Net control, IS attacks, PC prices and more

Official: U.S. will oppose UN bid to give nations more Internet control

The U.S. government intends to oppose any effort to alter the mandate of the International Telecommunication Union, a United Nations agency, to assert more control by governments over the Internet, according to a senior official.

The announcement by Larry Strickling, administrator of the U.S. National Telecommunications and Information Administration, comes amid a whirlwind of change in global Internet governance.

Strickling announced six months ago that the U.S. would cede control over the root zone file that controls the Internet's naming system to a nongovernmental entity that has yet to be determined. In a Sept. 29 speech, Strickling reiterated that the U.S. would give up control only to a multi-stakeholder governance organization and would resist efforts expected at an upcoming ITU conference to transfer more control over the Internet to individual governments.

"Nations that favor government control of the Internet tend to be countries that censor or control Internet content," Strickling said.

While the transition is scheduled to be completed by September 2015, Strickling reminded his audience that U.S. control over the root zone file through what is called the Internet Assigned Numbers Authority can be extended for up to four years.

FBI warns IS might attempt cyberattacks on U.S. assets

Although the FBI has not detected specific cyberthreats against U.S. networks and infrastructure from sympathizers with the Islamic State group, it has warned private industry that extremist hackers could go on the offensive in response to U.S. intervention in Iraq and Syria, according to an article in SC Magazine.

In a Sept. 24 note to private industry, FBI officials said their determination that IS sympathizers or affiliates might attempt cyberattacks on U.S. assets was based on "recent, nonspecific and probably aspirational threats made on social media."

How much did the CIA pay for a Commodore Amiga in 1987? That's classified.

In 1987, the CIA acquired Commodore Amiga computers to create graphics and audio, according to an article in the agency's in-house journal Studies in Intelligence, which was recently declassified thanks to a Freedom of Information Act lawsuit.

The article is a technical rundown of how the CIA's National Photographic Interpretation Center (a forerunner of the National Geospatial-Intelligence Agency) used the "versatile" Amiga to move the production of maps from scissors and paste to a computer platform.

What's interesting, as the Federation of American Scientists' Steven Aftergood observed on his blog, is that the CIA redacted the price it paid for the computers. For the record, Commodore Amigas cost $699 to about $2,400 at the time.

Pending FCC phone traffic deal stirs cybersecurity fears

Law enforcement and intelligence agencies are wary of plans to award a contract to route U.S. phone calls and texts to a U.S.-based subsidiary of European telecommunications firm Ericsson, according to a report in the New York Times.

The $446 million contract, currently held by Neustar and administered by the Federal Communications Commission, covers the management of mapping numbers to carriers and the routing of landline and mobile calls across networks. In joint comments filed with the FCC, the FBI, the Drug Enforcement Administration, the Secret Service, and Immigration and Customs Enforcement said they use a confidential, Web-based system to query the local number portability administrator database and noted that "law enforcement cannot afford to have a lapse in this vital service."

Although the agencies did not take a position on awarding the contract to Ericsson subsidiary Telcordia, they did point out the need for security and consistency in the system's operations.

However, in a report commissioned by Neustar, former DHS Secretary Michael Chertoff of the Chertoff Group warned that the requirements in the FCC's request for information are "insufficient to protect...critical infrastructure against the sophisticated threats currently posed against the system."

An attack on the system could disrupt communications and expose law enforcement's requests to the system to criminals or other adversaries. Chertoff's report recommends writing stricter cybersecurity and risk-mitigation controls into the solicitation.

GAO: CBP has adequate privacy safeguards for drones

A review of Customs and Border Protection's use of unmanned aerial systems shows that CBP has adequate privacy protections in place and reveals the extent that other government agencies use the vehicles.

A report issued by the Government Accountability Office crunched some of the Department of Homeland Security's and CBP's data and found that more than 80 percent of UAS flight hours were associated with border and coastal areas of the United States. The remainder was distributed among a variety of other extra-agency duties.

GAO said CBP flies drones in restricted airspace in accordance with agreements with the Defense Department. The study also noted that CBP provides multiple agencies -- including Immigration and Customs Enforcement, the FBI and multi-agency task forces -- with UAS and aerial support for disaster response efforts.

Mobile spyware app sparks prosecution

Federal authorities are pushing their first-ever criminal prosecution for openly advertising and selling a spyware application for mobile devices.

A man who allegedly advertised and sold a mobile spyware app called StealthGenie -- which could monitor calls, texts, videos and other communications from mobile phones without being detected -- was indicted Sept. 27 in the Eastern District of Virginia on conspiracy charges.

According to the FBI, Hammad Akbar was arrested in Los Angeles at the end of September. The indictment against the CEO of InvoCode Pvt. Ltd., the company that allegedly advertises and sells StealthGenie online, claims that the company's spyware could record all incoming and outgoing voice calls, allow the buyer to activate the app at any time to monitor all surrounding conversations within a 15-foot radius, and allow the buyer to monitor the phone user's incoming and outgoing email messages and SMS messages, incoming voice-mail messages, address book, calendar, photographs, and videos. All functions were enabled without the phone user's knowledge.

Akbar allegedly marketed the app to people who suspected their spouses of extramarital affairs.

According to the FBI, the indictment was brought in a Virginia court because the StealthGenie app was hosted at a data center in Ashburn, a suburb of Washington, D.C. The FBI also said a federal judge in Virginia had issued a temporary restraining order authorizing the agency to temporarily disable the website that hosts StealthGenie.