SlideShare a Scribd company logo

2013 01-14

C
Cspri Administrator

This newsletter summarizes cybersecurity events and policy developments from the previous week. It is distributed by the Cyber Security Policy and Research Institute at George Washington University and encourages submissions of new cybersecurity research from faculty and students. The newsletter provides summaries of upcoming cybersecurity talks and meetings in the Washington D.C. area, as well as brief summaries of legislative actions, policy news articles, and recent publications in the field.

TechnologyNews & Politics
1 of 5
Download to read offline
1
2
3
4
5
GW CSPRI Newsletter January 14, 2013 From the Cyber Security Policy and Research Institute of The George Washington University, www.cspri.seas.gwu.edu. This newsletter is a weekly summary of events related to cyber security policy and research, with a special focus on developments and events in the Washington, DC area. Faculty and student readers of this newsletter with new and important cyber security research to report (especially new papers or results by GW faculty and students) are encouraged to send notifications of this to cspriaa@gwu.edu. A short (up to three sentences) description of why you think the research is important is required. Contents Events Legislative Lowdown Cyber Security Policy News Recent Publications and Media Events -Jan. 14, 5:30 p.m. - 8:30 p.m., NoVa Hackers Association Meetup - This informal group of security professionals from around the NoVA/DC area coordinates one or two monthly events – an evening meetup with presentations on the second Monday of the month and various lunch or bar meetups. QinetiQ, 11091 Sunset Hills Road, Reston, VA. More information. -Jan 15, 6:30 p.m. - 8:00 p.m., ISSA DC Meetup - The National Capital Chapter of the ISSA is comprised of information security professionals located in the Washington D.C. Metropolitan Area. Members are actively involved in information security in government agencies, the military, non-profit organizations, and in large and small companies. The chapter holds regular meetings at various locations throughout the D.C. area. Through its meetings and other events, the chapter fosters professional development and support for computer and information security professionals. Membership is open to practicing security professionals or to those with an interest in the profession. New members are always welcome — please feel free to attend one of our open meetings or to contact the chapter for more information. Monthly meetings generally take place on the third
Tuesday of every month in the evenings. Government Printing Office, 732 North Capitol Street. More information. -Jan. 17, 2:00 p.m. - 3:00 p.m., Mobile Security: Confronting Challenges - Mobile attacks driven by financially motivated hackers, political “hacktivism” and vandalism are rapidly increasing in number and sophistication. Data and identities are already being stolen and agency communications intercepted. Agencies must act now to provide highly secure mobile access, while remaining productive and efficient on these devices. This free Webcast will cover how to implement a long-term, comprehensive mobile security plan; ways to transition network securities to mobile; and how to protect agencies from malicious mobile applications. The speaker will be Rodney Dilts, director, security technology network-based security engineering and development, AT&T Chief Security Office. More information. -Jan. 22-23, 9th Annual State of the Net Conference - The State of the Net Conference is the largest information technology policy conference in the U.S. and the only one with over 50 percent Congressional staff and government policymakers in attendance. This year's conference will feature a keynote luncheon discussion between Travis Kalanick, CEO & Co-Founder, Uber, and Congressman Bob Goodlatte (R-VA), Co- Chair, Congressional Internet Caucus. Hyatt Regency, 400 New Jersey Ave., NW. More information. -Jan. 24, 6:00p.m. - 7:00 p.m., America the Cyber-Vulnerable - CSPRI and GW’s Computer Science Department is sponsoring a talk by Joel Brenner, former senior counsel at the National Security Agency. This event will be open to the public, and the topic of discussion will be the new faces of cyber-security threats, and what these threats mean to government, businesses, and the public. Computer Science Department Conference Room 736, Phillips Hall, 801 22nd Street, NW. More information will be forthcoming in next week’s newsletter. Legislative Lowdown -Nearly a year after a wave of online protests killed two anti-piracy bills, lawmakers are skittish about moving forward with legislation aimed at cracking down on websites that illegally distribute copies of movies and music, Jennifer Martinez writes for The Hill. The House's Stop Online Piracy Act (SOPA) and Senate's Protect IP Act (PIPA) grabbed national attention when Wikipedia, Reddit and scores of other websites went dark on Jan. 18 to protest the bills. The public outcry over the bills led lawmakers to pull their support, and spurred others who were previously quiet on the anti-piracy measures to speak out in opposition. The fracas over SOPA and PIPA a year ago is still fresh on the minds of lawmakers, making it doubtful that similar legislation will surface in the opening months
