The Stroz Friedberg Cyber Brief


email : Webview : Cyber Brief: U.S. Leaders Wary of Election Hacking
The Cyber Brief
Today's Top Story
MONDAY, AUGUST 8, 2016
U.S. LEADERS WARY OF ELECTION HACKING
The Russian government’s alleged breach of Democratic Party computer systems has heightened fears in Washington that hackers might attempt to manipulate the electronic ballot-casting system used in the November presidential election. The Obama administration is weighing actions to improve the cybersecurity of the process, including whether to designate voting systems as “critical infrastructure.”

Secretary of Homeland Security Jeh Johnson said the department was considering reaching out to state and local election officials to educate them about “best practices” to guard against intrusions, but he noted that longer-term investments would probably have to be made. Some experts say that the best defense against election rigging is having the ability to audit the results via a voter-verified paper trail. However, sixteen states reportedly have e-voting machines but inadequate paper records. (NYT, Federal News Radio, Guardian)
Bitcoin: Bitfinex, the digital-currency exchange that lost $65 million (about 120,000 bitcoins) to hackers last week, plans to spread the losses among all its users, including those not directly affected by the breach. Each will take a hit of around 36 percent. (WSJ)

Olympics: U.S. officials have warned of the threat of hacking for visitors to the Games in Rio and advised Americans to leave their phones or computers at home, and then use only temporary disposable phones while in Brazil. (FT)

Drug Trade: Online trade in illicit drugs via the hidden marketplaces known as cryptomarkets is growing, with revenue having doubled and transactions having tripled since 2013, according to a study by RAND Europe. (WSJ)

U.S. Medical Insurer: Banner Health has written to 3.7 million customers and healthcare providers to warn that their information may have been stolen in a cyberattack this summer. The company has hired a forensics team and is offering those affected a free one-year membership in identity theft monitoring. (BBC)
FBI Agent: A long-time FBI employee, Kun Shan Chun, faces up to 10 years in prison after pleading guilty to providing restricted and sensitive FBI information to the Chinese government. Chun, who was born in China and was a naturalized U.S. citizen, was arrested by the FBI in March after an undercover operation. (CNN, DOJ)

National Security Letters: A U.S. federal judge has become the first to publicly assess new gag-order rules issued by the attorney general as mandated by the USA Freedom Act of 2015. The rules, which prohibit companies from disclosing that the government has requested customer information as part of a national security investigation, contain “several large loopholes” and “give the court some pause” as to whether they comply with the law, he said. (WaPo)

Trader: Stock trader Leonid Momotok has pleaded guilty to making illegal transactions based off of stolen, unpublished press releases obtained from hackers who broke into three business newswires. Nine other hackers and securities traders implicated in the case have been indicted on criminal charges. (The Hill)
Cyber Grand Challenge: A team from Carnegie Mellon University won the $2 million grand prize in the three-year-long DARPA-sponsored contest. U.S. officials said the contest succeeded in its goal of stimulating development of technologies for automating the process of protecting computer networks. (TechCrunch, Reuters)
M&A: The cybersecurity industry is in the midst of a deals boom with private equity firms on the lookout for cash-generating companies. Smaller start-ups are also attractive for their technology and talented engineers, analysts say. (FT)

Hedge Funds: Quantitative funds--those that rely on fast computers, algorithms, and data-crunching--have stood out as the wider industry has struggled to make money and dissatisfied clients have withdrawn funds. The computer-powered hedge fund industry now has almost $880 billion of assets under management, up from $408 billion in 2009. (FT)

Google: Chris Urmson, a roboticist and crucial member of the team that created Google’s self-driving car, is leaving the company and has not decided what he’ll do next. Urmson has reportedly been unhappy with the direction of the car project under its current leadership. (NYT)

Verint Systems: Documents obtained by the AP show how easy it is for a country to purchase and install off-the-shelf surveillance equipment from the Israeli-American company. The software allows governments to intercept voice calls, text messages and emails. (WaPo)

Apple: The iPhone maker said that it would at last begin offering a so-called bug bounty (up to $200,000) to technologists who alert the company to security flaws. Nearly every company in Silicon Valley has for years been rewarding hackers who turn over bugs. (NYT)
UK: Cambridge has become the pride of Great Britain’s tech industry, which dubs the area “Silicon Fen.” About 57,000 people work at more than 1,500 local tech firms with a combined annual revenue of more than £13 billion. (WSJ)

Japan: Liquid, a Tokyo-based startup supported by the Japanese government and some of the nation’s biggest names in finance and technology, is rolling out a fingerprint-payment system at retailers in Japan and elsewhere in Asia. (WSJ)

Must Reads
How to Hack an Election: “[Andrew] Appel’s mischief might be called an occupational asset: He is part of a diligent corps of so-called cyber-academics—professors who have spent the past decade serving their country by relentlessly hacking it. Electronic voting machines—particularly a design called Direct Recording Electronic, or DRE’s—took off in 2002, in the wake of Bush v. Gore. For the ensuing 15 years, Appel and his colleagues have deployed every manner of stunt to convince the public that the system is pervasively unsecure and vulnerable,” writes Ben Wofford in Politico.

What Europe Got Wrong About the NSA: “One of the enduring frustrations on the American side of security and surveillance debates is that European privacy advocates have criticized U.S. practices while being unaware of, or ignoring, the fact that their own countries’ intelligence agencies do similar things and yet are subject to fewer legal constraints and less oversight than the NSA,” write Michele Flournoy and Adam Klein in Foreign Affairs.

Can We Trust WikiLeaks?: “For many of those who know him well, Mr. Assange is afflicted by what the police call 'noble cause corruption,' a belief that noble ends justify reckless or immoral means. In a world awash in new information — and misinformation — context, motivation and trust are crucial when weighing the importance of leaks and their accuracy. Mr. Assange still claims that WikiLeaks is a beacon of transparency. We should no longer take him at his word,” writes Alex Gibney in the New York Times.
Top Op-Eds
FT Cyber Security Summit Europe: London, Sept. 21
Follow us:

EDITOR-IN-CHIEF, KAREN J. GREENBERG, DIRECTOR, CENTER ON NATIONAL SECURITY, FORDHAM LAW SCHOOL
Stroz Friedberg
powered by emma

Comment