Cyber Security: How to wrestle your data from data brokers, Silicon Valley — and Cambridge Analytica - Jeremy B. Merrill

Cambridge Analytica thinks that I’m a “Very Unlikely Republican.” Another political data firm, ALC Digital, has concluded I’m a “Socially Conservative,” Republican, “Boomer Voter.” In fact, I’m a 27- year old millennial with no set Party alliance.

One thing is certain: My personal data, and likely yours, is in more hands than ever. Tech firms, data brokers and political consultants build profiles of what they know — or think they can reasonably guess — about your purchasing habits, personality, hobbies and even what political issues you care about.

Making statistically informed guesses about Americans’ political beliefs and pet issues is a common business these days, with dozens of firms selling data to candidates and issue groups about the purported leanings of individual American voters., Cambridge Analytica

Read more: How to wrestle your data from data brokers, Silicon Valley — and Cambridge Analytica | Salon.com

Cybersecurity: Russia in talks with US to create cybersecurity working group: says Russian Press Agency

Moscow and Washington are in talks to create a joint cyber security working group, Russia's RIA news agency reported on Thursday, citing Andrey Krutskikh, a special presidential envoy on cybersecurity.

U.S. President Donald Trump said earlier this month he had discussed the idea of creating such a group with President Vladimir Putin at a summit of the Group of 20 nations in Hamburg, Germany.

But the idea was greeted with incredulity by some senior Republicans who said Moscow could not be trusted - and the U.S. president later tweeted that he did not think it could happen.

"The talks are underway ... different proposals are being exchanged, nobody denies the necessity of holding the talks and of having such contacts," Krutskikh said, according to RIA. Svetlana Lukash, a Russian official who was at the Hamburg summit, said earlier this month that the two presidents had agreed to discuss cyber security questions, either via the United Nations or as part of a working group.

To read more click here

US calls for cyber reform after massive hack - could be the kiss of death for free and open internet

The White House urged Congress to come out of the "dark ages" and pass new cyber security rules, using a massive security breach to press its case for reform.

President Barack Obama's allies seized on news of that data on four million government employees had been compromised to press for legislation stalled in the Republican-dominated Congress.

"The fact is, we need the United States Congress to come out of the dark ages and come into the 21st century to make sure we have the kinds of defenses that are necessary to protect a modern computer system," said White House spokesman Josh Earnest.

Senate Intelligence Committee vice chairman Dianne Feinstein, a Democrat, joined the White House drive.

Read more:US calls for cyber reform after massive hack - Business Insider

Cyber Security: Hacking Groups Target Shipping Ports in Europe and US - by Rachel King

Authorities in Europe and the US are beginning to recognize that shipping ports are vulnerable to cybersecurity threats. The systems used to monitor the movements of containers from ships to trucks can be hacked, either for criminal or other nefarious purposes, according to recent reports.

Failures in these IT systems could disrupt operations at U.S. shipping ports, which handle more than $1.3 trillion in cargo annually, according to a June 2014 report by the U.S. Government Accountability Office.

The GAO recommended that the sector conduct a comprehensive risk assessment which is usually the first step in mitigating potential cyberattacks. So far, the Department of Homeland Security has taken limited actions to beef up cybersecurity at maritime ports, largely, officials told the GAO, because they have only recently recognized the severity of cyber-related threats.

The GAO says the dependence of ports on information technology is increasing at the same time that cybercriminals and other groups are becoming more sophisticated. For example, the report notes an incident in 2013 where criminals allegedly hacked into IT systems at the Belgian port of Antwerp which enabled them to smuggle drugs into the country, one of the first known incidents of hackers infiltrating port IT systems.

In compiling the report, government auditors visited three high-risk domestic ports to identify the types of technologies used and examine security plans.

In the shipment of containers, for example, a terminal operating system is used by a port authority to control container movements and storage while containers are in its possession. In addition, business operations systems such as email, file servers and network equipment are used to communicate with customers. These systems are at risk of a cyberattack, the report said.

EU-Digest

European Communication Network: Merkel, Hollande to discuss European communication network avoiding U.S.

German Chancellor Angela Merkel said on Saturday she would talk to French President Francois Hollande about building up a European communication network to avoid emails and other data passing through the United States.

Merkel, who visits France on Wednesday, has been pushing for greater data protection in Europe following reports last year about mass surveillance in Germany and elsewhere by the U.S. National Security Agency. Even Merkel's cell phone was reportedly monitored by American spies.

Merkel said in her weekly podcast that she disapproved of companies such as Google and Facebook basing their operations in countries with low levels of data protection while being active in countries such as Germany with high data protection.

Read more Merkel, Hollande to discuss European communication network avoiding U.S. | Reuters

Cyper Espionage: Russia's Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals - by Noah Shachtman

It’s early February in Cancun, Mexico. A group of 60 or so financial analysts, reporters, diplomats, and cybersecurity specialists shake off the previous night’s tequila and file into a ballroom at the Ritz-Carlton hotel. At the front of the room, a giant screen shows a globe targeted by crosshairs. Cancun is in the center of the bull’s-eye.

