Inevitable. Fortunately, no one would ever
conduct government business on a personal phone.
John
Kelly's personal cellphone was compromised, White House believes
White House officials believe that chief of staff
John Kelly’s personal cellphone was compromised, potentially
as long ago as December, according to three U.S.
government officials.
The discovery raises concerns that hackers or
foreign governments may have had access to data on Kelly’s phone
while he was secretary of Homeland Security and after he joined the
West Wing.
Tech support staff discovered the suspected breach
after Kelly turned his phone in to White House tech support this
summer complaining that it wasn’t working or updating software
properly.
Kelly
told the staffers the phone hadn’t been working properly for
months, according to the officials.
… A White House spokesman said Kelly hadn’t
used the personal phone often since joining the administration. This
official said Kelly relied on his government-issued phone for
official communications.
It’s just a little tiny-weeny bit of war. That
doesn’t count, right?
Russia
Raises Tensions in Baltic Region With Testing of Cyber Weapons
"Russia
has opened a new battlefront with NATO," claims the Wall Street
Journal. "Russia may have tested cyber warfare on Latvia,"
says Reuters. These are two reports about two separate incidents in
the Baltic area close to Russia's largest military war games since
2013: Zapad.
… The
first incident revolves around hacking soldiers' smartphones. Two
separate methodologies have been reported: the use of drones with
sophisticated electronics equipment, and in an earlier incident, a
mobile telephone tower (similar to law enforcement's use of stingray
equipment). The sophistication of the attacks leaves little doubt
that there is some state-sponsorship involved.
…
The
Reuters report
claims, "Moscow was probably behind interruptions in Latvia's
mobile communications network before Russia's war games last month,
in an apparent test of its cyber attack tools, Baltic and NATO
officials said, based on early intelligence of the drills."
… The
effect of the jammer was to take out Latvia's emergency services' 112
hotline in a disruption that lasted about seven hours. This is the
first time that the service has failed, and occurred on September 13,
just prior to the most intensive period of the Russian Zapad war
games.
If this is true, they should have been a bit more
forthcoming when they banned Kaspersky.
Russian
hackers reportedly stole NSA data in 2015, likely via Kaspersky
software
Russian government-backed hackers stole highly
classified U.S. cyber secrets in 2015 from the National Security
Agency after a contractor put information on
his home computer, two newspapers reported on Thursday.
As reported first by The Wall Street Journal,
citing unidentified sources, the theft included information on
penetrating foreign computer networks and protecting against cyber
attacks and is likely to be viewed as one of the most significant
security breaches to date.
In a later story, The Washington Post said the
employee had worked at the NSA’s Tailored Access Operations unit
for elite hackers before he was fired in 2015.
… Citing unidentified sources, both the
Journal and the Post also reported that the contractor used antivirus
software from Moscow-based Kaspersky Lab, the company whose products
were banned from U.S. government networks last month because of
suspicions they help the Kremlin conduct espionage.
Kaspersky Lab has strongly denied those
allegations.
Russian government officials could have used flaws
in Kaspersky software to hack into the machine in question, security
experts told Reuters. They could also have intercepted traffic from
the machine to Kaspersky computers.
Kaspersky said in a statement on Thursday that it
found itself caught in the middle of a geopolitical fight.
… “The baffling parts are that he was able
to get stuff out of the building and that he was using Kaspersky,
despite where he worked,” Lewis said. He said that intelligence
agencies have considered Kaspersky products to be a source of risk
for years.
Why? And who else got this level of access?
(Clearly, Apple has it, right?)
Apple gave
Uber's app 'unprecedented' access to a secret backdoor that can
record iPhone screens
Uber's iPhone app has a secret backdoor to
powerful Apple features, allowing the ride-hailing service to
potentially record a user's screen and access other personal
information without their knowledge.
I hope they do it more securely than India did.
(Will the US point to this as they consider replacing the Social
Security number as an ID?)
EU to
implement electronic ID for residents to accelerate adoption of
e-government services
The European Union’s member states
signed
a sweeping declaration today designed to transform the way
governments across the continent deliver services by embracing
e-government initiatives.
