CyberSecurity Pulse 2016-05-12
|“An issue is held in balance by the interaction of two opposing sets of forces – those seeking to promote change (driving forces) and those attempting to maintain the status quo (restraining forces).”|
The New Twitter Policy that Worries Over a Security Agency
In this sense, a former deputy director of the NSA, John C. Inglis, told the Wall Street Journal that Twitter was engaging in double standards by declining to offer intelligence agencies data that is already available to the private sector. The fact is that intelligence agencies are increasingly monitoring social media as some services like Twitter are widely used by terrorist organizations like the Islamic State group for propaganda and recruitment purposes.
Be that as it may, it is not the first measure that Twitter takes into account with this aim. First was the decision not to disclose to any competent authority private information about users, except in response to an appropriate legal process. Undoubtedly, it seems to be trying to distance itself from appearing to aid government surveillance, a controversial issue after former National Security Agency contractor Edward Snowden revelations about how the government was collecting information on users through the Internet and telecommunications companies.
Struggling With the Cyberwar Term
The Cyber Act of War of 2016 would require the President of the United State to develop a policy to determine whether a cyberattack constitutes an act of war. The bill requires the White House to compare how a cyberattack may be equivalent to conventional weapons in destruction of causalities when evaluating the attack as an act of war. “Cyberattacks on our critical infrastructure are capable of impacting our entire economy and causing significant destruction. This legislation would require the executive branch to define which of these actions constitute a cyberact of war, which would allow our military to be better able to respond to cyberattacks", the United States Senator Rounds said in a statement.
US Developing Technology to Identify and Track Cybercriminals Worldwide
Now, the Pentagon wants a better way to not only identify malicious hackers but also to look for practical algorithms that can predict where that hacker might attack next. Through this new initiative, the United States military research agency DARPA hopes that agencies would quickly track and identify sophisticated hackers or criminal groups by monitoring their exact behavior and physical biometrics. In other words, this program will not only help the government characterize the cybercriminal but it will also share the criminal’s modus operandi with potential victims so as to predict the attacker’s next target.
Rest of the Week´s News
Kroger Hit By W-2 Data Breach At Equifax
Kroger has alerted this week its current and former employees that their data, including Social Security numbers and birth dates, may have been compromised as a result of a breach at Equifax's W-2Express website. The grocery chain, which is one of Equifax’s many customers, has more than 431,000 employees who are registered on the W-2Express portal.
10-year-old Boy Becomes the Youngest Bug Bounty Hacker
Jani, a child from Helsinki has reported recently an Instagram bug to Facebook that allowed him to delete other Instagram users' comments just by entering a malicious code into the app's comment field. Jani responsibly disclosed the vulnerability details to Facebook, who owns Instagram, in February and he has been rewarded with €9000 under Facebook’s bug bounty program.
Exploiting a Vulnerability on Qualcomm Devices
Google has patched a high-severity vulnerability that has been around for the last five years, potentially leaving users' text messages, call histories, and other sensitive data open to snooping. The vulnerability affects Android versions 4.3 and earlier that use the software package maintained by mobile chipmaker Qualcomm, according to a blog post published by security firm FireEye.