Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

FCW – OPM’s sensitive data on feds still not encrypted

Federal Computer Week, Adam Mazmania, May 13, 2016 – “More than a year after a hack of Office of Personnel Management systems compromised more than 22 million records, the agency has not been able to encrypt all the sensitive data on 4 million federal employees, including Social Security numbers. “There are still elements of OPM… Continue Reading

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

“The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data by the Ponemon Institute, finds that criminal attacks are the leading cause of half of all data breaches in healthcare.  Employee mistakes, third-party snafus, and stolen computer devices—are the root cause of the other half of data breaches. The study also found that… Continue Reading

Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities

National Telecommunications and Information Administration (NTIA): “Every day, billions of people around the world use the Internet to share ideas, conduct financial transactions, and keep in touch with family, friends, and colleagues. Users send and store personal medical data, business communications, and even intimate conversations over this global network. But for the Internet to grow… Continue Reading

Multiple data security breaches reported by FDIC

Washington Post: “In yet another example of fragile security in federal cyber systems, data for 44,000 Federal Deposit Insurance Corp. customers were breached by an employee leaving the agency. The breach occurred in February and was outlined in an internal FDIC memorandum obtained by The Washington Post. The March 18 memo from Lawrence Gross Jr.,… Continue Reading

NIST Report on Post-Quantum Cryptography

NISTIR 8105 Report on Post- Quantum Cryptography. Lily Chen, Stephen Jordan, Yi-Kai Liu, Dustin Moody, Rene Peralta, Ray Perlner, Daniel Smith-Tone. Computer Security Division Applied and Computational Mathematics Division Information Technology Laboratory. This publication is available free of charge from: http://dx.doi.org/10.6028/NIST.IR.8105. April 2016 U.S. Department of Commerce. “In recent years, there has been a substantial… Continue Reading

UK Gov – Password Guidance Simplifying Your Approach

UK Center for the Protection of National Infrastructure – Password Guidance Simplifying Your Approach – By simplifying your organisation’s approach to passwords, you can reduce the workload on users, lessen the support burden on IT departments, and combat the false sense of security that unnecessarily complex passwords can encourage. “Passwords are an essential part of… Continue Reading

Judicial Conference Committee seeks to implement wider law enforcement surveillance

Follow up to Supreme Court expands surveillance powers of intelligence agency via EFF – With Rule 41, Little-Known Committee Proposes to Grant New Hacking Powers to the Government – The government hacking into phones and seizing computers remotely? It’s not the plot of a dystopian blockbuster summer movie. It’s a proposal from an obscure committee… Continue Reading

2016 Data Breach Investigations Report

Via Verizon: “For the ninth time, the 2016 Data Breach Investigations Report (DBIR) lifts the lid on what’s really happening in cybersecurity. The 2016 dataset is bigger than ever, examining over 100,000 incidents, including 2,260 confirmed data breaches across 82 countries. With data provided by 67 contributors including security service providers, law enforcement and government… Continue Reading

Cybersecurity: Overview Reports and Links to Government, News, and Related Resources

Via FAS, CRS report – Cybersecurity: Overview Reports and Links to Government, News, and Related Resources, March 2, 2016 (R44405) “Much is written on the topic of cybersecurity. This CRS report and those listed below direct the reader to authoritative sources that address many of the most prominent issues. Included in the reports are resources and… Continue Reading

Smart Farming May Increase Cyber Targeting Against US Food and Agriculture Sector

FBI/USDA Notification: “The FBI and the US Department of Agriculture (USDA) assess the Food and Agriculture (FA) Sector is increasingly vulnerable to cyber attacks as farmers become more reliant on digitized data. While precision agriculture technology (a.k.a. smart farming) a reduces farming costs and increases crop yields, farmers need to be aware of and understand… Continue Reading

Let’s Encrypt Reaches 2,000,000 Certificates

EFF: “The Let’s Encrypt certificate authority issued its two millionth certificate on Thursday, less than two months after the millionth certificate. As we noted when the millionth certificate was issued, each certificate can cover several web sites, so the certificates Let’s Encrypt has issued are already protecting millions and millions of sites. This rapid adoption… Continue Reading

IG Review of NASA’s Information Security Program

Final Memorandum, Review of NASA’s Information Security Program (IG-16-016; A-15-005-01), April 14, 2016. “As part of our annual review of NASA’s compliance with the Federal Information Security Management Act of 2002 (FISMA) for fiscal year 2015, we reviewed a representative sample of 29 information systems from NASA Centers, Headquarters, and the Jet Propulsion Laboratory (JPL)… Continue Reading