from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: February 20, 2015

CFR Net Politics Cyber Kaspersky
CFR Net Politics Cyber Kaspersky

February 20, 2015

CFR Net Politics Cyber Kaspersky
CFR Net Politics Cyber Kaspersky
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

  • Kaspersky published a report detailing the advanced espionage techniques of a group it is calling the "Equation Group." The Equation Group’s techniques involve burying malware in the firmware and Windows registry of a target computer making it nearly impossible to detect, using malware-laced USB sticks to jump air-gapped networks, and creating virtual file storage systems on certain hard drive models that can resist military-grade disk wiping. Kaspersky asserts that the Equation Group’s level of sophistication points to a state actor but isn’t saying who, though security experts suspect it’s the work of the NSAArs Technica has a great analysis of the Kaspersky report and Bruce Schneier comments on the targeted nature of these newly-discovered techniques.
  • In related espionage news, The Intercept reports that the NSA and GCHQ worked together to acquire the encryption keys embedded in mobile phone SIM cards, allowing both agencies to decrypt cellphone conversations virtually undetected. According to a GCHQ powerpoint presentation from the Snowden archive, a joint NSA-GCHQ team compromised the network of Gemalto, which produces over 2 billion SIM cards a year, to acquire the encryption keys used to encrypt telephone conversations from a handset to a phone company’s cellphone tower.
  • The text of President Obama’s executive order on "Promoting Private Sector Cybersecurity Information Sharing" was made public. The President signed the order on the margins of the cybersecurity and consumer protection event the White House held last week at Stanford University. Paul Rosenzweig at Lawfare thinks the order is nice but isn’t a panacea for the country’s cybersecurity challenges. Matthew H. Fleming from the Homeland Security Studies and Analysis Institute gives an overview of the summit here.
  • Google filed its formal opposition to a proposed rule-change by the Department of Justice which would allow U.S. judges to sign off on warrants authorizing the FBI to remotely access information on a computer beyond that judge’s jurisdiction. Google claims that the proposed rule change is vaguely worded and broad, which could allow the FBI to hack into computers in other countries. The Department of Justice disputes the claim, saying that the rule change "would not authorize the government to undertake [...] any remote search technique not already permitted under current law."