Our picksMissteps Leading to Russian Cyberattack | Grapples with Far-Right Extremism in Its Ranks | China Is Not Ten Feet Tall, and more
· What’s Good for Litigation Isn’t Necessarily Good for Cybersecurity
· Retracing Missteps and Searching for Answers after Russian Cyberattack
· Five Reasons Not to Split Cyber Command from the NSA Any Time Soon – If Ever
· Building a China Strategy Starts by Answering These Questions
· Support for QAnon Is Hard to Measure. Polls May Overestimate It
· Could Iran Really Be Linked to “Eco-Terrorism” against Israel?
· Dominic Raab: ‘Worrying’ Number Of Children And Teenagers Recruited To Terrorist Groups During Lockdown
· Who Wants to Be A Soldier? Germany Grapples with Far-Right Extremism in Its Ranks
· FBI Renews Attack on Encryption ahead of Another Possible Attack on the Capitol
· China Is Not Ten Feet Tall
· Building a China Strategy Starts by Answering These Questions
· China Is Losing Influence—and That Makes It Dangerous
· The One-Sided War of Ideas with China
What’s Good for Litigation Isn’t Necessarily Good for Cybersecurity (Randy Milch, Lawfare)
When Guo Wengui fled to the United States from China in 2015, he hired the Clark Hill law firm to assist him in his bid for political asylum. In 2017, unknown parties hacked Clark Hill’s computer systems and Guo’s personal information was published on the internet. Clark Hill hired experts to do a post-breach investigation. Guo, embracing the American system, sued Clark Hill and demanded the investigating expert’s report and associated materials in discovery. Clark Hill refused, arguing that the materials were protected by the attorney work-product and attorney-client privileges. The U.S. District Court for the District of Columbia ruledon Jan. 12 in Guo’s favor, finding the privileges did not protect the expert post-breach analysis from discovery.
I love these privileges as much as the next litigator, but it’s time to admit that efforts to shield post-breach investigations through the attorney work-product and attorney-client privileges (the “counsel privileges”) are bad for cybersecurity.
Retracing Missteps and Searching for Answers after Russian Cyberattack(David E. Sanger, New York Times)
· “With President Biden’s aides struggling to find innovative ways to retaliate against Russia for the most sophisticated hacking of government and corporations in history, key senators and corporate executives warned on Tuesday [Feb. 23] that the ‘scope and scale’ of the operation were unclear, and that the attack might still be continuing.”
· “Brad Smith, the president of Microsoft, told the Senate Intelligence Committee … ‘Right now, the attacker’—which appears to be the SVR, one of Russia’s main intelligence agencies—’is the only one who knows the entirety of what they did.’”
· “’It could have been exponentially worse,’ [said] Sen. Mark Warner … In fact, it may prove to be worse. … Anne Neuberger, President Biden’s new national security adviser for cyber and emerging threats, said the White House was preparing a comprehensive response because of ‘the ability of this to become disruptive.’ She was referring to the possibility that the same access that gave the Russians the ability to steal data could, in the next phase of an operation, enable them to alter or destroy it.” (Cont.)