Ex-CIA operative Valerie Plame talks nuclear, cyber threats at CMU; Pittsburgh Post-Gazette, April 22, 2017

Courtney Linder, Pittsburgh Post-Gazette; Ex-CIA operative Valerie Plame talks nuclear, cyber threats at CMU

"Ms. Plame, who worked to prevent the proliferation of nuclear weapons, referred to the Science and Security Board’s “Doomsday Clock” in her keynote speech at Carnegie Mellon University on Friday, prefacing a panel on inclusivity in STEM — or science, technology, engineering and math — for students and faculty.

In her hour-long discussion of nuclear threats and cybersecurity, Ms. Plame kept the conversation solutions-oriented, rather than dwelling on the high-profile “Plamegate” scandal that ended her espionage career."

Stopping trade secret theft in your organization; CSO, April 10, 2017

Frederick Scholl, CSO; 

Stopping trade secret theft in your organization

"The recent Google vs. Uber self-driving car litigation has brought trade secret theft into the news again. I have blogged on this topic before. In this post and the next three I will take a deeper dive into trade secret theft and how you can reduce the chance you will be the next victim.

Trade secret theft is one of the major cybersecurity risks of our time. Organizations now lose nearly $300 billion per year due to theft or misappropriation of intellectual property." 

Economic Development: Intellectual property must be protected from theft; Billings Gazette, April 2, 2017

Dena Johnson and Jennifer Webber, Billings Gazette; 

Economic Development: Intellectual property must be protected from theft

"Rising "intellectual property crime in the United States and abroad threatens our public safety and economic well being.” US Department of Justice.

What does this mean for Main Street businesses? Are they at risk? Or is intellectual property (“IP”) protection only a concern for larger companies? The answer? IP should be a priority for every business owner no matter the size. Your company should “protect the programs and systems that support what makes your company successful and unique.” Federal Bureau of Investigation.

We interviewed attorney Jennifer L. Webber of WEBBERpllc (www.webberpllc.com) to learn more."

9 biggest information security threats through 2019; CIO, March 28, 2017

Thor Olavsrud, CIO; 

9 biggest information security threats through 2019

"The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period. What follows are the nine biggest threats on the horizon through 2019 that your organization may have to manage and mitigate."

Trump Is President. Now Encrypt Your Email.; New York Times, March 31, 2017

Max Read, New York Times; Trump Is President. Now Encrypt Your Email.

"As lawyers and civil libertarians point out, federal criminal law is so vast and complicated that it is easy to unwittingly violate it, and even innocent conversation can later be used to build a criminal case. Encrypting your communication isn’t a matter of hiding criminal activity; it’s a matter of ensuring innocuous activity can’t be deemed suspicious by a zealous prosecutor or intelligence agent. Telling a friend that a party is really going to “blow up” when you arrive is less funny when it’s being entered into evidence against you."

FBI Arrests Hacker Who Hacked No One; Daily Beast, March 31, 2017

Kevin Poulsen, Daily Beast; FBI Arrests Hacker Who Hacked No One

"Now free on bond, Huddleston, 26, is scheduled to appear in a federal courtroom in Alexandria, Virginia on Friday for arraignment on federal charges of conspiracy and aiding and abetting computer intrusions.

Huddleston, though, isn’t a hacker. He’s the author of a remote administration tool, or RAT, called NanoCore that happens to be popular with hackers. NanoCore has been linked to intrusions in at least 10 countries, including an attack on Middle Eastern energy firms in 2015, and a massive phishing campaign last August in which the perpetrators posed as major oil and gas company. As Huddleston sees it, he’s a victim himself—hackers have been pirating his program for years and using it to commit crimes. But to the Justice Department, Huddleston is an accomplice to a spree of felonies.

Depending on whose view prevails, Huddleston could face prison time and lose his home, in a case that raises a novel question: when is a programmer criminally responsible for the actions of his users?"

WikiLeaks’ latest release of CIA cyber-tools could blow the cover on agency hacking operations; Washington Post, March 31, 2017

Ellen Nakashima, Washington Posr; WikiLeaks’ latest release of CIA cyber-tools could blow the cover on agency hacking operations

"WikiLeaks’ latest disclosure of CIA cyber-tools reveals a technique used by the agency to hide its digital tracks, potentially blowing the cover on current and past hacking operations aimed at gathering intelligence on terrorists and other foreign targets.

The release Friday of the CIA’s “Marble Framework” comes less than a month after the WikiLeaks dumped onto the Internet a trove of files — dubbed “Vault 7” — that described the type of malware and methods the CIA uses to gain access to targets’ phones, computers and other electronic devices...

WikiLeaks, founded by Julian Assange, has sought to position itself as a champion of transparency and defender of privacy rights. It described the Marble Framework as “the digital equivalent of a specialized CIA tool to place covers over the English language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.”"