Friday, February 01, 2019

Everybody is Watching MEdia Dragon: Robots - Hacking Risks Are On the Rise

The only country whose tough criminal underbelly includes grandmothers who grow avocados ...
~ New Zealander's affection for sheep And lowering IQ levels is well known among South Pacific Whinging Poms ... 


God wanted Trump to be president, says Sarah Sanders

God wanted Donald Trump to become US president, the White House press secretary has said in an interview.



IT WAS 50 YEARS AGO: The Beatles’ Rooftop Concert.
And hot off revisiting WWI, Peter Jackson is preparing a documentary using existing footage of another cataclysmic British battle:  Peter Jackson to make new Beatles documentary using unseen footage from ‘Let It Be’ sessions.
Next year will be the 50th anniversary of Let It Be. Whether it’s the original movie, or Jackson’s reboot, I hope that’s enough to finally get the last footage of the Beatles as a group released on Blu-Ray — my nearly 40 year old VHS copy can’t last forever!




BBC: To prepare for a future where AI will likely disrupt entire industries, some say we’ll have to rethink how we educate future generations – “Estimates about how much of the workforce could be automated vary from about 9% to 47%. The consultancy McKinsey estimates up to 800 million workers globally could be displaced by robotic automation by 2030. Some jobs will change dramatically, while others will disappear altogether.

Bloomberg [paywall – alternate free article via Gadget Hours]: “Pelco, a California-based security camera maker, set lofty sales targets last year for a model with sharper video resolution and other cutting-edge features. That was until Congress derailed its plans. In August, updated legislation barred the U.S. military and government from buying tech gear from firms deemed too close to authorities in China. When the bill surfaced, Pelco scrapped any thought of providing its new GPC Professional 4K camera to the U.S. government and lowered its sales goals. The reason: The device uses parts from HiSilicon, the chip division of Huawei Technologies Co. Huawei, China’s largest technology company, is the target of a broad U.S. crackdown over allegations it has stolen trade secrets, violated sanctions against Iran and sells equipment that could be used by the country’s Communist Party for spying.




Councillors to consider investigation into CEO on Monday

An extraordinary general meeting has been called for Monday to give councillors the opportunity to consider reports into chief executive Mark Stapleton


Huge egos and selfish agendas will ruin political system

With much fanfare, Julia Banks has finally announced she will abandon her electorate of Chisholm to stand as an independent in the nearby electorate of Flinders.  Low 

 SHOCKING NEWS FROM THE WORLD OF SCIENCE: The Best Hydration Plan Is to Drink When You’re Thirsty


DC DATING: My Boyfriend of a Year Had a Separate Life and Two Other Girlfriends. “Besides his name, I don’t know if anything he told me was true.”

International tax briefing with Wayne Barford, former Australian tax officer and Senior Advisor of the International Tax and Investment Center (ITIC)! Thank you for your usual trust and support! As always, your strategic insights are very much helpful as the Philippines continue to pursue a genuine tax reform! #TaxReformNow #AskTheTaxWhiz @consult.acg
International tax briefing with Wayne Barford, former Australian tax officer and Senior Advisor of the International Tax and Investment Center (ITIC)! Thank you for your usual trust and support! As always, your strategic insights are very much helpful as the Philippines continue to pursue a genuine tax reform! #TaxReformNow#AskTheTaxWhiz @consult.acg - Peter Stephen and Watts Inc


Consumers are doing everything they can to avoid ads. Here’s how P&G, one of the world’s largest advertisers, is finding a way around that Business Insider


Aussies are being hit with seemingly legitimate texts from the “ATO”, but the tax office says they point to a disturbing new type of scam. ATO text scam, spoofing: How to spot a fake ATO text



CyberScoop
January 25, 2019
Prominent House members are again seeking to create a high-level position within the State Department dedicated to advancing U.S. cybersecurity interests worldwide. The Cyber Diplomacy Act would require the department to open an Office of International Cyberspace Policy, whose top official would report directly to the secretary of State or deputy secretary of State. The office’s primary goals would be to advocate democratic ideals for cyberspace and push back against Russian and Chinese effects to “extort more control and censorship over the internet,” say the bill’s sponsors, House Foreign Affairs Chairman Eliot Engel, D-N.Y., and Michael McCaul, R-Texas, the panel’s ranking member. The legislation closely resembles a bill passed by the House and approved by the Senate Foreign Relations Committee in 2018. That version only specified that the head of the new office should be designated an assistant secretary of State. It also called for the office to have a broader purview that included the “digital economy.”