of the 113th Congress. -The Hill also notes that Sen. Rand Paul (R-Ky.) wants to protect emails and text messages the same way phone conversations are via an amendment to a bill reauthorizing the Foreign Intelligence Surveillance Act. Paul introduced an amendment, The Fourth Amendment Protection Act, to clarify that the Fourth Amendment to the Constitution protects U.S. citizens from unreasonable searches and seizures, even those that result from searches being done by a U.S. intelligence agency monitoring a foreign national overseas. H.R. 5949 would extend for five years the ability of U.S. intelligence authorities to surveil terrorists overseas without first getting permission from a court. Cyber Security Policy News -The Department of Homeland Security last week urged Internet users to disable Java, a widely-used Web browser component that was found to have a critical security flaw that hackers have been exploiting to massively compromise computers. The flaw, which affects Windows, Mac and Linux machines, prompted an emergency update from Java maker Oracle Corp. But many experts are calling on Internet users to remove Java completely, saying that few Web sites use it and that hackers are constantly finding previously unknown vulnerabilities in the software, which is installed on more than 850 million computers worldwide. -The Internet genius and cofounder of the popular Web site Reddit.com committed suicide at his Brooklyn home, The New York Post writes. The story has set off a whirlwind of controversy in the blogosphere over allegations that the U.S. prosecutors have been overzealous and misguided in pursuing Swartz for hacking charges. Police found Aaron Swartz, 26, unconscious at 9:30 a.m. last Friday in the bedroom of his Sullivan Place apartment building in Crown Heights. Swartz was found dead as he faced up to 35 years in jail for stealing academic documents that he planned to post online for free. Time Magazine writes that the young whiz believed deeply that information — particularly that which might benefit society — should be made available for free to the public. In 2011, Swartz was indicted on federal data theft charges for breaking into the M.I.T. computer system and allegedly downloading 4.8 million documents from the subscription based academic research database JSTOR. -American businesses want more help from government officials in fighting cyber attacks, although they continue to oppose government-prescribed safeguards, MasterCard Inc. Chief Executive Ajay Banga said last week. Mr. Banga is head of the information and technology committee at the Business Roundtable, a trade group that is set to start a push Wednesday for closer cooperation with Washington on computer security. The Wall Street Journal reports that the effort is, in part, intended to head off a push by some
policy makers for more regulation of private sector computer security. Last year, business interests helped soften and ultimately defeat a Senate cybersecurity bill that would have created a new regime of voluntary cybersecurity standards. Since then, American banks have continued to fend off harassment from Iranian hackers. -California Attorney General Kamala Harris has issued a report describing best practices for mobile application privacy, according to Privacy Times. The report, "Privacy on the Go," recommends that app developers implement safeguards such as privacy-by- design and notice, but stops short of setting forth a comprehensive set of Fair Information Practices. The report follows a law that requires all service providers doing business in California, such as mobile app developers, to have a privacy policy available to consumers. -The Iranian government is behind online attacks that have slowed or crashed American bank websites, U.S. officials tell The New York Times. The Times writes that the skill required to carry out attacks on this scale has convinced United States government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the United States. But not everyone is convinced the attacks are that sophisticated. Robert D. Graham, chief executive of security research firm Errata Security, penned an op-ed panning the conclusion that the attacks somehow signaled an advanced or government-backed adversary. "I know no of competent security researcher that has been convinced this is the work of Iran's government," Graham writes. "The only people who agree with that statement are those with something to sell, either pimping new government regulations or products." -The Chinese government late last year approved regulations that will require all of the country's Internet users to register their names after a flood of online complaints about official abuses rattled Communist Party leaders. The Associated Press writes that authorities say the law will strengthen protections for personal information, but that it also is likely to curtail the Internet's status as a forum to complain about the government or publicize corruption. Meanwhile, Iranian officials are having a tougher time maintaining censorship blocks on their citizens, writes NextGov. Iran has been fighting a largely losing battle as far as wholesale censorship is concerned. So the country, in a move that represents equal parts concession and repression, is reportedly taking another tack: According to Agence France Press, the country is developing "intelligent software" that aims to manipulate, rather than fully control, citizens' access to social networks. Instead of blocking Facebook, or Twitter, or even Google ... the regime, per the report, will allow controlled access to those services. Recent Publications and Media
-The Chinese broadcaster CCTV interviewed CSPRI legal fellow Evan Sills last week for a Chinese language broadcast on data privacy and security. They discussed U.S. Government guidelines on data collection and retention, as well as the changing threat landscape in the age of cloud computing and mobile devices. -CSPRI Researcher Paul Rosenzweig has published Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World. As described by Prof. Rosenzweig, Cyber Warfare is "about how we try to reap the benefits in productivity and information sharing that come from a globalized web of cyber connections while somehow managing to avoid (or at least reduce) the damage done by malfeasant actors." In addition to teaching at GW Law, Prof. Rosenzweg is founder of Red Branch Consulting PLLC, a homeland security consulting company, and senior advisor to The Chertoff Group, and he formerly served as deputy assistant secretary for policy in the Department of Homeland Security. The Cyber Security Policy and Research Institute (CSPRI) is a center for GW and the Washington area to promote technical research and policy analysis of problems that have a significant computer security and information assurance component. More information is available at our website, http://www.cspri.seas.gwu.edu.

