The US Third Circuit Court of Appeals has affirmed the Federal Trade Commission’s (FTA) authority to charge corporations over insufficient levels of cybersecurity. Wyndham Worldwide, the parent company of several hotel chains is being taken to court by the FTA for the company’s alleged failure to protect customers’ personal data, which resulted in more than 600,000 customers having their credit card details stolen between 2008 and 2010. This court ruling marks a significant step towards reaffirming the powers of the FTC, setting legal precedent for cybersecurity liability and raising questions in regards to other large-scale corporate breaches, like those which affected Target in 2013 and eBay last year.
After their well-publicised hack of a Jeep Cherokee, computer security engineers Charlie Miller and Chris Valasek have been hired by Uber. You might recall that the duo exploited the vulnerabilities of Fiat Chrysler’s Uconnect software in order to remotely manipulate the Jeep’s blinkers, navigation, brakes and steering; Jeep responded by recalling 1.4 million vehicles. Miller and Valasek will now be working at Uber’s Advanced Technology Centre in Pittsburgh which is currently researching autonomous car technologies. While questions have been raised over the potential PR motives behind the hiring, this move comes as part of a much broader talent acquisition program which has recently poached more than 100 engineers from different divisions of Google.
The White House is reportedly in the process of crafting a suite of sanctions targeting Chinese firms responsible for corporate cyber espionage. Informed by an executive order made by Obama in April, the US has shortlisted five state-owned and private Chinese firms that steal trade secrets from American companies. Retribution for activities in cyberspace wouldn’t be an unprecedented move, with the US having imposed sanctions on North Korea after the Sony hack in 2014. The discussion is occurring at a politically precarious moment, only weeks before Chinese President Xi Jinping makes his first state visit to Washington. Some are in favour of the move, arguing that it will act as a vital deterrent for future cyberthefts, while other are wary that this could escalate Sino-US tensions and cause economic retaliation. A decision is expected to be reached in the coming weeks, and will undoubtedly impact the outcomes of the visit, with the spokesperson of the Chinese embassy in Washington advocating for ‘enhanced dialogue and cooperation’ between the two parties.
An American teenager has been sentenced to 11 years in prison for supporting Islamic State. Ali Shukri Amin, a 17 year old high school student from Virginia, has been convicted of running an influential pro-ISIS Twitter account with the handle @Amreekiwitness, which accrued more than 4,000 followers. In addition to his social media outreach, Amin raised funds for the terrorist organisation by giving tutorials on how to use the cytpocurrency, Bitcoin. The teen’s jail sentence has sparked debate over whether the government is being overly harsh on those who, while expressing hateful views, possess no capacity to inflict actual harm. However, Amin was also accused of radicalising a fellow teen who proceeded to travel to Syria as a foreign fighter.
Japan’s Internal Affairs and Communications Ministry will execute large-scale simulated cyberattacks in order to prepare for the 2020 Tokyo Olympics and Paralympics. The new National Centre of Incident Readiness and Strategy for Cybersecurity will run drills to anticipate and prevent likely cyberattacks on critical infrastructure and processing systems. The urgency is fuelled by a lack of public confidence in the government’s cybersecurity following the data breach of the Japan Pension Service earlier this year. Starting in the 2016 financial year, Japan will allocate more than ¥1 billion to the effort, however a shortage of trained cyber security experts remains a critical obstacle.