A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white polo shirt with a pair of red sunglasses perched on his head, he looks more like a beach bum who’s lost his way than a business executive. In fact, he’s one of Russia’s richest men—the CEO of what is arguably the most important Internet security company in the world. His name is Eugene Kaspersky, and he paid for almost everyone in the audience to come here. “Buenos dias,” he says in a throaty Russian accent, as he apologizes for missing the previous night’s boozy activities. Over the past 72 hours, Kaspersky explains, he flew from Mexico to Germany and back to take part in another conference. “Kissinger, McCain, presidents, government ministers” were all there, he says. “I have panel. Left of me, minister of defense of Italy. Right of me, former head of CIA. I’m like, ‘Whoa, colleagues.’”

He’s bragging to be sure, but Kaspersky may be selling himself short. The Italian defense minister isn’t going to determine whether criminals or governments get their hands on your data. Kaspersky and his company, Kaspersky Lab, very well might. Between 2009 and 2010, according to Forbes, retail sales of Kaspersky antivirus software increased 177 percent, reaching almost 4.5 million a year—nearly as much as its rivals Symantec and McAfee combined. Worldwide, 50 million people are now members of the Kaspersky Security Network, sending data to the company’s Moscow headquarters every time they download an application to their desktop. Microsoft, Cisco, and Juniper Networks all embed Kaspersky code in their products—effectively giving the company 300 million users. When it comes to keeping computers free from infection, Kaspersky Lab is on its way to becoming an industry leader.

But this still doesn’t fully capture Kaspersky’s influence. Back in 2010, a researcher now working for Kaspersky discovered Stuxnet, the US-Israeli worm that wrecked nearly a thousand Iranian centrifuges and became the world’s first openly acknowledged cyberweapon. In May of this year, Kaspersky’s elite antihackers exposed a second weaponized computer program, which they dubbed Flame.

It was subsequently revealed to be another US-Israeli operation aimed at Iran. In other words, Kaspersky Lab isn’t just an antivirus company; it’s also a leader in uncovering cyber-espionage.

Serving at the pinnacle of such an organization would be a remarkably powerful position for any man. But Kaspersky’s rise is particularly notable—and to some, downright troubling—given his KGB-sponsored training, his tenure as a Soviet intelligence officer, his alliance with Vladimir Putin’s regime, and his deep and ongoing relationship with Russia’s Federal Security Service, or FSB. Of course, none of this history is ever mentioned in Cancun.

What is mentioned is Kaspersky’s vision for the future of Internet security—which by Western standards can seem extreme. It includes requiring strictly monitored digital passports for some online activities and enabling government regulation of social networks to thwart protest movements. “It’s too much freedom there,” Kaspersky says, referring to sites like Facebook. “Freedom is good. But the bad guys—they can abuse this freedom to manipulate public opinion.”

These are not exactly comforting words from a man who is responsible for the security of so many of our PCs, tablets, and smartphones. But that is the paradox of Eugene Kaspersky: a close associate of the autocratic Putin regime who is charged with safeguarding the data of millions of Americans; a supposedly-retired intelligence officer who is busy today revealing the covert activities of other nations; a vital presence in the open and free Internet who doesn’t want us to be too free. It’s an enigmatic profile that’s on the rise as Kaspersky’s influence grows.

Note EU-Digest: NSA, Kapersky - just imagine one who spies on you and one who removes the spy programs from your computer - just imagine the day they will join forces ( if they haven't already). If you think personal privacy is in the danger today - it all could be gone tomorrow. 

Read more: Russia's Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals | Danger Room | Wired.com

European Cyber Security directive in the works

According to a recent report by the Commission on the Theft of American Intellectual Property, intellectual property theft cost the US around 300 billion dollars per year, a staggering figure equal to America's total exports to Asia. Somewhere between half and 80 percent of that theft is believed to have come from China.

At the end of March President Obama signed a bill restricting the use of Chinese products by federal agencies including NASA, the National Science Foundation and the Commerce and Justice departments.

The law blocks these agencies from buying information technology that has been “produced, manufactured or assembled” by a company with ties to the Chinese government unless the FBI or a similar agency determines the purchase would be in the national interest.

Europe is also concerned about this issue and a new cyber security directive is currently being reviewed  by the European Parliament. The directive also includes a section on defending European interests by not relying too heavily on foreign technology for obvious reasons.

The new European cyber security directive will attempt to set standards on cyber security issues and aims to make European security technology a world leader. With the E.U. security industry valued between €26 billion and €36.5 billion with around 180,000 employees. This obviously is also of great importance as the directive is being launched. 

Read more: International cyber security - economics or security | New Europe

Cyber Security: U.S. and China Hold Military Talks, With Cybersecurity a Focus - by Jane Perlez

The United States and China held their highest-level military talks in nearly two years on Monday, with a senior Chinese general pledging to work with the United States on cybersecurity because the consequences of a major cyberattack “may be as serious as a nuclear bomb.

Cybersecurity has become a sudden source of tension between the two countries. China has bristled over the growing body of evidence that its military has been involved in cyberattacks on American corporations and some government agencies. Last month, the Obama administration demanded that the Chinese government stop the theft of data from American computer networks and help create global standards for cybersecurity. 

At a news conference on Monday after talks with the chairman of the Joint Chiefs of Staff, Gen. Martin E. Dempsey, the Chinese general, Fang Fenghui, said he would be willing to set up a cybersecurity “mechanism,” but warned that progress might not be swift.

Note EU-Digest: the question one could ask about the above issue: "whom is kidding whom ?"

Read more: U.S. and China Hold Military Talks, With Cybersecurity a Focus - NYTimes.com