Skip to content Skip to navigation

Friday Cyber News, March 15 2019

Cyber technology-related news and links from around the web, for the week of 3/9 - 3/15:

1. Though likely unrelated to its outage this week, Facebook is under federal investigation for the data deals it struck with other tech companies that "let the companies see users’ friends, contact information and other data, sometimes without consent." [NY Times]

2. Under Senators Markey and Hawley's proposed expansion of COPPA, the Children's Online Privacy Protection Act, user permission to collect data on teenagers would be expanded to include those 13-15 years old. [The Hill]

3. Manipulation of votes was discovered to be possible in the Swiss government's electronic voting system, scheduled to be rolled out nationwide this fall, and the city of Denver plans to test blockchain-supported e-voting platform Voatz for military and overseas residents. [Cyberscoop; Denver Post]

4. Exploits for phones are becoming harder to find as their security improves and fewer zero-days are available, leading to increasing prices for router zero-days. [Motherboard]

5. Maduro blames Venezuela's recent blackout on a cyber attack on the country's electrical grid. [CGTN]

6. Admissions files at Grinnell, Oberlin, and Hamilton colleges were being ransomed this week by hackers who broke into the schools' third-party applicant data system, but of course the admissions files we really want to see are those involved in Operation Varsity Blues. [WSJ; NY Times]

7. Naval cybersecurity is in critical condition, according to a recent internal review; the report notes sustained and continuous cyber attacks from China and Russia, and warns that the Navy and its industrial partners are "hemorrhaging critical data." [WSJ] 

8. Quid pro quo, Deutschland: the US is threatening to suspend intelligence sharing with Germany unless the latter terminates a contract with Huawei to build the country's 5G network. The US contends that Huawei has been conducting cyber espionage, in accordance with its duty under China's National Intelligence Law. [The Hill; NY Times]

9. Under the Senate's proposed IoT cybersecurity improvement act, NIST would be asked to develop recommendations for the management of federally-owned IoT devices, as well as standards for patching and identity and configuration management more generally. Previous versions of this bill that failed focused on the responsibilities of OMB, so lawmakers are now hoping NIST's capabilities are better suited to the task. [Inside Privacy]

10. E-health ethics suffered a setback this week when a patient in a Fremont hospital was informed that he was going to die by a doctor using a telepresence robot. [BBC]

Thanks for reading,

Allison
Stanford Cyber Initiative
fsi.stanford.edu/cyber

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)