Skip to content Skip to navigation

Friday Cyber News, April 20 2018

Cyber technology-related news and links from around the web, for the week of 4/14 - 4/20:

1. The capabilities and scope of activity of North Korean hackers have improved lately, the results of hacker training programs that take recruits as young as 11 and a focus on attacks that would help North Korea negotiate against sanctions or bring funds--through cryptocurrency--into the country. [WSJ]

2. Technology firms including Microsoft, Cisco, HP, Oracle, and Facebook have signed a pledge, called the Cybersecurity Tech Accord, that vows not to assist any governments in conducting cyber attacks, and to protect all customers equally, regardless of nationality or attack motivation. The promise of improved security and cooperation is welcome, and also raises the question of what types of government requests motivated the drafting of this accord. [Cyber Tech Accord; The Hill]

3. White House cybersecurity coordinator Rob Joyce is leaving his position to return to the NSA, following the departure last week of his boss, Tom Bossert. [Reuters]

4. The US and the UK jointly attributed recent hacks against routers, firewalls, and switches to Russia, the fifth such Russian attribution in recent years. The router flaws noted were the same as those exploited by last week's hacks against Iranian devices that left a "don't mess with our elections" message, suggesting the calling card was meant to falsely deflect blame to American hackers. [Politico]

5. DHS plans to release new tools to address systemic risk in critical infrastructure systems and federal and state networks, according to Secretary Nielsen's speech at the RSA conference this week. [Cyberscoop]

6.​ To avoid covering all of its users under GDPR, Facebook is moving users outside the EU, US, and Canada off of a terms of service agreement with Facebook Ireland--the subsidiary the company established to take advantage of the country's favorable corporate tax laws--to one with Facebook Inc, headquartered in the US. Meanwhile, a preview of the GDPR-required disclosures, parental consent, and data download options left reporters wanting more granular options and better UI. [Reuters; Techcrunch]

7. A Russian court approved a country-wide ban on Telegram for refusing to provide the FSB access to users' encrypted messages (access which Telegram is technologically unable to provide). [NY Times]

8. The Department of Housing and Urban Development has reopened its investigation into whether Facebook's ads allowed housing discrimination. A newly released Data and Society report on algorithmic accountability highlights the "black box" nature of the decision-making used to target individuals with, for example, discriminatory ads, and the difficulty of conducting research on these closed-off systems. [The Hill; Data & Society]

9. Studies from Duke and University College London show that, despite popular assumptions, social media shows users a variety of opinions, both confirmatory and contradictory, and only 8% of those surveyed could be said to be within a "filter bubble". [BBC]

10. The FBI recently solved several bulk online consumer database thefts, tracing them back to a spam and phishing operation that netted its perpetrator, 28-year-old Kyle Milliken, millions of dollars, and now a 17-month sentence, after which Kyle suggests that he plans to become a cryptocurrency trader. [Daily Beast]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)