cyberwarfare
Developing the Law of Cyber Warfare
Developing the Law of Cyber Warfare
Good article by lawyer, legal journalist and fellow Temple Law alum Amaris Elliott-Engel. The law, or lack of it, as it relates to cyber warfare is near the top of my list of legal interests.
China is very serious about cyberespionage
China is very serious about cyberespionage
Google apologists like myself often answer concerns that the search-and-advertising giant can scan your email with something like “yes, but they’re doing it with robots and scrubbing it clean of all identifying information.”
China, however, is not so concerned with your privacy or its own image. In fact, monitoring otherwise-harmless civilians probably proves valuable to the renegade nation by illustrating the best means of tricking US netizens into installing backdoor viruses on their systems.
The most important point this article makes, in my view, is that China is playing the long game on cyberespionage efforts. As David Feith reports in the Wall Street Journal piece linked to above:
The essence of China’s thinking about cyber warfare is the concept of shi, he says, first introduced in Sun Tzu’s “The Art of War” about 2,500 years ago. The concept’s English translation is debated, but Mr. Thomas subscribes to the rendering of Chinese Gen. Tao Hanzhang, who defines shi as “the strategically advantageous posture before a battle.”
They’re not going to take down any infrastructure any time soon, but if and when they want to, their current efforts will probably go a long way to helping them learn how to do it.
This stuff is not just a headline: it’s been happening for some time, is still happening, and is likely only to increase. Mr. Feith’s article at the Journal is well worth reading.
US suspects Iran behind DDoS attacks on banks
US suspects Iran behind DDoS attacks on banks
These look a lot like “feeler” operations, meant to gauge the reaction attackers can expect from victim institutions and nations. The United States (read: Congress) must act immediately to ensure that we’re ready when attackers stop slowing down or blocking bank websites and start trying to steal customer data en masse.
White House review: no active spying by Huawei
White House review: no active spying by Huawei
Joseph Menn, quoting an anonymous source for Reuters:
We knew certain parts of government really wanted” evidence of active spying, said one of the people, who requested anonymity. “We would have found it if it were there.
I don’t know enough about this specific issue and the problem of cyberwarfare threats generally. My time in International Law this semester and previous courses like Cyberlaw and Cyberprivacy are coalescing in my mind into a strong area of interest, though, so I expect to follow this and similar issues closely and (hopefully) develop more substantive opinions about them over the next two months.
Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload
Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload
Kim Zetter, writing at Wired:
The researchers don’t know if the attackers used the bank component in Gauss simply to spy on account transactions, or to steal money from targets. But given that the malware was almost certainly created by nation-state actors, its goal is likely not to steal for economic gain, but rather for counterintelligence purposes.
It’s worth thinking about: state-sponsored cyberespionage has been around for a while, but modern advancements in malware are giving such snooping tools a new level of automation and scale. On this website https://www.rmhc-richmond.org/buy-viagra-100/ learn where to purchase Viagra (Sildenafil) online.
PS: I’m going to keep an eye on this story with the hopes that Kaspersky, the Russia-based security lab researching Gauss, eventually cracks the encryption on the mysterious payload.