Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Kapersky Lab Reveals Detailed View of Most Advanced Hacking Operation Known

Via ars technica: “… In an exhaustive report published Monday at the Kaspersky Security Analyst Summit here, researchers stopped short of saying Equation Group was the handiwork of the NSA—but they provided detailed evidence that strongly implicates the US spy agency. First is the group’s known aptitude for conducting interdictions, such as installing covert implant firmware in a Cisco Systems router as it moved through the mail. Second, a highly advanced keylogger in the Equation Group library refers to itself as “Grok” in its source code. The reference seems eerily similar to a line published last March in an Intercept article headlined “How the NSA Plans to Infect ‘Millions’ of Computers with Malware.” The article, which was based on Snowden-leaked documents, discussed an NSA-developed keylogger called Grok. Third, other Equation Group source code makes reference to “STRAITACID” and “STRAITSHOOTER.” The code words bear a striking resemblance to “STRAITBIZARRE,” one of the most advanced malware platforms used by the NSA’s Tailored Access Operations unit. Besides sharing the unconventional spelling “strait,” Snowden-leaked documents note that STRAITBIZARRE could be turned into a disposable “shooter.” In addition, the codename FOXACID belonged to the same NSA malware framework as the Grok keylogger. Apart from these shared code words, the Equation Group in 2008 used four zero-day vulnerabilities—including two that were later incorporated into Stuxnet. The similarities don’t stop there. Equation Group malware dubbed GrayFish encrypted its payload with a 1,000-iteration hash of the target machine’s unique NTFS object ID. The technique makes it impossible for researchers to access the final payload without possessing the raw disk image for each individual infected machine. The technique closely resembles one used to conceal a potentially potent warhead in Gauss, a piece of highly advanced malware that shared strong technical similarities with both Stuxnet and Flame. (Stuxnet, according to The New York Times, was a joint operation between the NSA and Israel, while Flame, according to The Washington Post, was devised by the NSA, the CIA, and the Israeli military.)”

IRS – Identity Protection: Prevention, Detection and Victim Assistance

“Identity theft places a burden on its victims and presents a challenge to businesses, organizations and government agencies, including the IRS. Tax-related identity theft occurs when someone uses your stolen social security number to file a tax return claiming a fraudulent refund. The IRS combats tax-related identity theft with an aggressive strategy of prevention, detectionContinue Reading

The Emergence of Cybersecurity Law

Prepared for the Indiana University Maurer School of Law by Hanover Research | February 2015 “This paper examines cyberlaw as a growing field of legal practice and the roles that lawyers play in helping companies respond to cybersecurity threats. Drawing on interviews with lawyers, consultants, and academics knowledgeable in the intersection of law and cybersecurity,Continue Reading

Financial Industry Regulatory Authority Report on Cybersecurity Practices

FINRA Report on Cybersecurity Practices, February 2015 – Executive Summary – “Like many organizations in the financial services and other sectors, broker-dealers (firms) are the target of cyberattacks. The frequency and sophistication of these attacks is increasing and individual broker-dealers, and the industry as a whole, must make responding to these threats a high priority.Continue Reading

The Impact of the Dark Web on Internet Governance and Cyber Security

Global Commission on Internet Governance, The Impact of the Dark Web on Internet Governance and Cyber Security, Michael Chertoff and Tobby Simon, Paper Series: No. 6, February 2015. “With the Internet Corporation for Assigned Names and Numbers’ contract with the United States Department of Commerce due to expire in 2015, the international debate on InternetContinue Reading

New GAO Reports – Defense Nuclear Facilities Safety Board, Flood Insurance, Identity and Tax Fraud

Defense Nuclear Facilities Safety Board: Improvements Needed to Strengthen Internal Control and Promote Transparency, GAO-15-181: Published: Jan 20, 2015. Publicly Released: Feb 19, 2015. Flood Insurance: Status of FEMA’s Implementation of the Biggert-Waters Act, as Amended, GAO-15-178: Published: Feb 19, 2015. Publicly Released: Feb 19, 2015. Identity and Tax Fraud: Enhanced Authentication Could Combat RefundContinue Reading

Report – 12 Risks that threaten human civilisation

“This report [via Global Challenges Foundation] has, to the best of the authors’ knowledge, created the first list of global risks with impacts that for all practical purposes can be called infinite. It is also the first structured overview of key events related to such risks and has tried to provide initial rough quantifications forContinue Reading

Cybersecurity and Privacy Diligence in a Post-Breach World

Posted by Paul Ferrillo, Weil, Gotshal & Manges LLP, on Sunday February 15, 2015 – The Harvard Law School Forum on Corporate Governance and Financial Regulation. “Editor’s Note: Paul A. Ferrillo is counsel at Weil, Gotshal & Manges LLP specializing in complex securities and business litigation. This post is based on a Weil Alert authoredContinue Reading

Data breaches of over 1 billion records in 2014

CNBC – “Over a billion personal data records were compromised by cyberattacks in 2014, a new report has revealed, driven by high-profile breaches on Home Depot, JPMorgan and eBay. The 1,023,108,267 records breached in 2014 came from just 1,541 incidents, according to the Breach Level Index report by digital security company Gemalto. It marked aContinue Reading

Executive Order Calls for More Cybersecurity Info “Sharing”

EPIC: “President Obama announced today an Executive Order to promote collaboration between the private sector and the government to counter cyber threats. The Order encourages the companies to disclose user data to the federal government outside any judicial process. The Order also promotes compliance with Fair Information Practices and adoption of such Privacy Enhancing TechniquesContinue Reading

The Target and Other Financial Data Breaches: Frequently Asked Questions

The Target and Other Financial Data Breaches: Frequently Asked Questions “In November and December of 2013, cybercriminals breached the data security of Target, one of the largest U.S. retail chains, stealing the personal and financial information of millions of customers. On December 19, 2013, Target confirmed that some 40 million credit and debit card accountContinue Reading

Take a Security Checkup on Safer Internet Day

Official Google Blog: “Online security is on everyone’s mind these days. According to a recent Gallup poll, more people are worried about their online accounts being hacked than having their home broken into. Security has always been a top priority for Google. Our Safe Browsing technology identifies unsafe websites and warns people before they visitContinue Reading