Crossroads Blog | CYBER SECURITY LAW AND POLICY

Cybersecurity, Facebook, hacking, Information Sharing, Iran, NSA

Cyber Round Up: Iran Learns from West; Auto-Hacking Risks on the Rise; Facebook’s Cyber Security Network; Traps over Firewalls

  • NSA: Iran Learns from Western Cyberattacks: The Intercept reports that by studying and replicating Western cyber tactics, a NSA document warns that Iran has been able to create increasingly sophisticated cyberattacks.  According to the article, Iran’s destructive cyber attack against Saudi Aramco in August 2012 is questionably similar to a cyberattacks against Iran’s own oil industry in April 2012.  The article notes the findings of a recent NSA document which suggests that Iran has become “a much more formidable cyberforce by learning from the viruses injected into its systems – attacks which have been linked back to the United States and Israel.”  The article makes an interesting point: that offensive cyberattacks on other states do not merely provoke counterattacks – those attacks can teach adversaries how to launch their own.  Read the full article by clicking here.
  • Auto-Hacking Increasing Concern: According to a new congressional report called “Tracking and Hacking,” as vehicles become more connected to the Internet, automakers are failing to take the necessary measures to protect them against cyber-attacks.  Not only can hackers control your steering, brakes, and accelerator, but they can also use the new auto technology to listen into your conversations while on your phone in your car (another reason not to use your cell while driving!). According to the report, the following wireless entry points to the 50 electronic control units that are a part of a car’s network include: tire pressure monitoring systems, Bluetooth, Internet access, keyless entry, remote start, navigation systems, WiFi, anti-theft systems and cellular-telematics.  How to make automakers take on more responsibility to prevent these cyber harms? According to U.S. Senator Edward Markey, the industry should consider adopting a rating system similar to the Insurance Institute for Highway’s Safety’s crash test ratings.  Read full articles on the report: by the Detroit Free Press here, and by 680news.com here.
  • Facebook Launches Cyber Security Network: As the US Government and companies continue to search for new ways to coordinate their defenses against cyberattacks, Facebook teams up with Yahoo and Pinterest to launch a social network for cyber security professionals to share clues about how hackers are behaving in the hope of preventing security breaches. According to Financial Times, Facebook’s new detection system called “ThreatExchange” is different than the others already out there for at least one significant reason: it is FREE. Capitalizing off of a business model which has worked for them in the past, the free social networking model, the new launch hopes to take advantage of the current number of members to direct this threat project.  Read the full report on the launch by Financial Times here.
  • Experts Say Traps More Effective Than Firewalls: The saying goes as follows: insanity is defined as doing the same thing over and over and expecting different results. Many cybersecurity experts are sending a similar message by pushing companies and governments to stop thinking about preventing cyberattacks with firewalls, and start thinking about trapping the enemy once they get inside.  In the past, firewalls have been the routine cybersecurity tactic for prevention, however, according to a report by the Dallas Morning News, cybersecurity experts are calling that method “old and outmoded.”  Instead, according to the article, we need to neutralize attackers once they’re inside networks rather than fixating on trying to keep them out.  Read the full article here.

Leave a Reply