Chief among these plans is an agreement to move
forward with development of a digital identification system that can
be used by residents to access a wide range of new online public and
private services. The agreement calls on the EU to create a
framework for ensuring the implementation of electronic IDs, while
also ensuring protection of privacy and security of the data.
For my Computer Security students.
Business
Email Scams: Protecting Your Company’s Information
From the Pennsylvania Department of Banking and
Securities, a
succinct
and very useful Infographic guide: “Business Email Compromise
is a cyber threat targeted against businesses, both large and small,
that typically involves a con artist targeting employees with access
to company financial or sensitive documents. The scammers lead the
employees to believe they are a trusted partner or are legitimately
entitled to the information, when in reality, they are criminals. A
common tactic of these cybercriminals is the use of a
“spear-phishing” emails and use of malware to first infiltrate
the organization and eventually send a sham email supposedly from the
CEO to an employee with access to financial information, requesting
money to be transferred…” [h/t Pete Weiss]
For our CJ students.
CrimeSolutions.gov
helps justice professionals improve effectiveness
“It’s important to celebrate milestones, and
CrimeSolutions.gov
has hit a big one — 500 rated programs. That’s 500
opportunities for the criminal and juvenile justice and victim
service practitioners and policymakers we serve to learn about what
works, what doesn’t, and what’s promising. While I am relatively
new to the National Institute of Justice, I have spent a good part of
my career championing evidence-based policy and the need for
rigorous, replicated, program evaluations. All our resources are
limited, and we need to ensure the programs we fund are effective in
addressing the many issues faced by criminal justice agencies.
CrimeSolutions.gov helps justice professionals, who may or may not be
social scientists, improve their effectiveness. The systematic,
independent review process and evidence ratings are intended to help
practitioners and policymakers understand the implications of social
science evidence that can otherwise be difficult to understand or
apply, and serve as a basis for gauging the quality of evidence. In
short, CrimeSolutions.gov strives to help practitioners answer the
question: Does it work?”
-
“CrimeSolutions.gov content is organized
a variety of ways, including by topic. The
topic
pages capture summary information as well as programs and
practices that have been reviewed by CrimeSolutions.gov.
Additionally, links to topical publications, Q&A, and related
resources are also captured on the topical pages.”
Computers & Law, what a concept!
Survey –
Ready or Not: Artificial Intelligence and Corporate Legal Departments
“
Lawyers
have long been characterized as technology Luddites who
are slow to change and wary of innovation. For corporate counsel,
though, this stereotype may be fading. According to the results of a
new Thomson Reuters report, “
Ready
or Not: Artificial Intelligence and Corporate Legal Departments“,
corporate counsel believe they are tech savvy but acknowledge that
their comfort level and confidence with technology have limitations,
specifically around artificial intelligence (AI). The applications
and impact of AI are growing, and AI tools will undoubtedly affect
how the legal profession practices over the next decade. Consider
how dramatically technology inventions have already changed the
practice of law: From typewriters to computers and from fax machines
to email, each advance has been transformative in the law. Lawyers
have accepted and adopted each of these evolutions. AI is the next
frontier. To better understand corporate counsel’s knowledge of
and comfort with the use of artificial intelligence in the
profession, Thomson Reuters conducted a survey of 207 in-house
attorneys to measure current perceptions regarding the use of AI in
corporate legal departments and the perceived benefits of AI once
adopted.
Perspective.
Facebook is
spending $1 billion for a building that basically no one will work in
There's a catch. Facebook's building will be a
data center—and it will require almost no people to operate.
The
project will mean plenty of money spent on construction and then
100 jobs in the data center afterward.
Perspective.
The state
of Twitter: Trump passes Pope as most-followed world leader
… as of May 2016, Trump’s follower count was
in the
7
million range. Now he’s about to blow past 40 million.
Of course, Katy Perry has 104.5 million followers,
making her the most-followed person overall on Twitter. So, Trump
still has a ways to go before knocking her from that perch.