from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: December 5, 2014

Lynton Sony Pictures Entertainment Guardians of Peace Hack Cyber CFR

December 5, 2014

Lynton Sony Pictures Entertainment Guardians of Peace Hack Cyber CFR
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

  • Sony Pictures Entertainment’s networks were hacked. As much as one hundred terabytes of data is reported to have been exfiltrated from Sony’s networks, of which forty gigabytes were made public and included personal employee data, unreleased scripts and movies, and other proprietary data. It is unclear whether data was only stolen, or whether data was destroyed as well. While much of the original reporting attributed the attack to North Korea, Kim Zetter at Wired and Sean Gallagher at Ars Technica critically examine those assertions.
  • Estonia launched a digital residency program, allowing anyone to obtain a digital identity from the Estonian government. The identity can be used to digitally sign documents, authenticate an individual online, encrypt files, conduct online banking, and a host of other services. Estonians already have national identity cards which enable them to access most government services digitally, and the new e-residency program is a way for Estonia to export its digital economy around the world.
  • Microsoft proposed a series of cybersecurity norms to reduce the chance of state conflict in cyberspace. The norms are a solid effort to contribute to a debate launched by the United Kingdom at the London Conference on Cyberspace in 2011, although they are likely to be a tough sell. For example, the first norm seeks to have governments refrain from "taking actions that would otherwise undermine public trust" in information technology products and services. That’s a tall order considering that raison d’être of state cryptologic agencies, be it from the United States, Russia, or any other country, is to break encryption.