The Stroz Friedberg Cyber Brief

  FEATURED STORY            

MONDAY, MAY 1, 2017


The U.S. National Security Agency on Friday announced it would no longer collect, without a warrant, Americans’ emails and texts with people living overseas that merely mention a foreign intelligence target. "Instead, NSA will limit such collection to internet communications that are sent directly to or from a foreign target," the agency said.


The unexpected move was celebrated by digital privacy advocates who have long said the NSA’s so-called “about” surveillance, which dates from the George W. Bush administration, violated constitutional protections against unreasonable searches. The suspension was reportedly prompted by revelations that NSA workers had inadvertently violated certain restrictions put in place by the Foreign Intelligence Surveillance Court.

Former U.S. intelligence contractor Edward Snowden, who’s living in Russia, called the decision “likely the most substantive of the post-2013 NSA reforms, if the principle is applied to all other programs.” However, analysts note, there is no indication the NSA will halt this type of collection abroad, where constitutional and other legal limits largely do not apply. (NYT, Reuters, Wired, BBC)


Collection Crew: Following an anti-hacking deal struck between the U.S. and China in 2015, a group of Chinese hackers known for targeting U.S. defense companies has reportedly shifted its focus to critical infrastructure across Asia. (FT)


Microsoft Word: Cybersecurity experts say the software company took an unusually long time--nine months--to patch a bug that allowed hackers to gain control of a computer with little trace. In the meantime, some criminals reportedly exploited the vulnerability to spy on unknown Russian speakers, possibly in Ukraine, while a group of thieves used it to bolster their efforts to steal from bank accounts in Australia and other countries. (Reuters)


Netflix: A hacker who goes by the name “thedarkoverlord” shared the coming season of the series “Orange Is the New Black” after the person said Netflix failed to meet their ransom requests. The hacker threatened to release content from other studios if its demands were not met. (NYT)

Android Apps: A group of researchers from the University of Michigan identified hundreds of applications in Google Play that could allow hackers to steal data or install malware. (Wired)

  ON THE HILL                                    

Net Neutrality: Federal Communications Commission Chairman Ajit Pai revealed his plans for rolling back net neutrality, which restricts internet service providers from prioritizing certain kinds of web traffic over others. Pai plans to hand regulatory jurisdiction of broadband providers back to the Federal Trade Commission, an agency that critics argue is less equipped to handle them. (The Hill)

Huawei: The U.S. Treasury Department is reportedly broadening its investigation into whether the Chinese technology giant violated U.S. sanctions on Cuba, Iran, Sudan and Syria. A subpoena, which was sent to Huawei’s Texas offices last year, called for the company to describe technology and services provided to these countries over the past five years. (NYT)


NATO: In the ten years since Russian hackers allegedly targeted Estonia in a massive disruptive attack, the Baltic nation has transformed itself into one of Europe’s most tech-savvy countries and a pillar of NATO’s cyber deterrent, analysts say. (WSJ)

  PRIVATE SECTOR                             

Facebook: In an acknowledgement that it has become a battleground for governments and others seeking to manipulate public opinion, Facebook has outlined new measures to combat what it calls “information operations.” The effort will build on the company’s recently expanded campaigns to identify fake news and crack down on automated profile pages that post commercial or political spam. (Reuters)

  THE WORLD                                     

France: Researchers at Trend Micro said that the hacking of the campaign offices of Emmanuel Macron, the frontrunner in France's presidential race, carried digital “fingerprints” similar to the suspected Russian hacking of the Democratic National Committee and others in the 2016 U.S. election. (WaPo)

Denmark: A new report by the Danish government’s Center for Cybersecurity said that hackers had breached email accounts and servers at both the Defense Ministry and the Foreign Ministry in 2015 and 2016. Defense Minister Claus Hjort Frederiksen blamed Moscow. Russia has denied the accusations. (NYT)


Hackers Ran Through Holes in Swift Network: “An examination of Swift’s culture and practices, including interviews with more than a dozen people who have worked for or closely with Swift, shows it was ill-prepared for some of the toughest challenges of the cyberattack era. Security standards for banks using the Swift network were dictated in what was an eight-gigabyte handbook but rarely enforced, these people say,” write Katy Burne and Robin Sidel in the Wall Street Journal.


Meet the Robot Trainers: “Before the machines become smart enough to replace humans, as some people fear, the machines need teachers. Now, some companies are taking the first steps, deploying artificial intelligence in the workplace and asking their employees to train the A.I. to be more human. We spoke with five people — a travel agent, a robotics expert, an engineer, a customer-service representative and a scriptwriter, of sorts — who have been put in this remarkable position,” writes Daisuke Wakabayashi in the New York Times.

Handing the Internet Over to Big Business: “Small businesses shouldn’t have to outbid massive conglomerates just to get their product in front of consumers’ eyes. If net neutrality is gutted, only the biggest conglomerates will be able to pay for the fastest Internet speeds. In many ways, it’s our small, innovative, next-generation businesses that have the most to lose,” write Ron Wyden, Al Franken, and Tom Wheeler.



Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.