Risky Business #431 -- What should the USA do about Russian hacks?

A pow-wow with policy expert Mara Tam...
06 Oct 2016 » Risky Business

On this week’s show we’re taking a look at what the hell the USA should do in response to Russia’s hacks against the DNC. A few days ago the Director of National Intelligence and DHS issued a joint statement that officially puts blame for the DNC hacks squarely on Russia. Since then the Internets have been in meltdown over what exactly should be done in response.

Cyber policy lady Mara Tam is this week’s feature guest. She’ll tell us what sort of reaction we can expect to see, as well as give us some context around why all this is happening in the first place. That’s this week’s feature interview.

This week’s show is brought to you by the fine folks at Bugcrowd. This week’s sponsor interview is with Bugcrowd founder and CEO Casey Ellis. Recently a company that makes static analysis software took a bit of a poke at bug bounties in its marketing. If anything it was kind of an acknowledgement that Bugcrowd and its competitors have had a pretty substantial impact on how testing actually gets done.

But are people actually thinking of services like managed bug bounties as a substitute for static analysis? And why is every single company that makes developer tools scrambling to become agile or devops ready when hardly anyone is actually doing it yet?

Adam Boileau is this week’s news guest.

Oh, and do add Patrick and Adam on Twitter if that’s your thing.

Show notes

Breach exposes at least 58 million accounts, includes names, jobs, and more | Ars Technica
Yahoo’s Government Email Scanner Was Actually a Secret Hacking Tool | Motherboard
Emboldened by $1B Bangladesh hackers, new group targets SWIFT users | Ars Technica
NSA could put undetectable “trapdoors” in millions of crypto keys | Ars Technica
Apple Watch banned from UK cabinet meetings over Russian hacker fears | Ars Technica
Malcolm Turnbull and senior cabinet ministers using WhatsApp could pose security risk: experts
Signal, the Cypherpunk App of Choice, Adds Disappearing Messages | WIRED
The FBI wants to get into the locked iPhone of Minnesota ISIS attacker Dahir Adan | WIRED
Researchers find fake data in Olympic anti-doping, Guccifer 2.0 Clinton dumps | Ars Technica
Judges Question Ross Ulbricht’s Life Sentence in Silk Road Appeal | WIRED
You Can Get Busted For Allegedly Running Fake Dark Web Markets | Motherboard
FBI Hacked Computers in Australia as Part of Global Child Porn Sting | Motherboard
Accessing Internal Fileshares through Exchange ActiveSync
FINAL Letter to patients regarding OTP_10.04.16.16_WEB VERSION.PDF
Free Tool Protects Mac Users from Webcam Surveillance | Threatpost | The first stop for security news
Nuclear Power Plant Disrupted by Cyber Attack | Threatpost | The first stop for security news
Cisco Warns of Critical Flaws in Nexus Switches | Threatpost | The first stop for security news
Microsoft Patches Five Zero Days Under Attack | Threatpost | The first stop for security news
US government: Russia behind hacking campaign to disrupt US elections | Ars Technica
How to Win the Cyberwar Against Russia | Foreign Policy