Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

HP Study Reveals 70 Percent of Internet of Things Devices Vulnerable to Attack

“HP Fortify on Demand is pleased to announce the release of its Internet of Things State of the Union Study, revealing 70 percent of the most commonly used Internet of Things (IoT) devices contain serious vulnerabilities. Why we did the study - Late last year, we were hearing a lot about Internet of Things, and a bit about IoT security,Continue Reading

US-CERT: Backoff Point-of-Sale Malware

Systems Affected - Point-of-Sale Systems - Alert (TA14-212A) “This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and Analysis Center (FS-ISAC), and Trustwave Spiderlabs, a trusted partner under contract with the USSS.  The purpose of this release is to provide relevant andContinue Reading

NY AG Releases Report Showing Rise In Data Breaches, Provides Security Tips To Small Businesses & Consumers

“Attorney General Eric T. Schneiderman today issued a new report examining the growing number, complexity, and costs of data breaches in the New York State. Using information provided to the Attorney General’s Office pursuant to the New York State Information Security Breach & Notification Act, the report, titled “Information Exposed: Historical Examination of Data Security in NewContinue Reading

Stealing Trade Secrets and Economic Espionage: An Overview of 18 U.S.C. 1831 and 1832

CRS - Stealing Trade Secrets and Economic Espionage: An Overview of 18 U.S.C. 1831 and 1832. Charles Doyle, Senior Specialist in American Public Law. July 25, 2014. “Stealing a trade secret is a federal crime when the information relates to a product in interstate or foreign commerce, 18 U.S.C. 1832 (theft of trade secrets), or when the intended beneficiaryContinue Reading

Surveillance Costs: The NSA’s Impact on the Economy, Internet Freedom & Cybersecurity

New America Foundation – “It has been over a year since The Guardian reported the first story on the National Security Agency’s surveillance programs based on the leaks from former NSA contractor Edward Snowden, yet the national conversation remains largely mired in a simplistic debate over the tradeoffs between national security and individual privacy. It is timeContinue Reading

Global Cybercrime: The Interplay of Politics and Law

The Centre for International Governance Innovation (CIGI) - Aaron Shull, June 2014 “Examining global cybercrime as solely a legal issue misses an important facet of the problem. Understanding the applicable legal rules, both domestically and internationally, is important. However, major state actors are using concerted efforts to engage in nefarious cyber activities with the intention ofContinue Reading

Report – Elite Russian hackers breached Nasdq and inserted a digital bomb

BloombergBusinessWeek – Mike Riley: “In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq. It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country.Continue Reading

NIST Cryptographic Standards and Guidelines Development Process

Report and Recommendations of the Visiting Committee on Advanced Technology of the National Institute of Standards and Technology, July 2014 “This report from Visiting Committee on Advanced Technology (VCAT) of the National Institute of Standards and Technology (NIST) to the NIST Director contains the VCAT’s recommendations on how NIST can improve the cryptographic standards and guidelinesContinue Reading

No silver bullet: De-identification still doesn’t work

Arvind Narayanan and Edward W. Felten. July 9, 2014 “Paul Ohm’s 2009 article Broken Promises of Privacy spurred a debate in legal and policy circles on the appropriate response to computer science research on re-identification techniques. In this debate, the empirical research has often been misunderstood or misrepresented. A new report by Ann Cavoukian and Daniel Castro is full of such inaccuracies,Continue Reading

67 Percent of Critical Infrastructure Providers Were Breached Last Year

Jeff Goldman - eSecurity PlanetJeff Goldman - “A recent survey of 599 security executives at utility, oil and gas, energy and manufacturing companies in 13 countries has found that 67 percent have experienced at least one security breach in the past 12 months that led to the loss of confidential information or the disruption of operations. The survey, conductedContinue Reading

Banks Try to Tame Gadget-Flooded Workplace with Management Software

American Banker: “MDM [mobile device management] software has been available for awhile, but it is being slowly adopted by banks. Many of these banks once used only BlackBerry products, but the Ponemon study found that 23% of banks are migrating from BlackBerry to a multi-OS mobile environment and 18% plan to do so. And a recent ForresterContinue Reading

European ATM Security Team Faud Report – ATM Card Scimming

“EAST [European ATM Security Team] has just published its second European Fraud Update for 2014. This is based on country crime updates given by representatives of 19 countries in the Single Euro Payments Area (SEPA), and 3 non-SEPA countries, at the 33rd EAST meeting held at the European Cybercrime Centre (EC3) at Europol in TheContinue Reading