Skip to content Skip to navigation

Friday Cyber News, January 4 2019

Cyber technology-related news and links from around the web, for the week of 12/29 - 1/4:

1. The first bill of the new Congress, HR1, contains provisions for $1.7B in grants to states to purchase secure election equipment, requires the formalization of a White House election cybersecurity strategy, and includes the Honest Ads Act, which would require online political ads to contain funding disclosures. The bill is not expected to succeed, but indicates House Democrats' security priorities for the year. [Axios]

2. USB-C now permits cryptographic authentication of devices, to mitigate the possibility that an unattended public device charging station has been compromised. [9to5Mac]

3. Ryuk ransomware disrupted weekend newspaper printing operations at the Tribune Company, though investigation of the incident is at too early of a stage to attribute the attack. [Cyberscoop]

4. New HHS cybersecurity guidelines released at the end of the year focus on ransomware, medical device security, and incident response for small and/or rural care providers. [Cyberscoop]

5. Some Chinese businesses outsource their online compliance with government censorship to service providers like Beyondsoft, which employs people to police content after first being given a crash course in topics that many have never learned about before, like Tiananmen Square and Liu Xiaobo. [NY Times]

6.​ Financial stability concerns and cyber risk are converging, and the Department of the Treasury's Office of Financial Research identifies three buckets for further research: financial substitutability (where are the chokepoints in transaction processing), loss of confidence (how would widespread ATM hacks or the release of compromising documents affect individuals' reliance on the financial system), and loss of data integrity (what happens if market prices or bank balances are systematically altered). [Lawfare] 

7. Other minds, as conceptualized by Mill and other philosophers, are identified by their observable behavior, which we assume reflects similar inner subjective states as our own: we assume, for better or worse, that everyone thinks as we do. As AI systems become more adept at mimicking the external expressions of human behavior, how can we assuredly determine that they lack subjective experiences? [Commonweal]

8. Russia's military intelligence agency, the GRU, has expanded the scope of its activities in the internet age to include psychological influence operations, hacking the Ukrainian power grid, deploying NotPetya, and allegedly attempting to assassinate Sergei Skripal. [Washington Post]  

9. US biodefense programs coordinate responses between governments and healthcare workers through the BioWatch website, which researchers now say is insecure and should not be used for the Secret-level security information that it processes. [DefenseOne]

10. Samuel Johnson noted that when a man is to be hanged in a fortnight, it concentrates his mind wonderfully, and when a man is to be paid in Fortnite (an online video game that I hear is popular with the youth), it now concentrates his cryptocurrency options to one: Monero. As the coin with only the 13th highest market capitalization, but enhanced privacy protections, Monero is an interesting choice. Happy new year. [CoinTelegraph]

Thanks for reading,

Allison
Stanford Cyber Initiative
fsi.stanford.edu/cyber

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)