The Stroz Friedberg Cyber Brief

  FEATURED STORY            



The Chinese parliament passed legislation today that will impose cybersecurity regulations on domestic internet users and a wide array of foreign businesses. Beijing says the law, which will take effect in June of next year, is needed to defend against cyberattacks and terrorism, while overseas critics say it will further erode internet freedom. The law requires individual users to register their real names to use messaging services in China.

Meanwhile, foreign businesses fear that aspects of the law--including required security checks on companies in industries such as finance and communications, and mandatory in-country data storage--will force them out of the market. In particular, companies are concerned they will be made to disclose their source code and other corporate secrets to the Chinese government to prove their equipment is secure. (NYT, WSJ, Reuters)


U.S. Election: All but two state governments have accepted assistance from the Department of Homeland Security to scan voter registration and election systems for vulnerabilities. Meanwhile, hackers at the Pentagon are reportedly poised to wreak some digital havoc in Russia should the Obama administration decide to retaliate for the Kremlin’s intervention in the U.S. presidential election. (Reuters, NBC)


iPhones: Security researchers are warning iPhone users that hundreds of fake retail and product apps have popped up in Apple’s App Store in recent weeks. Some are relatively harmless, serving up unwanted ads, but others can scam users for credit card and other sensitive information, they say. (NYT)

OurMine: Business news websites Business Insider and Inc. were both hacked by people claiming to be the cyber racketeering group OurMine, who altered stories to promote their security consultancy. OurMine has pulled the same trick with the social media accounts of a number of technology executives. (The Hill)


U.S.-EU Data: A group of French litigants is challenging the legality of the Privacy Shield agreement at the Luxembourg-based General Court, following in the steps of Irish group Digital Rights Ireland. In its suit, the French group says that the U.S. ombudsman is not an effective mechanism for dealing with complaints. (Reuters)


  ON THE HILL                                    

IRS: The number of people who filed IRS affidavits stating they had been victimized by identity theft dropped 50 percent during the first nine months of the year compared with 2015. The IRS said the numbers indicate that its crackdown on cyber identity fraud has worked. (USAToday)


NATO: An interdisciplinary group at NATO's Cooperative Cyber Defence Centre of Excellence in Estonia is reportedly wrapping up the "Tallinn Manual 2.0," which will examine how international law applies to cyberattacks that don't cross the line into armed conflict. The original Tallinn Manual was published by the same body in 2013. (CNN)


  PRIVATE SECTOR                             

CPUs: NXP Semiconductor, the world's largest chip supplier to the automotive industry, expects the development of self-driving cars to lead to more consolidation in its sector. The chip industry has been undergoing rapid consolidation in recent months. (Reuters)

Google Chrome: The web browser is about to start naming and shaming nearly half of the world’s websites that don’t use strong encryption, putting a “Not secure” warning next to thousands of popular online destinations that use unencrypted HTTP connections. (Wired)

  THE WORLD                                     

UK: The British government unveiled a £1.9 billion package designed to boost Britain’s defenses against growing cyberthreats. The money almost doubles the amount set out for a similar strategy in 2011. (Guardian)

Germany: Munich authorities are investigating Mark Zuckerberg and other Facebook executives following a complaint alleging the company broke laws against hate speech and sedition by failing to remove racist postings. (Reuters)

The U.S. Media and Foreign Propaganda: “Would any self-respecting news editor take a call from the head of the GRU or the FSB (Russian military and state intelligence) and accept an offer to publish a cache of emails from the staff of a U.S. presidential candidate? This is essentially what every outlet covering this story has done, in the process placing all of our private means of communication at risk of exposure from illegal invasion by any foreign power or domestic agency. The media’s freedom to publish such information may be protected, but its willingness to treat this information as news means that it has abandoned the basic ethics of journalism and its essential purpose to mediate such information for the public,” writes Eric Chenoweth in the Washington Post.


The Future of Voting: “Whenever and wherever they vote this election season, Americans will cast their ballots using antiquated devices and procedures that are time-consuming, inconvenient and unreliable. We deserve a better election system, and it isn’t hard to imagine what that might look like by, say, the election of 2028, if we follow a sustained path of improvement,” writes R. Michael Alvarez in the Wall Street Journal.

What Is Blockchain?: “Given that the first and most famous cryptocurrency, Bitcoin, was launched back in 2009, it has taken the wider industry a relatively long time to warm to it. But now suddenly everyone is talking about Bitcoin’s underlying blockchain technology as a disruptor of potentially massive proportions,” writes Alistair Dabbs in Ars Technica.


Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.