Nextgov
January 24, 2019
Former Homeland Security Department officials on Thursday warned the current government shutdown will have a “long-term, extremely detrimental effect” on country’s cyber and national security posture. While federal employees are undoubtedly feeling the greatest immediate impacts of the shutdown, the government’s efforts to combat cyber threats, respond to emergencies and fight terrorism will continue to suffer long after agencies reopen their doors, officials said during a panel hosted by House Homeland Security Committee Chair Bennie Thompson, D-Miss. “From a security standpoint, we are letting our guard down,” former Homeland Security Secretary Jeh Johnson said Thursday. “If the shutdown ended tomorrow, I fear the damage already done to our security will [last] months if not years.”

CyberScoop
January 23, 2019
A key House Democrat wants the Department of Homeland Security to brief lawmakers “as soon as possible” on a new domain name system hacking threat to federal computer networks, and the emergency order the department issued in response. DHS should brief members of the House Homeland Security Committee on the cyberthreat because “we need to understand the scope of this action and how many agencies were actually affected,” Rep. Jim Langevin, D-R.I., said in an interview Wednesday. Langevin was reacting to a rare emergency directive that DHS issued Tuesday ordering civilian agencies to tighten security controls in the face of a suspected Iranian hacking campaign. DHS issued the order out of concern that civilian agencies could be vulnerable to cyberattacks on platforms for managing domain name system (DNS) records, which help ensure that a computer user reaches an intended website. By manipulating DNS records, hackers could direct unwitting users to malicious websites. At least six civilian agencies have been affected by the recent malicious DNS activity, people familiar with the matter told CyberScoop.

FCW
January 22, 2019
The House panel devoted to information technology oversight is being rolled up into a larger subcommittee, Rep. Gerry Connolly (D-Va.) confirmed to FCW. IT oversight will now be handled by the Government Operations subcommittee of the House Oversight and Reform Committee. "Marrying the two subcommittees was done in recognition of the fact that so much of the federal government’s operations are reliant upon information technology," Connolly told FCW in an emailed statement. "Federal IT is helping us deliver some of the most important functions and services our government provides to the public. Whether it is the FITARA Scorecard or FedRAMP reform, our subcommittee will continue to drive modernization in the federal government." Connolly first announced the news in an interview with the public affairs program Government Matters. In that interview, Connolly said the subcommittee is "going to do a lot of work on modernizing how the federal government deals with information technology and the procurement portfolio."

Nextgov
January 22, 2019
The Washington, D.C. area will be getting another new round of Metro rail cars in a couple years. But the predominance of foreign manufacturers is giving four senators pause when it comes to the cybersecurity of critical transportation infrastructure in the nation’s capital. The Washington Metropolitan Area Transit Authority issued a request for proposals in September for the design and construction of 256 new railcars, which will be known as the 8000 series. In keeping with technology trends in every sector, the new cars will include several technology upgrades for passengers, as well as for the overall operation of the trains. Virginia Democrats Mark Warner and Tim Kaine and Maryland Democrats Ben Cardin and Chris Van Hollen wrote to WMATA General Manager and CEO Paul Wiedefeld last week noting the authority did not include requirements in the RFP that would favor domestic companies.


ADMINISTRATION

The New York Times
January 25, 2019
The special counsel, Robert S. Mueller III, revealed on Friday the most direct link yet between the Trump campaign’s and WikiLeaks’ parallel efforts to use Democratic Party material stolen by Russians to damage the election campaign of Hillary Clinton. In an indictment unsealed Friday, the special counsel disclosed evidence that a top campaign official in 2016 dispatched Roger J. Stone, a longtime adviser to President Trump, to get information from WikiLeaks about the thousands of hacked Democratic emails. The effort began well after it was widely reported that Russian intelligence operatives were behind the theft, which was part of Moscow’s broad campaign to sabotage the 2016 president election. The indictment makes no mention of whether Mr. Trump played a role in the coordination, though Mr. Mueller did leave a curious clue about how high in the campaign the effort reached: A senior campaign official “was directed” by an unnamed person to contact Mr. Stone about additional WikiLeaks releases that might damage the Clinton campaign, according to the court document.

