Skip to content Skip to navigation

Friday Cyber News, October 13 2017

Cyber technology-related news and links from around the web, for the week of 10/7 - 10/13:

1. Israeli intelligence officers alerted American intelligence officers that they saw Russian intelligence officers searching for American intelligence programs through Kaspersky software. How did the Israelis know to look in Kaspersky in the first place? They had infiltrated Kaspersky software as well, at least by 2015, and were using it to spy on targets of interest, such as hotels where UN Security Council members were negotiating the Iran nuclear deal. Concerns about Kaspersky in 2015 also stemmed from a Russian diplomatic request to stop an FBI due diligence investigation into Kaspersky's operations following Kaspersky's sales pitch to government agencies. [NY Times; Cyberscoop] 

2. In response to a FOIA request, the NSA has declassified documents related to a FISA case on upstream data collection. Among the interesting tidbits revealed between the black tape are that communicators were assumed to be foreigners in the absence of "evidence to the contrary" (because we all traditionally sign our emails "cheers, a US citizen"), and it was declared infeasible to separate individual communications from bulk collections because ISPs and communications providers could change protocols at any time. [NY Times]

3. The US-China cybersecurity cooperation agreement reached in 2015, with terms including not engaging in IP theft and providing mutual legal assistance with cybercrime investigations, will continue. [Justice.gov] 

4. Google has discovered it also sold political ads to Russian-linked firms prior to the 2016 US election. The ads were run on YouTube, Gmail, and in search results. [The Hill] 

5. South Korea's Defense Integrated Data Center was hacked and data including plans for pre-emptive strikes against North Korean weapons facilities and Kim Jong Un were stolen. [Newsweek]

6.​ Facebook decided to debut its virtual reality platform where you can appear, as a noodle-armed torso-only avatar with filed-down teeth, in front of an anamorphosed photo of your preferred location, by depicting himself and Facebook's head of social virtual reality in flooded and hurricane-ravaged areas of Puerto Rico. The majority of Puerto Ricans have been without electricity and running water for three weeks, individual citizens are spending thousands of dollars to fly basic supplies, like bottles of water and mosquito repellant, as commercial cargo to deliver them to neglected areas of the island, and Zuckerberg's promotion of virtual reality rubbernecking provides support for the worst characterizations of the Silicon Valley bubble and out-of-touch tech elites. [Quartz; New Yorker]

7. Russia announced plans this week to crack down on cryptocurrencies; its central bank announced that it would be blocking exchanges, and called Bitcoin transactions "dubious." If you've ever wondered how Chinese Bitcoin high rollers party, the answer--with a custom poker table engraved with "Faith in Bitcoin"--and many more amusing details are in this article about the Bitcoin community in China. The price of Bitcoin climbed above $5,000 this week. [The Hill; Quartz; The Guardian] 

8. Facebook, Twitter, Google, and Microsoft have teamed up with the Anti-Defamation League to form the Cyberhate Problem-Solving Lab to develop strategies to curb hate speech and abuse on online platforms. I hope it works. [CNet]

9. How far should we expect good "cyber hygiene" to go? Due to UI loopholes, some phishing pop-ups can precisely mimic real password-entering dialogue boxes--same font, colors, buttons, wording--in a proof-of-concept that shows how platforms should protect users from malicious design. One victim of this technique? The Equifax website, which yesterday was presenting visitors with fake Flash download prompts. [Krausefx; Ars Technica]

10. In the US, we have a shortage of cybersecurity talent, and one option might be conscription: the IDF is finding itself with a shortage of combat troops, as more and more draftees are asking for cybersecurity roles. The IDF's cybersecurity unit is known for its quality, but also for its safety and indoor job locations. [Cyberscoop]

Thanks for reading,

Allison
Stanford Cyber Initiative

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)