The Stroz Friedberg Cyber Brief


*|MC:SUBJECT|*
  FEATURED STORY            

MONDAY, NOVEMBER 13, 2017

TRUMP HEDGES ON RUSSIAN MEDDLING IN U.S. ELECTION

President Donald Trump continued to sow doubt as to whether he believes a U.S. intelligence community assessment that the Russian government interfered in the 2016 U.S. election to favor his campaign. At a press conference in Hanoi on Sunday, Trump declined to say explicitly if he believed that a declassified January report on the matter was true. He did, however, ultimately express confidence in the U.S. agencies: “I am with our agencies, especially as currently constituted,” Trump said. The intelligence assessment in question was produced during the Obama administration.

Previously, traveling aboard Air Force One on Saturday, Trump condemned several former heads of the U.S. intelligence services under Obama. “I mean, give me a break—they’re political hacks,” he told reporters. Trump also seemed to indicate that he accepted President Vladimir Putin’s repeated denials of Russian interference. “Every time he sees me he says, ‘I didn’t do that,’ and I really believe that when he tells me that, he means it,” Trump said of Putin. “I think he is very insulted by it, which is not a good thing for our country.” (WSJ, ABC, NYT, CNN)  


 
  HACKERS                                          

Kaspersky: British intelligence reportedly has had concerns for months about the distribution of software from the Russian cybersecurity firm Kaspersky Lab to millions of users in the UK. Public concern around Kaspersky has been mounting since September when the U.S. Department of Homeland Security banned the software provider from all government agencies. (FT)

 

Mobile Apps: A coding error in hundreds of mobile applications may have put the data of more than a hundred million smartphone users at risk, security analysts say. Affected apps include the AT&T Navigator app, which is preinstalled on many Android phones, and more than a dozen GPS navigation apps. (Reuters)

Expensive Defense: The cost of cybersecurity for companies rose more than 20 percent last year to an average of $11.7 million, mainly due to a rising number of breaches, experts say. The financial impact of a cyberattack varies significantly, however, depending on the kind of breach, a company’s size, industry and country, and how well prepared it was for the attack. (FT)



  COURTS                                          

Equifax: In its third-quarter earnings report, the credit rating agency said it is facing more than 240 class-action lawsuits from consumers over the way it handled a massive data breach. That number is in addition to lawsuits from shareholders and financial institutions. (WaPo)

Texas Gunman: Apple has reportedly offered to help the FBI access the smartphone of Devin Kelley, the man behind the recent mass shooting at a Texas church. The FBI said it was  “working very hard to get into the phone and that will continue until we find an answer.” (ABC)


  ON THE HILL                                    

Political Ads: Google has reportedly told U.S. regulators that it “strongly supports” tightening rules on online political advertising as part of efforts to combat “foreign abuse and influence” in elections. Analysts say the stance marks a reversal from 2010 when the company sought an exemption from a requirement that an ad should state who purchased it. (Reuters)

Disinformation Detectives: A small group of self-made experts like Renee DiResta advised congressional staffers recently on the consequences of Russia’s online disinformation campaign. Some say her informal group is a testament to how social media companies have failed the public. (NYT)


  DOD                                                

Bug Bounties: Cybersecurity analysts say that, over the last 18 months, a series of bug bounty programs called "Hack the Pentagon" have offered a glimmer of hope that the federal government can embrace the benefits that hackers have to offer. (Wired)


  PRIVATE SECTOR                             

Surveillance: U.S. officials are increasingly concerned that cameras made by Hikvision, a company with links to the Chinese government, are spying on sensitive sites, including military installations. (WSJ)

Waymo: The Google-backed company disclosed that it has let its autonomous cars drive in parts of Phoenix, Arizona, without engineers in the front seats. Waymo believes it is the first company to reach a standard known in the driverless car world as Level 4, meaning its cars can drive under full autonomy in preset areas. (FT)


  THE WORLD                                     

Nepal: Hackers last month reportedly made about $4.4 million in fraudulent transfers from a Kathmandu-based bank to several countries including the United States. However, authorities said most of the stolen funds have been recovered. (Reuters)

China: Although it bans the service at home, Beijing uses Facebook to spread state-produced propaganda around the world, including in the United States. Each quarter, China’s government spends hundreds of thousands of dollars to buy Facebook ads, experts say. (NYT)

MUST READS

NSA Shaken to Its Core: “Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the N.S.A., calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own,” write multiple authors at the New York Times.

 

Algorithms With Minds of Their Own: “Requiring accountability would reassure those affected by decisions derived from artificial intelligence while avoiding the potential harms associated with transparency. It also decreases the need for complicated regulations spelling out precisely what details need to be disclosed,” write Curt Levey and Ryan Hagemann in the Wall Street Journal.


The ABA Cybersecurity Handbook: “With the growing volume and sophistication of cyberattacks on the rise, it is now more important than ever to ensure you are protected. The new second edition of this bestseller published by the ABA Cybersecurity Legal Task Force will help you to identify potential cybersecurity risks, take steps (including training) to lessen those risks, and better respond in the event of an attack,” write the book’s editors Jill Deborah Rhodes and Robert S. Litt.







 

Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.