Tuesday, April 19, 2016

Virtual Stories of Hackers

Survival, Mr. VandeHei says, depends on giving readers what they really want, how they want it, when they want it, and on not spending too much money producing what they don’t want.
For News Outlets Squeezed From the Middle, It’s Bend or Bust NYT 

The federal government will spend hundreds of millions of dollars defending Australia from foreign cyber attacks including from countries like China. And for the first time, the government has revealed it employs offensive cyber capabilities to deter possible attacks - which could mean employing hackers to disrupt activities overseas  Iceberg Swimmer and PM Malcolm Turmbull injects $240m into cyber attack and defence

Australian govt CTO reveals cloud services panel overhaul

It’s impossible to discuss new developments in money without thinking for a moment about what money is. The best place to start thinking about that is with money itself. Consider the UK’s most common paper money, the English five or ten or twenty quid note. On one side we have a famous dead person: Elizabeth Fry or Charles Dickens or Adam Smith, depending on whether it’s a five or ten or twenty. On the other we have a picture of the queen, and just above that the words ‘I promise to pay the bearer on demand the sum of’, and then the value of the note, and the signature of the cashier of the Bank of England.
John Lanchester short essay on Bitcoin



FCW

April 12, 2016
The Department of Homeland Security has suggested striking significant passages from a draft White House policy on open software out of concern that baring too much source code will increase the government's vulnerability to hacking. Many private security firms don't publish their source code because it allows attackers to "construct highly targeted attacks against the software" or "build-in malware directly into the source code," DHS said in comments posted to GitHub.  


Nextgov
April 12, 2016
The government's federal buying arm is quizzing industry about its cybersecurity offerings to give federal agencies more insight into the types of tools and technologies currently on the market that could help quash common cyberthreats. 



Reuters

April 14, 2016
An unidentified American company was defrauded last year out of nearly $100 million by individuals who created a fake email address in order to pose as one of its legitimate vendors, U.S. authorities said on Thursday.  

The New York Times
April 13, 2016
A California journalist was sentenced on Wednesday to two years in federal prison for helping to hack the website of The Los Angeles Times in 2010. The journalist, Matthew Keys, was convicted in October of providing the hacking group Anonymous with a user name and password to log in to computers owned by the Tribune Company, parent company of The Times. 




The Wall Street Journal
April 14, 2016
Cybersecurity researchers at IBM Corp. said Thursday they have discovered a new type of malicious software that has been used to attack customers of 22 U.S. banks and two in Canada. The attacks have resulted in the theft of roughly $4 million dollars in the first few days of April, the researchers said. The malware is targeting bank customers with business accounts, mostly at banks in the U.S., according to a blog posting on IBM X-Force, which is part of IBM’s security business. 



Vice Motherboard

April 15, 2016
Over the past few months, more details about UK law enforcement's closely-guarded use of “equipment interference”—the government's broad term for hacking—have come to light. This is due to a series of evidence submissions for a proposed (and controversial) surveillance law, the Investigatory Powers Bill, which would usher in new authorisations for how police can use malware or exploits to take over computers.  



FCW
April 12, 2016
Government auditors told Congress on April 12 that the Internal Revenue Service continues to face weaknesses when it comes to information security. Meanwhile, some lawmakers pushed for more funding for the IRS to help with its cybersecurity efforts and hiring more IT professionals. "There were numerous weaknesses that we identified due to the inconsistent application of their information security programs across IRS," Gene L. Dodaro told the Senate Finance Committee regarding the most recent audit. The comptroller general and head of the Government Accountability Office noted some of the weaknesses include easily guessed passwords to get access to servers that support key systems at the IRS; users who were given system privileges beyond what their job responsibility requires; systems that remain decrypted  when encryption is called for; and software patches that are not being applied in a timely manner. "These weaknesses were due in part to IRS's inconsistent implementation of its agency-wide security program, including not fully implementing prior GAO recommendations," the GAO noted in its most recent report. GAO made 45 new recommendations in this regard, in addition to the 49 existing ones.


Vice Motherboard
April 15, 2016
Back in July of last year, the controversial government spying and hacking tool seller Hacking Team was hacked itself by an outside attacker. The breach made headlines worldwide, but no one knew much about the perpetrator or how he did it.


Bloomberg
April 14, 2016
Bulgaria plans to set up a cyber security center to strengthen its defense capability after state institutions’ websites were hacked, blocking digital services and causing data leaks.


The Hill
April 13, 2016
Capitol Hill is stepping up pressure on the Obama administration to detail how it is combating the rise of digital extortion. Rep. Derek Kilmer (D-Wash.) on Tuesday became the fourth lawmaker in as many months — and second member in the last week — to press the federal government on the these so-called ransomware attacks. In such attacks, hackers remotely lock computer files and demand ransom payments for their return. 



Federal News Radio

April 14, 2016
The future of civil service personnel and pay reform could stem from the Homeland Security Department. In partnership with the Defense Department and Office of Personnel Management, DHS is looking at non-traditional ways it can implement agency-specific hiring authorities for new cybersecurity professionals. Congress approved authorities for DHS in 2014 and DoD in 2015. OPM last November gave DHS the final green light to fill as many as 1,000 cyber positions.  
1. John Lanchester short essay on Bitcoin.
2. Paul Krugman on the return of elasticity pessimism; I would stress more whether the supply chain for the exports is internal to the single nation or spread across many nations (currencies).
- See more at: http://marginalrevolution.com/#sthash.0dARTIdv.dpuf