The Stroz Friedberg Cyber Brief

  FEATURED STORY            



Donald Trump’s incoming chief of staff, Reince Priebus, said on Sunday that the president-elect might accept the conclusion that Russia interfered in the U.S. election if the FBI and other intelligence agencies were unified in providing evidence. The concession follows weeks of skepticism from Trump’s team that there was sufficient proof of Moscow’s involvement.

Meanwhile, a group of senior senators, including Charles Schumer (D-NY) and John McCain (R-AZ), called on Senate Majority Leader Mitch McConnell to form a special bipartisan committee to investigate cyberattacks on the United States, with a focus on Russia. In a press conference on Friday, President Obama suggested that Vladimir Putin likely ordered the hacking and said the United States would retaliate “at a time and place of our own choosing.” Russia has repeatedly dismissed the U.S. allegations. (WSJ, NYT, Reuters, WaPo)


Voting Machines: A Russian-speaking hacker was caught on a criminal marketplace trying to sell access to the Election Assistance Commission, the U.S. government agency that vets polling security. Cybersecurity experts don't believe the breach is connected with Russia’s alleged interference in the presidential election. (CSM)


Yahoo: Verizon is pressuring Yahoo to amend the terms of its $4.8 billion acquisition agreement to reflect the economic damage caused by two massive cyberattacks. On Wednesday, Yahoo announced that data belonging to more than 1 billion of its users was compromised in 2013. The news followed Yahoo's disclosure in September of a separate breach that affected over 500 million accounts. (Reuters, NYT)

Ransomware: Researchers uncovered a creative piece of malware called Popcorn Time that reportedly holds user’s data hostage until they pay up or choose to sell out two of their contacts. (Wired)


Ashley Madison: The owner of dating site Ashley Madison agreed to pay $1.6 million to settle a Federal Trade Commission investigation and state charges related to the huge 2015 data breach. Hackers calling themselves the Impact Group posted online a large cache of the stolen data, which wreaked havoc on some users’ lives. (WaPo)

Talk Talk: The unnamed 17-year-old who admitted illegally hacking the communications company last year was sentenced by a UK court to a year rehabilitation. Talk Talk was previously fined 400,000 pounds for insufficient cybersecurity. (Reuters)

  ON THE HILL                                    

Transportation Dept: U.S. regulators proposed a rule mandating so-called vehicle-to-vehicle communications on all new light vehicles in the United States, which would feed information to drivers to help them avoid collisions. All vehicles would be required to equip the technology within four years. (WSJ)


  PRIVATE SECTOR                             

Twitter: The company sent a letter to the ACLU of California confirming that Dataminr, a firm Twitter partly owns, will no longer provide social media surveillance tools to any local, state, or federal government customer. (ACLU)


Facebook: Amid rising criticism that it did not do enough to combat the problem during the U.S. presidential campaign, the social media company vowed to introduce tools to prevent fake news stories from spreading on its platform. Some conservative writers decried the move as an attempt to muzzle their legitimate content. (Reuters)

Amazon: The retail giant last week made its first customer delivery by drone, carrying a package containing popcorn and a Fire TV video-streaming device several miles to a farmhouse near Cambridge, UK, in 13 minutes. (WSJ)

  THE WORLD                                     

Macedonia: The emergence of a fake news industry in the Balkans may have helped tip the U.S. presidential election toward Donald Trump. Now, these opportunists may turn their attention to elections next year in France and Germany. (FT)


Germany: Legislators introduced a bill that would require social media companies to swiftly remove fake news and hate speech from their platforms or face stiff financial penalties. The proposal comes amid fears that Russia may attempt to sway Germany’s parliamentary elections, due in the second half of next year. (WSJ)

Thailand: Prime Minister Prayuth Chan-ocha defended a decision to amend a cybercrime law to increase the military government's ability to remove online content as authorities seeks to tighten control on dissent. The country has some of the toughest laws against royal insult, which have curtailed public discussion about the monarchy's role following the recent death of King Bhumibol. (Reuters)


China Offers Template for Responding to Russian Hacking: “The U.S. strategy in China was in many ways the polar opposite of a knee-jerk, hack-back approach. It was a years-long series of diplomatic and legal efforts, all aimed at curbing Beijing’s economic espionage...Those efforts worked. At the very least, they stemmed China’s hundreds of attacks on American private sector targets, if not its more traditional espionage against US government agencies,” writes Andy Greenberg in Wired.


A New Low Point in White House-CIA Relations: “Let me venture an educated guess based on 30 years of reporting and writing about US intelligence. I surmise that the secret services know more than has been disclosed about Mr Putin’s role in hacking and attacking the American political system. They know more about the specific mechanisms of Russia’s weaponising of information stolen from the Democrats and Mrs Clinton — and why the secrets stolen from the Republicans and Mr Trump stayed sheathed. If this information is not disclosed, it will create an unbearable tension in Washington. And if it is disclosed, suspicions could lead straight to Trump Tower. And that in turn could set off a constitutional crisis the likes of which we have not seen since Richard Nixon’s helicopter lifted off from the White House lawn for the last time,” writes Tim Weiner in the Financial Times.

The Great AI Awakening: “Google’s decision to reorganize itself around A.I. was the first major manifestation of what has become an industrywide machine-learning delirium. Over the past four years, six companies in particular — Google, Facebook, Apple, Amazon, Microsoft and the Chinese firm Baidu — have touched off an arms race for A.I. talent, particularly within universities. Corporate promises of resources and freedom have thinned out top academic departments. It has become widely known in Silicon Valley that Mark Zuckerberg, chief executive of Facebook, personally oversees, with phone calls and video-chat blandishments, his company’s overtures to the most desirable graduate students. Starting salaries of seven figures are not unheard-of. Attendance at the field’s most important academic conference has nearly quadrupled. What is at stake is not just one more piecemeal innovation but control over what very well could represent an entirely new computational platform: pervasive, ambient artificial intelligence,” writes Gideon Lewis-Kraus in New York Times Magazine.


Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.