The Stroz Friedberg Cyber Brief

  FEATURED STORY            

MONDAY, MARCH 27, 2017


The Justice Department is reportedly building cases that would implicate North Korea in the theft of $81 million from Bangladesh’s account at the Federal Reserve Bank of New York last year. Analysts say the legal effort may indicate that U.S. authorities suspect the historic heist is linked to the 2014 hack on Sony, which the FBI blamed on Pyongyang. However, if federal prosecutors file charges, they would likely target Chinese individuals believed to have served as middlemen in the heist. U.S. Treasury officials are reportedly considering sanctions against these men.

Security researchers say hackers linked to North Korea are attempting to steal money from more than 100 organizations around the world, including the World Bank, the European Central Bank, and large U.S. financial institutions. North Korea’s hacking network is vast, experts say, encompassing a group of 1,700 hackers, most of whom work abroad in places like China, Southeast Asia, and Europe. (WSJ, NYT)


Apple Devices: A new cache of secret U.S. documents released by WikiLeaks reportedly exposes a series of CIA tools that agents could use to install firmware “implants” on Apple machines, capable of silently monitoring and transmitting everything that occurs on a target’s operating system. (Newsweek)

Elections: Jigsaw and Google, both divisions of Alphabet, have launched a suite of free cybersecurity tools to support organizations that help elections run smoothly. A cornerstone of the “Protect Your Election” program is Jigsaw’s Project Shield, which provides free DDoS defense to independent news sites and human rights groups. (Wired)


ZTE: The Chinese telecom pleaded guilty in a Texas federal court to conspiring to violate U.S. sanctions by illegally shipping U.S. goods and technology to Iran. The plea was part of a settlement the company reached earlier this month with U.S. authorities that called for nearly $900 million in penalties. (Reuters)

Facebook Threat: A Wisconsin man, Brian Dutcher, has lost his appeal to set aside his 3-year prison sentence for threatening to kill then-President Barack Obama. The threats first appeared on Facebook and were then made verbally. (ArsTechnica)


  ON THE HILL                                    

Privacy Rules: Republicans in the U.S. Senate drove a vote to overturn federal regulations that limit the collection of customer data by broadband providers. The move, which has alarmed privacy advocates, means Verizon, Comcast, AT&T and others firms can continue tracking and sharing people’s browsing and app activity without permission. The House of Representatives is expected to follow this week. (NYT)

Automated Workforce: In an interview with Axios, U.S. Treasury Secretary Steven Mnuchin predicted that AI and robotics were still 50 to 100 years from displacing human jobs. The remarks contrast with growing research that suggests the shift will come much sooner. (WaPo)


NATO: The NATO Communications and Information Agency, which operates the alliance’s computer networks and missile defense command and control system, is expected to announce more than $3 billion in upcoming projects for defense contractors to bid on at a conference in Ottawa later next month. (WSJ)

China: The Pentagon is reportedly growing more concerned with Chinese firms making significant investments in U.S. start-ups working on technologies with potential military applications. A new white paper commissioned by the Defense Department says federal controls that are supposed to protect potentially critical technologies are falling short. (NYT)

  PRIVATE SECTOR                             

Baidu: The Chinese company’s chief scientist and AI star, Andrew Ng, is leaving the firm in April. It’s unclear where Ng will go, but he says he will “continue working toward the AI transformation of our society and the use of AI to make life better for everyone.” (Verge)

Wells Fargo: Beginning today, depositors at Wells Fargo can withdraw money using a smartphone at any branded ATM. Analysts say it's the latest sign of U.S. lenders moving away from traditional brick-and-mortar banking. (Reuters)

  THE WORLD                                     

U.S.: Some analysts say that U.S. trade data show that the United States is losing the battle to supply cutting-edge production machinery to rivals in Japan, Switzerland, and the EU. (WSJ)

Germany: Authorities said Germany last year fended off two cyberattacks by APT28, a Russian hacking group also dubbed "Fancy Bear," which experts say successfully targeted Hillary Clinton's U.S. election campaign. Germany is reportedly working closely with authorities in the United States, France, and elsewhere to compare notes about cyberattacks. (Reuters)


Inside the Hunt for Russia’s Most Notorious Hacker: “The uncomfortable truth is that [Evgeniy] Bogachev and other Russian cybercriminals lie pretty far beyond America’s reach. The huge questions that linger over the GameOver case—like those surrounding Bogachev’s precise relationship to Russian intelligence and the full tally of his thefts, which officials can only round to the nearest $100 million or so—foreshadow the challenges that face the analysts looking into the election hacks,” writes Garrett M. Graff in Wired.


The Future According to Facebook: “The market has proven itself woefully inadequate in confronting climate change and global inequality, and is even less likely to self-regulate the explosive powers of bioengineering and artificial intelligence. If Facebook intends to make a real ideological commitment, those who fear its power should not push it back into the neoliberal cocoon with cries of “Big Brother!”. Instead, we should urge other corporations, institutions and governments to contest its vision by making their own ideological commitments,” writes Yuval Harari in the Financial Times.

How ISPs Can Sell Your Web History: “Unless the House or President Donald Trump oppose the Senate's action, ISPs will not have to worry about any strong privacy rules getting in the way of using your browsing history for profit. There won’t be any specific rules requiring them to get opt-in consent before sharing browsing history, even if that data is related to just one customer instead of being aggregated with other customers’ data in order to anonymize it,” writes Jon Brodkin for Ars Technica.



Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.