Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Nuts and Bolts of Encryption: A Primer for Policymakers

Nuts and Bolts of Encryption: A Primer for Policymakers, Edward W. Felten, Center for Information Technology Policy. Department of Computer Science, Woodrow Wilson School of Public and International Affairs, Princeton University, version of February 20, 2017. An up-to-date version of this paper will be available at https://www.cs.princeton.edu/~felten/encryptionprimer.pdf

“This paper offers a straight for ward introduction to encryption, as it is implemented in modern systems, at a level of detail suitable for policy discussions. No prior background on encryption or data security is assumed. Encryption is used in two main scenarios. Encrypted storage allows information to be stored on a device, with encryption protecting the data should a malicious party get access to the device. Encrypted communication allows information to be transmitted from one party to another party, often across a network, with encryption protecting the data should a malicious party get access to the data while it is in transit. Encryption is used somewhat differently in these two scenarios, so it makes sense to present them separately. We’ll discuss encrypted storage first, because it is simpler. We emphasize that the approaches described here are not detailed description s of any particular existing system, but rather generic descriptions of how state-of-the-art systems typically operate. Specific products and standards fill in the details differently, but they are roughly similar at the level of detail given here.”

Botnet attack analysis of Deflect protected website blacklivesmatter.com

Deflect Labs report #3. Seamus Tuohy and eQualit.ie View the report with 3D rendering (5mb) “This report covers attacks between April 29th and October 15th, 2016. Over this seven-month period, we recorded more than a hundred separate denial-of-service incidents against the official Black Lives Matter website. Our analysis shows a variety of technical methods used… Continue Reading

Cybersecurity: Actions Needed to Strengthen U.S. Capabilities

Cybersecurity: Actions Needed to Strengthen U.S. Capabilities, GAO-17-440T: Published: Feb 14, 2017. Publicly Released: Feb 14, 2017. “GAO has consistently identified shortcomings in the federal government’s approach to ensuring the security of federal information systems and cyber critical infrastructure as well as its approach to protecting the privacy of personally identifiable information (PII). While previous… Continue Reading

NSA Contractor Facing Federal Indictment for Willful Retention of National Defense Information

Follow up to previous posting – Former NSA contractor removed 50 terabytes of classified data, via DOJ – “A federal grand jury returned an indictment today charging Harold Thomas Martin III, 52, of Glen Burnie, Maryland, with willful retention of national defense information. Martin Harold Indictment “As a private contractor who worked on classified programs… Continue Reading

Open Observatory of Network Interference

“A free software, global observation network for detecting censorship, surveillance and traffic manipulation on the internet. OONI develops free software tests designed to examine the following: Blocking of websites Blocking of instant messaging apps Blocking of Tor and other circumvention tools Detection of systems that could be responsible for censorship and/or surveillance Testing methodology There… Continue Reading

Javelin 2017 Identity Fraud Study

“The 2017 Identity Fraud Study released today by Javelin Strategy & Research (@JavelinStrategy), revealed that the number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, a record high since Javelin Strategy & Research began tracking identity fraud in 2003. The study found that despite the… Continue Reading

New on LLRX – Cybersecurity For Lawyers: The Nitty Gritty

Via LLRX.com – Cybersecurity For Lawyers: The Nitty Gritty – Nicole Black reports that 26 states now require lawyers to stay abreast of changes in legal technology and advises colleagues on how to implement security procedures that will protect your law firm’s data and help to keep client data confidential and secure. Continue Reading

Pew – Americans and Cybersecurity

“Cyberattacks and data breaches are facts of life for government agencies, businesses and individuals alike in today’s digitized and networked world. Just a few of the most high-profile breaches in 2016 alone include the hacking and subsequent release of emails from members of the Democratic National Committee; the release of testing records of dozens of… Continue Reading

ProPublica – How to Protect Your Digital Privacy in the Era of Public Shaming

Americans face unprecedented threats to the digital safety of their personal information. “We offer nine tips to foil hackers, ransomware, online trackers, data brokers and other menaces,” by Julia Angwin, ProPublica, Jan. 26, 2017. “We are living in an era of widespread hacking and public shaming. Don’t like your political rivals? Beg Russia to hack… Continue Reading

Daily Open Source Infrastructure Report End Publication

“Effective January 18, 2017, the Office of Infrastructure Protection (IP) is discontinuing the DHS Daily Open Source Infrastructure Report. The discontinuation of this report is part of broader efforts to more efficiently focus resources towards the highest priority needs of the critical infrastructure security and resilience community. IP is committed to working closely with our… Continue Reading

FCC White Paper – Cybersecurity Risk Reduction

Cybersecurity Risk Reduction – Public Safety & Homeland Security Bureau – Federal Communications Commission – David Simpson, Rear Admiral (ret.) USN, Bureau Chief, January 18, 2017. “The White Paper describes the risk reduction portfolio of the current FCC and suggests actions to affirmatively reduce cyber risk in a manner that incents competition, protects consumers, and… Continue Reading

KPMG – The largest cyber fraud in UK Courts since 2008 – £113 million

Hitesh N Patel, UK Forensic Partner at KPMG – “The Fraud Barometer recorded a rise in cyber-enabled fraud, up 1266 percent on 2015 figures. The cases include a £113 million cyber fraud, the largest recorded in UK Courts since 2008, as professional criminals cold-called bank customers and stole their money to fund their luxury lifestyle. Sophisticated… Continue Reading