Month: August 2014

Law Firms Assert Their Cyber Security Prowess

August 11, 2014 Administrator Leave a comment Tech for Justice

Law firms respond to security risks in client data (LTN, 7 July 2014) – In February 2013, Joe Patrice wrote in Above The Law that law firms were the “ soft underbelly of American cybersecurity .” Today, it is safe to say that many law firms across the U.S., Canada and Europe take exception to that characterization. Why? In part due to the efforts of individual firms to adopt ISO 27001 security standards or implement more robust security programs, including information security education. Also in February 2013 the former special agent in charge of cyber and special operations with the FBI’s New York office, Mary Galligan, stated “ We have hundreds of law firms that we see increasingly being targeted by hackers .” There isn’t one single law firm CIO or IT director who doesn’t understand the weight of these statements. Many large law firms have actively engaged in internal and external initiatives to fight security threats. * * * Law firm clients in the financial services industry heavily scrutinize their outside counsel with vendor security audits. Governed by the Office of the Comptroller of Currency and the Federal Financial Institutions Examination Council in compliance with the Gramm-Leach-Bliley Act, all law firms who have financial institution clients are required to respond to a comprehensive security audit. The audit process is detailed, and in many cases includes questionnaires with several hundred questions, on-site interviews and or on-site physical security assessments covering everything from hard-copy file security to data center security.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Austrian TOR Exit Node Operator Branded An Accomplice

August 7, 2014 Administrator Leave a comment News

Austrian TOR exit node operator found guilty as an accomplice because someone used his node to commit a crime (TechDirt, 2 July 2014) – Three years ago we wrote about how Austrian police had seized computers from someone running a Tor exit node. This kind of thing happens from time to time, but it appears that folks in Austria have taken it up a notch by… effectively now making it illegal to run a Tor exit node . * * * It’s pretty standard to name criminal accomplices liable for “aiding and abetting” the activities of others, but it’s amassive and incredibly dangerous stretch to argue that merely running a Tor exit node makes you an accomplice that “contributes to the completion” of a crime. Under this sort of thinking, Volkswagen would be liable if someone drove a VW as the getaway car in a bank robbery. It’s a very, very broad interpretation of accomplice liability, in a situation where it clearly does not make sense. Tragically, this comes out the same day that the EFF is promoting why everyone should use Tor . While it accurately notes that no one in the US has been prosecuted for running Tor, it may want to make a note about Austria. Hopefully there is some way to fight back on this ruling and take it to a higher court—and hopefully whoever reviews it will be better informed about how Tor works and what it means to run an exit node.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Victor Habbick.

Malware Allows For Energy Industry Sabotage

August 6, 2014 Administrator Leave a comment Tech

Active malware operation let attackers sabotage US energy industry (ArsTechnica, 30 June 2014) – Researchers have uncovered a malware campaign that gave attackers the ability to sabotage the operations of energy grid owners, electricity generation firms, petroleum pipelines, and industrial equipment providers. Called Dragonfly, the hacking group managed to install one of two remote access trojans (RATs) on computers belonging to energy companies located in the US and at least six European countries, according to a research report published Monday by Symantec. One of the RATs, called Havex , was spread by hacking the websites of companies selling software used in industrial control systems (ICS) and waiting for companies in the energy and manufacturing industries to install booby-trapped versions of the legitimate apps. “This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems,” the Symantec report stated. “While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required.” Dubbed Energetic Bear by other researchers, Dragonfly has been in operation since at least 2011. It initially targeted US and Canadian companies in the defense and aviation industries before shifting its focus to energy concerns. The group bears the hallmarks of a state-sponsored operation, mainly in its organization and high degree of technical sophistication. Its primary motive appears to be espionage, although additional capabilities suggest that sabotage is also of interest. Fingerprints left inside the malware show the attackers mostly worked Monday through Friday during a nine-hour period that corresponded to 9am to 6pm in Eastern Europe, leading Symantec researchers to theorize that was the region where the most Dragonfly members worked.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Tech Takes On Violence Against Women

August 5, 2014 Administrator Leave a comment Tech for Justice

Can Tech Help Prevent Violence Against Women? These Tools Say ‘Yes’
It’s very difficult to measure how women are in constant fear — or at least, that we always have some looming thought in the back of our minds — when we walk alone or with a group of other women, no matter how close to home or to people we may be. Technology can’t solve this problem, but it can change the course of how we think about it, and ultimately, how we address it as a society. Technology can make it impossible to ignore these issues.
See the full article (TechRepublic, Lyndsey Gilpin, 7/23/14)

Provided by USIP.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Chinese Hackers Extend Their Reach

August 4, 2014 Administrator Leave a comment Security

Chinese hackers extending reach to smaller US agencies (NYT, 15 July 2014) – After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week. The printing office catalogs and publishes information for the White House, Congress and many federal departments and agencies. It also prints passports for the State Department. The accountability office, known as the congressional watchdog, investigates federal spending and the effectiveness of government programs. The attacks occurred around the same time Chinese hackers breached the networks of the Office of Personnel Management , which houses the personal information of all federal employees and more detailed information on tens of thousands of employees who have applied for top-secret security clearances. Some of those networks were so out of date that the hackers seemed confused about how to navigate them, officials said. But the intrusions puzzled American officials because hackers have usually targeted offices that have far more classified information.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/taesmileland.