Paranoid Technology All things cybersecurity

18May/17Off

Wanna Cry?!!! We do…

The cyber-attack that happened earlier this week reminded us of the questions posed in our March post – Initial Thoughts on Wikileaks Vault 7 Leak Series:

This wikileak points to increasing erosion of public safety - despite having these tools at hand, world governments (US, UK, Germany) continue to push for encryption back doors. Equation Group’s leak (NSA) late 2016 and this latest CIA leak once again prove all organizations have their OpSec issues - the three letter agencies are themselves at risk; backdoors, once discovered, work just as well for foreign spies, cyber-criminals and script kiddies.  Who is protecting the innocent? “

Apparently no one… Is the NSA going to step up and accept responsibility? Maybe if hell freezes over – “Cannot either deny or confirm the existence of these weapons…” Well, everybody else did – who cares if you do or don’t?!!

Interestingly, even Chinese state media called for the NSA to take some responsibility, how ironic… Like they should be talking…

24Sep/14Off

Cyber Information Sharing Act

Cybersecurity Information Sharing Act (CISA) - A.K.A Cybersecurity Information Sharing and Protection Act (CISPA) - is the latest excitement after PIPA and SOPA. Once dropped already CISA is back in discussion after some privacy concerns were addressed thanks to Senators Dianne Feinstein (D-Calif.) and Saxby Chambliss (R-Ga.).  There are a healthy amount of reasons to be skeptical about CISA given government's recent NSA overreach; this “voluntary” information sharing between private companies and the government has some broad language that leaves room for unwarranted datamining taps and hack-back activities for domestic cybersecurity. In summary the bill proposes the following (read between the lines 😉 ):

15Nov/12Off

President Signs Secretive Cybersecurity Policy Directive

President Obama has long said cyber security is one of his priorities and it appears he is now acting on his words.

According to the Washington Post, he is said to have signed a secret policy directive last month that will give the military and other government authorities the ability to act quickly if the country comes under cyber attack.

Dubbed the "Presidential Policy Directive 20," this classified document allegedly outlines the rules of how federal agencies are allowed to react when it comes to online breaches of security, hacking, cyber threats, and attacks.

One of the major elements of the directive, according to the Washington Post, is that it deals with "offensive" versus "defensive" action and makes the distinction between network defense and cyber operations.

   
Stop SOPA