Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

USSS Faces Challenges Protecting Sensitive Case Management Systems and Data

“We performed this audit as a follow-up to a September 2015 Office of Inspector General (OIG) investigation regarding United States Secret Service (USSS) employees improperly accessing and distributing sensitive information onthe agency’s Master CentraIndex (MCI) mainframe system. Our objective was to determine whether adequate controls and data protections were in place on systems to which… Continue Reading

Fortune – Publishing Hacked Private Emails Can Be a Slippery Slope

“It may be hard for the media to resist a big email dump, but there are long-term risks. Regular dumps of classified documents and other internal communications have become a fixture of modern life, thanks in part to stateless—and frequently lawless—entities like WikiLeaks. But is publishing those leaks always the right thing to do? That’s… Continue Reading

FTC – New Identity Theft Report helps you spot ID theft

“Do you ever hear from customers or employees who want you to know that they’ve been affected by identity theft? If so, you’ll probably start seeing them use the new FTC Identity Theft Report. It tells you that someone important to your business is a crime victim, has alerted law enforcement, and is working to… Continue Reading

White House Announces Russia Responsible for Hacking Democratic National Cmte

Reuters – Mark Hosenball, Dustin Volz and Jonathan Landay: “The U.S. government for the first time on Friday formally accused Russia of a campaign of cyber attacks against Democratic Party organizations ahead of the Nov. 8 presidential election. “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could… Continue Reading

NIST study – Security Fatigue

Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84 “Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect… Continue Reading

Online or on paper, get the latest FTC identity theft info

“Looking for information on dealing with identity theft? The FTC has new and revised identity theft publications that reflect features of IdentityTheft.gov that make it easier to report and recover from identity theft. Here’s what’s hot off the presses: Identity Theft – What to Know, What to Do gives an overview of identity theft and… Continue Reading

CRS – Encryption: Frequently Asked Questions

Encryption: Frequently Asked Questions, Chris Jaikaran, Analyst in Cybersecurity Policy. September 28, 2016. “Encryption is a process to secure information from unwanted access or use. Encryption uses the art of cryptography to change information which can be read (plaintext) and make it so that it cannot be read (ciphertext). Decryption uses the same art of… Continue Reading

Once again a contractor charged with removing classified NSA information

Politico, Josh Gerstein and Cory Bennett: “The U.S. government confirmed a potentially wide-ranging breach of classified information Wednesday, raising serious questions about the steps federal agencies and contractor Booz Allen Hamilton took to prevent leaks in the wake of the Edward Snowden’s seismic revelations about National Security Agency surveillance…During a court-ordered search of [the home… Continue Reading

Five EFF Tools to Help You Protect Yourself Online

“… five of EFF’s many technology tools and projects. In different ways, they all function to increase your security on the Internet—with the implicit assertion that personal privacy is at the foundation of that security.” Continue Reading

Baldrige Cybersecurity Excellence Builder

Baldrige Cybersecurity Excellence Builder. Key questions for improving your organization’s cybersecurity performance. Draft September 2016, National Institute of Standards and Technology. “The Baldrige Cybersecurity Excellence Builder is a voluntary self-assessment tool that enables organizations to better understand the effectiveness of their cybersecurity risk management efforts. It helps leaders of organizations identify opportunities for improvement based… Continue Reading

Paper – Examining the costs and causes of cyber incidents

Examining the costs and causes of cyber incidents, Sasha Romanosky, Journal of Cybersecurity, DOI: http://dx.doi.org/10.1093/cybsec/tyw001. First published online: 25 August 2016. “In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST)… Continue Reading

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016. “Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation… Continue Reading