More Related Content

PDF
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Ben Griffith
 
PDF
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Alvaro Lopez Ortega
 
PPTX
Privacy in the Information Age
Jordan Peacock
 
PPTX
Privacy in the Information Age [Q3 2015 version]
Jordan Peacock
 
PDF
Major Essay_ US-China Relations_FINAL
Louise Collins
 
PPTX
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
Securicon
 
PDF
RSTREET17
Steven Titch
 
PDF
Countering the Cyber Espionage Threat from China
Murray Security Services
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Ben Griffith
 
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Alvaro Lopez Ortega
 
Privacy in the Information Age
Jordan Peacock
 
Privacy in the Information Age [Q3 2015 version]
Jordan Peacock
 
Major Essay_ US-China Relations_FINAL
Louise Collins
 
Looking Ahead Why 2019 Will Be The year of Cyberwarfare
Securicon
 
RSTREET17
Steven Titch
 
Countering the Cyber Espionage Threat from China
Murray Security Services
 

What's hot (20)

PDF
Tema 5.cybersecurity
FalconPeregrine1
 
PDF
Class 21 and 22
Dr. Ajith Sundaram
 
PDF
Bill Would Give President Emergency Control Of Internet
john.niemela
 
PPT
Nokia LTA Web 20 Legal Issues
Joel A. Gómez Treviño
 
PDF
ARTICLE 4/27/12
freeantivirusdownload
 
DOCX
privtechsomeassemb
Jonathan Alley
 
DOCX
Great Issues Reflective Essay CybersecurityLI
James Bollen
 
DOC
111cyber crimes
rinushalu
 
DOCX
Final Copy Cyber Crime Research Essay
Callum Craigie
 
PPTX
The securitization of online activism
jwilso
 
DOCX
Instructions please write a 5 page paper answering the question con
simba35
 
PPTX
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
Aviva Spectrum™
 
DOCX
Hello dr. aguiar and classmates,for this week’s forum we were as
simba35
 
PDF
Cyber terrorism fact or fiction - 2011
hassanzadeh20
 
PDF
"Digital.Report+" - expert magazine for ICT policy professionals
Vadim Dryganov
 
