Jack Goldsmith and Stuart Russell just published an interesting paper, making the case that free and democratic nations are at a structural disadvantage in nation-on-nation cyberattack and defense. From a blog post: It seeks to explain why the United States is struggling to deal with the “soft” cyber operations that have been so prevalent in … Read More “Free Societies are at a Disadvantage in National Cybersecurity” »
Category: cybercrime
Auto Added by WPeMatico
It’s really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I’ve seen at trying to put a number on this. The results are, well, all over the map: “Estimating the Global Cost of Cyber Risk: Methodology and Examples“: Abstract: … Read More “Estimating the Cost of Internet Insecurity” »
There’s a new criminal tactic involving hacking an e-mail account of a company that handles high-value transactions and diverting payments. Here it is in real estate: The scam generally works like this: Hackers find an opening into a title company’s or realty agent’s email account, track upcoming home purchases scheduled for settlements — the pricier … Read More “Cybercriminals Infiltrating E-Mail Networks to Divert Large Customer Payments” »
Criminals go where the money is, and cybercriminals are no exception. And right now, the money is in ransomware. It’s a simple scam. Encrypt the victim’s hard drive, then extract a fee to decrypt it. The scammers can’t charge too much, because they want the victim to pay rather than give up on the data. … Read More “WannaCry Ransomware” »
There’s a really interesting new paper analyzing over 100 different cyber insurance policies. From the abstract: In this research paper, we seek to answer fundamental questions concerning the current state of the cyber insurance market. Specifically, by collecting over 100 full insurance policies, we examine the composition and variation across three primary components: The coverage … Read More “Analyzing Cyber Insurance Policies” »
Turkish hackers are threatening to erase millions of iCloud user accounts unless Apple pays a ransom. This is a weird story, and I’m skeptical of some of the details. Presumably Apple has decided that it’s smarter to spend the money on secure backups and other security measures than to pay the ransom. But we’ll see … Read More “Hackers Threaten to Erase Apple Customer Data” »
Duqu 2.0 is a really impressive piece of malware, related to Stuxnet and probably written by the NSA. One of its security features is that it stays resident in its host’s memory without ever writing persistent files to the system’s drives. Now, this same technique is being used by criminals: Now, fileless malware is going … Read More “Duqu Malware Techniques Used by Cybercriminals” »
It’s really bad. The ticket machines were hacked. Over the next couple of years, I believe we are going to see the downside of our headlong rush to put everything on the Internet. Slashdot thread. Powered by WPeMatico
It’s not hard to imagine the criminal possibilities of automation, autonomy, and artificial intelligence. But the imaginings are becoming mainstream — and the future isn’t too far off. Along similar lines, computers are able to predict court verdicts. My guess is that the real use here isn’t to predict actual court verdicts, but for well-paid … Read More “Malicious AI” »
Interesting survey of the cybersecurity culture in Norway. 96% of all Norwegian are online, more than 90% embrace new technology, and 6 of 10 feel capable of judging what is safe to do online. Still cyber-crime costs Norway approximately 19 billion NKR annually. At the same time 73.9% argue that the Internet will not be … Read More “The Culture of Cybersecurity” »