Cyber Saturday—China Hack Backs, Laptop Cam Spying, Elon Musk’s Saboteur

Good afternoon, Cyber Saturday readers.

David Sanger at the New York Times has out a new book on cyber espionage and digital intrigue, The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age. While I have not yet read it, I did catch an excerpt that has been making the rounds on Twitter. The passage reveals new details about how Mandiant, a computer forensics firm founded by Kevin Mandia, a U.S. Air Force veteran, clinched its landmark linking of a Chinese hacking group that had ravaged American corporates in years past and Unit 61398 of the Chinese military. (Hat tip to Thomas Rid, a professor of strategic studies at Johns Hopkins University’s School of Advanced International Studies and author of another excellent book, Rise of the Machines: A Cybernetic History, who tweeted a screenshot of the text.)

Here’s the section in question: “As soon as they detected Chinese hackers breaking into the private networks of some of their clients--mostly Fortune 500 companies--Mandia’s investigators reached back through the network to activate the cameras on the hackers’ own laptops,” Sanger writes. “They could see their keystrokes while actually watching them at their desks.”

When Mandiant released its report on the hacking group, so-called Advanced Persistant Threat 1, or “APT1,” the paper was a bombshell. Now five years later, the firm’s methodology, as revealed by Sanger, has resulted in a second bombshell. If accurate--and it seems to be, given that Sanger describes personally watching over the shoulders of Mandiant’s crew while it spied on the spies--the anecdote suggests that Mandiant engaged, even if mildly, in a “hack back,” a highly controversial and legally dubious countermeasure. (The firm did not immediately respond to Fortune’s request for comment about the incident on Saturday afternoon.)

Critics of hack backs warn that such retaliation could escalate into all-out conflict. Imagine: a private company taking on an entire nation. Such recklessness could draw world powers onto a dangerous collision course. There’s no better review of this audacious activity than this recent story in the New Yorker, which describes its legal ambiguity in detail. And yet no U.S. company has ever been charged for a hack back. As the piece’s author, Nicholas Schmidle, explains, “A former Justice Department official told me recently that the optics would be ‘awfully poor’ if the department prosecuted a company that had retaliated against foreign hackers….’I can't imagine a jury convicting anyone for that.'”

Neither can I. And speaking of optics, a piece of advice: Cover your webcam. No, it’s not weird or paranoid. It’s a common sense precautionary measure--as prudent as locking one’s door upon leaving home. I use a small, plastic shutter that conveniently slides open should I need to video-chat. Heck, even Mark Zuckerberg uses a piece of tape. Go get one!

Have a great weekend.

Robert Hackett

@rhhackett

robert.hackett@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’sdaily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.

THREATS

Listen, all y'all, this is sabotage. Tesla filed a federal lawsuit against a former technician, Martin Tripp, alleging that he had engaged in hacking and theft at the company. Tripp maintains that the allegations are "flat-out lies" and that he has been made a "scapegoat." He says he is a whistleblower who leaked details about manufacturing safety issues to reporters. Lots to unpack in this juicy story.

The all-C-I-A-ing eye. Last year the FBI raided the New York apartment of Joshua Schulte, who the government suspects of having leaked CIA hacking documents to the whistleblowing website WikiLeaks. Vice Motherboard reviewed Schulte's online presence and found, troublingly, that the former intelligence officer had posted CIA code to a publicly accessible personal website. "Quite simply, Schulte has some of the worst opsec and messiest online presence of anyone I've ever reported on," writes Motherboard's Jason Koebler.

Location, location, location. All four major U.S. mobile carriers--Verizon, AT&T, T-Mobile, and Sprint--said they would stop selling customers' cellphone location data to third party data brokers. The decision came after a glitch was discovered on the website of a mobile data broker that allowed anyone to access just about any other person's real-time location in the U.S., simply by knowing that person's phone number. The companies took action after legislators, like Sen. Ron Wyden (D-Ore.), had begun censuring them.

Money, money, money, money. A number of cybersecurity firms raised significant rounds of venture capital funding this week. CrowdStrike raised $200 million at a private valuation exceeding $3 billion. Cylance raised $120 million in a round led by Blackstone Tactical Opportunities. And Goldman Sachs led a round in Agari, an email security firm, for $40 million.

"Tactical pants"--your tax dollars at work, folks.

Share today's Data Sheet with a friend:

http://fortune.com/newsletter/datasheet/

Looking for previous Data Sheets? Click here.

ACCESS GRANTED

What does the Firefox say? Most consumers have become inured to the privacy violations that attend web browsing. But it doesn't have to be this way. Mozilla, the nonprofit organization behind Firefox web browsers, recently released new versions of its Internet surfing tools, redesigned from the ground up. Maybe, writes the New York Times' Brian X. Chen, it's time for you to reconsider your use of Google Chrome.

The web has reached a new low. It has become an annoying, often toxic and occasionally unsafe place to hang out. More important, it has become an unfair trade: You give up your privacy online, and what you get in return are somewhat convenient services and hyper-targeted ads.

That's why it may be time to try a different browser.... In the end, Firefox's thoughtful privacy features persuaded me to make the switch and make it my primary browser.

ONE MORE THING

Quantum of solace. Since the early '90s, we have known that quantum computers would be capable of solving all math problems that an ordinary, or classical, computer can solve--except much faster. Now a couple of computer scientists has identified a math problem that is solvable only by a quantum computer. The new paper, writes Quanta Magazine, "demonstrates that quantum and classical computers really are a category apart--that even in a world where classical computers succeed beyond all realistic dreams, quantum computers would still stand beyond them."

0
جستجو در سایت
استارت آپ ها

ایده ها برای استارت آپ موجب رونق کسب و کارهای اینترنتی

آینده / استارت آپ

استارت‌آپ‌ها ادبیات بازار سرمایه را بلدند؟

استارت آپ

صدور تاییدیه دانش بنیانی شتابدهنده صدر فردا

اخبار / استارت آپ

اپلیکیشن شارژاپ

گوناگون / استارت آپ / رپرتاژ آگهی / بازتاب

جذاب‌ترین ایده‌های B2B در سال 2020

استارت آپ

۱۰ استارتاپ که بدون سرمایه به سوددهی رسیدند

استارت آپ

ایده ها و پیشنهاد برای استارت آپ در سال جدید

راهکارها و ترفند ها / استارت آپ

استارت‌آپ ایرانی؛ مرجع اول زنان افغان

استارت آپ

شروع یک کسب و کار نوپا پلتفرمی

استارت آپ

برنامه شبکه اجتماعی تیندر

گوناگون / معرفی وب سایت / استارت آپ

10 استارت آپ برتر تاکسیرانی جهان

استارت آپ

پخت پیتزاهای هیجان انگیز با هوش مصنوعی

آینده / استارت آپ

ایده‌ های استارتاپی فراموش شده‌

دورنما / بازار / استارت آپ

اپل، استارتاپ فناوری خودران Drive.ai را تصاحب کرد

استارت آپ

بررسی مهمترین چالش‌های تیم‌های استارتاپی

استارت آپ

نگرانی کاربران از هزینه تعمیر و تامین قطعات

گفت و گو / بازار / استارت آپ

مصاحبه با مدیرعامل و بنیان‌گذار استارتاپ Moz

گفت و گو / استارت آپ

آشنایی با استارت آپ های حوزه مدیریت آب

استارت آپ

راه اندازی ۷۰ استارت آپ توسط نخبگان ایرانی

استارت آپ

معرفی هشت استارت‌آپ‌ موفق ایرانی در حوزه فینتک

استارت آپ

اولین مرورگر شرعی دنیا

استارت آپ

از صفر تا پیست

استارت آپ

معرفی برترین استارتاپ‌های CES 2019

اخبار / استارت آپ

تبلیغات
درباره ما

مجله اینترنتی دیپروتد نشریه مجازی بر بستر اینترنت به مسائل آموزشی و مقالات پیرامون کسب وکار های نوپا یا استارت آپ ها و سبک زندگی است فعالیت و محتوای مطالب ارائه شده در سایت همه بیشتر در حوزه مدیریت، کارآفرینی ، روانشناسی ،اقتصادی و فناوری اطلاعات است نام اصلی دیپروتد "ریشه های عمیق " با مجوز رسمی از هیات نظارت برمطبوعات مشغول به فعالیت است

ما را در شبکه های اجتماعی دنبال کنید