Archive for April, 2016

NIST Kicks Off Effort to Defend Encrypted Data from Quantum Computer Threat

From: Imperial Valley News

Written by Chad Boutin

Washington, DC – If an exotic quantum computer is invented that could break the codes we depend on to protect confidential electronic information, what will we do to maintain our security and privacy? That’s the overarching question posed by a new report from the National Institute of Standards and Technology (NIST), whose cryptography specialists are beginning the long journey toward effective answers.

Hackers don’t just want your credit cards, now they want the pattern of your life

From: Open Source Intelligence

***

“If you have a credit card number, a name, and any kind of personal information such as the name of their wife or the name of their pets — anything which can be used to guess a password — you can get your hands on anything you want. It’s a very efficient product” said Apolline Aigueperse, lead cyberrisk analyst at cybersecurity firm CybelAngel, speaking at the recent Security & Counter Terror Expo in London.

What becomes of Facebook when people start to value privacy?

From: engadget

We’ve learned to protect our online image, but that’s inconvenient for a site that wants every gory detail of our lives.

Daniel Cooper

Facebook’s role in the world has changed though I didn’t expect to have an epiphany about that while sitting in the pews of a drafty, 11th-century church. It was at a wedding earlier this month, and the program handed out bore a disclaimer that would have been mystifying a few years ago. “Roger and Stephanie* would like to request that guests DO NOT post any photos of the ceremony, or share anything to social media relating to the day.” Instead of wanting to broadcast their special moments to the world, they were actively asking people to do the opposite. The truth is that Facebook was designed for people to spill their guts, but now more people are deciding that their privacy is more important.

Is the FCC Inviting the World’s Cyber Criminals into America’s Living Rooms?

Editor’s Note: Cross-posted from OIRA Watch.

In October 2012, the Chairman and Ranking Member of the House Intelligence Committee issued a joint statement warning American companies that were doing business with the large Chinese telecommunications companies Huawei and ZTE to “use another vendor.”

The bipartisan statement cited the Intelligence Committee’s Report that

“highlights the interconnectivity of U.S. critical infrastructure systems and warns of the heightened threat of cyber espionage and predatory disruption or destruction of U.S. networks if telecommunications networks are built by companies with known ties to the Chinese state, a country known to aggressively steal valuable trade secrets and other sensitive data from American companies.”

Smartphone App Lets Anyone Report ‘Suspicious People’ In ‘Transitional’ St. Louis Neighborhood

From: Think Progress

BY CARIMAH TOWNES

A wealthy New Orleans real estate developer has created “Uber for cops,” an app that allows anyone with a smartphone to report nonviolent criminals, drug dealers, homeless people and others they feel may be “suspicious.”

According to the creator, Sidney Torres, the French Quarter Task Force app is a user-driven platform that allows bystanders to identify and photograph suspicious behavior and alert cops about where the suspected culprits are located. The app focuses on petty nonviolent crime not usually considered emergencies by law enforcement. Torres says the app would make it easier for cops to know exactly where to find a suspicious person or if a crime — the list offers categories like theft, vandalism, carrying of weapons, drug dealing, assault, prostitution, or “aggressive solicitation” — is in progress.

NIST Gives Agencies Guidance on Boosting Cybersecurity for BYOD, Telework

From: FedTech

Security concerns increase as more federal offices offer workers greater flexibility through telework options and the ability to use their own devices.

IT leaders at federal agencies have embraced increased use of mobility to transform their enterprises. However, as more offices have offered telework options and embraced bring-your-own-device (BYOD) policies to varying degree, security vulnerabilities have also cropped up.

 

***Public comments on the draft guidance were due on April 15.

Read Complete Article

Former Bitcoin Regulator Turns Blockchain Advisor

From: CryptoCoinNews.com

Former New York regulator Benjamin Lawsky, who oversaw what many consider the most restrictive state bitcoin regulation known as BitLicense, now works as a counsel and media liaison for Axoni, a blockchain technology firm that uses blockchain in settling derivative transactions, according to Reuters.

 

Elliot Maras

Lawsky said he intended to start a consulting business when he announced his departure from the New York Department of Financial Services last spring, CCN reported. As a regulator, Lawsky had a reputation for consistently pushing for larger fines and stricter rules.

World’s Largest International Technical Cyber Defence Exercise Takes Place Next Week

From: NATO Cooperative Cyber Defence Centre of Excellence

1500 virtualised systems are deployed during Locked Shields 2016. The virtualized Blue Team networks are custom-built and include a variety of services and platforms.

Locked Shields 2016 is organised in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the Swedish Defence College, the British Army, the United States European Command, and numerous other partners.

Connecticut Water Regulator Leading the Way on Cyber Risk Management

From: Our Water Counts Blog

Written by Jonathan Litchman

Connecticut Governor Daniel Malloy released the state’s long anticipated Cybersecurity Action Plan for utilities that include the water sector. The Connecticut Public Utilities Regulatory Authority (PURA) began the process of developing a cybersecurity regulatory approach two years ago that has been thoughtful, risk-based and collaborative. The result is cybersecurity regulation that is both flexible and reasonable.

CFPB Targets Online Payment Platform in First Enforcement Action on Cybersecurity

From: Payments Journal

Donald J. Mosher, Lisa A. Prager, Michael L. Yaeger, Melissa G.R. Goldstein and Kimberly G. Monty |Schulte Roth & Zabel

The Consumer Financial Protection Bureau (“CFPB”) broke new ground last week with its Consent Order against Dwolla Inc. (“Dwolla”), an online payment platform, for deceiving consumers about its information security practices.The Consent Order alleges that Dwolla made public statements regarding the efficacy of its data security system and failed to fulfill those promises. The enforcement action is especially striking because the CFPB imposed a $100,000 civil monetary penalty on Dwolla despite the lack of any evidence that the payment processor experienced a data breach or any kind of cybersecurity incident, and also because the CFPB imposed significant — and expensive — new compliance obligations beyond what other federal regulators have demanded in similar situations. Most notably, the Consent Order provided that Dwolla must perform regular risk assessments and retain an independent third party to perform an annual cybersecurity audit for the next five years.

Read Complete Article