFIUS investigation of TikTok, its Chinese owner, ByteDance, and ByteDance’s US acquisition of the lip-syncing company Musical.ly. Our best guess is that this unprecedented reach-back investigation will end in a more or less precedented mitigation agreement.

Episode 278: Will international trade law prevent the US from regulating the security of the Internet of Things?

Posted in International, Security Programs & Policies

  Joel Trachtman thinks it’s a near certainty that the WTO agreements will complicate US efforts to head off an IoT cybersecurity meltdown, and there’s a real possibility that a US cybersecurity regime could be held to violate our international trade obligations. Claire Schachter and I dig into the details of the looming disaster and… Continue Reading

Episode 257: How we know the North Korean Embassy break-in wasn’t the work of the CIA

Posted in Data Breach, International, Privacy Regulation

  In today’s News Roundup, Klon Kitchen adds to the North Korean Embassy invasion by an unknown group. Turns out some of the participants fled to the US and lawyered up, but the real tipoff about attribution is that they’ve given some of the data they stole to the FBI. That rules out CIA involvement… Continue Reading

Episode 256: National Bloviation Strategy

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

  I know. That could be any national strategy written in the last 15 years. And that’s the point. In our interview, Dr. Amy Zegart and I discuss the national cyber strategy and what’s wrong with it, along with the culture clash between DOD and Silicon Valley (especially Google), and whether the Mueller report should… Continue Reading

Episode 255: Imitation is the sincerest form of flattery: Russia and China revamp their military technologies

Posted in China, International, Russia

  In our interview, Elsa Kania and Sam Bendett explain what China and Russia have learned from the American way of warfighting – and from Russia’s success in Syria. The short answer: everything. But instead of leaving us smug, I argue it ought to leave us worried about surprise. Elsa and Sam both try to… Continue Reading

Episode 252: In the cyber adversary Olympics, it’s Russia for the gold and North Korea (!) for the silver

Posted in China, Cybersecurity and Cyberwar, International, Russia

  We interview Dmitri Alperovitch of CrowdStrike on the company’s 2019 Global Threat Report, which features a ranking of Western cyber adversaries based on how long it takes each of them to turn a modest foothold into code execution on a compromised network. The Russians put up truly frightening numbers – from foothold to execution… Continue Reading

Episode 250: We give you Weaver

Posted in China, European Union, International, Privacy Regulation, Security Programs & Policies

  If you get SMS messages on your phone and think you have two-factor authentication, you’re kidding yourself. That’s the message Nick Weaver and David Kris extract from two stories we cover in this week’s episode of The Cyberlaw Podcast – DOJ’s indictment of a couple of kids whose hacker chops are modest but whose… Continue Reading

Episode 234: The California Turing Test

Posted in China, Cybersecurity and Cyberwar, International, Russia

  Bloomberg Businessweek’s claim that the Chinese buggered Supermicro motherboards leads off our News Roundup. The story is controversial not because it couldn’t happen and not because the Chinese wouldn’t do it but because the story has been denied by practically everyone close to the controversy, including DHS. Bloomberg Businessweek stands by the story. Maybe… Continue Reading

Episode 230: Click Here to Kill Everybody

Posted in International, Privacy Regulation, Security Programs & Policies

  We are fully back from our August hiatus, and leading off a series of great interviews, I talk with Bruce Schneier about his new book, Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World. Bruce is an internationally renowned technologist, privacy and security commentator, and someone I respect a lot more… Continue Reading

Thinking the unthinkable about responding to cyberattacks

Posted in China, Cybersecurity and Cyberwar, Russia

We need better, more aggressive options to deter cyberattacks, since the ones we’ve come up with so far are clearly not deterring our adversaries. I would like to inspire more ambition, aggressiveness, and creativity in the American response. As the first stage in that effort, here’s an op-ed I published recently in the Washington Post: The… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Data Breach, International, Security Programs & Policies

Episode 170 This week’s episode is a news roundup without interview.  We lead with the Senate’s overwhelming adoption of unexpectedly tough Russia sanctions along with the Iran sanctions bill.  The mainstream press has emphasized that the bill will lock the Obama sanctions into legislation, but Anthony Rapa explains that the bigger story is just how… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Kevin Mandia

Posted in Cybersecurity and Cyberwar, Data Breach, International

Episode 166 is the interview that goes with episode 165’s news roundup, released separately to ensure the timeliness of the news. In episode 166, we interview Kevin Mandia, the CEO and Board Director of FireEye, an intelligence-led security company.  FireEye recently outed a new cyberespionage actor associated with the Vietnamese government.  Kevin tells us how… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Kevin Kelly

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 119 is Kevin Kelly, founding executive editor of Wired Magazine and author of The Inevitable: Understanding the 12 Technological Forces that will Shape our Future.  Kevin and I share many views – from skepticism about the recording industry’s effort to control their digital files to a similar skepticism about EFF’s effort… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jim Lewis

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Live from RSA, it’s episode 104, with special guest Jim Lewis, CSIS’s renowned cybersecurity expert and Steptoe’s own Alan Cohn.  We do an extended news roundup before an RSA audience that yields several good questions for the panel.  We had invited Bruce Sewell, Apple’s General Counsel, to participate, but he didn’t show.  So we felt… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Sanger

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 50 of the Steptoe Cyberlaw Podcast is David Sanger, the New York Times reporter who broke the detailed story of Stuxnet in his book,  Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power.  David talks about his latest story, recounting how North Korea developed its cyberattack network, and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Juan Zarate

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest commentator for episode 49 of the Steptoe Cyberlaw podcast is Juan Zarate, a senior adviser at the Center for Strategic and International Studies (CSIS), the senior national security analyst for CBS News, a visiting lecturer at the Harvard Law School, and chairman and co-founder of the Financial Integrity Network.  Before joining CSIS, Juan… Continue Reading