Cyber Week in Review: August 26, 2016
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: August 26, 2016

French Interior Minister Bernard Cazeneuve (R) greets his German counterpart Thomas de Maiziere in Paris, France, August 23, 2016. (Pascal Rossignol/Reuters)
French Interior Minister Bernard Cazeneuve (R) greets his German counterpart Thomas de Maiziere in Paris, France, August 23, 2016. (Pascal Rossignol/Reuters)

More on:

Germany

Cybersecurity

Russia

Intelligence

Privacy

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. Further developments in the Shadow Brokers hack. Since an individual or group calling itself the "Shadow Brokers" posted hacking tools widely believed to be created by the National Security Agency, there has been some speculation that an NSA insider, like Edward Snowden, was behind the leak, perhaps physically smuggling the tools out of the NSA in a flash drive. However, the evidence suggests that it’s more likely that a careless NSA operator left the tools on an unsecured NSA server, where the Shadow Brokers were able to find them by tracing back from a system the NSA had compromised. Researchers digging into the tools this week also found a script that would hide an attacker’s presence in Huawei firewalls, on top of the Cisco, Juniper, and Topsec exploits already discovered. Another group of researchers was able to update one of the leaked exploits, which appears to have been stolen in 2013 and targets older versions of Cisco’s ASA firewall, so that it works on a much more recent version. And according to a linguist, despite the bad English used in the Shadow Brokers’ online posting, it appears that the person who wrote the statement was a native English speaker who deliberately introduced errors.

2. France and Germany not ready to concede crypto wars. Meeting in Paris Tuesday, the interior ministers of the two countries discussed plans to regulate encryption in the fight against terrorism. They called on the European Commission to require so-called "over-the-top" telecommunications providers, like video, voice, and text chat apps such as Skype, WhatsApp, or Telegram, to maintain a capability to decrypt encrypted messages and turn over the communications of suspected terrorists to law enforcement authorities. The commission is currently considering extending existing privacy regulations, which stipulate how traditional telecoms handle customer data, to such over-the-top services. The ministers meeting in Paris cited recent terrorist attacks in Europe as the reason they need to access encrypted communications, despite it being unclear whether perpetrators of the recent attacks actually used encrypted systems. Privacy advocates were quick to criticize the ministers’ proposal.

3. WikiLeaks: good on transparency, not so good on privacy and security. According to a report by the Associated Press, WikiLeaks’ releases have included the personal information of several hundred people. While the website’s founders have said in the past that they have a "harm minimization policy" that aims to protect "legitimate secrets" in the documents they leak, such as medical records, it doesn’t seem that this policy was followed in recent leaks. The documents, most of which were released as part of a dump of Saudi Arabian foreign ministry files, include medical records of children, refugees, and individuals with psychiatric conditions. Other documents identify victims of sexual assault, couples going through divorces, and individuals who are deeply in debt. Separately, a Bulgarian security researcher announced last week that he’d discovered several hundred pieces of malware among documents released by the transparency organization.

4. Journalists in Russia target of hacks. According to CNN, journalists with the New York Times and other news agency have been the target of cyberattacks by Russian intelligence agencies in recent months. The Times subsequently announced that its Moscow bureau was the target of an attempted hack, although a spokesperson for the paper said they had no evidence that any of their networks had been breached, and that they had not hired any outside firms to investigate the issue. Both outlets report that the Federal Bureau of Investigation is looking into the issue. While alarming in light of recent breaches of the networks of the Democratic National Committee, such attacks are old hat, both for the New York Times and for Russia. Russian intelligence services have long targeted domestic journalists with cyberattacks, and the New York Times’ networks were breached by Chinese hackers in 2013.

More on:

Germany

Cybersecurity

Russia

Intelligence

Privacy