international norms – WindowsTechs.com

U.S. looks to restart talks on global cyber norms

Posted on October 1, 2018 by Sean Lyngaas

Fresh off the release of its national cybersecurity strategy, the Trump administration gauged interest at the United Nations in restarting talks on global cybersecurity norms. The negotiations, which collapsed last year amid reported acrimony among the U.S., Russia and others, aim to set limits on government-backed hacking at a time when offensive operations are abundant. At a meeting Friday with representatives of more than 20 countries, Deputy Secretary of State John J. Sullivan raised the prospect of restarting the norms dialogue at the U.N. Group of Governmental Experts (GGE), according to a State Department statement. Sullivan told reporters the department hopes to reconvene the GGE “to define norms of behavior that states will abide by and, if they don’t, to impose consequences.” “[N]onbinding norms of responsible behavior during peacetime provides important guidance to states, and we’re looking to develop those,” Sullivan said, echoing language in the administration’s new cyber strategy. Furthermore, he […]

The post U.S. looks to restart talks on global cyber norms appeared first on Cyberscoop.

Continue reading U.S. looks to restart talks on global cyber norms→

In war against botnets, manufacturers need to step up, report says

Posted on May 30, 2018 by Sean Lyngaas

The problem of botnets — the legions of computers used to carry out distributed denial-of-service attacks — is exacerbated by the fact that developers do not have the cost incentives to build more security into their products, according to a new report from the departments of Commerce and Homeland Security. “Product developers, manufacturers, and vendors are motivated to minimize cost and time to market, rather than to build in security or offer efficient security updates,” states the report mandated by a White House executive order last year. “Market incentives must be realigned to promote a better balance between security and convenience when developing products.” The report says the government should give companies some help by prioritizing research and development funding for botnet-thwarting products, and it suggests the private sector should expedite its own work on those technologies. The R&D — in techniques like data analytics, machine learning, and artificial intelligence is — “urgently needed to get […]

The post In war against botnets, manufacturers need to step up, report says appeared first on Cyberscoop.

Continue reading In war against botnets, manufacturers need to step up, report says→

Responsible vulnerability disclosure is becoming an international norm

Posted on September 22, 2017 by Shaun Waterman

More and more countries are joining the United States in adopting a policy of weighing the pros and cons of responsible vulnerability disclosure, as the public calls for more clarity regarding intelligence agencies and their supposed hoarding of previously undiscovered software flaws. The U.S. started using its own Vulnerability Equities Process in 2010, according to declassified documents, although it didn’t reveal the VEP publicly until 2014 — to help allay suspicions that the National Security Agency might have secretly known about the massive HeartBleed vulnerability. Now, other democracies are following suit, but it’s not clear if this will put pressure on “bad actor” nations to follow other countries’ lead. Just this month, the Canadian national broadcaster CBC reported for the first time that the country’s equivalent of the NSA, the Communications Security Establishment (CSE), had a comparable process to the VEP — although it is not public and the agency wouldn’t even say what it’s called. “CSE has […]

The post Responsible vulnerability disclosure is becoming an international norm appeared first on Cyberscoop.

Continue reading Responsible vulnerability disclosure is becoming an international norm→

Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’

Posted on July 14, 2017 by Shaun Waterman

The “impenetrable cybersecurity unit” that President Donald Trump talked about forming with Russia won’t happen, but U.S. officials will open a dialogue with their Kremlin counterparts about “rules of the road” in cyberspace, White House homeland security adviser Tom Bossert said Friday. It’s the first time a senior Trump administration cybersecurity official has addressed the issue since the president’s notorious tweet earlier this month. Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded.. — Donald J. Trump (@realDonaldTrump) July 9, 2017 The tweet, saying Trump and Russian President Vladimir Putin had “discussed forming an impenetrable Cybersecurity unit so that election hacking, & many other negative things, will be guarded,” set off a firestorm of derision and criticism from experts. Trump eventually seemed to retreat from the idea, but Bossert’s comments Friday made clear there will be an effort to open a […]

The post Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’ appeared first on Cyberscoop.

Continue reading Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’→

White House cyber czar says norms push will move to small group of allies

Posted on July 11, 2017 by Shaun Waterman

The Trump administration will continue its predecessor’s push for the adoption of global cyber norms, but is putting efforts to do so through the United Nations on the back burner, preferring instead to work with small groups of allied countries, White House cybersecurity czar Rob Joyce said Tuesday. This new “coalition of the willing” strategy seems at odds with the plans apparently developed last week for a joint cybersecurity framework with Russia to combat outside interference and hacking of elections. “We’re going to be working with like-minded countries to start to enforce the norms that we’ve talked about” — like the one outlawing attacks on critical infrastructure in peacetime — Joyce told a standing-room only crowd at the Department of Homeland Security Science and Technology Directorate’s cybersecurity R&D showcase. “We’ve got to raise the cost on the attackers … [We’ve got] to start pushing at those norms we know need to be enforced and following up so […]

The post White House cyber czar says norms push will move to small group of allies appeared first on Cyberscoop.

Continue reading White House cyber czar says norms push will move to small group of allies→