The Stroz Friedberg Cyber Brief

email : Webview : Cyber Brief: Apple Says Court Order Violates Constitutional Rights
The Cyber Brief
Today's Top Story
Apple has urged a California federal court to throw out an order compelling it to help the FBI crack a terrorism suspect’s iPhone. In a brief filed last Thursday, the company said the court’s order oversteps a 1789 law known as the All Writs Act, which allows judges to require actions to enforce their orders, and also violates Apple’s First and Fifth Amendment rights. “The government's request here creates an unprecedented burden on Apple and violates Apple's First Amendment rights against compelled speech,” the company said.

The free speech and due process claims could help if Apple wants to attract the attention of the Supreme Court. Legal experts say that courts have generally held that computer code can be considered “speech” under the First Amendment, but that a major consideration might be whether a judge sees the programming as mostly “expressive” conduct like writing a book, which receives a high-level of protection, or merely functional, like a machine.

Meanwhile, more than 25 major technology firms, media organizations, and civil liberties groups are expected to file briefs this week in support of Apple. (Reuters, NYT, WSJ, Wired, WashPost)

Economist: Code to Ruin?
Ukraine: The U.S. Department of Homeland Security officially said that a power outage in Ukraine late last year affecting 225,000 customers was the result of a cyberattack, although it did not confirm the perpetrators of the attack. Other security researchers have linked the incident to a Russian hacking group known as “Sandworm.” (Reuters)

Sony: New research indicates that the Sony hackers are part of a prolific group that’s been active since at least 2009, and that appears to be responsible for more than 45 families of malware used in attacks since then. (Wired)

UC Berkeley: University officials announced that hackers may have gained access to Social Security and bank account numbers for about 80,000 current and former faculty, staff, students and vendors following a December cyberattack. (Contra Costa Times)

‘MouseJack’: Security researchers from Bastille Networks discovered a total of nine vulnerabilities across wireless keyboards and mice that allow attackers to wrest control of the input devices, and ultimately infiltrate the machines and their networks using a $15 USB dongle within 100 meters of the victim. (Dark Reading)
Data Pact: As part of the new data-sharing agreement — known as the EU-U.S. Privacy Shield — companies will face stricter rules regarding how they move people’s information, and U.S. officials agreed to new limits on gathering intelligence from Europeans’ online information. (NYT)

DHS: The Department of Homeland Security is reportedly building tools to more aggressively examine the social media accounts of all visa applicants and those seeking asylum or refugee status in the United States for possible ties to terrorist organizations. (NYT)

FAA: The Federal Aviation Administration said it would develop regulations allowing some unmanned aerial vehicles to fly over people, an authorization eagerly sought by a range of industries including real estate and agriculture. (Reuters)
NSA: The White House is reportedly close to permitting the NSA to share more of the private communications it intercepts with other U.S. intelligence agencies without first applying privacy protections to them. The idea is to let more experts across government gain direct access to unprocessed information, increasing the chances that they will recognize anything of intelligence value. (NYT)

ISIS: The U.S. military has launched an aggressive cyber campaign against the Islamic State in Iraq and Syria that is targeting the terrorist group’s ability to communicate and spread propaganda online. The surge of computer-based military operations by U.S. Cyber Command began shortly after Defense Secretary Carter met with commanders at Fort Meade last month. (AP)

Drones: A new report written by Paul Scharre, a former Pentagon official who helped establish U.S. policy on autonomous weapons, argues that such weapons could be uncontrollable in real-world environments where they are subject to design failure as well as hacking, spoofing and manipulation by adversaries. (NYT)
Google: In the last decade, the tech giant has spent untold millions of dollars measuring nearly every aspect of its employees’ lives. In 2012, Google embarked on an initiative — code-named Project Aristotle — to study hundreds of its teams and figure out why some stumbled while others soared. (NYT Magazine)

Microsoft: Last November, the company opened its Cyber Defense Operations Center, a new facility that lies at the heart of Microsoft’s campaign to rebuild its reputation for security. (WSJ)
UK: Businesses in the United Kingdom are battling a huge rise in cybercrime capable of bringing down entire firms, according to new analysis by PricewaterhouseCoopers. The fastest-growing area of fraud is cybercrime, which made up just 20% of Britain’s economic crime in 2014 but has since jumped to 44%. (Guardian)

Must Reads
How Companies Are Hit by Email Scams: “More than 12,000 businesses worldwide have been targeted by the scams, also known as CEO email schemes, between October 2013 and this month. The transactions have netted criminals $2bn, according to the Internet Crime Complaint Center, an intelligence and investigative group within the FBI that tracks computer crimes. Companies large and small, across 108 countries, have been hit and the threat is growing, law enforcement officials say,” writes Kara Scannell in the Financial Times.

Encryption: Implications for Law Enforcement: “Law enforcement has concerns over certain technological changes, and there are fears that officials may be unable to keep pace with technological advances and conduct electronic surveillance if they cannot access certain information. Originally, the going dark debate centered on law enforcement’s ability to intercept real-time communications. More recent technology changes have potentially impacted law enforcement capabilities to access not only communications, but stored data as well,” writes Kristin Finklea of the Congressional Research Service.

The Broken System of Classification: “Every few years, a news event demonstrates how dysfunctional, arbitrary and counterproductive the country’s system of classifying information really is. Sometimes it’s an article or book about government conduct that causes hand-wringing among intelligence officials. Sometimes it’s a prosecution under the nearly 100-year-old Espionage Act for mishandling classified information, instead of for actual spying,” writes Abbe David Lowell in the New York Times.
Top Op-Eds
RSA Conference 2016: San Francisco, Feb 29-Mar 4
Follow us:

Stroz Friedberg
powered by emma