PDF
Securing Cyber Space- Eljay Robertson
Eljay Robertson
 
PDF
Causes of the Growing Conflict Between Privacy and Security
Don Edwards
 
DOCX
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
Lillian Ekwosi-Egbulem
 
PDF
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Andrea Rossetti
 
PPTX
Cyber crime:The Transformation Of Crime In The Information Age.
Omkar Walavalkar
 
Tema 5.cybersecurity
FalconPeregrine1
 
Class 21 and 22
Dr. Ajith Sundaram
 
Bill Would Give President Emergency Control Of Internet
john.niemela
 
Nokia LTA Web 20 Legal Issues
Joel A. Gómez Treviño
 
ARTICLE 4/27/12
freeantivirusdownload
 
privtechsomeassemb
Jonathan Alley
 
Great Issues Reflective Essay CybersecurityLI
James Bollen
 
111cyber crimes
rinushalu
 
Final Copy Cyber Crime Research Essay
Callum Craigie
 
The securitization of online activism
jwilso
 
Instructions please write a 5 page paper answering the question con
simba35
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
Aviva Spectrum™
 
Hello dr. aguiar and classmates,for this week’s forum we were as
simba35
 
Cyber terrorism fact or fiction - 2011
hassanzadeh20
 
"Digital.Report+" - expert magazine for ICT policy professionals
Vadim Dryganov
 
Securing Cyber Space- Eljay Robertson
Eljay Robertson
 
Causes of the Growing Conflict Between Privacy and Security
Don Edwards
 
IT Vulnerabilities - Basic Cyberspace Attacks- by Lillian Ekwosi-Egbulem
Lillian Ekwosi-Egbulem
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Andrea Rossetti
 
Cyber crime:The Transformation Of Crime In The Information Age.
Omkar Walavalkar
 
Ad

Viewers also liked (10)

PDF
SCS Profile 2016
Jeevanand Ramakrishnan
 
PDF
Certification course Trainings in India
Watson Samuel
 
PPTX
Presentación1
iratxe garibi
 
PPTX
Wiki 130618174251-phpapp01
Marlon Rosk
 
PPTX
La heredia town houses for sale
laherediatownhousesforsale
 
PPTX
What are your goals for 2016
Tim Puttkammer
 
PPTX
To an Athlete Dying Young by A.E. Housman
Gil Rey
 
PDF
Web Technologies Training
Watson Samuel
 
PPTX
Crawl the entire web in 10 minutes...and just 100€
Danny Linden
 
PPTX
Developmental Stage: Late Childhood
Gil Rey
 
SCS Profile 2016
Jeevanand Ramakrishnan
 
Certification course Trainings in India
Watson Samuel
 
Presentación1
iratxe garibi
 
Wiki 130618174251-phpapp01
Marlon Rosk
 
La heredia town houses for sale
laherediatownhousesforsale
 
What are your goals for 2016
Tim Puttkammer
 
To an Athlete Dying Young by A.E. Housman
Gil Rey
 
Web Technologies Training
Watson Samuel
 
Crawl the entire web in 10 minutes...and just 100€
Danny Linden
 
Developmental Stage: Late Childhood
Gil Rey
 
Ad

Similar to 2013 01-14 (20)

PDF
Stroz friedberg headlines
Steven Wertheim
 
DOC
Cyber-Law and Cyber-Crime
Russ Dutcher, CBRM,CORM,CDPS
 
DOC
Cyber law and cyber-crime
Russ Dutcher, CBRM,CORM,CDPS
 
PDF
A week is a long time in computer ethics
UltraUploader
 
PDF
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
- Mark - Fullbright
 
PDF
Obama moves forward with internet id plan by batteryfast
battery-fast. com
 
PDF
Open Letter From EFF Opposing CISPA
Small Business Trends
 
PPT
2009 10 21 Rajgoel Trends In Financial Crimes
Raj Goel
 
PDF
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
PwC France
 
PPTX
Senate homeland security and commerce
Abegail Roberts
 
PDF
Organized Chaos Reimagining the Internet 1st Edition Mark Raymond Gordon Smith
bidnerpjay
 
