Subscribe: CircleID: News Briefs
http://www.circleid.com/rss/rss_news/
Preview: CircleID: News Briefs

CircleID: News Briefs



Latest news postings on CircleID



Updated: 2017-08-15T20:23:00-08:00

 



U.S. Department of Justice Demands IP Addresses, Other Details on Visitors to Trump Resistance Site

2017-08-15T13:23:00-08:00

The Los Angeles-based hosting company, DreamHost on Monday revealed that for the past several months it has been dealing with a search warrant from the Department of Justice pertaining to a website used to organize protests against President Trump. DreamHost says: "At the center of the requests is disruptj20.org, a website that organized participants of political protests against the current United States administration. While we have no insight into the affidavit for the search warrant (those records are sealed), the DOJ has recently asked DreamHost to provide all information available to us about this website, its owner, and, more importantly, its visitors. ... The request from the DOJ demands that DreamHost hand over 1.3 million visitor IP addresses — in addition to contact information, email content, and photos of thousands of people — in an effort to determine who simply visited the website."

Follow CircleID on Twitter

More under: Law, Privacy, Web




British Organizations Could Face Massive Fines for Cybersecurity Failures

2017-08-08T06:30:00-08:00

Organizations who fail to implement effective cybersecurity measures could be fined as much as £17 million or 4% of global turnover, as part of Britain's plan to prevent cyberattacks that could result in major disruption to services such as transport, health or electricity networks. The Guardian reports: "The move comes after the [National Health Service] NHS became the highest-profile victim of a global ransomware attack, which resulted in operations being cancelled, ambulances being diverted and patient records being made unavailable. ... The issue came to the fore again after a major IT failure at British Airways left 75,000 passengers stranded and cost the airline £80m… The consultation will also focus on system failures, with requirements for companies to show what action they are taking to reduce the risks."

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, Policy & Regulation




China Carries Out Drill with ISPs to Practice Taking Down Websites Deemed Harmful

2017-08-04T11:40:00-08:00

China carried out a drill on Thursday to practice shutting down websites that are deemed harmful amidst country's preparation for a sensitive political reshuffling set to take place later this year. Sijia Jiang reporting in Reuters: "Internet data centers (IDC) and cloud companies ... were ordered to participate in a three-hour drill to hone their 'emergency response' skills, according to at least four participants that included the operator of Microsoft's cloud service in China. ... The drill asked internet data centers to practice shutting down target web pages speedily and report relevant details to the police, including the affected websites' contact details, IP address and server location."

Follow CircleID on Twitter

More under: Access Providers, Censorship, Internet Governance




British Security Researcher Credited for Stopping WannaCry Is Charged in a U.S. Cybercrime Case

2017-08-04T11:22:00-08:00

Cybersecurity researcher to appear in court in Las Vegas charged in a US cybercrime case. The 23-year-old British security researcher, Marcus Hutchins, who a few months ago was credited with stopping the WannaCry outbreak by discovering a hidden "kill switch" for the malware, is now reported to have been arrested by the FBI over his alleged involvement in separate malicious software targeting bank accounts. The Guardian reports: "According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015. The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft Word documents, and hijacked credentials such as internet banking passwords to let its user steal money with ease."

The Kronos indictment: Is it a crime to create and sell malware? Orin Kerr from the Washington Post writes: "The indictment asserts that Hutchins created the malware and an unnamed co-conspirator took the lead in selling it. The indictment charges a slew of different crimes… Do the charges hold up? Just based on a first look at the case, my sense is that the government’s theory of the case is fairly aggressive. It will lead to some significant legal challenges."

Follow CircleID on Twitter

More under: Cybercrime, Cybersecurity, Malware




Verizon, AT&T Speeds Slow After Unlimited Data Plans Launch

2017-08-02T17:25:00-08:00

Verizon and AT&T re-introduced their unlimited data plans earlier this year, and as a result, studies show that the providers' 4G speeds and overall speeds have fallen due to increased data demand on their networks. Analyzing more than 5 billion measurements, OpenSignal compared the 3G and 4G performance of the big 4 mobile operators in the U.S. From the report: "It's been a fascinating six months for the U.S. mobile industry. After years of retreating from all-you-can-eat data services, both Verizon and AT&T reintroduced unlimited plans this year to counter the increasing threat of T-Mobile and Sprint. Those new plans not only had a big impact on the competitive landscape in the U.S. but also on OpenSignal's metrics. Our measured average speeds on Verizon and AT&T's networks have clearly dropped, almost certainly a result of new unlimited customers ramping up their data usage. Conversely, T-Mobile and Sprint's 4G and overall speeds are steadily increasing in our measurements. Those shifting speed results were one of the main reasons T-Mobile swept our six awards categories for this reporting period. Despite T-Mobile's wins, the Un-carrier and Verizon are still engaged in a very close fight in our 4G metrics in the urban battlegrounds of the U.S."

Follow CircleID on Twitter

More under: Access Providers, Mobile Internet, Telecom




U.S. Senators to Introduce IoT Security Bill

2017-08-01T11:55:00-08:00

U.S. senators on Tuesday announced plans to introduce legislation seeking to address vulnerabilities in IoT devices. Dustin Volz reporting in Reuters: "The new bill would require vendors that provide internet-connected equipment to the U.S. government to ensure their products are patchable and conform to industry security standards. It would also prohibit vendors from supplying devices that have unchangeable passwords or possess known security vulnerabilities. ... A Senate aide who helped write the bill said that companion legislation in the House was expected soon."

Follow CircleID on Twitter

More under: Cybersecurity, Internet of Things, Law, Policy & Regulation




No Dates for the Next gTLD Round Yet, Says ICANN

2017-07-29T11:46:00-08:00

According to a letter sent from ICANN's chair to the Registries Stakeholder Group (RySG) this week, the agency will not be setting a date for the next round of new gTLD applications anytime soon despite keen interest from registry operators. Kevin Murphy reporting in Domain Incite writes: "The RySG had asked last month for ICANN's leadership to set a fourth-quarter 2018 deadline for the next application window. It said that drawing a line in the sand would allow potential applicants to plan and would prevent current policy-development processes from being abused to delay the next round. But Crocker says in his letter that it is up to the ICANN community, not its board of directors, to determine if and when a new round should commence."

Follow CircleID on Twitter

More under: ICANN, Top-Level Domains




EFF Cautions Against Unfair TLD Policies, Offers Advice on Choosing New gTLDs for Best Protection

2017-07-28T09:42:00-08:00

In a white paper released on Thursday, EFF has warned domain registrants against unfair policies set by new TLD registries and offers ways to minimize exposure to trademark bullying. The white paper titled, "Which Internet registries offer the best protection for domain owners?” also touches on how some domain name registries and registrars do a better job of privacy protections. From the paper: "Unfortunately, the Trademark Clearinghouse admits many questionable entries into its database, with the result that legitimate domain registrants are prevented from registering domains during the sunrise period, or are needlessly frightened away from doing so during the subsequent Claims period. ... As if this were not enough, some registries have gone above and beyond what ICANN requires by providing yet more power to brand owners. ... For better protection against trademark bullies, you should generally avoid registering your domain in any of the new gTLD..."

Follow CircleID on Twitter

More under: Intellectual Property, Law, Policy & Regulation, Top-Level Domains




Over 50% Accessed LinkedIn Over IPv6, Historic Milestone Says Company

2017-07-27T11:24:00-08:00

LinkedIn has announced that earlier this month, and for the first time in our company's history, more than 50% of its pages were accessed over IPv6 from mobile devices in the US. From the report: "We have been very close to exceeding the 50% mark for page views over IPv6 on mobile in the U.S., and on Saturday, July 8, we saw for the first time that 50.3% of our page views on mobile in the U.S. were served over IPv6. We are very close to reaching 50% in the U.S. across all devices (mobile and desktop). On that same day, 23.1% of our page views were served over IPv6 to mobile devices globally, and 22.17% to all devices. ... We are currently working on enabling IPv6 on our all of our internal networks and applications in order to begin removing IPv4 internally, beginning in 2018."

(image)

Follow CircleID on Twitter

More under: IPv6, Mobile Internet




U.S. House Republicans Ask CEO's of Major Tech, Telecom Companies to Testify on Net Neutrality

2017-07-25T13:13:00-08:00

U.S. House Republicans have invited CEOs of major technology and telecommunications companies to weigh in on the net neutrality debate amidst Federal Communications Commission move to repeal the Obama-era rules. Harper Neidig reporting in The Hill: "Rep. Greg Walden (R-Ore.), the chairman of the House Energy and Commerce Committee, said in a hearing on Tuesday that he has invited the executives to testify before the panel on September 7 to settle the debate. ... A strong consensus is forming across party lines and across industries that it's time for Congress to call a halt on the back-and-forth and set clear net neutrality ground rules for the internet." Invitations invitations to the chief executives of Facebook, Amazon, Netflix were sent to CEOs of Facebook, Amazon, Netflix, Google parent company Alphabet, Verizon, AT&T, Comcast and Charter Communications.

Follow CircleID on Twitter

More under: Net Neutrality, Policy & Regulation




'Not the Best Time' for Proposed Russia-U.S. Cyber Unit, Says NSA Chief

2017-07-23T10:42:00-08:00

NSA chief, Mike Rogers during the annual Aspen Security Forum on Saturday, shunned the proposed Russia-U.S. cyber unit, stating "I would argue now is probably not the best time to be doing this." From a report in Reuters: "National Security Agency Director Mike Rogers on Saturday rebuffed the prospect for a U.S.-Russia cyber unit, a proposal which has been greeted with incredulity by several senior U.S. lawmakers and which President Donald Trump himself appeared to back down from after initially indicating interest. ... Trump said earlier this month that he had discussed the idea of creating such a group with Russian President Vladimir Putin at the Group of 20 summit in Hamburg."

Follow CircleID on Twitter

More under: Cybersecurity, Policy & Regulation




Kansas System Hacked, Social Security Numbers of Millions Accessed Spanning 10 States

2017-07-21T10:51:00-08:00

Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. The agency had to pay for credit monitoring services for all victims. From the report:"The number of SSNs exposed across the 10 states whose data was accessed has not been previously reported. The Kansas News Service, a collaboration of KCUR, Kansas Public Radio, KMUW and High Plains Public Radio, obtained the information through an open records request. More than half a million of the SSNs were from Kansas, according to the Department of Commerce. The data is from websites that help connect people to jobs."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime




Amazon.com Inc Given New Chance to Secure .AMAZON TLD

2017-07-20T10:38:00-08:00

An arbitration panel has given Amazon.com Inc. a new shot at securing the .amazon top-level domain which the company has been fighting for since 2014. Alexis Kramer from BNA News reports: "The independent review panel ordered the Internet Corporation for Assigned Names and Numbers board to 'promptly re-evaluate' Amazon.com’s domain application in a July 10 declaration published late July 17 on ICANN’s website. ... The e-commerce giant has been fighting for the .amazon domain since its application was first denied in May 2014 based on consensus advice from government advisors. Representatives from Brazil and Peru, leading opponents of Amazon’s application, argued that the name has strong geographic ties to the Amazon ecological habitat. The panel said the board failed to independently determine that there were public policy reasons for denying the application." In a special report on the story in The Register, Kieren McCarthy writes: "Unfortunately, this is just the latest example of ICANN's notoriously poor accountability and its tendency to do what it thinks is in its own best interests, regardless of any rules, procedures and bylaws. It is also the third time that ICANN has been called out on its propensity for doing whatever the world's governments ask of it."

Follow CircleID on Twitter

More under: ICANN, Internet Governance, Policy & Regulation, Top-Level Domains




Somalia's Extended Internet Outage Results in Millions of Dollars of Loss per Day, Says Government

2017-07-18T10:57:00-08:00

Somalia's internet connection was finally restored on Monday after weeks of outage due to a severed undersea cable. The event has cost the nation millions of dollars a day according to the government's assessment. Reuters reports: "Businesses had to close or improvise to remain open during the shutdown and the telecoms minister told state radio it cost the equivalent of about $10 million in daily economic output. Information Minister Abdirahman Omar Osman apologized to citizens on Tuesday for the outage, which hit all landline and mobile users apart from those with access to private satellite connections, and called for them to have back-up plans."

Follow CircleID on Twitter

More under: Access Providers, Telecom




Rightside, Donuts Merger Gets the Green Light from ICANN

2017-07-18T10:23:00-08:00

New top-level domain registry operators, Rightside Group, Ltd. (NASDAQ:NAME) and Donuts Inc. have received ICANN's express consent on their merger plans announced last month. As part of the announced agreement, Donuts will acquire Rightside for $10.60 per share in an all-cash tender offer, for an aggregate purchase price of approximately $213MM. The Merger Agreement was unanimously approved by Rightside's Board of Directors following a comprehensive review of strategic and financial alternatives that Rightside announced in the first quarter of 2017. Analyzing the acquisition, Andrew Allemann from Domain Name Wire writes: "Rightside had to sell. There was no question that Rightside was going to be acquired or go private in some way. After selling eNom to Tucows for $83.5 million earlier this year, the company was just too small to remain public. It also had lots of pressure to perform… It had to sell eNom because it was about to lose its biggest customer."

Follow CircleID on Twitter

More under: Domain Names, ICANN, Registry Services, Top-Level Domains




Over 190 Internet Engineers, Pioneers, Technologists File Comments with FCC on Net Neutrality

2017-07-17T16:52:00-08:00

A group of over 190 Internet engineers, pioneers, and technologists today filed joint comments with the Federal Communications Commission (FCC) explaining "Technical Flaws in the FCC's Notice of Proposed Rule-making and the Need for the Light-Touch, Bright-Line Rules from the Open Internet Order." From the filed statement: "The undersigned submit the following statement in opposition to the Federal Communications Commission's Notice of Proposed Rulemaking ... which seeks to reclassify Broadband Internet Access Service (BIAS) providers as 'information services,' as opposed to 'telecommunications services.' Based on certain questions the FCC asks in the Notice of Proposed Rulemaking (NPRM), we are concerned that the FCC (or at least Chairman Pai and the authors of the NPRM) appears to lack a fundamental understanding of what the Internet's technology promises to provide, how the Internet actually works, which entities in the Internet ecosystem provide which services, and what the similarities and differences are between the Internet and other telecommunications systems the FCC regulates as telecommunications services. Due to this fundamental misunderstanding of how the technology underlying the Internet works, we believe that if the FCC were to move forward with its NPRM as proposed, the results could be disastrous: the FCC would be making a major regulatory decision based on plainly incorrect assumptions about the underlying technology and Internet ecosystem." More details reported today by Erica Portnoy from EFF.

Follow CircleID on Twitter

More under: Access Providers, Broadband, Censorship, Net Neutrality, Networks, Policy & Regulation, Telecom




U.S. Cyber Command to Split Off from NSA

2017-07-17T14:45:00-08:00

The Unites States is finalizing plans to revamp the nation’s military command for defensive and offensive cyber operations in hopes of intensifying America’s ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials. Lolita Baldor reporting today in PBS: "Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency. ... The officials weren’t authorized to speak publicly on the matter so requested anonymity. The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA."

Follow CircleID on Twitter

More under: Cybersecurity




Extreme Cyberattack Could Cost as Much as Superstorm Sandy, Says Insurer Lloyd's of London

2017-07-17T12:34:00-08:00

A global cyberattack has the potential to cost $120bn in economic losses, roughly the equivalent of a catastrophic natural disaster like 2012’s Superstorm Sandy, a scenario described in new research by Lloyd’s of London and Cyence, a cyber-risk analytics modeling firm. Findings also reveal that despite the increase in cyber-insurance demand, majority of losses are not currently insured, leaving an insurance gap of tens of billions of dollars.

— "For the cloud service disruption scenario in the report, average economic losses range from US$4.6 billion from a large event to $53 billion for an extreme event. This is the average in the scenario, because of the uncertainty around aggregating cyber losses this figure could be as high as $121 billion or as low as $15 billion."

"In the mass software vulnerability scenario, the average losses range from US$9.7 billion for a large event to US$28.7 billion for an extreme event. And the average insured losses range from US$762 million to US$2.1 billion."

Follow CircleID on Twitter

More under: Cyberattack




EFF: Internet Went All Out in Support of Net Neutrality

2017-07-13T09:22:00-08:00

Yesterday's "Day of Action to Save Net Neutrality," resulted in more than 3.4 million emails to U.S. Congress and more than 1.6 million comments to the Federal Communications Commission. EFF says: "[T]he Internet went all out in support of net neutrality. Hundreds of popular websites featured pop-ups suggesting that those sites had been blocked or throttled by Internet service providers. Some sites got hilariously creative… Together, we painted an alarming picture of what the Internet might look like if the FCC goes forward with its plan to roll back net neutrality protections: ISPs prioritizing their favored content sources and deprioritizing everything else."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




Apple Setting Up First Data Center in China to Comply with Tougher Cybersecurity Laws

2017-07-12T12:15:00-08:00

Apple today reported it is constructing its first data center in China, in partnership with a local internet services company, in order to comply with the tougher cybersecurity laws enacted last month. The data center will be located in the southern province of Guizhou in collaboration with data management firm Guizhou-Cloud Big Data Industry Co Ltd (GCBD). According to a Reuters report, the data center is part of a planned $1 billion investment into the province. "Apple is the first foreign firm to announce amendments to its data storage for China following the implementation of a new cyber-security law on June 1 that requires foreign firms to store data within the country. Overseas business groups said the law's strict data surveillance and storage requirements are overly vague, burdening the firms with excessive compliance risks and threatening proprietary data."

Follow CircleID on Twitter

More under: Cloud Computing, Data Center, Internet Governance, Policy & Regulation