The Stroz Friedberg Cyber Brief

  FEATURED STORY            

MONDAY, APRIL 16, 2018


The Russian government has begun prohibiting access to Telegram after the messaging service refused to give state intelligence agents access to users’ encrypted  messages. Telegram lost a high court battle last month to overturn a law requiring the company to provide encryption keys to the Federal Security Service. The government’s ban comes just weeks after Telegram raised $1.7 billion from investors.

President Vladimir Putin signed counterterrorism laws in 2016 that included a requirement for messaging services to provide authorities with means to decrypt user correspondence. Telegram, created by Russian entrepreneur Pavel Durov, is one of the most popular mobile messaging apps with more than 200 million global users. Attorneys for the company said they are planning an appeal. (Reuters, Bloomberg, NYT)


Islamic State: The British government conducted a "major offensive cyber-campaign" against the Islamic State, targeting the militant group's ability to coordinate attacks and publish propaganda. It is reportedly the first time the UK has systematically degraded an adversary's online efforts in a military campaign. (BBC)


Internet of Things: A wide range of internet connected consumer devices, including routers and video game consoles, have vulnerabilities that could provide hackers a jumping off point for all sorts of malicious behavior like DDoS attacks and malware distribution.  Akami, the content and web services firm, published new findings that it has actively observed attackers exploiting such vulnerabilities. (Wired)

YouTube: Several popular music videos, including one for the song “Despacito,” were removed temporarily from YouTube after a security breach at Vevo allowed hackers to deface the videos. (CBS)


Apple: A bipartisan group of lawmakers in the U.S. House of Representatives is asking the FBI to explain a “troubling” recent report that appears to show the agency failed to exhaust all its technical options before taking Apple to court to force the company to unlock the iPhone of one of the San Bernardino shooters. (Mercury News)

  ON THE HILL                                    

Data Privacy: The U.S. Senate Commerce Committee says it will hold a hearing on Cambridge Analytica and other companies that may have improperly obtained internet user data. (Reuters)

Uber: The Federal Trade Commission said the ride-hailing company agreed to expand its proposed settlement agreement amid allegations that Uber deceived consumers about its data security practices and failed to inform the agency about data breaches. Uber could face civil fines if it fails to disclose future incidents. (Reuters)

  PRIVATE SECTOR                             

Facebook: There are new concerns about the social media giant’s respect for data privacy after Mark Zuckerberg testified on Capitol Hill that Facebook tracks people whether they have accounts or not. (Reuters)


Credit Cards: Visa, American Express, Discover and Mastercard have said that, as of this month, they will no longer require customers to sign their names when paying with a credit card. (NYT)

Avast: Based in the Czech Republic, the world’s largest consumer antivirus supplier is expected to list its shares on the London Stock Exchange in what analysts say could be a blockbuster float valuing the company at around $4 billion. (Reuters)

  THE WORLD                                     

EU: The Irish High Court has asked the Court of Justice of the European Union to determine whether it's legal under European law for firms like Facebook to routinely transfer user data to the United States. (Ars Technica)


India: Indian cryptocurrency exchange Coinsecure said nearly $3 million in Bitcoin were stolen, the largest theft reported so far in the country’s fledgling virtual currency market. (Reuters)

Singapore: The government’s plan to install 100,000 surveillance cameras across the island-state is raising privacy fears among security experts and rights groups. Singapore says the project is part of a broader “Smart Nation” plan. (Reuters)


Why Europe, Not Congress, Will Rein In Big Tech: “Technology companies are readying themselves for sweeping new privacy rules that will go into effect next month across the European Union. They could face billion-dollar fines if they fail to give European users far more control over their personal information. Whether Congress follows the European model, as some lawmakers floated last week, or whether big tech companies determine it’s too cumbersome to treat the 500 million people of the European Union differently from the rest of the world, Europe is likely to keep setting the global pace for aggressive regulation,” write Michael Birnbaum and Tony Romm in the Washington Post.


I Downloaded the Info Facebook Has on Me. Yikes: “When I downloaded a copy of my Facebook data last week, I didn’t expect to see much. My profile is sparse, I rarely post anything on the site, and I seldom click on ads. (I’m what some call a Facebook ‘lurker.’)

But when I opened my file, it was like opening Pandora’s box,” writes Brian X. Chen for the New York Times.

The Questions Zuckerberg Should Have Answered: “American privacy is important. But gaining a more expansive understanding of the information operations being targeted against our population by hostile foreign actors like Russia is also critical. In that respect, the [Mark] Zuckerberg hearings were a huge missed opportunity,” writes Molly McKew for Wired.



Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.