Cyber Week in Review: January 9, 2015

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

• As part of its response to the Sony hack, the White House announced sanctions targeting North Korea’s leadership. Following the announcement, administration officials quoted in the New York Times said that the sanctions would be accompanied by covert action. In a related development, FBI Director James Comey provided additional information to support the attribution of the incident to North Korea to assuage some of the skeptics. Comey claimed that the attackers were sometimes sloppy and forgot to mask their true IP addresses, adding that those same addresses are used exclusively by the North Korean government. While doubters want the government to release more information, James A. Lewis argues that it’s the United States’ cyber rivals, not the skeptics, that need to be convinced of the United States’ ability to attribute incidents quickly. Quickly attributing malicious cyber activity could, over time, raise the diplomatic costs of targeting the United States and act as a deterrent.
• This year is shaping up to be a busy year for the U.S. government on the digital policy front. On January 2, the FCC confirmed a Washington Post report that that it will release its proposed net neutrality rules in February and vote on them at the end of that month. A few days later at the Consumer Electronics Show (CES) in Las Vegas, FCC Commissioner Tom Wheeler hinted that Title II of the Communications Act would be the basis for the new rules. Kieren McCarthy at the Register takes a look at what it all means. At the same event, the Chairwoman of the Federal Trade Commission gave a speech in which she asked technology companies to consider the security and privacy implications of the products that will make up the Internet of things. Lastly, Rep. Dutch Ruppersberger (D-MD) announced he will reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA). A previous version of the bill, which passed the House but died in the Senate in the last Congress, drew the ire of privacy advocates, which argued that it allowed private companies to share cybersecurity information with the U.S. government without stripping personally identifiable information.
• Russia’s recent "blogger’s law" is having some unintended consequences. The law, which came into force in August 2014, requires blogs and forums hosted in Russia with more than three thousand daily visitors to register with the Internet regulator Roskomnadzor. As part of the registration process, blog and forum administrators need to turn over personal information on contributors and abide by state-set journalistic standards. The move, widely seen in the West as an attempt by the Kremlin to silence its online critics, has caused Intel to shut down its Russian language software development blogs and forums. It’s unlikely that the Kremlin intended the law to target Russia’s large software community, which could hinder the development of Russian-language software and online content.