PDF
CyberSecurityBook[Final]
Lucy Kitchin
 
PDF
Medical study needs reform : Kapil Khandelwal, www.kapilkhandelwal.com
Kapil Khandelwal (KK)
 
DOCX
Surname 2Briana CastilloCyber Crime6-16-15.docx
mattinsonjanel
 
DOCX
SS236 Unit 8 Assignment Rubric Content 70 Points Do.docx
aryan532920
 
PDF
Organized Chaos Reimagining the Internet 1st Edition Mark Raymond Gordon Smith
duwedwzmc887
 
DOC
Computer crimes
essay-writing-help.us
 
PDF
INSECURE Magazine - 33
Felipe Prado
 
PPTX
Certified Banking TPM - Module 1 powerpoint presentation
trevor501353
 
DOCX
SOPAandPIPA
Michael Punzo
 
Stroz friedberg headlines
Steven Wertheim
 
Cyber-Law and Cyber-Crime
Russ Dutcher, CBRM,CORM,CDPS
 
Cyber law and cyber-crime
Russ Dutcher, CBRM,CORM,CDPS
 
A week is a long time in computer ethics
UltraUploader
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
- Mark - Fullbright
 
Obama moves forward with internet id plan by batteryfast
battery-fast. com
 
Open Letter From EFF Opposing CISPA
Small Business Trends
 
2009 10 21 Rajgoel Trends In Financial Crimes
Raj Goel
 
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
PwC France
 
Senate homeland security and commerce
Abegail Roberts
 
Organized Chaos Reimagining the Internet 1st Edition Mark Raymond Gordon Smith
bidnerpjay
 
CyberSecurityBook[Final]
Lucy Kitchin
 
Medical study needs reform : Kapil Khandelwal, www.kapilkhandelwal.com
Kapil Khandelwal (KK)
 
Surname 2Briana CastilloCyber Crime6-16-15.docx
mattinsonjanel
 
SS236 Unit 8 Assignment Rubric Content 70 Points Do.docx
aryan532920
 
Organized Chaos Reimagining the Internet 1st Edition Mark Raymond Gordon Smith
duwedwzmc887
 
Computer crimes
essay-writing-help.us
 
INSECURE Magazine - 33
Felipe Prado
 
Certified Banking TPM - Module 1 powerpoint presentation
trevor501353
 
SOPAandPIPA
Michael Punzo
 

Recently uploaded (20)

PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PPTX
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
What is a Computer? Input Devices /output devices
GulJan8
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
project resource management chapter-09.pdf
ssuser00e6e21
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 

