Tagged: exFBI Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 12:54 am on March 24, 2016 Permalink | Reply
    Tags: exFBI, , , ,   

    Ex-FBI official: IRS is a favorite hacking target 

    Wednesday, 10 Feb 2016 | 4:27 PM ETCNBC.com

    An automated attack on the IRS’ computer systems in January used stolen personal data to create fake logins through the agency’s Electronic Filing PIN service.

    About 464,000 Social Security numbers were used in the attack on the IRS.gov system, the agency said late Tuesday, and 101,000 of those numbers allowed the attackers to get at an E-file PIN. The PIN can be used to electronically file a tax return.

    “No personal taxpayer data was compromised or disclosed by IRS systems,” the IRS said in a statement Tuesday. “The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application. The IRS is also protecting their accounts by marking them to protect against tax-related identity theft.”

    The IRS also said that the attack was not related to an outage of its computer systems that hampered its ability to process tax returns last week.

    “The IRS and taxpayer data is the gold standard. It’s the treasure trove of information that they’re looking for. They can do a lot with it,” said former FBI Assistant Director Chris Swecker on CNBC’s “Power Lunch” on Wednesday.

    Though the culprit behind the attack has not yet been confirmed, the IRS is “the favorite target” of Russian criminal organizations, which were involved in previous IRS hacking attacks, Swecker added.

    Hackers in 2015 were able to access tax information for what may have been as many 338,000 victims through the IRS’ Get Transcript system, the IRS previously reported. That system allows taxpayers to pull up returns and filings from years past.

    “Taxpayer data or taxpayer returns have so much information that not only can they file false tax returns and get refunds, they can also sell that data on the black market and make an additional profit,” he said.

    Using publicly available data to authenticate taxpayers is one of the main problems with the current system, Swecker noted. People oftentimes use questions that can be answered by looking at their Facebook or LinkedIn pages, which are easily accessible to hackers.

    “This is what organized crime looks like in the year 2016. These are the most profitable, most capable criminals in the world and we’ve got to do a better job of keeping them out.”

    — NBC News contributed to this report.

    SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

    View the original article here

  • jkabtech 3:57 am on March 9, 2016 Permalink | Reply
    Tags: advisor, , exFBI   

    Why Apple hack is a bad idea: ex-FBI advisor 

    David M. Shapiro, assistant professor, John Jay College of Criminal Justice Thursday, 18 Feb 2016 | 9:51 AM ETCNBC.com

    How to resolve the present legal conflict between Apple and the federal government?

    First, let me frame the issues: Apple says that if it were to comply with the federal government’s request, it would facilitate further erosions of individual privacy and marketability of its products.

    The federal government has obtained an enforceable judicial order to compel Apple to assist it in retrieving data from a cellphone used by a perpetrator of the San Bernardino massacre.

    The government says that if it were to attempt to penetrate the encryption of the cellphone, it would risk triggering the application of an auto-erase program that could have been enabled by the perpetrator.

    Valuable data would then be presumably irretrievably lost. The usefulness of such data has not been clearly established, and the alternative means, if any, of obtaining such data have not been subjected to robust independent and impartial examination.

    Second, the conflict is not about preventing the San Bernardino massacre or prosecuting the two perpetrators, who are deceased. This is important because whatever the digital contents of the cellphone, the tragedy is murderously complete, and the perpetrators cannot practicably be punished by any court in these United States.

    The government may speculate as to the usefulness digital contents, using whatever logic it chooses – from detecting a broader criminal conspiracy to developing helpful profiles on the personalities, habits, associates, etc. of terrorists.

    Such logic would also support individually invasive programs such as Terrorism Information Awareness Program, which would undoubtedly assist the government with some objectives, though the cost would be borne by individuals specifically (e.g., loss of privacy) and commercial entities generally (e.g., loss of consumer confidence in Apple’s products).

    Third, the conflict has been subjected to overstatements on both sides: Apple, if it were to assist the federal government in accessing the digital data on the cellphone at issue, would not be initiating the collapse of individual privacy, and the government, which if it were to succeed in this endeavor, would not likely obtain otherwise unavailable leverage to take down the threats of ISIS and other terrorist factions based on whatever data are stored on the cellphone.

    Increasingly, exaggeration is not only a marketing strategy but an investigative strategy. This is important because though the easy, quick answer may be to require Apple to breach the encryption of this cellphone, this makes bad law and policy.

    Certainly, it does not seem an appropriate decision for a judicial appointee based on the vaguest and all-empowering of federal statutes (viz., the All Writs Act of 1789) – legislation that conceivably authorizes anything in support of usage and law in the particular jurisdiction, and legislation that has not been substantively updated for numerous decades. It needs other legal support; it cannot stand on its own.

    Fourth, the conflict is about who controls electronically stored data that is not communicated. While the government may allege that it is seeking communications, whether through Facebook or otherwise, it is really seeking something much broader and intimate than communications.

    After all, communications may be seized under other legal theories (e.g., the Communications Assistance for Law Enforcement Act of 1994). The government seeks the judicially imposed right to data that have not been communicated and to compel third parties (viz., Apple) to assist it in getting these data notwithstanding the absence of an active criminal investigation.

    What is sought is speculative intelligence about terrorism and not hard evidence of criminal activity.

    Hypothetically, the cellphone may contain files listing every associate in terrorism known by the perpetrator. If he communicated these files, they are likely available to the government on other legal grounds. If he did not communicate these files, they may be forcefully seized, if the government’s argument sways.

    However, we should be careful about quick, easy cases involving heinous individuals such as the perpetrator. What is created judicially often becomes public policy rendering all of our notes, observations, doubts, jottings, etc. available to the government (and likely foreign governments under me-too reasoning that companies such as Apple are likely to face).

    As unpopular as the dead, murdering perpetrator’s right to privacy is, this should not support erosions of others’ privacy, or Apple’s ability to dedicate resources to improving features on devices that consumers want (e.g., enhanced encryption).

    Commentary by David M. Shapiro, an assistant professor in the Dept. of Public Management at John Jay College of Criminal Justice, where he is also the deputy director of the Advanced Certificate in Forensic Accounting. Previously, he worked as senior executive, management consultant, corporate investigator, certified public accountant, assistant (county) prosecutor, and special agent – assistant legal advisor with the F.B.I. Follow him on Twitter @dshapiro32.

    For more insight from CNBC contributors, follow @CNBCopinion on Twitter.

    SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

    View the original article here

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc
%d bloggers like this: