Cyber Week in Review: July 7, 2017
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: July 7, 2017

An employee works near screens in the virus lab at the headquarters of Russian cyber security company Kaspersky Labs in Moscow July 29, 2013.
An employee works near screens in the virus lab at the headquarters of Russian cyber security company Kaspersky Labs in Moscow July 29, 2013. Sergei Karpukhin/Reuters

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. Just let me banya with the FSB in peace. The U.S Senate is looking to shut out Kaspersky from bidding on U.S. military contracts, triggering an angry response from Russia. The move comes amid renewed scrutiny of the Russian cybersecurity company, which has been accused for years of being too cozy with Russian intelligence services. In an attempt to assuage U.S. concerns of a back door in its products, the Associate Press reports that Kaspersky has offered to let the U.S. government audit its source code. However, that probably won't change much given that many in the U.S. intelligence community have stated on the record that they don't trust Eugene Kaspersky and his company. Kaspersky's defenders point out that accusations of "ties" with Russian intelligence ring hollow given the number of former NSA and CIA officials who work for Symantec, FireEye, and Crowdstrike.

More on:

Cybersecurity

Digital Policy

2. Is this to protect us or spy on us? Privacy International is accusing the Kenyan government of using recent cybersecurity investments as a cover to increase surveillance on opposition groups in the lead up to next month's elections. The country's intelligence service has been developing two projects--the Network Early Warning System and the National Intrusion Detection and Prevention System--aimed at improving the country's threat detection and incident response capabilities. Privacy International and Kenya's main opposition party argue that the monitoring capabilities of both programs could make domestic surveillance easier and that they lack a clear legislative framework. The Privacy International report coincides with Kenyan communications authority's publication of regulations for political or election-related content on social media. According to the New York Times, countries in the region have resorted to cutting off social media access during elections, and the Kenyan opposition fears that the government could do that same to increase its odds of staying in power. 

3. Sorry Apple, you're going to have to do better than that. Vice is reporting that Apple's new bug bounty program is struggling to get off the ground. After years of criticism, Apple finally launched a bug bounty program last summer, where hackers can sell hardware and software flaws they find in Apple products to the company instead of selling them on the open market. However, it would seem that Apple's ceiling price for a bug ($200,000) is less than what the market is willing to sell it for. Apple bug hunters can sell some iOS vulnerabilities for over a million dollars to the right buyer, such as an intelligence agency or a company that sells surveillance and forensics software, like Cellbrite, NSO Group, and Gamma. If Apple really wants to crack down on the vulnerability market for its products, it's going to have to pay up.

More on:

Cybersecurity

Digital Policy

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail