The Stroz Friedberg Cyber Brief

email : Webview : Cyber Brief: Top Court Widens FBI's Search Net
The Cyber Brief
Today's Top Story
MONDAY, MAY 2, 2016
The Supreme Court last Thursday approved a rule change that would allow federal judges to grant search warrants for computers located anywhere the U.S. has jurisdiction, a decision that critics say will greatly expand the FBI’s surveillance powers while eroding personal privacy. Previously, judges could only sanction searches within their jurisdiction, often limited to a few counties. The Department of Justice, which has lobbied for the rule change since 2013, said it was necessary to keep up with criminals in the digital age.

Congress has until December to reject or modify the change, but analysts say it rarely exercises this authority, especially in an election year. If lawmakers do not act, the change takes effect automatically. Sen. Ron Wyden (D-OR), a longtime critic of federal surveillance programs, said he planned to introduce legislation to block the new rule. (Reuters, BBC, Atlantic)
FBI-Apple: The Bureau paid under $1 million for the technique used to unlock the iPhone used by one of the San Bernardino shooters, and will reportedly be able to use this method to unlock other iPhone 5C models running iOS 9. (Reuters)

Phone Database: U.S. officials fear that national security may have been jeopardized when the company building a sensitive phone-number database violated a federal requirement that only U.S. citizens work on the project. The database tracks nearly every phone number in North America, making it a key tool for law enforcement agencies. (WaPo)

Financial Network: The global messaging network SWIFT issued an urgent warning to thousands of financial institutions using its software to install an upgrade after discovering "a number of recent cyber incidents." (VOA)

Spotify: A list containing hundreds of Spotify account credentials, including emails, usernames, passwords, and other details popped up on the website Pastebin, in what appears to be a possible security breach. The company denied it has been hacked. (Tech Crunch, The Hill)

Bitcoin: An Australian entrepreneur, Craig Steven Wright, has claimed to be the creator of the online currency. In order to support this, Wright reportedly provided digitally signed messages using cryptographic keys generated by Satoshi Nakamoto, the pseudonym previously connected to the currency’s creator. (NYT)
Espionage: The Justice Department has reportedly issued new rules that give prosecutors in Washington greater oversight over national security cases. The changes come after the collapse of several high-profile prosecutions in recent years led to allegations that the government was singling out Chinese-Americans as spies. (NYT)

FISA: A Justice Department document shows that the U.S. Foreign Surveillance Intelligence Court granted every government request in 2015 for electronic surveillance orders granted for foreign intelligence purposes, continuing a longstanding trend. (Reuters)
Emails: The House of Representatives unanimously passed The Email Privacy Act, a bill that would require law enforcement to obtain a search warrant before asking tech companies to turn over your emails. A warrant is presently not required to access emails stored online for more than 180 days. (Wired)
Military AI: Deputy Secretary of Defense Robert Work said that the only likely uses of completely autonomous machines were in defense, such as missile batteries programed to respond to incoming missiles, or computer programs that react to cyberattacks. (FT)
Autos: Google and Fiat Chrysler are reportedly close to agreeing on a partnership to develop self-driving cars. Google has said in the past that it does not want to build autonomous vehicles on its own. (Reuters)
Europe: European counterterrorism officials say U.S. laws and corporate policies are hampering their efforts to prevent the next attack. The legal procedures for getting international evidence from U.S.-based firms like Facebook and Twitter are dangerously outdated, they say. (WSJ)

Germany: A nuclear power plant in Germany was found to be infected with malware, but operators say it does not appear not to have posed a threat because it is isolated from the Internet. (Reuters)

Russia: Konstantin Malofeev, a multimillionaire with close links to the Kremlin and Russian Orthodox Church, has become a central player in Moscow’s drive to limit America’s digital influence. (FT)
Must Reads
Cyber Warfare: Iran Opens a New Front: “Iran is rapidly emerging as the sixth member of the cyber superpower club. Denuded of its nuclear ambitions by the landmark deal struck last year to limit uranium and plutonium enrichment, some fear Tehran will wield its cyber arsenal as an equally long-range weapon with which to menace its adversaries,” writes Sam Jones in the Financial Times.

Protection of Trade Secrets: Overview of Current Law: “Stealing trade secrets has increasingly involved the use of cyberspace, advanced computer technologies, and mobile communication devices, thus making the theft relatively anonymous and difficult to detect. The Chinese and Russian governments have been particularly active and persistent perpetrators of economic espionage with respect to U.S. trade secrets and proprietary information,” writes Brian T. Yeh in this Congressional Research Service report.

The Critical Hole in Our Cellphone Networks: “The telecom industry has known for years that SS7 is vulnerable to spying, but did little about it because many assumed the risks were theoretical. This changed in the wake of the Ukrainian incidents, says Cathal McDaid, head of the threat intelligence unit for AdaptiveMobile, a mobile telecom security firm. His company and others devised ways to detect SS7 attacks, and since then they have discovered suspicious activity in the networks of multiple telecom customers, suggesting that SS7 attacks are very much real—and ongoing,” writes Kim Zetter for Wired.
Top Op-Eds
Aspen Security Forum: July 27-30
Follow us:

Stroz Friedberg
powered by emma