2013 01-14

  • 1. GW CSPRI Newsletter January 14, 2013 From the Cyber Security Policy and Research Institute of The George Washington University, www.cspri.seas.gwu.edu. This newsletter is a weekly summary of events related to cyber security policy and research, with a special focus on developments and events in the Washington, DC area. Faculty and student readers of this newsletter with new and important cyber security research to report (especially new papers or results by GW faculty and students) are encouraged to send notifications of this to cspriaa@gwu.edu. A short (up to three sentences) description of why you think the research is important is required. Contents Events Legislative Lowdown Cyber Security Policy News Recent Publications and Media Events -Jan. 14, 5:30 p.m. - 8:30 p.m., NoVa Hackers Association Meetup - This informal group of security professionals from around the NoVA/DC area coordinates one or two monthly events – an evening meetup with presentations on the second Monday of the month and various lunch or bar meetups. QinetiQ, 11091 Sunset Hills Road, Reston, VA. More information. -Jan 15, 6:30 p.m. - 8:00 p.m., ISSA DC Meetup - The National Capital Chapter of the ISSA is comprised of information security professionals located in the Washington D.C. Metropolitan Area. Members are actively involved in information security in government agencies, the military, non-profit organizations, and in large and small companies. The chapter holds regular meetings at various locations throughout the D.C. area. Through its meetings and other events, the chapter fosters professional development and support for computer and information security professionals. Membership is open to practicing security professionals or to those with an interest in the profession. New members are always welcome — please feel free to attend one of our open meetings or to contact the chapter for more information. Monthly meetings generally take place on the third
  • 2. Tuesday of every month in the evenings. Government Printing Office, 732 North Capitol Street. More information. -Jan. 17, 2:00 p.m. - 3:00 p.m., Mobile Security: Confronting Challenges - Mobile attacks driven by financially motivated hackers, political “hacktivism” and vandalism are rapidly increasing in number and sophistication. Data and identities are already being stolen and agency communications intercepted. Agencies must act now to provide highly secure mobile access, while remaining productive and efficient on these devices. This free Webcast will cover how to implement a long-term, comprehensive mobile security plan; ways to transition network securities to mobile; and how to protect agencies from malicious mobile applications. The speaker will be Rodney Dilts, director, security technology network-based security engineering and development, AT&T Chief Security Office. More information. -Jan. 22-23, 9th Annual State of the Net Conference - The State of the Net Conference is the largest information technology policy conference in the U.S. and the only one with over 50 percent Congressional staff and government policymakers in attendance. This year's conference will feature a keynote luncheon discussion between Travis Kalanick, CEO & Co-Founder, Uber, and Congressman Bob Goodlatte (R-VA), Co- Chair, Congressional Internet Caucus. Hyatt Regency, 400 New Jersey Ave., NW. More information. -Jan. 24, 6:00p.m. - 7:00 p.m., America the Cyber-Vulnerable - CSPRI and GW’s Computer Science Department is sponsoring a talk by Joel Brenner, former senior counsel at the National Security Agency. This event will be open to the public, and the topic of discussion will be the new faces of cyber-security threats, and what these threats mean to government, businesses, and the public. Computer Science Department Conference Room 736, Phillips Hall, 801 22nd Street, NW. More information will be forthcoming in next week’s newsletter. Legislative Lowdown -Nearly a year after a wave of online protests killed two anti-piracy bills, lawmakers are skittish about moving forward with legislation aimed at cracking down on websites that illegally distribute copies of movies and music, Jennifer Martinez writes for The Hill. The House's Stop Online Piracy Act (SOPA) and Senate's Protect IP Act (PIPA) grabbed national attention when Wikipedia, Reddit and scores of other websites went dark on Jan. 18 to protest the bills. The public outcry over the bills led lawmakers to pull their support, and spurred others who were previously quiet on the anti-piracy measures to speak out in opposition. The fracas over SOPA and PIPA a year ago is still fresh on the minds of lawmakers, making it doubtful that similar legislation will surface in the opening months
  • 3. of the 113th Congress. -The Hill also notes that Sen. Rand Paul (R-Ky.) wants to protect emails and text messages the same way phone conversations are via an amendment to a bill reauthorizing the Foreign Intelligence Surveillance Act. Paul introduced an amendment, The Fourth Amendment Protection Act, to clarify that the Fourth Amendment to the Constitution protects U.S. citizens from unreasonable searches and seizures, even those that result from searches being done by a U.S. intelligence agency monitoring a foreign national overseas. H.R. 5949 would extend for five years the ability of U.S. intelligence authorities to surveil terrorists overseas without first getting permission from a court. Cyber Security Policy News -The Department of Homeland Security last week urged Internet users to disable Java, a widely-used Web browser component that was found to have a critical security flaw that hackers have been exploiting to massively compromise computers. The flaw, which affects Windows, Mac and Linux machines, prompted an emergency update from Java maker Oracle Corp. But many experts are calling