The Stroz Friedberg Cyber Brief


*|MC:SUBJECT|*
  FEATURED STORY            

MONDAY, APRIL 3, 2017

NEW LEAK MAY SEVERELY UNDERMINE CIA HACKING

WikiLeaks has reportedly disclosed top secret source code used by the CIA to hide its malware implants on targeted devices. Analysts say the leak may jeopardize the spy agency’s current and past hacking operations against terrorists and other foreign entities. “This appears to be one of the most technically damaging leaks ever done by WikiLeaks, as it seems designed to directly disrupt ongoing CIA operations and attribute previous operations,” Nicholas Weaver, a cybersecurity researcher at the University of California at Berkeley, told the Washington Post.

The release of the CIA’s so-called “Marble Framework” came less than a month after the anti-secrecy group published on the Internet a trove of files--dubbed “Vault 7”--that described the type of malware and methods the CIA uses to gain access to targets’ phones, computers, and other devices. (WaPo, Ars Technica)


 
  HACKERS                                          

McDonald’s: The fast-food restaurant chain’s Canadian unit said that the personal information of about 95,000 job applicants was compromised in a cyberattack on its careers website. The site was shut down after McDonald's learned of the attack, and will remain closed until an investigation is complete. (Reuters)

 

Megarich Tracking: New technology and special websites are making it easier than ever for anyone with a passing interest to track a billionaire’s yacht or jet anywhere around the world. Yacht owners are increasingly asking websites to remove information about their boats to protect their privacy, and some are turning off their transponders when they are onboard. (NYT)

Rubio: The U.S. Senator from Florida said during an Intelligence Committee hearing that staffers working for his erstwhile presidential campaign were targeted by hackers based in Russia. Those repeated attempts at intrusion, according to Rubio, came after he dropped out of the primary, and were unsuccessful. (Wired)



  COURTS                                          

Botnet Creator: A Russian citizen, Maxim Senakh, pleaded guilty in a Minnesota federal court for his participation in a criminal enterprise to install malware on tens of thousands of computer servers around the world for profit. Senakh was arrested by Finnish authorities, who extradited him to the United States. Sentencing is set for Aug. 3, 2017. (SC Magazine, DOJ)

FBI & Best Buy: Federal court documents purportedly show that technicians for Best Buy’s “Geek Squad City” computer repair facility had a long, close relationship with the FBI in “a joint venture to ferret out child porn.” The Southern California court is considering the extent of that relationship and whether it is grounds to throw out a pending child porn case. (WaPo)

 

  ON THE HILL                                    

Internet Privacy: Lawmakers have voted to overturn rules requiring telecom companies to get customers’ permission before sharing their web-browsing and app usage history with third parties. President Trump is expected to sign the measure into law. Meanwhile, Comcast, Verizon, and AT&T said they would not sell customers’ individual internet browsing information. (WSJ, Reuters)

 

Russia Probe: Former national security adviser Michael Flynn has reportedly requested immunity before he testifies to Congress. However, analysts say that procedural rules and political realities will likely make it difficult for Flynn to get immunity. Democrats, in particular, have sounded wary of giving Flynn a pass for any potential crimes. (WaPo)

 

DHS Strategy: The department’s acting cybersecurity lead Jeanette Manfra told lawmakers that a congressionally mandated cyber strategy would likely be completed in the next couple of months. The strategy was due March 23. (Defense One)

Net Neutrality: The White House said that its next move to deregulate broadband internet service companies would be to undo the Obama administration’s net neutrality rules. Supporters of net neutrality have said the rules are needed to protect equal access to online content. (NYT)


  PRIVATE SECTOR                             

Cisco: That a major U.S. company like Cisco had to rely on WikiLeaks to learn about cybersecurity holes that were apparently well-known to U.S. intelligence agencies highlights the deep concerns expressed by dozens of current and former U.S. officials about the government's approach to cybersecurity. (Reuters)

 

Uber: An examination by The New York Times shows how the ride-hailing giant is using psychological inducements and social science techniques to influence when, where, and how long its drivers work. (NYT)

YouTube: Google has allocated more of its artificial intelligence tools to deciphering YouTube's enormous video library after a number of major advertisers boycotted the service after their ads were highlighted running alongside videos promoting hate, violence and racism. (Bloomberg)


  THE WORLD                                     

EU: In an interview with the Wall Street Journal, the bloc’s justice chief said the European Commission is considering rule changes that would allow criminal and antiterror investigators greater access to evidence of criminal activity stored in clouds. (WSJ)

MUST READS

The Anarchist Bitcoin Coder Fighting ISIS in Syria: “The people in Rojava were putting into practice the anarchist ideals that [Amir] Taaki hoped the internet and bitcoin might someday make possible. So when ISIS invaded the central region of Rojava’s territory known as Kobanî and massacred more than a hundred civilians, including women and children, Taaki decided to go there, hoping to lend his technical expertise to the budding revolution,” writes Andy Greenberg in Wired.

 

The End of the Trucker: “President Trump has routinely lambasted companies that he accuses of moving jobs overseas. It can only be a matter of time, some fear, before he turns his attention to the threat posed to American jobs by robots — and, in particular, self-driving vehicles — precisely at the moment when these technologies are on the verge of maturing. So far his administration has not made its position on self-driving trucks clear,” writes Leslie Hook in the Financial Times.

Trump Is President. Encrypt Your Email: “Mr. Obama’s judicious persona, which made rationalizing away his intelligence agencies’ mass-surveillance programs easy, has now been replaced with the plainly vindictive and paranoid character of President Trump, who has inherited his predecessor’s well-oiled security apparatus unencumbered by restraint, nuance or even a professed respect for civil liberties,” writes Max Read in the New York Times.

EVENTS & VIDEOS OF NOTE

 






 

Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.

Comment