Cyber wrap
27 Jul 2016|

Image courtesy of Wikipedia

Some 20,000 emails attained through last month’s Democratic National Committee network breach have now been shared with the world, thanks to Wikileaks. Those emails join the DNC’s opposition research file on Trump and detailed donor lists that were previously released by Guccifer 2.0, a Romanian hacker who claims responsibility for the breach. The emails contained ‘some embarrassing revelations but no bombshells’, however indications that DNC officials undermined Sanders in favour of Clinton did result in DNC Chairwoman Debbie Wasserman Schultz stepping down over the weekend. In an ironic twist, the leak included an email mocking a recent BuzzFeed article that criticised the DNC’s lack of cybersecurity.

Most interesting, however, is the identity of the perpetrator. While Guccifer 2.0 has publicly claimed responsibility for the hack, the original forensic work of security firm Crowdstrike pointed the finger at two Russian groups, dubbed ‘Cozy Bear’ and ‘Fancy Bear’. Rumours that Guccifer is simply a Russian decoy culprit to confuse the investigation grew when the hacker was unable to explain his achievement to Motherboard in Romanian. Those suspicions intensified when official security warnings on the personal Yahoo email account of DNC consultant, Alexandra Chalupa, stated ‘we strongly suspect that your account has been the target of state-sponsored actors’. In response, the Clinton campaign has accused the Russian government of perpetrating the hack in an effort to secure a Trump presidency—a favourable outcome for Putin given Trump’s view of the world is seen to align with Russia’s geostrategic interests.

Facebook’s anticipated internet-providing aerial drone, Aquila, recently took its inaugural flight in Arizona, and a triumphant video has been released to prove it. Aquila, first announced this time last year, is part of Facebook’s strategy to bring the world online by beaming internet to remote areas of the globe. The solar-powered aircraft boasts the wingspan of a Boeing 737 and remained airborne at up to 60,000ft for more than 90 minutes—with expectations of a several month endurance once fully operational. Check out the video here. And to learn more about the artificial intelligence, virtual reality and the future of Facebook, read this in-depth Mark Zuckerberg interview with The Verge.

Samsung is suing Huawei for supposedly infringing its mobile technology patents in China. The Korean company is claiming 161 million yuan (AU$32 million) in damages against the Chinese company and a department store at an intellectual property court in Beijing over the production and distribution of Huawei’s Mate 8 and Honor smartphones. A Samsung spokesperson said that despite dedicating efforts to a peaceful resolution ‘it has regrettably become necessary to take legal action in order to defend our intellectual property’. That should come as no surprise, as this recent development is part of an ongoing legal battle between the two smartphone giants, with Huawei having sued Samsung in the US over similar claims only two months ago.

Another company in trouble, Microsoft received a formal notice for collecting ‘excessive’ user data through Windows 10 and failing to comply with the French Data Protection Act. The Chair of the National Data Protection Commission (CNIL), France’s privacy watchdog, accused the company of continuing to transfer data to the US under the provisions of the Safe Harbour agreement that was struck down at the end of last year, and recently replaced by Privacy Shield just last week. Microsoft VP David Heiner released a statement rebuffing this particular charge, stating ‘we rely on variety of legal mechanisms…including a data transfer mechanism established by the European Commission,’ and reaffirmed its commitment to Privacy Shield. However, Microsoft plans to work with CNIL to resolve the problem of weak account PINs and advertisers tracking customer computer use.

Vehicle cybersecurity is back in the spotlight again, with the US auto-industry publishing a set of cybersecurity best practices last week. The Automotive Information Sharing and Analysis Center, which represents nearly all American car companies, has identified governance, risk management, security by design, threat detection, incident response, training and third-party collaboration as essential areas of best practice. Europeans are acting in kind: the EU Agency for Network and Information Security (ENISA) is undertaking a study to generate a list of security standards, tools, and policies for connected cars. This initiative builds on top of ENISA’s existing Car and Roads Security Expert Group that meets regularly to discuss trends, emerging threats and solutions for Smart Cars and Intelligent Road Systems.

Despite initially experiencing an initial 121% share price increase with the release of Pokémon Go app earlier this month, Nintendo has experienced its worst drop in 26 years after clarifying that the game won’t be a significant earner for the company. Meanwhile, Apple, who profits from apps in its iTunes store, may be taking home around 30% of the money spent on Pokémon Go. This represents a significant win for Apple as it tries to increase its software and services business in the face of dropping hardware sales and share prices.