Cybersecurity and Cyberwarfare

Delta Air Lines’ CEO Ed Bastian said that the airline was working hard toward offering free in-flight Wi-Fi to all of its passengers. Though Bastian neglected to attach an exact timeline to his claim, he noted that the plan comes in response to Delta passengers’ vocal desire for fast, free connectivity. “I don’t know of anywhere else, besides in an airplane, that you can’t get free Wi-Fi,” Bastian opined.

It took just three days for Facebook to notify authorities and the public that hackers had compromised as many as 50 million user accounts on the social media platform. A swift response. But the flip side: Facebook leaders did not have enough information to paint a clear picture of the hack and the risk to its users during the announcement. They didn’t offer details about who the attackers were, or what motivated them. Nor could they say where the affected users were located or how many users of Facebook-linked third-party applications were affected.

Uber has agreed to pay $148 million to settle allegations from 50 states and the District of Columbia that the ride-hailing company violated data breach laws when it waited a year to disclose a hack affecting tens of millions of its riders and drivers. The settlement is among the biggest in Uber’s history and comes as policymakers on Sept 26 were debating whether to write a national consumer privacy law in front of witnesses including Google and Twitter. It marks the first time Uber has settled a matter with the top law enforcement officials from all 50 states and the District.

How did our election system get so vulnerable, and why haven’t officials tried harder to fix it? The answer, ultimately, comes down to politics and money: The voting machines are made by well-connected private companies that wield immense control over their proprietary software, often fighting vigorously in court to prevent anyone from examining it when things go awry. The valuable work of testing system security has been taken up voluntarily by security researchers.

After years of debate, Congress is poised to vote on legislation that would cement the Department of Homeland Security’s role as the government’s main civilian cybersecurity authority.  The Cybersecurity and Infrastructure Security Agency Act (HR 3359), which has been in the works since the Obama administration, would give the department a stand-alone cybersecurity agency with the same stature as other DHS units, such as the Federal Emergency Management Agency.

5G, short for fifth generation, aims to deliver much faster wireless for mobile users and spur new innovation for internet-connected devices. Here are five things to know about the new technology.

The White House has “authorized offensive cyber operations” against US adversaries, in line with a new policy that eases the rules on the use of digital weapons to protect the nation, said National Security Adviser John Bolton. “Our hands are not tied as they were in the Obama administration,” Bolton said when unveiling a new national cyber strategy. He did not elaborate on the nature of the offensive operations or what specific malign behavior they were intended to counter.

A major technology company has been telling senators and their staffers that their personal email accounts were targeted by foreign hackers, Sen. Ron Wyden (D-OR), a senior Democrat on the Senate Intelligence Committee, claimed in a letter to leaders. He used the letter to question why the Senate sergeant-at-arms did not have a clear mandate to help protect the personal accounts and devices of senators and their staffers as well as the official ones. “This approach must change to keep up with changing world realities,” Sen.

AT&T, Verizon Wireless, T-Mobile US, and Sprint unveiled a system that would let them manage your logins across third-party websites and apps. The \system would verify each person's identity with "a multi-factor profile based around the user's personal mobile device," taking into account the user's phone number, account tenure, IP address, phone account type, and SIM card details. The system "combines the carriers' proprietary, network-based authentication capabilities with other methods to verify a user's identity," the carriers say.