Nextgov
January 25, 2019
The Homeland Security Department’s lead cybersecurity official outlined the rationale behind issuing an emergency directive with a list of actions and a tight deadline for agencies to comply, all while the government feels the pressure of a more than month-long partial shutdown. The newly named—and elevated—Cybersecurity and Infrastructure Security Agency issued its first emergency directive to federal agencies this week, giving agencies 10 days to review their Domain Name System records for signs of potential hijacking, reset passwords and to implement stronger security settings. “We took this action after carefully considering the current and potential risk posed to federal agencies,” CISA Director Chris Krebs said in a blog post Thursday. “Because it’s our responsibility to take actions to protect federal systems, we felt an urgent response was required to address the risk.” As part of a campaign linked to Iranian hacking groups, bad actors have been seen using compromised administrative credentials to access networks of governments across the globe and reroute traffic through the attackers’ systems, giving them full access.

WKYC
Eight members of the Ohio National Guard have been called in to assist following an attempted cyber attack on the city of Akron's computer servers. The attempt, which the city says "appears to be financially motivated," was identified this past Tuesday before being "intercepted, and prevented." At this time, there is no evidence that any personal material was harvested or that there is any current risk to public safety. The incident is currently under investigation. Officials say certain city operations could be affected and temporarily taken offline by these efforts, and that citizens will be notified should that occur.

Ars Technica
January 24, 2019
The US Federal government is in the midst of the longest gap in funding for many of its agencies in history. As the "shutdown" extends into a second month, the economic impact is mounting for federal workers—including civil servants and government contractors working in IT and information security roles for the government—as well as the communities they work and live in. Furloughs have had a real impact on the government's security posture as well. Work at the National Institutes of Standards and Technology on a number of initiatives, including work on encryption, has been suspended. Some "non-essential" agencies have had to furlough security teams, leaving them with no way to respond to incidents during the shutdown. Routine maintenance on IT systems, such as patches and updates to websites and server operating systems, are being deferred. And those still at work at agencies operating without a budget are doing so without pay and under financial duress—not exactly an ideal situation for maintaining a top security posture. But the real damage to the government may be waiting in the wings. Several furloughed federal workers in information security who spoke to Ars this week said that they are now actively seeking jobs in the private sector out of necessity. A number of private companies recruiting talent in the field have seen a spike in job applications from people in government service. And for contractors who have no guarantee of regaining lost wages, the math is even more vicious.

Politico
January 24, 2019
A former top Republican fundraiser embroiled in charges of influence-peddling has accused an executive at the prominent lobbying firm Mercury Public Affairs of participating in a criminal conspiracy to disseminate his hacked emails to prominent media outlets in a lawsuit filed in Washington on Thursday. The complaint paints the fullest picture to date of an alleged globe-spanning conspiracy by the government of Qatar to hack the former GOP official’s email and provide damaging information about him to publications including The New York Times, The Washington Post and the Associated Press. The suit, reported first by POLITICO, could have implications for the future of political warfare at a time when it is increasingly waged through “hack-and-leak” campaigns like the one that targeted Hillary Clinton’s 2016 presidential campaign.

AP
January 23, 2019
Georgia's new elections chief asked lawmakers Wednesday for $150 million to replace the state's outdated electronic voting machines. In doing so, he all but closed the door on a hand-marked paper balloting system that experts say is cheapest and most secure. Secretary of State Brad Raffensperger told Georgia legislators meeting for budget hearings that a new voting system is his top priority. Cybersecurity experts and voting integrity activists say the touch-screen machines Georgia has used since 2002 are vulnerable to hacking and can't be audited effectively because they produce no verifiable paper record. The current machines and Georgia's registration practices became the subject of national criticism during last year's governor's race between Democrat Stacey Abrams and Republican Brian Kemp. Kemp served as secretary of state and refused calls to resign from overseeing his own election. He stepped down two days postelection after declaring himself the winner.

FCW
The 2019 National Intelligence Strategy, meant to guide the nation's intelligence agencies over the next four years, puts cybersecurity and technology issues front and center. The document highlights cyberspace and emerging "disruptive" technologies like AI and quantum computing as areas that intelligence agencies must invest in heavily over the coming years. The strategy calls for expanded reliance on both quantitative and qualitative analysis capabilities to forecast threats, the production of more tailored, actionable cyber threat intelligence to the rest of the government and the exploration of novel operational applications of emerging technology to advance tradecraft. Despite a growing awareness of cyber threats, "nearly all information, communication networks and systems will be at risk for years to come" and in the current environment, adversary nation states "are already challenging public confidence in our global institutions, governance and norms."

The New Yorker
January 22, 2019
In the past decade, Election Systems & Software (E.S. & S.), the largest manufacturer of voting machines in the country, has routinely wined and dined a select group of state-election brass, which the company called an “advisory board,” offering them airfare on trips to places like Las Vegas and New York, upscale-hotel accommodations, and tickets to live events. Among the recipients of this largesse, according to an investigation by McClatchy published last year, was David Dove, the chief of staff to Georgia’s then secretary of state, Brian Kemp. Kemp, the new governor of Georgia, made news in the midterm elections for his efforts to keep people of color from voting and for overseeing his own election. In March of 2017, when Dove attended an E.S. & S. junket in Las Vegas, Kemp’s office was in the market to replace the state’s entire inventory of voting machines. “It’s highly inappropriate for any election official to be accepting anything of value from a primary contractor,” Virginia Canter, the chief ethics officer at Citizens for Responsibility and Ethics in Washington, told McClatchy. “It shocks the conscience.” (Kathy Rogers, E.S. & S.’s senior vice-president for governmental affairs, told McClatchy that there was nothing untoward about the advisory board, which she said has been “immensely valuable in providing customer feedback.”)

The Augusta Chronicle
January 20, 2019
Just six months after it opened its first building , the Georgia Cyber Center is helping drive renewed interest in other areas of downtown Augusta, officials said. Some of that business might come from tenants of the center itself. Augusta University President Brooks Keel and others are planning for what the next phase of the center will be as they gauge their future needs. But some of those needs are more immediate and might not end up being met on the center’s campus – food, for instance. “A definite need is just catering,” Keel said. “We’re having more and more events here from outside, and that is what we had hoped to be able to see. Businesses flock to this campus to take advantage of the virtual world we have here and the auditorium. But our kitchen space here is very small.” Keel is hoping area businesses will want to provide those dining and retail services around the edges of the campus on Reynolds Street “so that the private community can take advantage of the economic development associated with that and we don’t have to use our very valuable land for those support services,” he said. In the same vein, the university is hoping to find office space outside the Riverfront Campus, Keel said. There might be a need for housing at some point, and the university was encouraged by plans for the $94 million Riverfront at the Depot project, which would include housing as well as retail at the other end of Reynolds Street.


INDUSTRY

Ars Technica
January 24, 2019
Researchers have uncovered a recent malicious advertisement campaign that’s notable for its size, scope, and resourcefulness: a two-day blitz triggered as many as 5 million times per day that used highly camouflaged JavaScript stashed in images to install a trojan on visitors' Macs. The ads were served by a group security firm Confiant has dubbed VeryMal, a name that comes from veryield-malyst[DOT]com, one of the ad-serving domains the group uses. A run that was active from January 11 to January 13 on about 25 of the top 100 publisher sites triggered the image as many as 5 million times a day. In an attempt to bypass increasingly effective measures available to detect malicious ads, the images used steganography—the ancient practice of hiding code, messages, or other data inside images or text—to deliver its malicious payload to Mac-using visitors.

CyberScoop
January 23, 2019
If you are a chief information security officer, the best place to meet your peers may not be at the big events in Las Vegas, San Francisco, or the traveling roadshow coming through your town. It may be at the restaurant around the corner. Corporate security executives are beginning to favor exclusive, invite-only meetings where they trade ideas with other security bosses on how to protect business secrets, mainly as a way to fight the fatigue that comes from an onslaught of sales pitches. Chief information security officers at Fortune 500 firms receive hundreds of sales calls, emails and LinkedIn messages every month from vendors hawking the latest technology promising to protect them from the next major breach. But many CISOs working 60-plus hours a week don’t have time to sit down to listen to a pitch and, when they do, the technology often fails to impress. So they’re seeking out other CISOs for advice on which vendors can be trusted. These informal settings typically take place over lunch, drinks, by phone or in situations where they can speak freely. While it’s not new for CISOs to compare notes with their counterparts in other companies, the number of invite-only sessions is growing as the pressure on executives grows to get things right, said Dave Tyson, former CISO at SC Johnson.

The Wall Street Journal
January 23, 2019
Shane Huntley and his team have tracked Iranian hackers as they spread disinformation in the U.S., unmasked North Korea’s responsibility for a crippling global computer virus and probed Russians linked to the 2016 hack of the Democratic National Committee. Mr. Huntley doesn’t work for the National Security Agency or another government spy shop. He heads Google’s in-house counterespionage group, the Threat Analysis Group, which has emerged as an important force in the battle against hackers and a leading example of tech giants building up powerful cybersecurity defenses in an age of rising nation-state hacks. Staffed partly by former government agents, these groups at companies including Google, Facebook Inc. and Microsoft Corp. play a central role keeping criminals and spies away from the ocean of personal information online as people rely more on their products. The tech giants’ access to that data and their huge user networks mean they are in some ways more effective in fighting intrusions than governments, executives say.

Ars Technica
January 23, 2019
Officials with the widely used PHP Extension and Application Repository have temporarily shut down most of their website and are urging users to inspect their systems after discovering hackers replaced the main package manager with a malicious one. “If you have downloaded this go-pear.phar [package manager] in the past six months, you should get a new copy of the same release version from GitHub (pear/pearweb_phars) and compare file hashes,” officials wrote on the site’s blog. "If different, you may have the infected file.” The officials didn’t say when the hack of their Web server occurred or precisely what the malicious version of go-pear.phar did to infected systems. Initial indications, however, look serious. For starters, the advice applies to anyone who has downloaded the package manager in the past six months. That suggests the hack may have occurred in the timeframe of last July, and no one noticed either it or the tainted download until this week. What’s more, results from VirusTotal, the Google-owned malware scanning service, suggest that the malicious PEAR download installed a backdoor, possibly in the form of a Web shell, on infected servers. If true, the backdoor almost certainly gives the hackers complete control—including the ability to install applications, execute malicious code, and download sensitive data—over any machine that installed the malicious download.

Financial Times
January 23, 2019
More than half of people would buy personal cyber insurance to protect themselves from the impact of fraud, data loss or identity theft, according to new research from Swiss Re, the reinsurance company. The market for personal cyber cover  is still in its infancy, with only a few insurers offering the product and less than $500m per year of premiums. But Swiss Re — which does not directly sell personal cyber insurance — said it expected that to balloon to more than $3bn by 2025 as people start worrying more about cyber attacks. “It is heavily linked to people’s awareness of the topic,” said Fabian Willi, Swiss Re senior cyber solutions manager. “People are going to be faced with more and more cyber risks,” he added, pointing to the proliferation of internet linked devices in the home. Personal cyber policies now on the market typically cost between $50 and $150 per person per year. That provides cover for problems such as financial fraud and cyber extortion.

Ars Technica
January 22, 2019
At the Shmoocon security conference here on January 19, two researchers from the mobile security provider Lookout revealed the first details of a mobile surveillance effort run by a yet-to-be-named state intelligence agency that they had discovered by exploring the command-and-control infrastructure behind a novel piece of mobile malware. In the process of exploring the malware’s infrastructure, Lookout researchers found iOS, Android, and Windows versions of the malware, as well as data uploaded from a targeted phone’s WhatsApp data. That phone turned out to be one that belonged to one of the state-backed surveillance efforts—and the WhatsApp messages and other data found on the server provided a nearly full contact list for the actors and details of their interactions with commercial hacking companies and eventual decision to build their own malware.


INTERNATIONAL

AP
January 25, 2019
The Associated Press has found that researchers who reported the role of Israeli spyware in the targeting of Washington Post journalist Jamal Khashoggi's inner circle are in turn being targeted by international undercover operatives. Twice in the past two months men masquerading as socially conscious investors have lured members of the Citizen Lab internet watchdog group to meetings at luxury hotels to quiz them for hours about their work exposing Israeli surveillance. Citizen Lab Director Ron Deibert on Friday described the stunts as "a new low." Who these operatives are working for remains a riddle, but their tactics recall those of private investigators who assume elaborate false identities to gather intelligence or compromising material on critics of powerful figures in government or business.

The New York Times
January 25, 2019
A group of transparency advocates on Friday posted a mammoth collection of hacked and leaked documents from inside Russia, a release widely viewed as a sort of symbolic counterstrike against Russia’s dissemination of hacked emails to influence the American presidential election in 2016. Most of the material, which sheds light on Russia’s war in Ukraine as well as ties between the Kremlin and the Russian Orthodox Church, the business dealings of oligarchs and much more, had been released in Russia, Ukraine and elsewhere, sometimes on obscure websites. There were no immediate reports of new bombshells from the collection. But the sheer volume of the material — 175 gigabytes — and the technical challenges of searching it meant that its full impact may not be felt for some time. The volume is many times greater than the total known material stolen by Russian military intelligence from the Democratic National Committee and Hillary Clinton’s presidential campaign nearly three years ago.

Reuters
January 25, 2019
Hackers likely controlled by Russia are stepping up efforts to disrupt Ukraine's presidential election in March with cyber attacks on electoral servers and personal computers of election staff, the head of Ukraine's cyber police said on Friday. Serhiy Demedyuk told Reuters the attackers were using virus-infected greeting cards, shopping invitations, offers for software updates and other malicious "phishing" material intended to steal passwords and personal information. Ten weeks before the elections, hackers were also buying personal details of election officials, Demedyuk said, paying in cryptocurrency on the dark web, part of the internet accessible only through certain software and typically used anonymously. "There are constant attacks - they go from simple (software) to applications that one or another employee uses," he said, adding they were reminiscent of cyber attacks on the country's energy, transport and banking systems seen since 2014.

CyberScoop
January 24, 2019
Multiple groups of suspected Russian hackers have a relationship with one another that includes sharing malicious software code and hacking techniques, according to new research. The Moscow-based security vendor Kaspersky Lab on Thursday released findings tying the espionage group GreyEnergy with Zebrocy. Zebrocy is the name researchers have given to a group affiliated with suspected Russian military hackers known as Sofacy (or Fancy Bear, or APT 28), the alleged perpetrator in the hacking the Democratic National Committee in 2016. Both groups used the same command-and-control servers — the infrastructure that allows hackers to maintain communications with compromised machines — to simultaneously to target the same organization, according to Kaspersky. They also sent similar phishing emails disguised as messages from the Ministry of the Republic of Kazakhstan within one week.

The Intercept
January 24, 2019
In October, Bloomberg Businessweek published an alarming story: Operatives working for China’s People’s Liberation Army had secretly implanted microchips into motherboards made in China and sold by U.S.-based Supermicro. Bloomberg’s report, based on 17 anonymous sources, including “six current and former senior national security officials,” began to crumble soon after publication as key parties issued swift and unequivocal denials. But while Bloomberg’s story may well be completely (or partly) wrong, the danger of China compromising hardware supply chains is very real, judging from classified intelligence documents. U.S. spy agencies were warned about the threat in stark terms nearly a decade ago and even assessed that China was adept at corrupting the software bundled closest to a computer’s hardware at the factory, threatening some of the U.S. government’s most sensitive machines, according to documents provided by National Security Agency whistleblower Edward Snowden.

