Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

2016 Data Breach Investigations Report

Via Verizon: “For the ninth time, the 2016 Data Breach Investigations Report (DBIR) lifts the lid on what’s really happening in cybersecurity. The 2016 dataset is bigger than ever, examining over 100,000 incidents, including 2,260 confirmed data breaches across 82 countries. With data provided by 67 contributors including security service providers, law enforcement and governmentContinue Reading

Cybersecurity: Overview Reports and Links to Government, News, and Related Resources

Via FAS, CRS report – Cybersecurity: Overview Reports and Links to Government, News, and Related Resources, March 2, 2016 (R44405) “Much is written on the topic of cybersecurity. This CRS report and those listed below direct the reader to authoritative sources that address many of the most prominent issues. Included in the reports are resources andContinue Reading

Smart Farming May Increase Cyber Targeting Against US Food and Agriculture Sector

FBI/USDA Notification: “The FBI and the US Department of Agriculture (USDA) assess the Food and Agriculture (FA) Sector is increasingly vulnerable to cyber attacks as farmers become more reliant on digitized data. While precision agriculture technology (a.k.a. smart farming) a reduces farming costs and increases crop yields, farmers need to be aware of and understandContinue Reading

Let’s Encrypt Reaches 2,000,000 Certificates

EFF: “The Let’s Encrypt certificate authority issued its two millionth certificate on Thursday, less than two months after the millionth certificate. As we noted when the millionth certificate was issued, each certificate can cover several web sites, so the certificates Let’s Encrypt has issued are already protecting millions and millions of sites. This rapid adoptionContinue Reading

IG Review of NASA’s Information Security Program

Final Memorandum, Review of NASA’s Information Security Program (IG-16-016; A-15-005-01), April 14, 2016. “As part of our annual review of NASA’s compliance with the Federal Information Security Management Act of 2002 (FISMA) for fiscal year 2015, we reviewed a representative sample of 29 information systems from NASA Centers, Headquarters, and the Jet Propulsion Laboratory (JPL)Continue Reading

Paper – OPM Demonstrated that Antiquated Security Practices Harm National Security

Handing Over the Keys to the Castle – OPM Demonstrated that Antiquated Security Practices Harm National Security. Institute for Critical Infrastructure Technology. July 2015. “In this digital age, information is secured, coveted, and exfiltrated by nation states, hacktivists, and ambitious actors because, now more than ever, knowledge is power. Modern needs dictate that only authorizedContinue Reading

EU Parliament adopts General Data Protection Regulation

European Parliament News: “New EU data protection rules [EU General Data Protection Regulation (“GDPR”)] which aim to give citizens back control of their personal data and create a high, uniform level of data protection across the EU fit for the digital era was given their final approval by MEPs on Thursday. The reform also setsContinue Reading

DoD tests public key infrastructure for DTIC secure website access

SecureIDNews:  “The federal government’s use of user IDs and passwords for access to its applications could soon give way to more secure PKI-based credentials if more government entities follow the lead of the U.S. Department of Defense. The Defense Department is leveraging PKI to better protect its information systems, with the intent of making accessContinue Reading

FTC Announces Significant Enhancements to IdentityTheft.gov

“For the first time, identity theft victims can now go online and get a free, personalized identity theft recovery plan as a result of significant enhancements to the Federal Trade Commission’s IdentityTheft.gov website. The new one-stop website is integrated with the FTC’s consumer complaint system, allowing consumers who are victims of identity theft to rapidlyContinue Reading

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS Report – Cybersecurity: Legislation, Hearings, and Executive Branch Documents, Rita Tehan, Information Research Specialist. March 30, 2016. “Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomaticContinue Reading

NIST Cryptographic Standards and Guidelines Development Process

NIST – IR 7977 – NIST Cryptographic Standards and Guidelines Development Process, Cryptographic Technology Group Computer Security Division Information Technology Laboratory, March 31, 2016.” “This document describes the principles, processes and procedures that drive cryptographic standards and guidelines development efforts at the National Institute of Standards and Technology (NIST). This document reflects public comments receivedContinue Reading

Every Step You Fake A Comparative Analysis of Fitness Tracker Privacy and Security

“Fitness tracking devices monitor heartbeats, measure steps, sleep, and tie into a larger ecosystem of goal setting, diet tracking, and other health activities. Every Step You Fake investigates the privacy and security properties of eight popular wearable fitness tracking systems. We use a variety of technical, policy, and legal methods to understand what data isContinue Reading