Skip to content Skip to navigation

Friday Cyber News, January 6 2017

Cyber technology-related news and links from around the web, for the week of 12/31 - 1/6:

1. Perhaps we're living through the first world cyberwar--from Russian attacks on Estonia, through Stuxnet, Wikileaks, and North Korea v. Sony--we just haven't chosen to name it. Cyber weapons are being sold to governments and deployed in political scenarios, requiring newer arms control guidelines than those designed to cover AK-47s. [Guardian; NY Times]

2. Bowing to requests from the Chinese government, Apple removed New York Times news apps from the App Store in China amid China's accusations that the Times was in violation of local regulations, likely for publishing "prohibited information" which in China can include stories about its military history and territorial disputes. In more China news, the nation has released new draft standards for personal data protection, similar to those of the EU or Privacy Shield. [NY Times; Inside Privacy]

3. Rodrigo Duterte has governed the Philippines with a lot of real-world bullying, but he seems to have embraced cyberbullying and the creation of a "troll army" as well. [New Republic]

4. The CIA has identified Russian officials who fed information--the spoils of hacks directed at the DNC and other US organizations--to Wikileaks. The communications of senior Russian officials congratulating themselves on the US election's outcome were also intercepted. Some attribution of Russian hackers erroneously labels Tor-routed IP addresses as Russian. [Reuters; Washington Post; The Intercept]

5. Russian malware initially used to target Ukrainian utilities has been found in the wild in ransomware form--to recap, New Hampshire's public utilities were not hacked by Russians, as they speculated last week, but Russian malware is still targeting utility control systems, including those in the US. [Cyber Scoop]

6. Online communities sometimes suggest that forcing users to comment under their real names--as Facebook does--will reduce harassment. Research actually shows the opposite; people are more inclined to follow social norms when they are less identifiable. Related: Why are most AI personal assistants female? [Coral Project; New Yorker]

7.  Can data falsification be good? Believing in the ends justifying the means, librarians created a fake patron and used the account to check out unpopular but valuable books that would otherwise be culled by the library's inventory algorithm. [Boingboing]

8. Following in the footsteps of Disney's smart tracker, Carnival Cruises is introducing a piece of smart jewelry that will track cruisegoers' every move, location, food preference, minute of entertainment watched, and more. It's supposed to improve the experience, but Carnival notes some guests may have "creepiness factor" objections. [NY Times]

9. Cities are getting smarter in unobtrusive ways, including sensors to measure wastewater flows, the structural integrity of bridges, bicycle traffic at intersections, and the energy efficiency of street lights. We still agree with Hypponen's Rule (a smart ____ is a vulnerable ____ ), but we're all for more efficient infrastructure. [Quartz]

10. Deploying ransomware is now a crime in California. (Previously it fell under extortion). An SQL injection has been registered as a company name in the UK. [Ars Technica; Companieshouse.gov.uk]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)