on Internet users to remove Java completely, saying that few Web sites use it and that hackers are constantly finding previously unknown vulnerabilities in the software, which is installed on more than 850 million computers worldwide. -The Internet genius and cofounder of the popular Web site Reddit.com committed suicide at his Brooklyn home, The New York Post writes. The story has set off a whirlwind of controversy in the blogosphere over allegations that the U.S. prosecutors have been overzealous and misguided in pursuing Swartz for hacking charges. Police found Aaron Swartz, 26, unconscious at 9:30 a.m. last Friday in the bedroom of his Sullivan Place apartment building in Crown Heights. Swartz was found dead as he faced up to 35 years in jail for stealing academic documents that he planned to post online for free. Time Magazine writes that the young whiz believed deeply that information — particularly that which might benefit society — should be made available for free to the public. In 2011, Swartz was indicted on federal data theft charges for breaking into the M.I.T. computer system and allegedly downloading 4.8 million documents from the subscription based academic research database JSTOR. -American businesses want more help from government officials in fighting cyber attacks, although they continue to oppose government-prescribed safeguards, MasterCard Inc. Chief Executive Ajay Banga said last week. Mr. Banga is head of the information and technology committee at the Business Roundtable, a trade group that is set to start a push Wednesday for closer cooperation with Washington on computer security. The Wall Street Journal reports that the effort is, in part, intended to head off a push by some
  • 4. policy makers for more regulation of private sector computer security. Last year, business interests helped soften and ultimately defeat a Senate cybersecurity bill that would have created a new regime of voluntary cybersecurity standards. Since then, American banks have continued to fend off harassment from Iranian hackers. -California Attorney General Kamala Harris has issued a report describing best practices for mobile application privacy, according to Privacy Times. The report, "Privacy on the Go," recommends that app developers implement safeguards such as privacy-by- design and notice, but stops short of setting forth a comprehensive set of Fair Information Practices. The report follows a law that requires all service providers doing business in California, such as mobile app developers, to have a privacy policy available to consumers. -The Iranian government is behind online attacks that have slowed or crashed American bank websites, U.S. officials tell The New York Times. The Times writes that the skill required to carry out attacks on this scale has convinced United States government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the United States. But not everyone is convinced the attacks are that sophisticated. Robert D. Graham, chief executive of security research firm Errata Security, penned an op-ed panning the conclusion that the attacks somehow signaled an advanced or government-backed adversary. "I know no of competent security researcher that has been convinced this is the work of Iran's government," Graham writes. "The only people who agree with that statement are those with something to sell, either pimping new government regulations or products." -The Chinese government late last year approved regulations that will require all of the country's Internet users to register their names after a flood of online complaints about official abuses rattled Communist Party leaders. The Associated Press writes that authorities say the law will strengthen protections for personal information, but that it also is likely to curtail the Internet's status as a forum to complain about the government or publicize corruption. Meanwhile, Iranian officials are having a tougher time maintaining censorship blocks on their citizens, writes NextGov. Iran has been fighting a largely losing battle as far as wholesale censorship is concerned. So the country, in a move that represents equal parts concession and repression, is reportedly taking another tack: According to Agence France Press, the country is developing "intelligent software" that aims to manipulate, rather than fully control, citizens' access to social networks. Instead of blocking Facebook, or Twitter, or even Google ... the regime, per the report, will allow controlled access to those services. Recent Publications and Media
  • 5. -The Chinese broadcaster CCTV interviewed CSPRI legal fellow Evan Sills last week for a Chinese language broadcast on data privacy and security. They discussed U.S. Government guidelines on data collection and retention, as well as the changing threat landscape in the age of cloud computing and mobile devices. -CSPRI Researcher Paul Rosenzweig has published Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World. As described by Prof. Rosenzweig, Cyber Warfare is "about how we try to reap the benefits in productivity and information sharing that come from a globalized web of cyber connections while somehow managing to avoid (or at least reduce) the damage done by malfeasant actors." In addition to teaching at GW Law, Prof. Rosenzweg is founder of Red Branch Consulting PLLC, a homeland security consulting company, and senior advisor to The Chertoff Group, and he formerly served as deputy assistant secretary for policy in the Department of Homeland Security. The Cyber Security Policy and Research Institute (CSPRI) is a center for GW and the Washington area to promote technical research and policy analysis of problems that have a significant computer security and information assurance component. More information is available at our website, http://www.cspri.seas.gwu.edu.