Episode 54 of the Cyberlaw Podcast features a guest appearance by Lawfare’s own Ben Wittes, discussing cybersecurity in the context of his forthcoming book, The Future of Violence, authored by Ben and Gabriella Blum. (The future of violence, you won’t be surprised to hear, looks bright.) Ben also floats the idea of taping an episode of all the Lawfare-affiliated podcasts in a bar with some of our listeners. More on that idea to come.
In the news roundup, I cover the President’s surprisingly news-light cybersecurity summit in Silicon Valley. Jason comments on state attorneys generals’ predictable sniping at Anthem for delays in identifying all the potential victims of its hack. I note with satisfaction a serious loss by EFF in the Jewel lawsuit over the US government’s access to AT&T traffic. And Jason lays out a report by the New York State Department of Financial Services on insurance company cybersecurity.
We both express concern about two Kaspersky security reports that identify new hacking tactics and new dangers for computer networks. The patient infiltration of large bank networks and the extraction of hundreds of millions of dollars casts doubt on the safety of banking systems around the world. Equally troubling is the discovery that what Kaspersky calls the “Equation” group used firmware exploits to achieve enduring access to a wide variety of hard drives. (Though Kaspersky’s claim that the access depended on having the hard drive makers’ source code looks wrong.)