Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws

CRS – Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws. Charles Doyle, Senior Specialist in American Public Law. October 15, 2014.

“The Computer Fraud and Abuse Act (CFAA), 18 U.S.C. 1030, outlaws conduct that victimizes  computer systems. It is a cyber security law. It protects federal computers, bank computers, and computers connected to the Internet. It shields them from trespassing, threats, damage, espionage, and from being corruptly used as instruments of fraud. It is not a comprehensive provision, but instead it fills cracks and gaps in the protection afforded by other federal criminal laws. This is a brief sketch of CFAA and some of its federal statutory companions, including the amendments found in the Identity Theft Enforcement and Restitution Act, P.L. 110-326, 122 Stat. 3560 (2008).”

Security – a perpetual war: lessons from nature

Via Cornell University Library – Security – a perpetual war: lessons from nature, Wojciech Mazurczyk, Elżbieta Rzeszutko (Submitted on 17 Oct 2014) “For ages people have sought inspiration in nature. Biomimicry has been the  propelling power of such inventions, like Velcro tape or “cat’s eyes” – retroreflective road marking. At the same time, scientists have been developing biologicallyContinue Reading

Understand the Cost of Cyber Security Crime

HP Report – Cyber Crime Costs Continue to Grow: “Cyber crimes are growing more common, more costly, and taking longer to resolve. Those are among the findings of the fifth annualCost of Cyber Crime Study conducted by the respected Ponemon Institute on behalf of HP Enterprise Security. The 2014 global study of U.S.-based companies, which spannedContinue Reading

Is Your Company Ready for a Big Data Breach?

The Second Annual Study on Data Breach Preparedness – Ponemon Institute© Research Report – Sponsored by Experian® Data Breach Resolution – Independently conducted by Ponemon Institute LLC. Publication Date: September 2014. “Data breaches are increasing in frequency. Forty-three percent of respondents say their companies had a data breach involving the loss or theft of more than 1,000 records, anContinue Reading

Taking Steps to Improve Federal Information Security

Beth Cobert, Deputy Director for Management at the Office of Management and Budget  “In a rapidly changing technological environment, we must have robust procedures, policies, and systems in place to protect our nation’s most sensitive information. Growing cybersecurity threats make it ever more important for the Federal government to maintain comprehensive information security controls to assessContinue Reading

Hackers’ Attack Cracked 10 Companies in Major Assault – NYT

By MATTHEW GOLDSTEIN, NICOLE PERLROTH and DAVID E. SANGER “The huge cyberattack on JPMorgan Chase that touched more than 83 million households and businesses was one of the most serious computer intrusions into an American corporation. But it could have been much worse. Questions over who the hackers are and the approach of their attack concern government and industry officials.Continue Reading

National Cyber Security Awareness Month 2014

DHS: “The Internet is part of everyone’s life, every day. We use the Internet at work, home, for enjoyment, and to connect with those close to us. However, being constantly connected brings increased risk of theft, fraud, and abuse. No country, industry, community, or individual is immune to cyber risks. As a nation, we face constantContinue Reading

JPMorgan Chase Says More Than 76 Million Accounts Compromised in Cyberattack

New York Times: “The breach is among the largest corporate hacks, and the latest revelations vastly dwarf earlier estimates that hackers had gained access to roughly 1 million customer accounts.”

Bourne-Again Shell (Bash) Remote Code Execution Vulnerability

“US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and didContinue Reading

Information Sharing Environment: Annual Report to Congress – 2014

“This report is submitted by the Program Manager for the Information Sharing Environment (PM-ISE) on behalf of the President, as required by Section 1016 (h) (2) of the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004, as amended. Accompanying, but distinct from this report, are substantial performance data and links to best practices, lessons learned,Continue Reading

Results of the 2014 Global Privacy Enforcement Network Sweep

“The second Global Privacy Enforcement Network (GPEN) Privacy Sweep demonstrates the ongoing commitment of privacy enforcement authorities to work together to promote privacy protection around the world. Some 26 privacy enforcement authorities in 19 countries participated in the 2014 Sweep, which took place May 12-18. Over the course of the week, participants downloaded 1,211 popular mobile appsContinue Reading

New GAO Reports – Critical Infrastructure Protection, EPA Regs and Electricity

CRITICAL INFRASTRUCTURE PROTECTION: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts, GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014: “DHS is not positioned to manage an integrated and coordinated government-wide approach for assessments as called for in the NIPP because it does not have sufficient information about the assessment tools andContinue Reading