Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Five EFF Tools to Help You Protect Yourself Online

“… five of EFF’s many technology tools and projects. In different ways, they all function to increase your security on the Internet—with the implicit assertion that personal privacy is at the foundation of that security.”

Baldrige Cybersecurity Excellence Builder

Baldrige Cybersecurity Excellence Builder. Key questions for improving your organization’s cybersecurity performance. Draft September 2016, National Institute of Standards and Technology. “The Baldrige Cybersecurity Excellence Builder is a voluntary self-assessment tool that enables organizations to better understand the effectiveness of their cybersecurity risk management efforts. It helps leaders of organizations identify opportunities for improvement based… Continue Reading

Paper – Examining the costs and causes of cyber incidents

Examining the costs and causes of cyber incidents, Sasha Romanosky, Journal of Cybersecurity, DOI: http://dx.doi.org/10.1093/cybsec/tyw001. First published online: 25 August 2016. “In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST)… Continue Reading

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016. “Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation… Continue Reading

Vanity Fair – Welcome to the Dark Net

Welcome to the Dark Net, A Wilderness Where Invisible World Wars Are Fought and Hackers Roam Free “…Definitions. A vulnerability is a weakness in a network’s defenses. An exploit is a piece of software that takes advantage of a vulnerability. A zero-day exploit is a piece of software that takes advantage of a vulnerability that… Continue Reading

Agency chief info officers – roles and challenges reviewed by GAO

Federal Chief Information Security Officers: Opportunities Exist to Improve Roles and Address Challenges to Authority, GAO-16-686: Published: Aug 26, 2016. Publicly Released: Sep 15, 2016. “Under the Federal Information Security Modernization Act of 2014 (FISMA 2014), the agency chief information security officer (CISO) has the responsibility to ensure that the agency is meeting the requirements… Continue Reading

Treasury IG – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft

Treasury Inspector General for Tax Administration – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft. August 10, 2016. Reference Number: 2016-40-065. “Taxpayers identified as victims of employment-related identity theft are not notified. During the period February 2011 to December 2015, the IRS identified almost 1.1 million taxpayers who were victims of employment-related… Continue Reading

Article excerpt from new book – “Rise of the Machines: A Cybernetic History”

This article is published via the Passcode – Modern field guide to security and privacy from The Christian Science Monitor”: The cypherpunk revolution-How the tech vanguard turned public-key cryptography into one of the most potent political ideas of the 21st century, by Thomas Rid, July 20, 2016. “…But amid the hype [in the 1990s with… Continue Reading

Hacker “Guccifer” Sentenced to 52 Months in Prison

DOJ news release: “Marcel Lehel Lazar, 44, of Arad, Romania, a hacker who used the online moniker “Guccifer,” was sentenced today to 52 months in prison for unauthorized access to a protected computer and aggravated identity theft…Lazar pleaded guilty before U.S. District Judge James C. Cacheris of the Eastern District of Virginia on May 25,… Continue Reading

ACRL – Keeping Up With Cybersecurity, Usability, and Privacy

Snipped – via Bohyun Kim. Associate Director, Library Applications and Knowledge Systems, at the University of Maryland-Baltimore, Health Sciences and Human Services Library – Keeping Up With Cybersecurity, Usability, and Privacy What is Cybersecurity? Cybersecurity is a broad term. It refers to the activities, practices, and technology that keep computers, networks, programs, and data secure… Continue Reading

The NIST Cybersecurity Framework and the FTC

Via Andrea Arias at the FTC: “…The Framework provides organizations with a risk-based compilation of guidelines that can help them identify, implement, and improve cybersecurity practices.  The Framework does not introduce new standards or concepts; rather, it leverages and integrates cybersecurity practices that have been developed by organizations like NIST and the International Standardization Organization… Continue Reading

Data Breach Aftermath and Recovery for Individuals and Institutions

Anne Johnson and Lynette I. Millett, Rapporteurs; Forum on Cyber Resilience Workshop Series; National Academies of Sciences, Engineering, and Medicine: “In January 2016, the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they discussed possible… Continue Reading