Cybersecurity

Focus Area:

Date published:

August 2, 2017

"It can be tempting to try to hide information or use technological tricks such as 'duress passwords' that, if used instead of the genuine one, unlock the device but keep a portion of the data hidden and encrypted. But Jennifer Granick, who studies cybersecurity law at Stanford University in California, warns against such strategies. “You don't want to lie to a government agent. That can be a crime.” And border guards are not likely to be sympathetic to the argument that a researcher has a legal duty to prevent anyone from seeing confidential data. Read more about Cybersecurity for the travelling scientist

When Companies Get Hacked, Should They Be Allowed to Hack Back?

Date published:

July 14, 2017

The Atlantic

"Patrick Lin, a professor of philosophy at California Polytechnic State University, has finer-grained logistical concerns about any legislation that opens up the possibility of hacking back, regardless of what one makes of whether it is justified or not. “It is much too premature to allow for hacking back, even if the practice isn’t immoral,” Lin says. Read more about When Companies Get Hacked, Should They Be Allowed to Hack Back?

Security experts warn lawmakers of election hacking risks

Date published:

June 21, 2017

ZDNet

"More than a hundred security researchers and computer science experts have warned in a letter to lawmakers that not enough is being done to ensure the integrity of state and federal elections.

The letter, published Wednesday, argues many US states are "inadequately prepared" to respond to cybersecurity risks with upcoming elections."

Affiliate Scholar Brian Nussbaum and Non-Residential Fellow Aleecia McDonald were signers.

Wannacry, London and Apple: Bush-Era Officials Debate Encryption

Date published:

June 7, 2017

The Recorder

"Crump also made that point. “The problem with that is that you cannot build a back door that works only for the U.S. government, good guys, or other people with good motives.”" Read more about Wannacry, London and Apple: Bush-Era Officials Debate Encryption

Privacy vs. Security: Experts Debate Merits of Each in Tech-Rich World

Date published:

June 7, 2017

Government Technology

"On the other side of the argument, Catherine Crump, acting director of Samuelson Law for the Berkeley School of Law, focused her argument on the dangers of providing a backdoor to any device to the government and expect it to only be used by the “good guys.”

She drew a parallel between handing the FBI a second master key to iPhones and recent worldwide WannaCry ransomware attack, which was launched using leaked National Security Agency (NSA) exploits. Read more about Privacy vs. Security: Experts Debate Merits of Each in Tech-Rich World

States 'awaken' to critical infrastructure cyberthreats

Date published:

May 30, 2017

E&E News

""The election did do a lot to awaken the state and local governments that had perhaps not thought so much about cybersecurity," said Brian Nussbaum, assistant professor at the University of Albany's College of Emergency Preparedness, Homeland Security and Cybersecurity in New York. Read more about States 'awaken' to critical infrastructure cyberthreats

Telegraph Cyber Security reveals there’s plenty business can do to prevent another WannaCry

Date published:

May 26, 2017

Elite Business Magazine

"Simple though this sounds, if companies are to ensure they’re adequately defended against even comparatively unsophisticated attacks, it’s vital for CTOs and chief information security officers (CISO) to have the full buy-in of their boards. “What I’ve found in talking to boards is there tends to be a nodding and looking serious, rather than actually an understanding what you’re talking about,” quipped Gail Kent, global public policy manager at Facebook. " Read more about Telegraph Cyber Security reveals there’s plenty business can do to prevent another WannaCry

Microsoft’s Old Software Is Dangerous. Is There a Duty to Fix It?

Date published:

May 20, 2017

Fortune

"Cyber law professor Jennifer Granick of Stanford University suggests auto-industry style liability is not appropriate for software.

"While it is true that companies need to start to prioritize security in coding, it is unreasonable to ask Microsoft to be liable for anything that can be done with the 50 million lines of code in Windows 10," Granick told Fortune by email." Read more about Microsoft’s Old Software Is Dangerous. Is There a Duty to Fix It?

Ransomware attack is why we can't have security backdoors, say privacy advocates

Date published:

May 18, 2017

USA Today

"What happened this week won’t be lost on judges in the future should the government again try to get tech companies to build backdoor access into programs, said Kristen Eichensehr, a law professor at the University of California at Los Angeles with an expertise in national security law and cybersecurity.

“What we’ve seen happen with WannaCry lends credence to that — and certainly any court is going to take it into account. The government has shown that it itself is persistently incapable of keeping its tools secure,” she said." Read more about Ransomware attack is why we can't have security backdoors, say privacy advocates

How the WannaCry Attack Will Impact Cyber Security

Date published:

May 16, 2017

Knowledge@Wharton

"Meanwhile, threats of similar – or perhaps worse – attacks have continued to surface. “This was not the big one. This was a precursor of a far worse attack that will inevitably strike — and it is likely, unfortunately, that [the next] attack will not have a kill switch,” said Andrea M. Matwyshyn, professor of law and computer science at Northeastern University. Read more about How the WannaCry Attack Will Impact Cyber Security

Cybersecurity

Pages