Crossroads Blog | CYBER SECURITY LAW AND POLICY

Cyber Attacks, Cyber Defense, Cyber Legislation, Cyber Terrorism

Cyber Round Up: US Government Agencies Ignoring Cybersecurity Warnings, Post-Paris Renewed Debate About Government Access to Encrypted Data, On Encryption: Big Tech Is Not Budging

  • U.S. Government Agencies Ignoring 840 Warnings on Poor Cybersecurity (Sputnik News): According to this article by Sputnik News, the Government Accountability Office (“GAO”) made approximately 2,000 recommendations to improve information security in U.S. government agencies over the past six years and to-date, the government has implemented slightly over half of the recommendations (1,160).  Weaknesses included both design and implementation of information security controls in such key agencies as the Department of Homeland Security, according to Sputnik.  Meanwhile, the report also indicates that cyber-hacking incidents have increased from 5,503 in 2006 to 67,168 in 2014.  The full article can be found here.

GAO_Report_IS

  • Overnight Cybersecurity: Post-Paris fears spark encryption debate (The Hill): In the wake of the terrorists attacks in Paris, several key players, such as CIA Director John Brennan, and Senator Dianne Feinstein (D-CA), are becoming increasingly vocal about law enforcement’s need to access encrypted data, according to the article.  The article indicates that unnamed European counterterrorism officials told the New York Times that they believe the attackers leveraged some form of encryption in order to communicate, and coordinate the attacks.  Additionally, it appears that several lawmakers are pushing for legislative action to ensure that the government has access to encrypted data (Senate Intelligence Committee Chair Richard Burr (R-NC), and Sen. John McCain (R-AZ), specifically), according to the article.  The Hill also reports in the same article that lawmakers are issuing warnings about the lack of security measures in the Department of Education’s database which contains sensitive information on hundreds of millions of Americans.  Perhaps the Education Department should employ encryption techniques?  The full article is here.

 

  • On Encryption – Beg Tech Will not Yield (CNBC): On the flip side, the tech industry continues to remain steadfastly opposed to government access to encryption, according to CNBC.  Mark Cuban, using his Cyber Dust messaging app (which deletes messages 24 seconds after they are read), stated “Encryption is a fundamental underpinning of the freedom of speech”, according to the article.  The article also quotes the Electronic Frontier Foundation’s (“EFF”) Executive Director, Cindy Cohn: “These heinous attacks must not be used to justify further erosion of our security, civil liberties or privacy.”  Peter Firstbrook, an analyst with Gartner says the common argument against backdoors to allow government access to encrypted data is the “if you have nothing to hide…” which Firstbrook believes fails to acknowledge that everyone has private details they would not want exposed and the shift to a surveillance state would fundamentally alter the way that people interact and behave, according to the article.  The full article can be found here.

Leave a Reply