Fordham Law School banner photo

Cyber Brief - 11/19/12

Today's Top Story

Senate Majority Leader Harry Reid (D-NV) declared major cyber legislation dead on Wednesday after the bill failed a key test vote. "Everyone should understand cybersecurity is dead for this Congress," he said, adding, "Whatever we do on this bill, it's not enough for the Chamber of Commerce." He subsequently urged the White House to move forward with a cybersecurity executive order that has been in the pipeline for months. The news came as the Washington Post’s Ellen Nakashima reported that the Obama Administration issued a secret cybersecurity directive that will allow the Pentagon and federal agencies to defend the nation from cyberattacks more effectively. Analysts say the policy directive, which was signed in mid-October, is the most extensive effort yet from the White House to distinguish between offensive and defensive operations in cyberspace, and spell out which agencies are authorized to take which actions. “It should enable people to arrive at more effective decisions,” said a senior administration official. “In that sense, it’s an enormous step forward.” The White House also says that the directive empowers law enforcement and traditional network defense, rather than military cyberwarfare, as the government’s first option in mitigating a cyberattack. (Reuters, WashPost)

On the Hill

Safe Web Act: The Senate reauthorized House legislation, known as the Safe Web Act, that will enhance the powers of the Federal Trade Commission to pursue online fraud. The bill is headed to the president’s desk for signature. (The Hill)

UN Conference: FCC Chairman Julius Genachowski said cybersecurity regulations should not be a part of the UN international telecommunications (ITU) treaty set to be discussed next month in Dubai. (The Hill)



Power Grid: A report from the National Academy of Sciences released on Wednesday says a terrorist attack on the U.S. power grid could cause tremendous hardship, potential loss of life, and significant economic damage. (NYT)

Ghost Planes: Aviation experts warn that a new system of air traffic control called NextGen, which replaces ground-based radar with satellite GPS, could make it easier for hackers to disrupt airports and airspace across the country. (NBC)

Tool Kits: Hacker toolkits that pre-package computer commands capable of infiltrating and disrupting networks have made it much easier for anyone on the internet to wreak havoc on government and private sector systems, reports the Sydney Morning Herald. (SMH)

Chinese Hacker: Security researcher Brian Krebs has linked an infamous Chinese hacker known as Tan Dailin (aka Withered Rose) to Anvisoft, a Chinese anti-virus startup. The hacker reportedly led a team linked to cyber attacks on Microsoft and U.S. defense contractors. (PC World)


Lockheed Martin: The Pentagon’s top contractor said there has been a dramatic growth in the number and sophistication of cyberattacks on its networks and its suppliers over the last several years. (Reuters)

Cyber Framework: A new public-private partnership formed by the SANS Institute, the Consortium for Cybersecurity Action, is leading a push to develop a framework of key cybersecurity concepts and best practices. (Defense News)

Cyber Forensics: Eugene Kaspersky, the head of Russia’s most prominent anti-virus company, expressed doubts that the Pentagon was solving cyberattack-attribution problems, despite the claims of Defense Secretary Panetta. (WSJ)


Net Neutrality: A group of major technology firms, including Google, Facebook, and Netflix, filed a brief with the U.S. Court of Appeals in DC, supporting the FCC’s net neutrality regulations, which prohibit Internet service providers from discriminating against legitimate websites. Verizon and MetroPCS are suing to overturn the rules. (The Hill)

The World

Israel: Amid its conflict with Gaza-based Hamas, the Israeli government says it has been the target of a massive cyberwar campaign. The country’s finance minister, Yuval Steinitz, said Israel had deflected over 40 million cyberattacks in the last four days. Meanwhile, the online hacking collective Anonymous says it has launched an operation against Israel in response to its threat to cut telecommunication links in Gaza (AFP, BBC)

Russia: A new Russian law aimed at banning child pornography and other social ills is overly vague, say analysts, and raising concerns that it may be used by the government for general censorship purposes. (Economist)

Canada: A former high-ranking Canadian intelligence official said a cyberattack on a key point in Canada’s critical infrastructure, such as the power grid, could “bring calamity upon all of us.” He noted that state-sponsored attacks are the top threat. (Canadian Press)

Top Op-Eds:

Hackers of Damascus:The Syrian conflict illustrates the extent to which the very tools that rebels in the Middle East have employed to organize and sustain their movements are now being used against them. It provides a glimpse of the future of warfare,” writes Stephan Faris for Businessweek.

Killing the Password
: “No matter how complex, no matter how unique, your passwords can no longer protect you,” writes Mat Honan for Wired. “The age of the password has come to an end; we just haven’t realized it yet.”

China’s Economic Espionage
: “Whatever the dollar loss, economic espionage shifts the terms of engagement in China’s favor and accelerates programs as diverse as stealth fighters and automobile parts,” writes James A. Lewis in Foreign Affairs.

Events & Videos of Note:

Black Hat - AbuDhabi December 3 - 6, 2012