The Weekly Newsletter of  
The George Washington University Cyber Security and Privacy Research Institute
MAY 2, 2016
Cyber Security and Privacy News
 
  • The FBI has decided it will not share with Apple information about a critical security vulnerability that the agency used to break into the phone of the terrorist responsible for the San Bernardino, Calif. massacres, The New York Times reports. "The F.B.I. closed the door Wednesday to the possibility of giving Apple the technical solution that the government bought to unlock the iPhone used by one of the attackers in the mass shooting in San Bernardino, Calif," wrote Eric Lichtblau and Katie Benner. "The decision leaves Apple in the dark about the technical details of how the F.B.I. - with help from an unknown outside group that was apparently paid at least $1.3 million - managed to bypass the company's vaunted encryption."
  • Federal officials fear that national security may have been jeopardized when the company building a sensitive phone-number database violated a federal requirement that only U.S. citizens work on the project, The Washington Post reports. Ellen Nakashima writes that the database is significant because it tracks nearly every phone number in North America, making it a key tool for law enforcement agencies seeking to monitor criminal or espionage targets. Read more here.
  • Writing for Nextgov, Mohana Ravindrath tells the tale of several NASA researchers who saw the massive hack at the Office of Personnel Management (OPM) coming a decade ago - only nobody listened back then. "In a few weeks, San Francisco attorney Daniel Girard plans to file a formal complaint against Uncle Sam on behalf of nearly 22 million hacked federal employees," Ravindrath's story begins. Read the rest here.
  • The Data Security Law Blog has a thorough roundup of what's next for the EU-US Privacy Shield proposal. "Rapprochement may still be a possibility, but over the past week, we have seen parties on both sides preparing for an extended fight," wrote J. Taylor Kirklin and Karen R. Berry. "The Privacy Shield is one of the most significant issues in global cybersecurity today." 
  • SWIFT, the global financial network that banks use to transfer billions of dollars every day, warned its customers on Monday that it was aware of "a number of recent cyber incidents" where attackers had sent fraudulent messages over its system, Reuters reported last week. "The disclosure came as law enforcement authorities in Bangladesh and elsewhere investigated the February cyber theft of $81 million from the Bangladesh central bank account at the New York Federal Reserve Bank," Reuters' Jim Finkle wrote . "SWIFT has acknowledged that the scheme involved altering SWIFT software on Bangladesh Bank's computers to hide evidence of fraudulent transfers."
Legislative Lowdown
 
  • The House last week unanimously passed an email privacy bill that the technology industry and advocates pushed for years, The Hill reports. "The  Email Privacy Act  had the most public backers of any bill in Congress, and it passed 419-0," reports M ario Trujillo. "Attention now turns to the Senate." 
  • "Swatting," a potentially lethal form of prank-calling, could soon be banned with stiffer penalties, under legislation that just passed a crucial vote in Congress. The Washington Post has more.

 

The Cyber Security and Privacy Research Institute (CSPRI) is a center for GW and the Washington area to promote technical research and policy analysis of problems that have a significant computer security and information assurance component. More information is available at our website, http://www.cspri.seas.gwu.edu.
  Follow us on Twitter
View our profile on LinkedIn
View our videos on YouTube
Upcoming Events

Clic
here 
for event descriptions

May 3, 12:00pm-1:30pm,
So You Have a Chip Card, Now What?

-
May 9
, 12:00pm-1:30pm, Restricting Data Flows: When is it Legitimate Policy and When is it Unjustified Protectionism?

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
May 10, 12:00pm-2:00pm, Roundtable: