Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Dept. of Interior OIG Memo Cites Recurring Network Cyberattacks

Inspector General’s Statement Summarizing the Major Management and Performance Challenges Facing the U.S. Department of the Interior Report No. 2015-ER-068. November 9, 2015.

“External threats to Federal information systems are persistent and increasing, and the risk for real damage is high. Because of the large size of its networks, and because those networks contain sensitive information, DOI is a regular target of cyberattacks. In addition, DOI’s substantial connectivity with outside organizations — such as other Federal agencies, private sector companies, and universities — makes it essential that DOI protect its network to prevent sophisticated attackers from using a security flaw in a DOI system to gain unauthorized access to the outside networks DOI is connected to.Over the past few years, hackers and foreign intelligence services have compromised DOI’s computer networks by exploiting vulnerabilities in publicly accessible systems on at least 19 occasions. These security incidents resulted in the loss of sensitive data and disruption of bureau operations. Notable recent examples include: …A May 2013 attack originating from Chinese-based IP addresses gave the attackers a sustained presence inside DOI’s network. In the 4 weeks before DOI fully contained the security breach, the attackers had stolen an unknown amount of data and had uploaded malware with the intent to compromise other DOI systems…”

Stakeholders in Reform of Global System for Mutual Legal Assistance

Swire, Peter and Hemmings, Justin, Stakeholders in Reform of the Global System for Mutual Legal Assistance (November 8, 2015). Georgia Tech Scheller College of Business Research Paper No. 32. Available for download at SSRN: “This essay contributes to the Privacy Project’s volume on Systematic Government Access to Private Sector Data, and also is partContinue Reading

Founders did not predict ubiquity and dangers of current internet

A flaw in the design – The Internet’s founders saw its promise but didn’t foresee users attacking one another “..Decades later, after hundreds of billions of dollars spent on computer security, the threat posed by the Internet seems to grow worse each year. Where hackers once attacked only computers, the penchant for destruction has nowContinue Reading

OMB – Federal Information Security Modernization Act Audit FY 2015

“In FY 2015 OPM was the victim of a massive data breach that involved the theft of sensitive personal information of millions of individuals. For many years we have reported critical weaknesses in OPM’s ability to manage its information technology (IT) environment, and warned that the agency was as an increased risk of a dataContinue Reading

GAO Reports – Critical Infrastructure Protection, Federal Real Property, Climate Change, Fuel Pricing

Critical Infrastructure Protection: Sector-Specific Agencies Need to Better Measure Cybersecurity Progress, GAO-16-79: Published: Nov 19, 2015. Publicly Released: Nov 19, 2015. Federal Real Property: Additional Authorities and Accountability Would Enhance the Implementation of the Federal Buildings Personnel Training Act of 2010, GAO-16-39: Published: Oct 20, 2015. Publicly Released: Nov 19, 2015. Highlights of a Forum:Continue Reading

GAO Report on IRS Financial Audit

Financial Audit: IRS’s Fiscal Years 2015 and 2014 Financial Statements, GAO-16-146: Published: Nov 12, 2015. Publicly Released: Nov 12, 2015. “In GAO’s opinion, the Internal Revenue Service’s (IRS) fiscal years 2015 and 2014 financial statements are fairly presented in all material respects. However, in GAO’s opinion, IRS did not maintain effective internal control over financialContinue Reading

OPM IG Memo – Fiscal Year 2015 Top Challenges

Fiscal Year 2015 Top Management Challenges – “The Reports Consolidation Act of 2000 requires the Inspector General to identify and report annually the top management challenges facing the agency. In meeting this requirement, we have classified the challenges in to two key types of issues facing the U.S. Office of Personnel Management (OPM) – environmentalContinue Reading

Emerging Cyber Threats Report 2016 – Impact of The Internet of Things

Georgia Institute of Technology Cybersecurity Summit 2015– “The intersection of the physical and digital world continued to deepen in 2015. The adoption of network- connected devices and sensors — the Internet of Things — accelerated and was expected to reach nearly 5 billion devices by the end of the year. The collection and analysis ofContinue Reading

Pew – Apps Permissions in Google Play Store

“Analysis of over 1 million apps in Google’s Android operating system in 2014 shows apps can seek 235 different kinds of permissions from smartphone users. The average app asks for five permissions.” “The findings in this study pertain specifically to apps running on the Android operating system. Pew Research Center examined the Android platform becauseContinue Reading

FFIEC Releases Statement on Cyber Attacks Involving Extortion

“The Federal Financial Institutions Examination Council (FFIEC) members today issued a statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion. The statement describes steps financial institutions should take to respond to these attacks and highlights resources institutions can use to mitigate the risks posed by such attacks. Cyber attacksContinue Reading

Cybersecurity: The changing role of audit committee and internal audit

Deloitte: “Among the most complex and rapidly evolving issues companies must contend with is cybersecurity. With the advent of mobile technology, cloud computing, and social media, reports on major breaches of proprietary information and damage to organisational IT infrastructure have also become increasingly common, thus transforming the IT risk landscape at a rapid pace. InternationalContinue Reading

White House – Cybersecurity Strategy and Implementation Plan

Tony Scott – Federal CIO – Modernizing Federal Sybersecurity – [October 30, 2015] “the Administration directed a series of actions to continue strengthening Federal cybersecurity & modernizing the government’s technology infrastructure. Strengthening the cybersecurity of Federal networks, systems, and data is one of the most important challenges we face as a Nation. Every day, publicContinue Reading