Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

NYT – With New Digital Tools, Even Nonexperts Can Wage Cyberattacks

The New York Times: “The ransomware tactic behind a global cyberattack on Friday was nothing new. But new digital tools mean that hackers “don’t even need to have any skills to do this anymore.” Attack May Worsen Monday, It Is Feared – “The effects of Friday’s attack could be magnified as workers return to their… Continue Reading

State of the Phish 2017

This report is compiled data from tens of millions of simulated phishing attacks sent through Wombat’s Security Education platform over a 12 month period, as well as an extensive survey of our database of infosec professionals. The report also includes survey data from thousands of end users in the UK and US that measured their… Continue Reading

Trump signs new cybersecurity executive order

Executive Order on May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure “Policy.  The executive branch operates its information technology (IT) on behalf of the American people.  Its IT and data should be secured responsibly using all United States Government capabilities.  The President will hold heads of executive… Continue Reading

Vendors approve of NIST password draft security recommendations – emojis welcome

Via CSO – “Standards group recommends removing periodic password change requirements – A recently released draft of the National Institute of Standards and Technology’s (NIST’s) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies… Continue Reading

2017 Data Breach Investigations Report

Verizon: “Welcome to the 10th anniversary of the Data Breach Investigations Report (DBIR). We sincerely thank you for once again taking time to dig into our InfoSec coddiwomple that has now culminated in a decade of nefarious deeds and malicious mayhem in the security world. 2016 was an extremely tumultuous year, both in the United… Continue Reading

Cybersecurity: Critical Infrastructure Authoritative Reports and Resources

CRS – Cybersecurity: Critical Infrastructure Authoritative Reports and Resources, Rita Tehan, Information Research Specialist, April 21, 2017. “Cybersecurity: Critical Infrastructure Authoritative Reports and Resources Congressional Research Service Summary Critical infrastructure is defined in the USA PATRIOT Act (P.L. 107-56, §1016(e)) as“ systems and assets, physical or virtual, so vital to the United States that the… Continue Reading

Many smartphone owners don’t take steps to secure their devices

“Cybersecurity experts recommend that smartphone owners take a number of steps to keep their mobile devices safe and secure. These include using a pass code to gain access to the phone, as well as regularly updating a phone’s apps and operating system. Many Americans, however, are not adhering to these best practices, according to a… Continue Reading

States With the Most (and Least) Identity Theft

“The risk of identity theft in the United States continues to rise. The incidence of such crimes rose consistently over the  last decade, from 246,214 in 2006 to 399,225 last year. The rate of identity theft varies considerably between states. Using the Federal Trade Commission’s 2017 Consumer Sentinel Network Data Book, 24/7 Wall St. reviewed the… Continue Reading

New Report Aims to Help Criminal Defense Attorneys Challenge Secretive Government Hacking

“Lawyers at EFF, the ACLU, and the National Association of Criminal Defense Lawyers released a report today outlining strategies for challenging law enforcement hacking, a technique of secretly and remotely spying on computer users to gather evidence. Federal agents are increasingly using this surveillance technique, and the report will help those targeted by government malware—and importantly their… Continue Reading

Implementation of IT Reform Law and Related Initiatives Can Help Improve Acquisitions

Information Technology: Implementation of IT Reform Law and Related Initiatives Can Help Improve Acquisitions, GAO-17-494T: Published: Mar 28, 2017. Publicly Released: Mar 28, 2017. “The Federal Information Technology Acquisition Reform Act (FITARA) was enacted in December 2014 to improve federal information technology (IT) acquisitions and can help federal agencies reduce duplication and achieve cost savings.… Continue Reading

CRS – Russia: Background and U.S. Interests

Russia: Background and U.S. Interests, March 1, 2017 (R44775) “Since 1991, Congress has played a key role in the development of U.S. policy toward the Russian Federation (Russia), the principal successor to the United States’ former superpower rival, the Soviet Union. In that time, U.S.-Russian relations have gone through positive and negative periods. Each new… Continue Reading

Paper – Cybersecurity, Identify Theft, and Standing Law

Chou, James C., Cybersecurity, Identify Theft, and Standing Law: A Framework for Data Breaches Using Substantial Risk in a Post-Clapper World (December 15, 2016). National Security Law Brief, Vol. 7, No. 1, 2016. Available at SSRN: https://ssrn.com/abstract=2938692 “Since Clapper v. Amnesty International USA, many courts have shut the door on victims alleging a heightened risk… Continue Reading