The Wall Street Journal
January 23, 2019
The chairman of embattled telecom giant Huawei Technologies Co. is pushing back against claims his company conducts espionage for the Chinese government, contending that Huawei is being unfairly targeted without any proof. “If they believe there’s a backdoor, they should offer evidence to prove it,” Liang Hua told reporters on the sidelines of the World Economic Forum in Davos this week. But the U.S. says that Huawei’s very structure, with its close ties to the Chinese government and role as a supplier of key hardware in telecommunications, makes the company a potential tool for espionage and thus a security threat, according to current and former U.S. security officials. As a Chinese company, Huawei has no choice but to comply with demands of the Chinese government and its ruling Communist Party, these people say. What’s more, Huawei’s potential to conduct surveillance has increased exponentially over the past year as wireless providers near upgrades to 5G technology, which will make it easier to connect cars, factory parts and other machinery and devices to the internet. “It’s about where Huawei equipment is and how strong their market position is, and how both of those things can be leveraged by the Chinese government,” a Department of Homeland Security cybersecurity official said.

BuzzFeed
January 23, 2019
A British think tank known for identifying Russian influence operations has been hacked, seen its files leaked to the public, and been lambasted in Russian government–owned media, echoing tactics the Russian government has used in recent years to discredit opponents. The think tank, called the Integrity Initiative, whose parent organization, the Institute for Statecraft, has received most of its funding the past two years from the British government, was hacked in late 2018. Starting in November and continuing through January, someone posted four batches of its stolen files online. The UK’s National Cyber Security Centre, as well as a private security firm, are examining the Integrity Initiative’s servers and its employees’ devices for evidence of how the organization was hacked, and neither has released to the public the details of what has been found.

Reuters
January 23, 2019
A Portuguese man arrested in Hungary on suspicion of extortion and secrecy violations hacked football bodies' documents - which later appeared on the Football Leaks website - because he was "outraged" by criminality in the sport, his lawyers said. The man, named by his lawyers as 30-year-old Rui Pinto, was detained in Hungary on Wednesday on a European arrest warrant filed by Portuguese police who want to extradite him. His lawyers said they would oppose this. Speaking to Reuters, the lawyers said Pinto, whom they described as a "whistleblower", would remain under house arrest in Hungary until a decision on his extradition had been made. Portuguese police said a national had been detained on Wednesday on a European arrest warrant. The individual was suspected of qualified extortion, violation of secrecy and illegally accessing information, the police said.

The New York Times
January 22, 2019
A new law in Australia gives law enforcement authorities the power to compel tech-industry giants like Apple to create tools that would circumvent the encryption built into their products. The law, the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, applies only to tech products used or sold in Australia. But its impact could be global: If Apple were to build a so-called back door for iPhones sold in Australia, the authorities in other countries, including the United States, could force the company to use that same tool to assist their investigations. The Australian law went into effect last month. It is one of the most assertive efforts by lawmakers to rein in tech companies, which have argued for decades that unbreakable encryption is an imperative part of protecting the private communications of their customers.

The Register
January 22, 2019
France’s defence secretary Florence Parly today declared: “Cyber war has begun.” And she said the Euro nation's military will use its “cyber arms as all other traditional weapons… to respond and attack,” as well as setting up a military bug bounty program. Parly made her pledges during a speech to the Forum International de Cybersecurite (FIC) in the northern French town of Lille. Her speech was on a topic that most Western countries shy away from addressing directly in public. “The cyber weapon is not only for our enemies,” said France’s defence secretary this afternoon, speaking through a translator. “No. It’s also, in France, a tool to defend ourselves. To respond and attack.”


TECHNOLOGY

The Wall Street Journal
January 21, 2019
In the future, industrial robots may create jobs, boost productivity and spur higher wages. But one thing seems more certain for now: They’re vulnerable to hackers. Factories, hospitals and other big robot users often lack sufficient levels of defense against a digital attack, according to cybersecurity experts, robot manufacturers and engineering researchers. The risk levels are rising as more robots morph from being offline and isolated to being internet-connected machines, often working alongside humans. “There’s no concept of antivirus for your robot. It just doesn’t really exist yet,” says Yossi Naar, a co-founder of Cybereason Inc., a Boston-based company that provides cybersecurity services for connected devices. “So protection tends to be very lax to nonexistent.” Robot makers and buyers have become increasingly aware of their cyber risk. Groups like the Geneva-based International Organization for Standardization, a federation of national standards bodies, are studying the cyber risk for robots.